Overview

overview

8

Static

static

6

sharkbot.apk

android-10-x64

sharkbot.apk

android-13-x64

sharkbot.apk

android-9-x86

8

Analysis

  • max time kernel
    168s
  • max time network
    137s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611-enlocale:en-usos:android-9-x86system
  • submitted
    11-06-2024 15:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sharkbot.apk

  • Size

    15.8MB

  • MD5

    879557e8d40e9d422d3702bcaa4a806c

  • SHA1

    90517ba5890eda56bef0ab032eea8e004b559181

  • SHA256

    dc33197e20539aa65e89c1a1039007c57ee70624815f7e4976dab0686e93a5d5

  • SHA512

    1e67393a7fc209c0941d6fb6b060c86d0a6f5bfd07855cb12f5df4d2160ab768ab94cef1b9d1363a48eeaf621934cc9a3395ef7d1c1e00c5e50ee0e751d39b97

  • SSDEEP

    393216:6ZfRvpBmacX7X52NWdXJq2TN2t7dwhpBrfum7Se:6vv7qgY5TnZSe

Score
8/10
discoveryevasionexecutionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.superlimpiador.acelerador
    1⤵
    • Checks if the Android device is rooted.
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4293

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.superlimpiador.acelerador/cache/1616432909849.jar
    Filesize

    9KB

    MD5

    2c84bc0c28d4ac333d267f7a152b4039

    SHA1

    49e67f04004587ae351d5aba4da5f18644746864

    SHA256

    1eea5584eb2332554753b4beec7fe8e972bfb3eeadbe0c05dba33de267f25a00

    SHA512

    44ab6c390cac8b11bf43097293ef73bb620b1466fd671a945639198ea10dea425a0c9443b47752cc0a6689a6f5a7661b35f7a8a350ffcba30a72be60d5f18abd

    Download Submit
  • /data/data/com.superlimpiador.acelerador/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit
  • /data/data/com.superlimpiador.acelerador/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    02ead409aaf566e691403d74bdef1139

    SHA1

    5a0d521b29a5c6c120271b1ac298cfac159e0f72

    SHA256

    f037af3232b0c2f7a394672fd66f5c82c0f2a6a21f6dd09ddd85cb369edc2960

    SHA512

    7a45539bfb6ec3bf0a897ea3685031ffc87b9f467a502712ce2965fa4dac4bf54c280d1506a2bffc3365d0c5fabda43d583728229840d63477c32807556f94dc

    Download Submit
  • /data/data/com.superlimpiador.acelerador/no_backup/androidx.work.workdb-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit
  • /data/data/com.superlimpiador.acelerador/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    cf1a98afc19033246b47ec22d19f9413

    SHA1

    068a1b02dfa288f38d11da9e3d23ceb01f0ce8c8

    SHA256

    8752e98dd15aa08fe22dcae43a4673f4b867f761dd771cb35fd6512d32add935

    SHA512

    6a171465580acba5913fa35447a1557bad1e420fd50e714b7e4a0bf452487d987fa1e40841c482363e077dc64f9971b51eb7c310fd8fdbc9856646360483a189

    Download Submit
  • /data/data/com.superlimpiador.acelerador/no_backup/androidx.work.workdb-wal
    Filesize

    108KB

    MD5

    c19b8e17a2fec3344a340be8891399dc

    SHA1

    9eb1409b840ccb6218967679d19cd6d5b60fde94

    SHA256

    c3d933db20efd87a511ba2beb22f3c60dabf42acf840ae9c5105969b8310bbfc

    SHA512

    09722db96cb4e0d0871dbdb39b32d7ce5aa8633073fee5956e014876df24f84de58248d6cd3d3268b791d24954d0e3415e833efef5363acca4c62afbee209eed

    Download Submit
  • /data/user/0/com.superlimpiador.acelerador/cache/1616432909849.jar
    Filesize

    21KB

    MD5

    86ce3683020b3f28f4110aac9c769ff7

    SHA1

    876e0686440524927639a4797b2f13b12a26ce4a

    SHA256

    be852340e03b169a28811d1ff41582d19638d9fc0540f237ecb960c45bd07071

    SHA512

    04d03a9963ba49adf5d0d26a21b57e85e21416fcc3d479ce7522149d45f5ab630ff78e590e724695fe29850b08b4dccfa5051daf5d4e4afd9384f7183f887ddc

    Download Submit