Analysis

  • max time kernel
    72s
  • max time network
    132s
  • platform
    android_x86
  • resource
    android-x86-arm-20240603-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
  • submitted
    04-06-2024 01:42

General

  • Target

    clean_robot.apk

  • Size

    138KB

  • MD5

    4b31ed065618d2553b64c83127ecf698

  • SHA1

    aa5cee4147e90c362e9f1e804f31af06cffd60c7

  • SHA256

    0ef662cefa04b69c128212edb3847a0b14876a52cd4175527c9489f87d0136cf

  • SHA512

    6febfe8d2ad16ded31439917775e2a032bfe3d01b1bb37461d3c104faeaa978fe5d771af5b845777575ace8007a0bd8bbc823314c41c0e4aec089209ee5c3fe6

  • SSDEEP

    3072:/5DT5xLlH4v9tmgcn6sQfqCeqR6Z188nWFcFXq80:/5DT/LlHQggK6heqR6IyCcF0

Score
7/10

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Checks if the internet connection is available 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Processes

  • com.sogou.clean.robot
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4286

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    650956f5790780ebe873a98ec3c6208e

    SHA1

    93d153640b298e9214eca32825ec30b181f9e8ce

    SHA256

    36b4a521ca7add4a85d3ceffd27777e37c0c0e06c44977492e58657664d59cab

    SHA512

    9fcc0dd8a702424908286f597c6418516a939038d264c2d31f65dc48fc5b025d7a4c85d85a54dbaf33708b7ccb0c703c2bb0762033a6fcfe7917287c6d307449

  • /data/data/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    3ca2ad7b69ac863a714a2236a39e86cc

    SHA1

    3d90990637e19f5fccf0e2ea8d341190faeb7673

    SHA256

    050cccfffcb087b9869f6292e44669815259d0917da686c936190ec290247f52

    SHA512

    8d3e40b3e035ca3ce4a36dd54dc268a7620fc9b2455a9cbd9a36a77faa787ea56cd54a6635c5e48c1ad65720b55d3c6b17932f841a2d75ebb177b02401212a2d

  • /data/data/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    c7777e2176a388295d0967f5a8a60487

    SHA1

    9d672695c286d927de9a24a01a1c11e966a93a92

    SHA256

    bda0c73b511c801219c1caef8096bfad8a104de7fd715c0808b1869449d64dbd

    SHA512

    ca343dba2d7a2ae7a39a90d7b84f2f1c050a5e7d6b0ecb31f5cad17a69a54968913f721de812c42fd693166148969d4bb14302c911e4f17ac73467edc06347f8

  • /data/data/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    037dd2a905ca31753086a86a6988b5e5

    SHA1

    031620aa4ea80784cd467c4d451d6e3b4f4fff3f

    SHA256

    e5f3e67a37dae034e73f9f75c42c9d8cdf370a5f225da2e661c3d6eb3c2c0d1d

    SHA512

    49ca5bda8bfe26a88af9d949792c54ef49eec6b515cddbe3656c8f06a8a8dab7f9b7923404eb4429c745c1cebe9e9b71f84054db3bfb527456396f1f710bb983

  • /data/data/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    e4fff47de57891acd0c66f5da0228c82

    SHA1

    c679d3b808bea436321889c3b1f34bd086056103

    SHA256

    3593363066cb8883642d1f8e77d7c804d62f9f8c79a9017b3ab033e13388961f

    SHA512

    edea8fbcbf1de933a793ac99f9dafeafd1efa11138d8633b38131a1704bd2f818b7730091a93100ec342096cb00ab8a9030b9d5ec127ec09c845269927322a88

  • /data/data/com.sogou.clean.robot/databases/pb_db-journal

    Filesize

    512B

    MD5

    4c7d2de2c3c13a5519ae0d1e0ac7b91f

    SHA1

    48f089e11fc85c58b97cf1292d0ac1e00abfb0a6

    SHA256

    bd072b33df546a89fc705bb9147137edf33d9e9ac29b52e297b40d1e804e250b

    SHA512

    efb61258c4464f570e73b843fef7ed86dc33d349738c84efbbf2704a2c09d9da2b61b3c7536acc7a9483042ab9806b704867b5711fbe16ee7aa96c883f98c835

  • /data/data/com.sogou.clean.robot/databases/pb_db-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    54824068b3c98356ac21f662f3fad7cb

    SHA1

    6ee914cd645039e2ceb7c91a3fb745e0b7b07f18

    SHA256

    e4290a9130baad6bc6a7281cff89201ddd5282bed67e28154ed6cd777115298b

    SHA512

    dc30f38b24874a19b1345d7bd3e0e820d356fee871a395895ed3aec720f0c98efdb02aa80b0df7b252373bc654f117de72cc8f6db7f741855106d61dc8a7e2f7

  • /data/data/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    32KB

    MD5

    6f4d73d18b66aa125ce68b0e6e27ca07

    SHA1

    d91fd10a5dc8785d42b11b1dfe676120bc09faf2

    SHA256

    e799833c7475d10ba6597607cb86506f4b64fca2b3455f05ff513f0b4dd5935e

    SHA512

    4ad9896442eb5536af6d5ac13f3e4501b8450f2979dda8684be242f34614f33d52b07554d30dc638eed921992bc81dc14d48761b7825c8ebfe16a058bfa68d67

  • /data/data/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    1e619a2bc5b56379701f1bba6395b623

    SHA1

    1f72436d18ea1fb2b86b6a4b6741dc9ee2b42b65

    SHA256

    b5fc7d9b06705fa83128e5261c15cdb8f0d5b0be5314c3c7c6fcf5a2de67d3e2

    SHA512

    96a5a68def5a67bbed469e6537fcedc75b5e12aa32fbd23cc00468b8e520f235c40e0780d34dad293d27058091ca5ff9786363aaee774c63dd9038ed36a6a85d

  • /data/data/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    fd52529ac0a15b4499846fb2a5b1f4b9

    SHA1

    f3dbaa6e173a82b17157a0c847c415d0768f2914

    SHA256

    e42b1f697535bc03dceda0ac79c3002760dbac494b1b834e5c05c921938476b1

    SHA512

    a619329de9ab3b47cc333f188e539f773c5ce6ca6cdd650fb72127b43979498984827d911cf76217ccec7854fc7332d1b4bfc65952c00a86c809d0ed737f6da0

  • /data/data/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    2335f96a9daa1e4430e5ceed1fc58a4e

    SHA1

    ec75769a3f1c728a25c76d284ea6e527f983579a

    SHA256

    58525b5682dc81401a5ac120b34d368f01031b223880e1a71f85e80352186e24

    SHA512

    33c03670c3033b6e77919e57aa9bf97293a779787a31c574a28576d0301a8f438e2b4a4acaf27c23993be2fd566a93093f7f072f5e48b749f253707df4c9f371