76a8d06ffe1be684e5be20aca8b45e6bdd0399b7870ff6ed17e67284a762560c

Analysis

max time kernel
126s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
14-06-2024 15:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

3b101fa1cdecde692d532e283cde0965
SHA1

d5bddb3d1d78a1ccaf08008144b40380a76e4792
SHA256

76a8d06ffe1be684e5be20aca8b45e6bdd0399b7870ff6ed17e67284a762560c
SHA512

e37586d79e676ff6aa613b216d80ad3fdcc73c5b74780d818b1bf2f79c06c706d5277571f151809a16ad8ee032963995f31132a210b0da87736d99ac79fced3d
SSDEEP

49152:HU/q6xEtzSF8vds66oL6WCJnAokqjcOjNO5Y/3CHLQYB4P9X3R5oHYWF:HCq6CBtvG6D6WoOORB/3sLQzFXvS

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	Mad.api

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	Mad.api

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	Mad.api

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	Mad.api

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	Mad.api

Mad.api
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4170

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/Mad.api/cache/2

Filesize
59B

MD5
eaf3840d8b72c1346b662652806988eb

SHA1
f7ce6ff876c1081932e785f8677e90874cf6b43e

SHA256
3316bae6fa63463d29e15817f134cc1104070ff261b2fdeb3d4371c68dca3e59

SHA512
f62c3de0d71cbf73bd4b5faa2c3a0e34d1746bb4515f5a8940a0b05b4ad5f1401bc1a0109fef5c558e355358fe7e0932da02e4834c7edbd570d8ee2580cd15c4

Download Submit
/data/data/Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
871106b4cbefda6719e6651cceda79ca

SHA1
39afe8a88b8d9a973a62a0dd6112ecbb2d2a6a15

SHA256
1ef78272166a9c71b6b37890a836e44cf9e67a0478c054340a06af4122db585c

SHA512
bb6f3b0d1e35e65c33559a02475fcdd1d65df5fb404456de4f49bc8a6a95e86f8934ddbb6151134a78f777935c92182fe3caf2d30b724db80a2baebecadfb334

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c521c9eb6fe2fc28463aaaeb2d588f92

SHA1
beecb2e90c311b4b25826732c961b912518ec200

SHA256
b0c708269795ca6cee86d9918d93eebb06930a1a175242f824a358685c0e557c

SHA512
c5f8d3d7c03b097fb72eb332a22f48e986c44451537c534506e00a1c080b5bc652a9e515b609a8ea445d221be5441c9db82368edc16f024958823b079d627e98

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0ed40d99c2ae04814b0407cd114eb8da

SHA1
00af9c347739b0a2ff14058bbf064cddf840a02b

SHA256
4e5909ea587df6edefe61bfc1733c1ad1f185c72176ffa2e0524d8f711d12465

SHA512
11b8f8fb9deb08e379fc76297d072adbd40704d00888f015d541dd6dbbbde429b6c0abbd2299f9955fab20e4995ed41eefe5543b3f3d15a61b15979b27067b3e

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
680a6f5de1028bcea56848914a265f87

SHA1
b370d9d6a4690b121d114b158be9282b93cfb33a

SHA256
38c5fe6008a56d7c4e989533baf8bedafd3d83c92141a0fa22e99e9f465ef19e

SHA512
e194ace200102394f61b2f106d79959818ce410db6acdef3cf66cde75237425ccf39c1db018e21840082fbd252d0afd950a38f300c2e0bae283f93606fbc28ef

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ebb486751a77e990ed5d0da526a3e68d

SHA1
a1ff0fcbca70981d9e5a9028e044e43b5166b6ad

SHA256
1f90fb2a9018b996d180e43992682580e447cc76cabdd5d65542527d673be9da

SHA512
0c1b054e855db754656ddde71fafd1124d229a3c6bd6ca96682d0e5df9052aafee66af72383fc9102006182c1ec0f6687b29fc983420faf752d66f266220d2b4

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
52630fe0901ac12b532f0c4080e91315

SHA1
f0799fc35797746bbc2177f6868e2d555f92855b

SHA256
f70c165d56759ccfec8e30566fc6ea1191e33e063f97be87a42c9031ccbca6c7

SHA512
5d477f3e6a6b99f129b26a06aeab1e1b3b047b42cb5fa655e8676413e32e263eae49aaec2874775c2ffe916b8e98cc57c365b87f0713a6d4047e46ce84cabf33

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
5c1dfbb2629ed9317577fa5fbf43bbd3

SHA1
a7e7bb35fbf8d75ac7eb22bf3aa77b6357309f11

SHA256
17a0c55934f673ad42459a548d6b5e2884d7b882e1d268f1474a1b5d913d43ed

SHA512
010234c2ea072670b072ab02857f66cd86e9fecebe93bc531ba4c18b87645349eccbdafb8328bff7eb0793a76d79eaf3ecb157c8aa57505c9d7ce12c10402fbb

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
fefd516a3ec4a2c4f736894ef88f1c89

SHA1
17cd928f69056d9e8cd10ab32c29276f3ed8bb19

SHA256
ce909a8db29231b07ea81907df9b6c29fada14dcdd91f04544ead8055fc67856

SHA512
0fe1a114f359d309cf11ebda4907d5a2115c0c294442c29388754009df0a91796de5ccdb4676a7520030fa127d686f817f60d6bea0877b10a239937d7d46d504

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
64c0661a931eeb198497ed66008a8ca7

SHA1
43a5f8f0cf9f88670cfab2c1e2d1435b712779a1

SHA256
a4faa7b2faf72808bc54d3a6664e570241b861ce8a1c0c03c0cad768d1bcf103

SHA512
deed8f24a0388ada1387d2a79cb2e2957215c8aca5e1b7ee4e7998561110d270bd9aac01c4fa90805e983619844903f1f37c2b53819fe17a365dbf68591bc5ab

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c8375191315cb7329642fe4d60864dff

SHA1
66f4ef8ea2eb93a36fe391edb31542c407a6212d

SHA256
a6e00570b91b0abacff4c32c30b9f619194ccec6d3e81222546e5d72a3367010

SHA512
c7e54ee9ab8b789a190d5a701bfe81683ba1c3dcec34dda2a8a33ed736e4ee50185c392acb7916408e46d8503d3641c4cb12e031186dd01a006dea992728057d

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
23eb693572020a16097dfbf8a006495e

SHA1
4342b85f0e37e84c7be3f55342a7be4749bdf006

SHA256
37d00faf93233d82b11efdcd26bb512f47d9bea55c0663c68a63f561560ae435

SHA512
dd2e0678bbab6b1a6d7756c7c01f0de065cae6313b358a0ef7377ba094de7f67190d5fb3df6e322f80f79958f4c471db75bdf419f9a5aa9362d3d8f9177b4237

Download Submit
/data/data/Mad.api/files/PersistedInstallation5386235889802310835tmp

Filesize
570B

MD5
519bddce9624468d9aefbf14f103f971

SHA1
1aad49684fbe0db962908ba6a611b3f83bb3498e

SHA256
6933b5bdc374bae0ef94de0a417ce3fac3c0813cfc75ce9b00001c57b981d183

SHA512
59f6cfbd67f89eb3d38dd1749639b4594d913b546e36533950d942d466b78073646d99565217609dd305c29e52c90735701f7a7fd53178c00c3f4a1da4cc83db

Download Submit
/data/data/Mad.api/files/PersistedInstallation6500425669392033501tmp

Filesize
90B

MD5
bed1ce6173a916d2f9157044f16cbf36

SHA1
d7edbf724f6c3df0f70ffb71f313e16779409931

SHA256
4faacddd18675dcc761fb801844c37773cdd2c32c29cfefcc7ff2b728776e0d1

SHA512
3f3a1eed674a4969075d53da7a93d1cf4dbf15fca8ad6d7def2bbc326458fc6a7a2617fb264e7711815ece5eaac0e0564b194fd2b1c5ec8f64f18fc5c2226788

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads