a7c7430792525572322b505de9a1e2119e85962e8e602feb878a042ab7bd2de9

Analysis

max time kernel
47s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240603-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
submitted
11/06/2024, 08:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Game+Booster+v2.0.0+(Premium).apk
Size

14.6MB
MD5

bddcc0fe9893f18c1fb661603e6e1b57
SHA1

0818d9c5afa036d051e3024f8f7c80eeec6e52a1
SHA256

a7c7430792525572322b505de9a1e2119e85962e8e602feb878a042ab7bd2de9
SHA512

afeb536e93274a943c033bc5127a2cfb7b366ad6330e884f177b9afad0d15cae9e9c3a722f96ffae6ca6084e75060c1e8736609158fa2bec8582bb98c6ab2e46
SSDEEP

393216:KNmrAAb551sLKTBDG66S3NQ5IAt57nUM2153Z:Kyb3bTF/9o/7nYJ

Score

7^/10

banker discovery evasion execution persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 3 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.g19mobile.gamebooster/files/audience_network.dex	4300	com.g19mobile.gamebooster
/data/user/0/com.g19mobile.gamebooster/files/audience_network.dex	4384	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.g19mobile.gamebooster/files/audience_network.dex --output-vdex-fd=93 --oat-fd=94 --oat-location=/data/user/0/com.g19mobile.gamebooster/files/oat/x86/audience_network.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.g19mobile.gamebooster/files/audience_network.dex	4300	com.g19mobile.gamebooster

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.g19mobile.gamebooster

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.g19mobile.gamebooster

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.g19mobile.gamebooster

com.g19mobile.gamebooster
1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
PID:4300
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.g19mobile.gamebooster/files/audience_network.dex --output-vdex-fd=93 --oat-fd=94 --oat-location=/data/user/0/com.g19mobile.gamebooster/files/oat/x86/audience_network.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4384

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.g19mobile.gamebooster/databases/app-info-db-journal

Filesize
512B

MD5
e3eaf792db4af64e53fc73a1fbc56a49

SHA1
6b574da21b0296db5ffc8cf155818d5cf0a39fa9

SHA256
9be8c36b2ee414cfecdfa21397f72ded816f995400a7eb4d642061ddff1e05fb

SHA512
441c9b5d14b3dfdd04ca501531af8075653b35c80b02d1d7a998500a2f1696fbf50c3edb8ccd7dcac795435781d5c5a944c21f2b90a2d4eba4cb66b364a0fc98

Download Submit
/data/data/com.g19mobile.gamebooster/databases/app-info-db-wal

Filesize
36KB

MD5
9324dd6e8a50c04777032adb4ad2bdb1

SHA1
5c3a015c5c718463dbf2ceb0c8bd3ff07a6ac482

SHA256
89d4c1ec6a653cd890bf087b167f9bd2f5bf869726b7ee8c35d89886e47d4107

SHA512
2b0133a4c98ab0b986c7000b83fde8ad5b3fe5e5a44f166e612698a12049a28c2f0c100442249bad25808e5b8a5692baad9588143468174457ca2d780a44cad1

Download Submit
/data/data/com.g19mobile.gamebooster/databases/app-info-db-wal

Filesize
44KB

MD5
a8f46aaf444266cb9273cb1bc461c56f

SHA1
cf7e94bb7d0609d283f5bcf84cf06cc3ab57bc06

SHA256
251a778ea7fc553e98dcc66b8b3adaaf67d2ffa06e7ba500d0bf3daee91019ab

SHA512
97968daf9a3a8255f8c670a57091d9506e5e3833d9d761bc2a7b182ad741ffd47f0e79ec9dd79b8ef8a3803bf0523a29e7ff770f3fd91a3f391e16a728e786ed

Download Submit
/data/data/com.g19mobile.gamebooster/databases/app-info-db-wal

Filesize
16KB

MD5
5e25268028ae719e65af52888be648ca

SHA1
b753220ae3d3e31860b6069e1bfd05d8599ba61e

SHA256
f9a8912882c5cf73bd574375c50ce0c5d0253f4968471780c4ed9fdc44c31a76

SHA512
77eb600925eb06509d018ef0644d7d84c66fb9313c6313368293ccbcfd05531851e0b4dde6ac7e1470ef80934d0345b532faf80cf431e1484777e24d65e443f8

Download Submit
/data/data/com.g19mobile.gamebooster/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
8f755e59b63e0d02a921766acd43b520

SHA1
161413d1d527c778e4ffbdf9d90afb7c3f34f2d3

SHA256
6a2aabdab3ffd37cc03faf5349678705cd8e0010d8e9bb3069991a5cc600af72

SHA512
4c55939ff5df6b1bc61dad32bfa2947aeb3d3e84fd1411180abf11de55f875ea1999fe1c0170176859c927f31a61457da776306528c5d6bdff5ffb7fb2f5b7c6

Download Submit
/data/data/com.g19mobile.gamebooster/databases/com.google.android.datatransport.events-wal

Filesize
120KB

MD5
564bea168cffb9cdbcf8f74b8fe9e0c3

SHA1
da1de8c165e982c82ff22ae802514150582ee3cd

SHA256
b0de45d344e2f0a2e0ad3ea067600d40952558aa8f4a6e46c13f2e96e767d77c

SHA512
590d2a71d8859ce8cec1afd4f44848fb73497f611ae9a817a12bd87022add43306d26277b51b35ee80d8a274308c91ae875168dc9b8a92f25e6966ecc3e30a41

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5eb87356ba71761912b29c785e04bf4c

SHA1
d53953d0cd42792fd25bd1f1d4abff1cfed2ba7b

SHA256
8e62b65d15f5079a1238eaa3bc82fa8bc1d14e2cf05cfb8c52125ba50a602020

SHA512
493fa9bc6ff6ec45e639ad06fadb7f157c3f841491a1b3a49035bef944332f072c809ed25c1b13fc858979680047b7eb9c4e85b8a75dc0e8bc0227101f35aa80

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f56b70251ed6789cd393799b0c6feed0

SHA1
6309b3963adf5cae73b979121b3cf84c1c54e54b

SHA256
269b31c3079076cab408fd98645b96b3f3c00157924c64a333b5a4503bb318d9

SHA512
667d465f748da2c7fe32da3078fb3f3b202aff7dbf53de6da17c86c55ae26d6a67e867e3cf58e76ccd55a9b80fccaf169e1a94be28f48173c55756b04cdc2b7b

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db

Filesize
16KB

MD5
84d121dbdacc3af149203712907473f1

SHA1
451386192f04a4510b96b86a717ba6f87b4df574

SHA256
b4673fe1d82ea0c524d08b59f98024d498b2ecb1726564c1ff9893dbb104e608

SHA512
7331e8f5a401d1585bf3b6977cc7b6781ddf9dd900ae641b7c556edf109eba01c4213405abdd41c1d8489991edf6aee9dce10b9fd33b763850ea291444d7ab0a

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9da8b0c1874da08c9d8bd930fa279eb7

SHA1
be4475d62ca5d6c4705155fb92f9247985232f7e

SHA256
4803b6b1eb5135a56f9923700fcaa39ed2b2433ff8905675264178bd480196ae

SHA512
257156bfdff87d9088aeab8e47b6a7ff224954a12404a429ad04823a5398769e5bfb674895f9c60f3d74997cf57688faf922daf8aadc1e70e92c226e135c631e

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6626783af72a0ccdceace420b7e7e50f

SHA1
b902a217ee0cf292c54c17e85c1ae8d11fa8812a

SHA256
82561f2414a061fb1151f505c883b3890c63e28bdad0535b6e89eeea0365c139

SHA512
793d8e1373c1818fa8baed46f4c2981b29cf2826935602efb825924cfa6534765f0204a7f9217fc87f5d82787e059cc97a2a1e935fe02183f116fbfc0487776b

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
6583dfad0e705cc86e011e2a136decda

SHA1
8482be9e4e4c2488e27ee2a6c2492bae029dc81b

SHA256
f2a3bb00284dd3789ee43b84165c24c32c67e5126715f8e318f3fd3795fe06b2

SHA512
5fb314e15b61fc0db52dde8f54faa1cd1932b7dc73bea10277a773c670f2a58f2ac172735b2bb0756707f8b1900b84096c33c9753dd4953a098e14f8766505c1

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
fcb8b8ff41bf5e429a0101930a12ef8b

SHA1
f6abb4417398fc0a92ec96a19d3a01121dbaa58c

SHA256
5fa97352a64c7b3eeedcb7224de44003120c84b91d496a6b291df9bdcac2802c

SHA512
ab0d1e2ad604894b1d9e5b3e65ecfcde595d100692ab8dbf66490de268b728660e10f1082751b4087a5ec2c3e7fa58d28148ff91d2b2545f68c4936624b97879

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f1bf587009d587a2ebb748aa81b5fb2b

SHA1
06a4098a1857308148e75c231149361d92268b28

SHA256
f2315b0f635c9744f3f6d1f9808ccb7dbe6e03e4dc64f9d31e6594098e70ff06

SHA512
03e93d596d84c6b9876fdc888da95671abaac32d463c334bedddecb4199fceab4059c04b7f58f7879e1123faa9513aa55f17becea114a6ccff3ad07f233e7db2

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8c9e154790c6ae199a81a481181505b2

SHA1
c90eec2235906d065f2b0849d5c25c83acebc1ed

SHA256
da16afaca12c6907e91e12ad98a4545b32b8fada418b998465aa348b0bb4ba2d

SHA512
686083798294d6445101f481b2a9222795977821b5055b086f2e0630a7cfda0c9579e27dfbb59a94a3facd3cfb0772ff70886599d1cd52fc8eb09040258aabb0

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
0a3a9810d42487bbfbeda269036ffd9d

SHA1
bc9e4393a5ec23d0af0cf58376682f64f9816185

SHA256
55cb31cdfb209d3fc14c754b38fde6c1d8ce00d0d27000ea1627c82bbc88dc82

SHA512
fe227b50ef4062fe72dd1c4e3048f8b3290e7c4c5cbcd29123b210a6e62ad2b15a337334d645ae76c87742abeaa20e0f5bb3990945c1504996ecb0cca0179c7c

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1970fa8f72ec132ffb0f939de998e702

SHA1
07ce90d0f15df20a41994bfaa17a6a36a05f83a9

SHA256
772f81e72cc510e1dbf53a8a20853b22900b5f5974e3c06e3c0aa426225ea62e

SHA512
0a2c2c67fe96fde6380e5bddab729f2cf61a7933f7513e87b4ff47f66d074f67c8b189fe26b4c62243251b7a9ae3c8c52363795ac54bde682bdbfee743b4958b

Download Submit
/data/data/com.g19mobile.gamebooster/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
527609366f796b3607e46d59b48524ea

SHA1
927c68c764a049f062a8faa40a2cfadc34bbd154

SHA256
ba396dd5a55f868b62c72fff40962758e3fc4231ba6685d67151caa21a52a093

SHA512
47177f716e8367f58b5bea28cd0ca00699f0283948fa0263dfff39459b7822369001169a785cc8a0a640a756b4ec6dd0e11e7a05f731792d4e7526f24ae05b9b

Download Submit
/data/data/com.g19mobile.gamebooster/files/PersistedInstallation3692683748732282537tmp

Filesize
570B

MD5
2d0ee1f53e9fdf5a28f13f3e38d04671

SHA1
bcf106d5c8244ebb2b408f9c2a360383928bf735

SHA256
d2413294927eea1dda01acb04c257ab20a3495ab6114c98fabe98cb34e4fc30a

SHA512
56cea19c02bc7e68c7e598740769b27c100a2cc1951610e968cedd21c966fb110f9c05b6a3cf05fb923a383437016859197ece371657512b8d9ba90d9bd87b9e

Download Submit
/data/data/com.g19mobile.gamebooster/files/PersistedInstallation3705155515061370301tmp

Filesize
90B

MD5
0a17dbe2b5339470d223c8b33fa9dfe4

SHA1
856643831164dfe577a573937345b91029b84c99

SHA256
f5a10db0819bb30dccaade0e15fa3fb69d0f2cd029146afd199732a0fc58fd6e

SHA512
9e50e8feff09d3d81330896121e7d09f5d62ffa8165bf8c91f8bba0aa402e64cbfa637922c74bf5e39c4a20fafe2e3bbdb74e311a95590980177529055625762

Download Submit
/data/data/com.g19mobile.gamebooster/files/audience_network.dex

Filesize
3.1MB

MD5
9b8164be4f0ffaedadc82125e5346c14

SHA1
c4bf7a6383958b493ed5c4dd6a19862d366fca4a

SHA256
8e632284c9b0180ef28e309b4b0f282ef608cfb9d9046df899d8bdac227ea9ce

SHA512
352b3e9ef70839d0850ff7ca4a1f19f3df546412ae5cac1243a80588e573fea6371edd4c408a2edf1b48d70a10a5cb579513d3cd38a4b5ccf4b7528dd28704a4

Download Submit
/data/data/com.g19mobile.gamebooster/files/oat/audience_network.dex.cur.prof

Filesize
385B

MD5
2848712e470c8faa5caeeac1e4595565

SHA1
38f72105a466cffa31f72db9ca885daf9a0d6a31

SHA256
fc22c17dc96d5051e8e2ce6d5f56e4476d1e28cf0ddd6d10bc5d537a0f444933

SHA512
27a32a81b13e2df2fc2e529985b2c8ad389e48b76e0282c1a11fd976442097f831242d900a27f95e8fa9cde7cd5b68bf0958456af4fdf17bd65bd5d660de2748

Download Submit
/data/data/com.g19mobile.gamebooster/files/profileInstalled

Filesize
24B

MD5
4b82761246535d990514d53943a0fe4d

SHA1
f569df9024517f4867f2b170e6226ae60574b2fc

SHA256
56b648a8c12949379032fc6a4d0dc783b557e6fe122ec70427f20047761e48fa

SHA512
06972ade79cffc870056afca01f1eb3cec0548d63aa6b5c0a24a63cd06abd9f1a4554a5787f7a7f6627c2922d8070328b51693329ab1495cb6a2fe4f4d743deb

Download Submit
/data/data/com.g19mobile.gamebooster/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.g19mobile.gamebooster/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
0b5e9ba9d10422c47090d25c1c107d06

SHA1
15d2837f082ffac32cb8265545f07c033ceac6df

SHA256
cb29281a455baa542fa90b08e28881f28e3a2170aaba8ad543a74a80b85a8150

SHA512
e0bad55accfdab5871ac9ca480f25758939c3485ddf343ce79ce83da9a1e85695d3dfc026b2c80d5e7edf0b20fc3ba8058a1f1c48a46c283e61871a1900fe742

Download Submit
/data/data/com.g19mobile.gamebooster/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.g19mobile.gamebooster/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
8cd804db299cdfc86cdc50ed4df65aca

SHA1
85c51ab6fe57430e6476e0e81e45d2730821d96d

SHA256
27cd0a3d9d99ce45359bbb1b77ee985cd36041988a003dfb5b6c731ec32f3ba6

SHA512
28ee0ac95b8377f23a9f481d28987e46e1e32034655a19b444fcced5ee236a14b53f2614713cb897ec7ec3ae5387f5f40afec34edee5db1f5bc5f7a183300f1d

Download Submit
/data/data/com.g19mobile.gamebooster/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
2dad8287ba0b42c5272eb4c9e8c809cb

SHA1
1c54a22b272b216c5d238562c744ccf3a5c53552

SHA256
6b4306dd81f16ba1c7ebb739071f077237a898ff9434c08d5b7ac53cff58872c

SHA512
33c52f6a983a5e56cbf3529cce113cac7bd889957dfdef34fd6fdd1e9d67f82fb2c976407c41efa444a598b8f561467dfd7f1b2205ee4526b8308c78ac08bb78

Download Submit
/data/user/0/com.g19mobile.gamebooster/files/audience_network.dex

Filesize
3.1MB

MD5
1a1c4a86c349f59879a21c1d29e05d63

SHA1
e46fb2259be158107c2b87222f8f17d817812f7f

SHA256
222bb52a333a1375364c0c91e680013ddb4314f03ec684970a2543b04b492328

SHA512
63dba4aebc2750028fbe5bb94d83e07ad5c1ab395d02a830fa4aee45d71eeb06841990f29e5c2fbc97933090d1466bbca6f35b6afef25f75216cba937ce036b2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads