Analysis

  • max time kernel
    319s
  • max time network
    1075s
  • platform
    android_x86
  • resource
    android-x86-arm-20240603-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
  • submitted
    09-06-2024 16:35

General

  • Target

    Hamster Cоmbot Bывод.apk

  • Size

    7.4MB

  • MD5

    43cd0d0837b2cf2371e93e4340614562

  • SHA1

    db8cd87819a91f311f22a78e1e4099486768099d

  • SHA256

    608bccf44f236542d708efc9e8d81372bb1a941969f267b315772acd370d2b06

  • SHA512

    7e5356ef27b70b99a872b3c5cf8e21358971c0c85c34c7fbab6a8a20a70a5859a34dc8c651e274fd3a13bcb3af6f7adfc2269b108f11bbb25eb4257ac5f9a0f9

  • SSDEEP

    196608:xwzajoJT+62TZF8SoGwsX7LwwYwwxfn8/XezdJsy7BwHxz5:4aKfsf1oRjzqXeJSyK

Malware Config

Signatures

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Requests accessing notifications (often used to intercept notifications before users become aware). 1 TTPs 1 IoCs
  • Requests changing the default SMS application. 2 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.example.application
    1⤵
    • Queries the mobile country code (MCC)
    • Requests accessing notifications (often used to intercept notifications before users become aware).
    • Requests changing the default SMS application.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.example.application/files/profileInstalled
    Filesize

    24B

    MD5

    f452790de88e351abc3bf9ea008d507d

    SHA1

    69f93012265e2ecb3a1c49ce862a21f33128517f

    SHA256

    8f05c0ac596b8813b36cd07255064e01e630b5dbe90ab0aa6ca3e28edd9641d8

    SHA512

    9b5517154acfd6222ce4de270fa6ccac0486011330adb888bd70da8b5e8f8e4a9ed8c56b3876b59d36b3856a6886fd77034a4145c4ef91c3ac825afce6c583cb

  • /data/data/com.example.application/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    184ae3b8be31f2afefdac92c24ef591a

    SHA1

    7ca537de3a40ea552b274635cbbc02a025548fb9

    SHA256

    c0da1911775162eb6cdecf95de06d74774bf9afbb03846c699005b5bf6ce6d01

    SHA512

    917609b652303e85877fbe819d7a02e4867fb70b525777fd8819277aa3a7ea51111f0bd9ccdb4dbc4d8b345bd2d7fa31f328c2b845e204a1d1d7faa8f3b3515a

  • /data/misc/profiles/cur/0/com.example.application/primary.prof
    Filesize

    5KB

    MD5

    b6d3ca5f8b1bea3f243673abdcbc25f4

    SHA1

    917a67c3b5fd9814adc01e81c59ed08c70db70ac

    SHA256

    1eadd2d3de1286832ab2ff6ee7eaba4fc116b53981008593219e9afe543cc9df

    SHA512

    03bbd5bff2f967445e1f62da8570063f2aae822c3f0bfc67a42d7d0afc893ba5394e3d5d525dcd7c4569fe0f0e9a904b0fe5044c138a2427c46879bd7ae6a4e7

  • /data/misc/profiles/cur/0/com.example.application/primary.prof
    Filesize

    2KB

    MD5

    37d6290facb25e9659dfd03a47ad5a48

    SHA1

    a4c25b2250f5d8f4c4cea4a7aa73bc971024afc3

    SHA256

    a7393be015bd36ebb39db4337d06d252aa35018dc118eee121bd38c2b00b4044

    SHA512

    5762b53528215ba2cbe2718d2c7f2d7cb94f5a484c529a11bcb2083d972ccebe813f23dc226814354e33f07e3adea9da5f1e7eb1baecc9cd77c20dbba9e1d000