Analysis
-
max time kernel
319s -
max time network
1075s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
09-06-2024 16:35
Static task
static1
Behavioral task
behavioral1
Sample
Hamster Cоmbot Bывод.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
Hamster Cоmbot Bывод.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral3
Sample
Hamster Cоmbot Bывод.apk
Resource
android-x64-arm64-20240603-en
General
-
Target
Hamster Cоmbot Bывод.apk
-
Size
7.4MB
-
MD5
43cd0d0837b2cf2371e93e4340614562
-
SHA1
db8cd87819a91f311f22a78e1e4099486768099d
-
SHA256
608bccf44f236542d708efc9e8d81372bb1a941969f267b315772acd370d2b06
-
SHA512
7e5356ef27b70b99a872b3c5cf8e21358971c0c85c34c7fbab6a8a20a70a5859a34dc8c651e274fd3a13bcb3af6f7adfc2269b108f11bbb25eb4257ac5f9a0f9
-
SSDEEP
196608:xwzajoJT+62TZF8SoGwsX7LwwYwwxfn8/XezdJsy7BwHxz5:4aKfsf1oRjzqXeJSyK
Malware Config
Signatures
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.example.applicationdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.example.application -
Requests accessing notifications (often used to intercept notifications before users become aware). 1 TTPs 1 IoCs
Processes:
com.example.applicationdescription ioc process Intent action android.settings.ACTION_NOTIFICATION_LISTENER_SETTINGS com.example.application -
Requests changing the default SMS application. 2 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.example.applicationdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.example.application -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.example.applicationdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.example.application -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.example.application1⤵
- Queries the mobile country code (MCC)
- Requests accessing notifications (often used to intercept notifications before users become aware).
- Requests changing the default SMS application.
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.example.application/files/profileInstalledFilesize
24B
MD5f452790de88e351abc3bf9ea008d507d
SHA169f93012265e2ecb3a1c49ce862a21f33128517f
SHA2568f05c0ac596b8813b36cd07255064e01e630b5dbe90ab0aa6ca3e28edd9641d8
SHA5129b5517154acfd6222ce4de270fa6ccac0486011330adb888bd70da8b5e8f8e4a9ed8c56b3876b59d36b3856a6886fd77034a4145c4ef91c3ac825afce6c583cb
-
/data/data/com.example.application/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD5184ae3b8be31f2afefdac92c24ef591a
SHA17ca537de3a40ea552b274635cbbc02a025548fb9
SHA256c0da1911775162eb6cdecf95de06d74774bf9afbb03846c699005b5bf6ce6d01
SHA512917609b652303e85877fbe819d7a02e4867fb70b525777fd8819277aa3a7ea51111f0bd9ccdb4dbc4d8b345bd2d7fa31f328c2b845e204a1d1d7faa8f3b3515a
-
/data/misc/profiles/cur/0/com.example.application/primary.profFilesize
5KB
MD5b6d3ca5f8b1bea3f243673abdcbc25f4
SHA1917a67c3b5fd9814adc01e81c59ed08c70db70ac
SHA2561eadd2d3de1286832ab2ff6ee7eaba4fc116b53981008593219e9afe543cc9df
SHA51203bbd5bff2f967445e1f62da8570063f2aae822c3f0bfc67a42d7d0afc893ba5394e3d5d525dcd7c4569fe0f0e9a904b0fe5044c138a2427c46879bd7ae6a4e7
-
/data/misc/profiles/cur/0/com.example.application/primary.profFilesize
2KB
MD537d6290facb25e9659dfd03a47ad5a48
SHA1a4c25b2250f5d8f4c4cea4a7aa73bc971024afc3
SHA256a7393be015bd36ebb39db4337d06d252aa35018dc118eee121bd38c2b00b4044
SHA5125762b53528215ba2cbe2718d2c7f2d7cb94f5a484c529a11bcb2083d972ccebe813f23dc226814354e33f07e3adea9da5f1e7eb1baecc9cd77c20dbba9e1d000