de6467cff49678818a3c7a15f002da1a0d4008a2a23200d4d42ea2480a36ec79 | Triage

Analysis

max time kernel
123s
max time network
150s
platform
android_x64
resource
android-x64-20240603-en
resource tags

androidarch:x64arch:x86image:android-x64-20240603-enlocale:en-usos:android-10-x64system
submitted
08/06/2024, 15:52

Sharing

Report Analysis Logs

General

Target

angry-birds-go.apk
Size

20.4MB
MD5

d51d3ae9ccc70ef156bbe82f4e4be8b4
SHA1

29182bb96f01d5343618a450c1ebbdba0561944e
SHA256

de6467cff49678818a3c7a15f002da1a0d4008a2a23200d4d42ea2480a36ec79
SHA512

93c39f970f055da8c46ba65df22c0d4cb83912b121df98fb067637ea00d2bbc9d50b8336e4c4255a8ff17466fb07117cd02946a1d179895461f75a29e6b137f3
SSDEEP

393216:W9xwPxkcV0SsYCX6k8IP7HKHXvGFN0xWP9MbKSWeIh+E2:AM1VhVz+7H6XvGFN0xWObeda

Score

6^/10

discovery impact persistence

Malware Config

Signatures

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Broadcast Receivers

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	cm.aptoide.pt

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	cm.aptoide.pt

cm.aptoide.pt
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:5047

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cm.aptoide.pt/databases/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/cm.aptoide.pt/databases/androidx.work.workdb-journal

Filesize
512B

MD5
e1215c67d5527d101cd3a42f8561f307

SHA1
845aeeacc88a5e2b5bbff1055eb7c83aadb8bf2f

SHA256
96db2358d891e291bcc73d8326c7c46e38263dc5e712e4cb00972fbe3d3e9782

SHA512
aef9ea9b5aa418c567c974dc52e4325f4621a46c7dffc534a0c353c71bea5a6fef8a2ea84c6a41d5d7399af4e8b91ffa1c5ba691c66985fd519e96500fbc5147

Download Submit
/data/data/cm.aptoide.pt/databases/androidx.work.workdb-wal

Filesize
88KB

MD5
6cab5c5b5a76dc67a17de668488a4e8c

SHA1
2ecad478dd6182aa50b06bbb2a5a6839310a0916

SHA256
e0489d91d51a9cfa3009b6ca7eee7210980a2f1a47c710b66a4c36a37bf63077

SHA512
5493d2851541212b31bc76f10ab7b9a66015077e30a7f0513e465c82d48f7345c601d996a128681aa3d0106733685e0430727b0d771c000a27725551fcd0dd6d

Download Submit
/data/data/cm.aptoide.pt/databases/androidx.work.workdb-wal

Filesize
16KB

MD5
07202acaca01eee64447b92eb2ffd887

SHA1
7c991afcd46e70b43ab4e4534a8237805a262c39

SHA256
fdedbe62f1b02815389dc0c52c6c19fd111762ab12f15a237296d0bf9b711425

SHA512
4647321fdc90762f5a264f94b53663710de7058e59dc052d3f5d9e298d30a01104c098ce488261e96c262477344f57fdf5c531f4870bc8160f2ba1ee2209857e

Download Submit
/data/data/cm.aptoide.pt/databases/aptoide.db-journal

Filesize
512B

MD5
fb9748eb2759947ec5ef73bbbb7d38cd

SHA1
de7009bcc284b3708dd853160a5cc4a493122038

SHA256
2c448c23a6421d3e582eaeb439bffd6ec32a4fc801909b4ac729d69d9284e839

SHA512
abb8db2c34e57cd5280b15bc1afbd52a0cf19fbf69e0f8aab2cb2016cc92aee2232a3af4da7f55e7c47ba809dd4fb674119007e0a69c4809d39f59193acc306c

Download Submit
/data/data/cm.aptoide.pt/databases/aptoide.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/cm.aptoide.pt/databases/aptoide.db-wal

Filesize
136KB

MD5
de1c716bcb62684bb04b9954647372d4

SHA1
f6993d7d4004ba49df42caec6cf2d94619b26d4c

SHA256
5b692a4fe09427706b07481b716fe3a25d5e1a277f5c8e9a27eae45cd397f146

SHA512
f9a9ba3a66ad3ee85ced2161e564c4d0eb3ed5af97af49cd0f89be23316b698f0b7ea00cdaf0c545d20b9f8b0349e7f5a10a941678b4b02dba6ddcf77c82c73b

Download Submit
/data/data/cm.aptoide.pt/databases/aptoide.db-wal

Filesize
16KB

MD5
b5d28dacafb0ce07b292b4c2725f0ee9

SHA1
89dbe7548b34531897e46d8df5e774e1fd8c4c25

SHA256
0441fbf06ac975a3befa6eb406b2f22ba30675b947ca6d28b5928bff086af19f

SHA512
569d539eeaf32fd4168df4ee148ff8fb1f264090816e57730fe2f3d7f0f4b54b7bf1b37f7675517f97e2725234bd585ca67d5de650936efe5514918ced2c43aa

Download Submit
/data/data/cm.aptoide.pt/files/.fstreaming/fInProgress/currentFile

Filesize
2KB

MD5
898eee32d8280c7ca32ef974f3afd286

SHA1
1540823c2af9822cb4f80a5683cfc222ee316e0e

SHA256
8fc6c3bc111971be0dcebf801c3d2f556fe05d061de0645d91449629195d0e44

SHA512
3cfa92424daecd769355deb0b9b325a90aa33ad7edcb60cf4aa9358c1c018eb3a9a921650e6c3b1ae913709d58351322950515e2926709f81ba450a7537bbee2

Download Submit
/data/data/cm.aptoide.pt/no_backup/.flurryNoBackup/installationNum

Filesize
100B

MD5
7633e7d1604f83347ed7bea2f4b67314

SHA1
792efe911997cff693c2b60993861318b10c5b8f

SHA256
c43a828c3bc6de8ff0bf4d2e26a60ad2bb6c1fa578d4fe68b0d04c6af5160242

SHA512
3274f04b9105d28965d2092e123f3735e736b64e9f8d0995ca01a3796f547f27e0a529bafae0a864a7644e546ff223f19c8e290129597fe15ef30b8c7ceff930

Download Submit