069d6258fdcf9b13fc9065fa58d4d6cf5a65849bcf74d5bdb154786c74577466

Analysis

max time kernel
123s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
02-06-2024 23:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

069d6258fdcf9b13fc9065fa58d4d6cf5a65849bcf74d5bdb154786c74577466.apk
Size

3.5MB
MD5

0745501a1a2b190983832460e999f1a3
SHA1

913220e033309c7eb6f3dea22d0784786bd3e76a
SHA256

069d6258fdcf9b13fc9065fa58d4d6cf5a65849bcf74d5bdb154786c74577466
SHA512

570ba89fbdd180c761d924247361f49c322a5379e3a9212b284c6a30a486d92937bf0106c7e5f602f991bc731af1742eb87d7298409599c56bb0067512acc15c
SSDEEP

98304:RRyzvEWAG0/BrC1q5JmShKKlWqwiqddfYswZ:RRyzvBF0/BmA5JmOFWqw7dxYl

Score

8^/10

discovery evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.ticketcreator.barcodechecker
/system/xbin/su	com.ticketcreator.barcodechecker

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ticketcreator.barcodechecker

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ticketcreator.barcodechecker

Checks the presence of a debugger
evasion

com.ticketcreator.barcodechecker
1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Queries information about the current Wi-Fi connection
PID:4513

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
f9a65ba8e88fe66ed1ff365a1c7fc429

SHA1
c0bd80de928ad06a681698e10a13d0261921a0f3

SHA256
ecaef4d294ddaf9e4f6993cb4f6a5edbc5fb2e7664b432fde2a60be254c56a07

SHA512
b8e76a4ae2764c7cc150417a4ecb187fa7f6e5240ec9750baf97fc510031347ced54038b64fbe6bb601526876c94e27011d30ed44401ffeee83b8de14947130c

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
0a3c35e4e66767f963d82ec1baa551e1

SHA1
1115f62f5aacfaf35314c468a5e9c9fa3347e3d6

SHA256
54055e8b3014b92617999a421c7e1605881016d1522f40ebb7223c5da306de95

SHA512
9def324a86a4d0467b5c6065e155a52258716b2356dc4e9cd9da2a1641c83f1426460e2de52c42b4b9112ec765246291eedf5a7103adcd2d2948c89fd85cae77

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
5e2571afdf6d30445dd965147cc43ac7

SHA1
851e4f10d4b458cfd243f04a74e3411000c0b02d

SHA256
8170a72fb509716921f2060948d100c499bd2f91bd090730846229167f78e214

SHA512
a4dae6a57f81523bfe4371f2ff23cdefc59e6272d70825529259bf7feec92291401059cc7c53cec7bb82c79cbc6f34cc9b05f0edd14bfc7b699d20c54377895e

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
3d12bde6ae11dd4826181cbbdabb36d2

SHA1
591393aaf60343341c0fae73053808ea767c772b

SHA256
e42a7e80e466bfeb5e945889340fe7edb487ead50876a0b93b83008c5723f5b4

SHA512
133f33f9b762cdfc4eaa23198ffe648cf90dff97a172989cb7319d343e6af32050724eaaab4660cb26f89c517ad8414582e6278f126dcc9ee7a023aa97c3855e

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
95b74e908c0073aca7d184dd22507299

SHA1
592f5020346259630a25414f12ad3955abe8cd41

SHA256
cba776c7d53b767667f292d804496d61a4a40de3dbbf3b6fc376a4c4d9ba4e40

SHA512
0e7f7ac991c1d084b73a61ee91e1a855faedc04089a5210c23f53137ea2f2b308dcf60544a09b232569e19fa736b104b6d6791318b0f734fd449e3edd3bb5280

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b6f58ed72f0c097437a06a670fb68e92

SHA1
aee4d9a9156a17fd55f155d6fc8875b21941bfef

SHA256
b06a84b6e682e1e1ad6cc914059c1ccae4780af2c1276dd3aa72d454cecc8d42

SHA512
11bccfc1fd6173d1394970fb83724b81071a28416091e17cb58173a630946aff1e1e3c8cf795a19481157526b759b94f8bf9f9c89fe1b11fd7dc577f6305b5ba

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f5934fb8665a73e5c7a3bf9cef692ed3

SHA1
aa05208c3ecb95e3dd0ba350ab6269f2341a468e

SHA256
4ea446b7edecf6c5489085d270c6ef139e2ebbf5f40b02edba4e223751a937be

SHA512
904723bc13a26274007d2766a447fe0be8c44d1b8a8efbf29b84bd65170d5b7d49678fbc105b8801ef1fd67a57077876516751489940decb750811cba269a1a0

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
46905f6105374b58746a44d956e28f60

SHA1
385cff5cd3dc8d8c6828813025cb5b64126b0eec

SHA256
2f374ba9c649e081c30ad9e0c2d678d1240d1eda2b47c5752f155ac80b01a1f6

SHA512
2241586fc9af7bb08cb98c0bbeb391aca0118d412d72b2618a26b0e811612afa1365be26ffcbe74641b024d7d1f837501b160f6ad64db3f1b8b138333904adb0

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
b4a1a3f0379d23e3d30b4cd29055a895

SHA1
a98e62854a427d38c1674f09a188227b7f66b304

SHA256
dbf8f50f5a041fcbd6d675d2558ed33d8d1289cae297eae72a9156b17f68407d

SHA512
c45623ba6dcbe6f4c02f9b4cf527f5a7caf444fd92a48102c05be818b7059934835280af1c8f1819fdf067c056c358133c31f3ff0b67a6395afd71c72078906e

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8587134b6951bd430d429a1fd22b77e4

SHA1
7e8d7d55d5165f93673e9f833db085190b068598

SHA256
a150e764f7d5856ca2d2e8efb9d60c03dc001d471f803a55272604ad97217db6

SHA512
2b6bce5840e42825b0fe5e8cb77b421c01ca70824e04610a5ebd4d1c7ff7e5554279c0d82827ec2c64ff0d48b2955c1d36664750d9b893e624110ce8b0531e0f

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
d50962b6bb8de8c2f9b0166b94138b65

SHA1
4027a79480049ac44d6180ecf420dda67d0c652f

SHA256
05ed69a17cf379a3756ab0a213c860b503386fde1dde73a43a462fa3b93f0c65

SHA512
037f8729c3e89a3829b2577547a401f63a5aa9594471aa5d044bfa82b74cf4cd02707686c967f2f3fd7090b3d13145b8027ead710bd6304d65c83b176e704ef1

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
3212fd4f5fd48bf902df5edb3db6a028

SHA1
c908baad5806b6fd20207e320ee9267f860003db

SHA256
4df7bd0a681441a9b98b8cace68450c5d0068e817f782b4b81d62dec60c4ae71

SHA512
393985df9ac7548e518c532d0b7c0531a525f98e6819484dfe1d3382d0626ef1a0b26301469ef27530c1f4478926c5225c2892ea78fd2e246419b8a15144143d

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9ec1d73e6009945240736259ec4eeb32

SHA1
e05f4bc53f5d7926152774a198e1d9891a88cd83

SHA256
2a539d333aaa51a471b194170c4a6d500a78ce6c24b8b079721d5b9cfb2c8eee

SHA512
813ca87e56a19afd37760476cafac7e150ac472a083394d60bb7a3940b8c64b194f0e30d90eecbb3d5eb11e91cb4a078c88656bda95df1f1827e7dd72eb3db22

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9583d43a428aff375c525f2f76123446

SHA1
bb3f910a8dc29234cc104f5075db074aa0411bf1

SHA256
196b693586bb3357079dd76439ee80b8c6a58bd04968ed4fef8959d07410d6ce

SHA512
b5b70921a0fbeeaa296f485cb38e2f4b3a14265392bae318db05636ef342bc7e818364524fa9c3dc9ba187bbb4a4e7ee135ebf611f53310e991fd02ea232fe9f

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/com.crashlytics.settings.json

Filesize
728B

MD5
db3929a51c4cff591cb400127cde77f4

SHA1
2462f732f9176c893423d44caeb35e086175dea3

SHA256
70d384334aa96ae81ad73c31df4d140b3330c6b74726d54547519dd5af9430af

SHA512
8ada513ee79d198f77c5eef8f185a8c2a768678712262aa51b91e7427dbc7603638f59f73bb73ea584c16a36850e7ad2c700514ed2d2a6c7c7b351699efa6ffc

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/open-sessions/665D05670107000111A1582D06083560/report

Filesize
742B

MD5
7c0b4386f4780a22ef71d359b849f119

SHA1
ef0053e785b4d1792a6d18324eed2810b178305a

SHA256
aed0aeb02e8cdc032b8e776fa0d7937a6a0966abd46fa683af7e87237e8ba97a

SHA512
1f34d286006986ec213ee50f26fb35d391d9135947e46767cc356254b393c64c78ac8dd798d0f557feb0abb1df8475aaee5ce2e6c6f00ca001148bde1827eead

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/open-sessions/665D05670107000111A1582D06083560/userlog

Filesize
183B

MD5
665418170df19786dbc35480ae32dbd7

SHA1
c5e33a90a2bed133ccba1c3c85b95c4e7da0a9ee

SHA256
233b5532774ee08163483bd2a4a0dec1d27bbfbdcda70cd80313f23fc67c6bd6

SHA512
25a9a6c380105620d598ad6b9288e5d60621a7eb022e5f2fd339ce34f6c7db224183e7428cdae0ddddbcd09affaff373b33a767cca7a41b160b0d3e1f534286e

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/open-sessions/665D05670107000111A1582D06083560/userlog.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/PersistedInstallation4220155053632519133tmp

Filesize
90B

MD5
1d250de99dc9c14545698991add4deca

SHA1
d0bc559daa80a8040a3fc830148d4245762beac3

SHA256
78fdaca897d9273de6d8942cca024d2111e1a69b59b4c30161ec48c6402693cb

SHA512
b175d880ead27758d66e0007b09d4000daeeb89c231d26a88eb2c098c2d17beb8f3d00bf10ad022f9e29d68f48388369bb43e265d192c9ed5393d3ff2704894c

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/PersistedInstallation7615413311110285798tmp

Filesize
558B

MD5
bb400539aab236065966ea79b085c212

SHA1
ac790be242ba81b3289ff2243ff2f641a00442ef

SHA256
ff0fef275d3ab2fdd69350598fd5e2d3fe29afa0c07e5ebe79f1621a020fee3a

SHA512
c70b9ccfef303b0eb5c968a1b57cb0e0f19834ba4e190046732a5ef31cee9d4a3b7337f199e2093e3824a06c387253157a188998fe5186b0f35723f1a6474e3a

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/uid.txt

Filesize
44B

MD5
ab24cd6b682fcb4c58b47841d83bf83d

SHA1
d2edea8a553937237f1610ca532be33a3223a58b

SHA256
2921c4e49430eca2ef0bd57e7d7a015e4cb53c56b4450302f4cf44c52cfc17f9

SHA512
f823495131a8d04ca349ed40846560a864e224a28ec7e581a7789ff32083d34417ccce810e8d6ad6e36b3b9802352c884be7bf0199c3945b39d280b1b6a3be6e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads