Analysis

  • max time kernel
    174s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    13-06-2024 02:11

General

  • Target

    c816d7513cb36becac080698ee3937bccfc5f8f3b2b0a436c8b46f7f0635197b.apk

  • Size

    3.7MB

  • MD5

    af60591348229c9ac3400cf47db0d146

  • SHA1

    8a0233bf2c6272b085daade9c6fa6f3a32708467

  • SHA256

    c816d7513cb36becac080698ee3937bccfc5f8f3b2b0a436c8b46f7f0635197b

  • SHA512

    4c9e01cc6568d7d31d8ca7c28d7d8e5726b649c1caf323175cb33a9e2e703ea166fd030a19e230df1b8a3e22db375c7c49fa40d6bd1c9f90168ecd8b23c18b03

  • SSDEEP

    98304:N9m7hsS4M8HR2/LXL+Jhwcxgv/q7xyvwNI8MG/koZOU1iEOVdJ5l7kfBNjF:O7iS4rHR2/LXyJhwrvKCiI8MGsoMy

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Processes

  • Aktualizacja.apps
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4270

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/Aktualizacja.apps/files/libaudio.so
    Filesize

    66B

    MD5

    a6626b6be207dd28d7c5ec10292fb2c0

    SHA1

    2d78e6e096deb31d66d259f08d01ee130f1957c1

    SHA256

    7e1569b1ba9d29127668edf77c72b219ad41dfc3acfbc8ab6421db31ed3cb99f

    SHA512

    f07b98739861c25b1050c267a8e47dff6439e25065494dd388a772ba799652c9c80560c54fc0f3c117bd077e66c64d3520eba4af531496925d338487b9915fb9

  • /data/data/Aktualizacja.apps/files/libaudio.so
    Filesize

    149B

    MD5

    ceb082d7ebf7cd3e2aaf384f55c45176

    SHA1

    b72ee1069e96d014a358db9b277c429efa280e76

    SHA256

    f1b90b9829645401fe387475b5b89c6d37d8b72c47d0d70dec40b3ffd0019da0

    SHA512

    572269e1c2e29079fa33ee3819583923e484b7541c0fd53e84b4b2db37543208834260b6ff8a423c9a9345dc8d059d2190947c7bacee733da8d28739efbd4d6b

  • /data/data/Aktualizacja.apps/files/libaudio.so
    Filesize

    76B

    MD5

    5aa112577476305d1ef5dc61f054768d

    SHA1

    403a0ac6bf7d59aed5e745fd44bddb97f9f36bf1

    SHA256

    44929fdc916767454df31951b920ee0c3e4678d3ac5656ddb1f1083b1662dc0b

    SHA512

    5681d7e4b8bede319b6657b2a3059bea2e095bd04525fbba067c1d6a3bb3ff64988c1d58daf45437a61de2d91fe0e8c01c8575a484be64fb0fa196bb0760e1ac

  • /data/data/Aktualizacja.apps/files/libaudio.so
    Filesize

    76B

    MD5

    1e39907aa6017c469dd9e2d157140773

    SHA1

    ce63e97fa2c481a110ec82c8e832aad7f6745d16

    SHA256

    8744ecf753ca5a359cc816825a8891db39a0e24fcd2a690a8984b196fc49014d

    SHA512

    0d3bdc12e882bb3358714af15c59450cba0c82d657a865b183ac4e3906ffdc2379273502a404766e8e306639be979db1fbbfbd252bd012efb198af1a7bca56f1

  • /data/data/Aktualizacja.apps/files/libaudio.so
    Filesize

    116B

    MD5

    93430ad38934d8445d4b52d662dcd3f0

    SHA1

    88db180e5ea8d47482379f75179b24aa25752b48

    SHA256

    77cb9f4ebbda9aee86c26e632e70f68c54a0e3ab3d16e9fe857e41e7b7525864

    SHA512

    eb727b53ca472a56db5b67388547a3e6448435a92b42f661394e8b2b11bb05ac77e4b11869c2f8234606557523df135131ebfc17d196b0c30e96594e2a56d74a