Analysis

  • max time kernel
    73s
  • max time network
    146s
  • platform
    android_x64
  • resource
    android-x64-20240603-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240603-enlocale:en-usos:android-10-x64system
  • submitted
    04-06-2024 01:42

General

  • Target

    clean_robot.apk

  • Size

    138KB

  • MD5

    4b31ed065618d2553b64c83127ecf698

  • SHA1

    aa5cee4147e90c362e9f1e804f31af06cffd60c7

  • SHA256

    0ef662cefa04b69c128212edb3847a0b14876a52cd4175527c9489f87d0136cf

  • SHA512

    6febfe8d2ad16ded31439917775e2a032bfe3d01b1bb37461d3c104faeaa978fe5d771af5b845777575ace8007a0bd8bbc823314c41c0e4aec089209ee5c3fe6

  • SSDEEP

    3072:/5DT5xLlH4v9tmgcn6sQfqCeqR6Z188nWFcFXq80:/5DT/LlHQggK6heqR6IyCcF0

Score
7/10

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Checks if the internet connection is available 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Processes

  • com.sogou.clean.robot
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5031

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    09f820c93e859ec750d3d98dea6c5919

    SHA1

    7f2351d858576faeece6790ca662c8d8e074c25d

    SHA256

    24a937e220e4145ca69aa28e9f714f0b6c6c7e760a871fde091d0eb803ef2fd5

    SHA512

    dd339cfabe04133224458d246a210da9745ce7f86d664bd3360741647b8a8a392270404a21201b6ba0412e505d5b6f12e56964ba299647dafdf1cf2aa18216a8

  • /data/data/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    b288620100b1b3021f40625a8cc29b5a

    SHA1

    bc025f3df9f78d4d5a4fcb424d9ae09817545bef

    SHA256

    ecf57b7d1d97c0e099b65fd96a95808d70d3acc0f2257cbcfb2a3f3f98035c95

    SHA512

    cac7fe0a3c903c1deefb0f38a83d289a5153c7cd49cbecc8a899c622747ed25fe59901aff84744ee2b85340482b8e469a803998a634e4a6bd1adb8b62e7e852b

  • /data/data/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    d2d0383cc05103c35937e1f00dcd8567

    SHA1

    e9a00245d15b8e51973e463fd2b152357584c339

    SHA256

    7ad668d39006836b821405b5907a93b0c9d946f6f2684e314fd183d2bc0ac20c

    SHA512

    505989a03e4d2a1c560a64d638976b413ea0ecd844ed203cebc5bcf7b5f05265eaaf275a702571fc07ef7f56ec06e1300b7e24287d3aec9faebfe144fbbc6452

  • /data/data/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    853458ec0dbfe732b1b7934778a30c6f

    SHA1

    821e04c735b9f31bcb8532bbb3526b6c4d0fb62f

    SHA256

    fea9fc14b9a8089d757baa5fb906e474e99d6008656fc75cf79b1d60ae23b27d

    SHA512

    71948efeae504c6e978c201065fee09eeb16ff33657bc5c3fd82a3b53e359e348a2aea283a8d88b128c760c85c4cf95821ed85ac11c13b4cdfe777a69f1dbcb5

  • /data/data/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    78ae73f15ff6d944a499766f67384fb2

    SHA1

    42f230f00fb0a4b8aff8adff1f4a8cf1468087e0

    SHA256

    c8a4b2558fcfb16b1a17e6cbb5cb59eb6c21ca0fbf484b9addb3f420f84122e2

    SHA512

    26516c244644f5bbafa8c36492a33cfd8ed66b1b75fe8f0d0ef81375f6ff1958865452aa38435b568de9b406b0b60e775d9a5fa0182e157622b6c98fb43fc619

  • /data/data/com.sogou.clean.robot/databases/pb_db-journal

    Filesize

    512B

    MD5

    9f9fc50cd162d0e3a259cb2627a2a3bb

    SHA1

    c00a3fb500e7779081a1b6c7d64ebcc467a680ba

    SHA256

    32e295d4c6295f9ba45be7eac6633bd845871500d463d82f3af5e0be53f9c92d

    SHA512

    763c23beedccf8de62c619a6c2ecff0fe1a07487034f46664fe5d94cc6e6f8f0d16959475a9424e5c5281f27c65cba727bede0d3622f529c16346036590f86b6

  • /data/data/com.sogou.clean.robot/databases/pb_db-journal

    Filesize

    8KB

    MD5

    985c61458ed5dca02029d968a4fdd0c9

    SHA1

    267476d1a7e4340e62051ce7dfedfb05a9cb3e20

    SHA256

    5a9785fe231bb6090c4fe9b3563bc62dc2172d886dde2f06e3ef0dae05a4cf7b

    SHA512

    43a88be6e9dcaa8cf101e3467447ec71a2b8f4649c3f9fccf9c4fe8d191e7533052af635a8b302202a1bef9448f7b04c9f48acd58966ac8d2dc9c9404271e8d8

  • /data/data/com.sogou.clean.robot/databases/pb_db-journal

    Filesize

    8KB

    MD5

    1f18b36e01fc3adf745cd705ec25a214

    SHA1

    6594c9712462ed43dd3afb6cc242264f1fd9fdce

    SHA256

    9a6b76c7df7e3012305267ea5f3c40cfb8e11fd004d0a27bbf7e5cef67001e83

    SHA512

    fb4ee68787cf5835d1c1c2d14b4a3fd50c85ebb8232c46fbcfaa7fed8b43f5c74881b792d83397060d08fcacbdffd6e754f994ae5e32d89eb11acbaeba0cad6d

  • /data/data/com.sogou.clean.robot/databases/pb_db-journal

    Filesize

    4KB

    MD5

    36fd551e150545b81e4bc6dc3f3a148d

    SHA1

    a7bd5566c624d4823b7bbeda769cba1cfec9b931

    SHA256

    049a6e861e31a0e46bf847ec2dccc187c96d5bc78e78f1558782ac392d7392dc

    SHA512

    1bacbab19362d06f69d64701b00b7930da9f1452e7c75b54975320578383e4bdded03e1cfca9039c1a455291972c3f0b26ce822d26bafd60c24895cd0becacf6

  • /data/data/com.sogou.clean.robot/databases/pb_db-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    dbedc8d4aa589ea0153017d3993a28ee

    SHA1

    dfa0e00c6918209a5c5ee0746397380747a884e2

    SHA256

    edc149bf9c297082c52c374743cdcb2ff9def37ad34447704c7a7a4ce1bda111

    SHA512

    9f4b50d5e6e054539fbf351450152eb5f8e7e763030e1ea7fa4362899cce9032f1415230efc4f3b111fdc7390a041c39753081e201bcad6ba61c655c816139b5

  • /data/data/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    c6a25435cb60bfcd10d394083817c255

    SHA1

    e3513d7019ecd00b9666416b64b9da8ac233d7be

    SHA256

    134bee9de70881247b7f1a777067bc9a34ca0bab455a457e4741fd6694421a16

    SHA512

    bc4d99cff5b600f19aa42d09365faafea669dd3580acb377536bdc5ec92a38079869dcd3dbb695a2c0b2dc45009b3efbf78082ed95487e92d100ded47806541d

  • /data/data/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    1660f01dee19c73bc1d3674799b1a124

    SHA1

    2d22dc4e45c796b9388b1f244aa8263a9d8edee8

    SHA256

    e41db54426c3aa106f214dab1b599dfb251cbea0ab8aaf44151e91ed62e48bfd

    SHA512

    87cb67a74f72b8a8525f3a608a8c64d290cc4322344c2c4b6fc5513fed9b0902229729d8d2167fd87e25d59692203738f8257a661a44f94c5b5f03ca7345d027

  • /data/data/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    dc0b6b0f5950b2edd64697eab8039bbb

    SHA1

    41533487dc6c31c3d877857926ffdbad625d92b8

    SHA256

    5fa691ad6a058a0922e4ecac239969b28c9745d46210fee4a1b7f7964d671c11

    SHA512

    febe1aae21f32dde74c335b0198b4d98b8c30c46ac69f2500a4efd03698100cc7635e7d3c2e1069e24b23c2ecde5ba3616cb8a52f76d492a42f36ffb5e3a77d8