Analysis

  • max time kernel
    106s
  • max time network
    171s
  • platform
    android_x86
  • resource
    android-x86-arm-20240603-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
  • submitted
    08-06-2024 19:04

General

  • Target

    ColdInk_Box_0.5.7.apk

  • Size

    71.8MB

  • MD5

    e6e1ab877dd0663e172d2ccac6c287c8

  • SHA1

    5e66f3295d3a05d42a3a8c7ee91a19244d7ebc69

  • SHA256

    08591f5ebd6e3a5b21e430b840083e69a4719cd57dfab8fe6b9a6d3e5484f13c

  • SHA512

    b2047a29e391703d17671bee37e9bb2a380305ac2503c20bf0ca5063718a9243db3a2587aaa7d3c204241ae371529767c4ed9aa021b241812d10c2673bb7ca6c

  • SSDEEP

    1572864:mldeUHEmXv0AOnHp2DjyczvP6iJQh+nqTg1TyB1NA:mldelsvFc2DjyChJ3qTYC1e

Malware Config

Signatures

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Checks the presence of a debugger
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.coldteam.coldinkbox
    1⤵
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4242

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads