Overview

overview

7

Static

static

6

???Q?v9.3.apk

android-9-x86

7

Analysis

  • max time kernel
    9s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    13/06/2024, 07:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ???Q?v9.3.apk

  • Size

    540KB

  • MD5

    11beff4b1b67b5070f310fe8750ccba5

  • SHA1

    cca29ed32562a26de3d195d861a9798170a52fc4

  • SHA256

    6f5c9daed9f7faaabbdc6858312d4b37a6538b79b76c1cd75fbd652bdea30160

  • SHA512

    b350d71c624461a4494325cedfe9a32666ae81bb788c7034d3490c0f4392521e2eda8947df4e5f73e8f8c909c7345df8de1fc07788b0a6eefff6a46e112ec91a

  • SSDEEP

    12288:BRYd0W5624Zx+IQXTO8eiA3O82jVI0k0mUQCefE1b:BNY622QXTO803+Pk0hQPfQ

Score
7/10
discoveryevasion

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery

Processes

  • com.ro5rgbh29.bg4s1xzwp
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about the current Wi-Fi connection
    PID:4233
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.ro5rgbh29.bg4s1xzwp/app_c/nb/nb.jar --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/user/0/com.ro5rgbh29.bg4s1xzwp/app_c/nb/oat/x86/nb.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4298

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.ro5rgbh29.bg4s1xzwp/app_c/nb/nb.jar
    Filesize

    32KB

    MD5

    4dc5f54196f4962316ba29b7da2274aa

    SHA1

    08f3477d757588aa527b94e339da4fdd5f96cc5b

    SHA256

    da81923638f03e4671337fcab916b083a4db4cf16f3ace0da3eda2340f89a96d

    SHA512

    7648c7dd69a4dce25abe9af1b32f14d01aa69341f291ec00af42fc0b6bb4d5ab5faa90c6333fd47d91f1d569a003245b5f178ab9b9d6269f00d2604d990ef0d3

    Download Submit

  • /data/user/0/com.ro5rgbh29.bg4s1xzwp/app_c/nb/nb.jar
    Filesize

    72KB

    MD5

    c9a8feeac129c39e2663018e3abc68e2

    SHA1

    db1b8753381cdb8f0dc641c2ff5fed8f5f323afb

    SHA256

    e85f2e41bae7bd643a205839d6f67c09ed7428fb676cd790cfc6abadfc31feeb

    SHA512

    826e589e3cdc2224a6d6b48c6e71cd9fd6dcaaef9656d23aabca68891ac64d92bb5ef381c3cc21d7373febae19d637d13517e3ca133ed131c25a4f25f7b193c2

    Download Submit

  • /data/user/0/com.ro5rgbh29.bg4s1xzwp/app_c/nb/nb.jar
    Filesize

    72KB

    MD5

    93049c5c49f2bef2e052ac639b8f9614

    SHA1

    5555ad367154d6373f72a6bfdcb63dec4e220898

    SHA256

    23bcc2b76d42977d6e7bf6969aa93026ab90fb5831b536fb08240442a710d6ab

    SHA512

    b6b6e53f53ec571597b2398857704ceda94b4851ec9860e193b9cef48eee1c42da872e0d7afc9991cbc7dad69a894ed99566ff1c1e6773a1e3be15047e9d8072

    Download Submit