069d6258fdcf9b13fc9065fa58d4d6cf5a65849bcf74d5bdb154786c74577466

Analysis

max time kernel
123s
max time network
162s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
02-06-2024 23:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

069d6258fdcf9b13fc9065fa58d4d6cf5a65849bcf74d5bdb154786c74577466.apk
Size

3.5MB
MD5

0745501a1a2b190983832460e999f1a3
SHA1

913220e033309c7eb6f3dea22d0784786bd3e76a
SHA256

069d6258fdcf9b13fc9065fa58d4d6cf5a65849bcf74d5bdb154786c74577466
SHA512

570ba89fbdd180c761d924247361f49c322a5379e3a9212b284c6a30a486d92937bf0106c7e5f602f991bc731af1742eb87d7298409599c56bb0067512acc15c
SSDEEP

98304:RRyzvEWAG0/BrC1q5JmShKKlWqwiqddfYswZ:RRyzvBF0/BmA5JmOFWqw7dxYl

Score

8^/10

discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.ticketcreator.barcodechecker
/system/xbin/su	com.ticketcreator.barcodechecker

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ticketcreator.barcodechecker

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ticketcreator.barcodechecker

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.ticketcreator.barcodechecker

Checks the presence of a debugger
evasion

com.ticketcreator.barcodechecker
1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5251

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
4124d5ae769c208d9f7a206afc528edd

SHA1
db6badb06d711e0416d27f7558683a2336c9f219

SHA256
97c3b7281ec208026ebcc4461e8547809aa67edd346c7b456d3266df99d2ead1

SHA512
b602adeccfb7cb01866c7140777b30733ff25b3546d0ecd4400cbbbf4089e476506d4f81bebe62ec0ae209cb3f00af1e751d33abbf1dfaa5137e0cfc9f1237c0

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
918e560dc53a14bd829152d6a35942b4

SHA1
0a5065c124776176e3d0a61ff059f8d03a9ff0a2

SHA256
d8474f00c8a5f403fdfe31066692db465899154629fef7208a59a67b8fbd1163

SHA512
7f03367ddeb948e63da802e6d548f9b872a702e3eabdd80a9d2aa127d4dc154c638310657e273c846d6f251208e05d2cf3a7c87a6739d2c3ac751ff2185f0e05

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
f3fc02964699762c5693852eb598b5e2

SHA1
978dd0f53df5f194d99ac02053522947b32b6f13

SHA256
55bef79b75d6067f1b0c34e239dc4a3b0cd2dcb7bbc76a94c3e91cd0d04d743b

SHA512
71f5b7126c7ffaf8240c82359ec8ddf8e40a80b7ed4cb862c71feb640bc6c31a4aa9818dcb913e50ef8c8d6a883f1ce9a19628a9e4f1a17ce718654dd9059634

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
473109e2e7c22660cb227fd68d1e0f72

SHA1
b891eed57c148dcc4c584287f3f7df0003dd3141

SHA256
9067ab27d04950fda620b2bcd98831e857987cec4eefb29c14ed59ea59941fc0

SHA512
24a55db57dbe84a09a3b2bdea6291029a50c2b657130b984b2b43d2ea32892d62a04cd76604cf11c365549b8654ed3214f7de59a48717043a086792ade7fbbde

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
96bcddbe16fd13e1280300ebbcf434f8

SHA1
1bca1a716f5e74b8aeb36c95d523acd81b47150e

SHA256
92281777af8072ed0602928ae76eb6d73698850b744dad9aba9767b6f0d3a4a2

SHA512
440c22410c2a842fe008caa07c930ac065d6c9197e5ae9322fe15797d45167c85e53e139cd71ac622f764b29be18350dfcc5a0c1d3cb77f926cf119f027f369c

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a2bcde9c8bc320c7f28de4cb691c3cfb

SHA1
299b70e829b13ebc5821838b35622dc197bfde89

SHA256
358f4986704b353601cb4ff3549e90a8d029649efe8de5fe23382177a629216d

SHA512
23bfaebc6db249653d98c5f89e2c9fb6a560c6770278ee401f953d32bef325bc8c96010986db5771703f25587920f2876fe7526779bce290a7cfa830218b2791

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e780a5d7bb1e0a6a7437ab3232786d7a

SHA1
f51af7b0df3e96cb8b5d9e4a0744b708c7919677

SHA256
e85671992debf9de10b0b49fe93f0f86835b18cc41d59781f64f900457545784

SHA512
e9eb6f7b50f062c2d0213d56670bb2b30a21b3c6b2fe4ab01975cdec99da8c0903f2cf65f1c35e0c74a064fe29521e9b5db01530ef0eb83e1167e9776a56b66d

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
26fcf1dde6ecba1e8e931b4b86d82b4e

SHA1
d2b21fe0d960922d4cd4cd7b62cf23ac99b1452a

SHA256
e632673fddbfd89dfae0b3de838613084c11e540e2fb1d290a6bc1d242be5ea4

SHA512
778e46a2939c29a2470900ab7a0fcd72d31e1b1ec59e0523b74541ea954238f04d68e908237f63a6f5e861a80cb1b59e6227ff2c10e3249623dc2ac6366f8793

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
8ad06a6a379b2e4d89bfe4eae99bccff

SHA1
f2c368a005c616f374e53c76218fc4ec69b7db93

SHA256
8a44fdd3203341dfc71995e5e32511122c51842374406c31cb9b141ede4dd88e

SHA512
c910b853f23ffcf82ad116f3e0de40529dbf3f1186caff49728f316e476f6af9efae7f11d595fb28a669fde68fa52e1963806785d8d199ae9587e29e23a8d60e

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c78d113389cf3393c05f1814f0cdd15e

SHA1
12de3f1fc3adc1d64722db851bb72f6f102b5c5f

SHA256
4964479d7301c640f3d22ca8e447ff58f29b4f7299384b7ec4c98a823672c870

SHA512
2712e2f7c23a1ad199c6d6907753216a962db9a5d3cbf8edd17651eb1c9eed54817bb88d64ffb40c756f0df4ba048e8ea4a25b356afdd2d1eaabc5d85b728b67

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
41c16dd8737277724626a294ad165e70

SHA1
569f1676b89dc95dee335cca373ba2dcf967b1db

SHA256
36cd654743cb0fa42ebaeabc3548e180738422b2b75c3e8f902578c74231e03f

SHA512
e6f13f84d1470a76be124b0e622d3e25b90ff444d644370570f67c9a4a5739ee3515ebb22dc1907305a2b6399bc79fe697329b91b20b4a96ab545b84864dfc4d

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
fc62483e47e66275228f669043d94e5f

SHA1
3b9235ac3f47aae5986f7b616b9ea9e4f12f3867

SHA256
ff180e51be6bb064e25a74b9a74d6452acb89ad8d326405f2409db58370dafd7

SHA512
e0680b0e626e28cc15e2de848e85a844f9b0cb7637180fc709c34ee237d1ea59e42b43c6c8a4638c52cd9ca58342a371e3bde497071af3f7bc98c317893ac840

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c3c4a2be9632b59045f204b581e5e6d7

SHA1
24e6c9ccdd3e39b1a7472f68bbbf87c56aaf4fe1

SHA256
cf81c86e6423d81f3bd1ee6fe3681d30e62b7518f7ace81f96de808f510b9232

SHA512
6eccc935b4bf21ee2cf6b23b90466d3139e7612a734466285fc403d71dc0b815129bc7c28fa239fae1a7d1f60974b7efa9f241e59b9866d95a848765517136a7

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
5541ec348e8b4fd81e3df50b5dd35bc4

SHA1
6778788f60f895e21117f51b06def202c4758a73

SHA256
d789c57bb6369e2f4f0a462af854b67a35198d7e6606f24325518b45f6756b5d

SHA512
6501ed79896efbe89f1551720efc6db001bbc801042d5494178cae523f02e87cefa2fa2473733c9e3f69e12bded969f91bea0441a3bde543322fb866d061ed47

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/com.crashlytics.settings.json

Filesize
728B

MD5
9808fc753ec82bf09fbeb39ac858f431

SHA1
8b86dd5a90864b8bb60e5a40065383130070c577

SHA256
0822b0cbc465da71a325ebe8d81a695e70f1b81d3185373f3ad4421d4807991e

SHA512
9f60190a9af4bc8cb390dc4114b8e809198887a23909be7f8c05f2c14256a6ad3770741dfd16a910745d340dbc82e0d9bbb6dcd7d9de806d1e5de0fa3c4f17bd

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/open-sessions/665D056900F0000114830A255DA7B2AD/report

Filesize
742B

MD5
3f2d5082e9a8d77b420646adfb645855

SHA1
ad940d9a8fd46d1427134ff43503ab9ee4c066f1

SHA256
aa219a3f078096ef1d51f9bb3f809a54c00e01fe566cfbba6168a43a483c17a8

SHA512
edd1dcb5e24d98efd8bd396ca1e5a0b84c5176ce6b5349b3bc1953b6f2c61132a52dfb2a2262ab08352fcb66238b24799fcee4e46c1512f275489335f809a72f

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/open-sessions/665D056900F0000114830A255DA7B2AD/userlog

Filesize
182B

MD5
502134b3d5045ae959eddd4bf7184a15

SHA1
07ad2351485bb4500dfd9c74aa41ac2fc55b397b

SHA256
a81b864aba8a5b333ec5191908f8d4c76a4eb06ffa2fab71d251bead56b70375

SHA512
730ea9ca5c369d3a16c1d3cea13d80ba52d9c15399dbc035c4b2ce183880bf90a70021daf8ece7506e5049f53abf3119698cdc77e56a8cedb007e0e53c3fc9e8

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/open-sessions/665D056900F0000114830A255DA7B2AD/userlog.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/PersistedInstallation2214039543814724716tmp

Filesize
90B

MD5
3aba80796e74de9bc1a6833872a1a7cc

SHA1
4fd477182bf98a34dcbc23c90bb20621a06d9eac

SHA256
0500dbc792e7d8538a2d1699f5484e2bc76d4bf594c309aa721d73380de6da98

SHA512
1701e3ceec4713b8ed690eb99e28b995ebd4954d3d74df7c8749db98415d8c45480bb40368e6e835934533af500501c5664a0f26be6dff263deea613c3160cf7

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/PersistedInstallation4422228063654471035tmp

Filesize
561B

MD5
e848c8a3886ec0a2e97758fc0b1ff1ff

SHA1
bb4a91f434932471ffbddcdc8edf68f6ed1a978a

SHA256
2bc7381b249295e2819e00605b904182376c83db9e57a5bab5bb38b36a69d09b

SHA512
ed00db2b360bd4d63ca8695e616f26600e81c75d60a345b0f09c8a877cee3d1125a4e55d075b8fdde4ff282a4672e73523a5d1eb8f2abbf3e846cc714a17b0b5

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/uid.txt

Filesize
44B

MD5
e0faae3d3d98dd4c1915b929832b389f

SHA1
188c2eb56395de1c2d862cbd56c8224b3b4b17b5

SHA256
c0bfb23e55535a9588c3e67b5e4388c67f088aacdb97b5cec0bf46651504800b

SHA512
a6115ef100126a940e655ae6b5c48d925e33e7bf84406f81a229744c039a3a048193e92d9dc8dd4f34164702c7c26d06943bbf835a09dab430e2e418a56f44ff

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads