Analysis

  • max time kernel
    73s
  • max time network
    134s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240603-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system
  • submitted
    04-06-2024 01:42

General

  • Target

    clean_robot.apk

  • Size

    138KB

  • MD5

    4b31ed065618d2553b64c83127ecf698

  • SHA1

    aa5cee4147e90c362e9f1e804f31af06cffd60c7

  • SHA256

    0ef662cefa04b69c128212edb3847a0b14876a52cd4175527c9489f87d0136cf

  • SHA512

    6febfe8d2ad16ded31439917775e2a032bfe3d01b1bb37461d3c104faeaa978fe5d771af5b845777575ace8007a0bd8bbc823314c41c0e4aec089209ee5c3fe6

  • SSDEEP

    3072:/5DT5xLlH4v9tmgcn6sQfqCeqR6Z188nWFcFXq80:/5DT/LlHQggK6heqR6IyCcF0

Score
7/10

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Checks if the internet connection is available 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Processes

  • com.sogou.clean.robot
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4712

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    92c44d4d6330463d863409b443807244

    SHA1

    31e4824d4ec1cb33b76e9c7bfbce1065a7cbcafa

    SHA256

    94b10ffe36c04d98bda139042e929f1cebe0d1bfc3f21d19470ac5e12622e8c2

    SHA512

    fb7cca447b772b0e02d39cf4e57adc80808a08a516e92fccefbcfec8a434d1c10394f816ab2aca3ec1815f6379b9a75f109dc8f0beaaff169952b5d038212d31

  • /data/user/0/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    80b41a4892f440f71c54abe51a14655d

    SHA1

    595dc1ebc14800ee3a2962788b230dc49998098d

    SHA256

    6ec8eeedc700c5d8f048da1c933ac1dd25efacb7ef1611f21ab89cd69b376a51

    SHA512

    0910471bb457e264f486a862d28456b64b280679c5d484ee8f672169121c171a35db5c0cf74373b6fd9a863b8bf1782a979428f7daa5f54c658129c8dfe70016

  • /data/user/0/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    12b124cf54893fdb481905417d5b80b2

    SHA1

    b25251f19dae246971102b06c8bdbd6010449cc1

    SHA256

    62e406cc9d96de07abb19cbcb052162d37630b2e70300c10db9946e1810f2b54

    SHA512

    e0dc46b06c6f53e671ef12451898278d7d6201027c1f2aa6844b6d00f6a5a647132be12df1a293e6b42394fdaccf91e7e9e3565921e312d29295d688b3f0333b

  • /data/user/0/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    8d93915fc7c1ad48dc50db12d1f391b8

    SHA1

    b5df4223d0da5ed1af80f91806abd8ee59dc84e1

    SHA256

    90a2d34358d1f46dc06a19cd655b71b1def2794f1aeada6d3cbb725676ff924b

    SHA512

    8224930bb51b4f42d9a59db1f96a4e08df33d9d8b7bde22508dec6a229803672f548c086ce63555fa23bf8674a95657e00f54371766d0679c32bf85677fd8c7c

  • /data/user/0/com.sogou.clean.robot/databases/pb_db

    Filesize

    20KB

    MD5

    bdc096c23fcf59d3d66a7d28c539d82c

    SHA1

    07de4d58d13c2bc250ee94658797f9e78404c923

    SHA256

    fd6ae85c485bcdf880442c0a4f4021710285e8755a7d9d7ca7533d6160a661ee

    SHA512

    69d840f7ed01a045eabc90a2e3a82de3cf660e46c3244eeaab64128a34659aa552c11e8d4d8ebfb725ee9ab3261cc2dc91bb672fbec7495a222c552c51cadc28

  • /data/user/0/com.sogou.clean.robot/databases/pb_db-journal

    Filesize

    512B

    MD5

    d7ea94027d5bbbbc7150e6a3a1f69ef5

    SHA1

    4d370027efa4e93962887f0e6806fbe7c6845236

    SHA256

    076b4d2047a27a61e1b63bed8b684562279b7295ccb8aa9cf88e6e15a80935a6

    SHA512

    91965668434dfcaf39b1a4c76d80723c264e0775e6e6208eed44dec9399823fec5e999e77152a5abcc7c4ed5bd955c4688762fedd2f663afed29e747a338955d

  • /data/user/0/com.sogou.clean.robot/databases/pb_db-journal

    Filesize

    8KB

    MD5

    f1d8703527fae120faee2ad9a1a18b63

    SHA1

    cb5f5446780ba09427fe3ecfb21b800a88b75924

    SHA256

    f4707c2be379247d5e0c875185c297d4e6f25f08186856a8b4bc6aec7997449b

    SHA512

    6cc2bb7875dc1944ba16268c4e92949bf48a7f0de32e58836b611805fda1cc4438db26195a08a0a1bdfe0ff6a8b7ebe757d9c1d5bb33df0fc21c4136a471a04a

  • /data/user/0/com.sogou.clean.robot/databases/pb_db-journal

    Filesize

    8KB

    MD5

    7d1eedc86e38075ded39606d26fca4f0

    SHA1

    a2b0678930e8be15fa39e0abe1047fd8dbadfd74

    SHA256

    8ecc123f81370ef5697a2a29226fc758f2a00781c1427dabd927a9d5f0f34133

    SHA512

    aaa3bcf9d5b1a8ac0e32d9a5f758d4ca4e57526b60f1e113ee06451fa1f7b6d500300a2f7ee031cbd3f467682cc0805111d71e1e36d7636acf6ae7d42fa594e5

  • /data/user/0/com.sogou.clean.robot/databases/pb_db-journal

    Filesize

    4KB

    MD5

    1775664d45cae0146a973e811787522f

    SHA1

    86106f2ee785df3938e089d3a3d82004d6193cad

    SHA256

    1aa364b71b2791bd1d0d2f3e041b0ff495f3114c9a66af01b9791e37154de6d9

    SHA512

    051ce78d980a08bb09793fefc38eea9d0737fdb3ed825afe5acbbc0104ea02df6bfa27aca4751a32181d8c05410021e7ba0dc6b9da2277613d98f616ba6564a9

  • /data/user/0/com.sogou.clean.robot/databases/pb_db-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/user/0/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    28700c57800d67e6e162a3f3d5c87bcc

    SHA1

    39282f0d3e5f88f503491f01e50a49d093c369eb

    SHA256

    28a9b22c51c0569e7588e422e785cb099c3ad0cfee7ce5dc30ef3bd3f9834e77

    SHA512

    7a7b35ca753ed28a088bc3e2e728f418e112d4c5f2a34e22a962215e462bc861b52d3bd7b6cadd722264d0c323112e1b4d7e19b77acdbdf27af4512e5bea0b7e

  • /data/user/0/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    14493d42e1a83814b11f698fee856114

    SHA1

    37d39378fd6be295fb1942d21710bb4bc54d06ac

    SHA256

    a9102e24bdbc9ad728b76b2eebafadd70586bb9d6f3c80d386931f53b8f04941

    SHA512

    ca99e949a56a51a7073d247524e84c160a2730be20eb0e68cb2f887fb88811f0348a5ffadbd1a7dde94680157d00436547200ca011f1c946a1a044183fc93d0e

  • /data/user/0/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    7fd2ae9e722cd1288bcfb68cf3df28c1

    SHA1

    c2b0e9f511554fc0f1ffe33b40297c40745ff962

    SHA256

    f754d4e0aedf734886c1787c155371d9ddeb490922e95f879871d2b6dc38f7df

    SHA512

    17ebe87990a8f968ca7d41dd81e69db27ee31efa70bd123af1546b590bcdce9752817d505ec175acd4944a2f197582697268cea44167b28313916099a55db487

  • /data/user/0/com.sogou.clean.robot/databases/pb_db-wal

    Filesize

    8KB

    MD5

    5cbf4d9d02d8996679e687f1912e1603

    SHA1

    092fd25adf2b82a9ed9db60b6b9ae96bf84c40cc

    SHA256

    2ae18395f17386320b863c0cf0fcdc13e081b2de9f389aeadc899e1b903399ad

    SHA512

    1cc998f48894b7f2244447e43bf85bec927faf5c8764b725d4bd90bd2da793f5e000f460cbe32c87027ceacd9cebe4225ed8347ec282eb64218cbf3b63262e9a