Overview

overview

7

Static

static

6

828534e950...88.apk

android-9-x86

7

828534e950...88.apk

android-10-x64

7

828534e950...88.apk

android-11-x64

7

Analysis

  • max time kernel
    7s
  • max time network
    150s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    15/06/2024, 00:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    828534e95063b5870c84c930411a23ce712799afd364975af824c969cb054488.apk

  • Size

    296KB

  • MD5

    4a0807750b66b13094aad5b14b60fa9b

  • SHA1

    14d508646ccfcc6e21126fb23371d8f619e05aaa

  • SHA256

    828534e95063b5870c84c930411a23ce712799afd364975af824c969cb054488

  • SHA512

    3ce58cca78928a009ae04c04782175c45fbafa77e2a07e6822c3a62fbe8d3a9cbc92be3998ec2902654393e302f96563d859f9510eca33512a196480eba808e8

  • SSDEEP

    6144:18OmzGrmmKBO3BPN76oUxL/Gpyz18A+M1Viz/QCne:1Uq6mkGBnw0y7l1mE

Score
7/10
discoveryevasion

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 3 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries the phone number (MSISDN for GSM devices) 1 TTPs
    discovery
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
    evasion

Processes

  • com.dsbhfjcbewucjkew1hjcuefd.security
    1⤵
    • Loads dropped Dex/Jar
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    PID:4236
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.dsbhfjcbewucjkew1hjcuefd.security/app_qwzo.p1i.e02k.dd9/obfs/0.obfedex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.dsbhfjcbewucjkew1hjcuefd.security/app_qwzo.p1i.e02k.dd9/obfs/oat/x86/0.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4295

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.dsbhfjcbewucjkew1hjcuefd.security/app_qwzo.p1i.e02k.dd9/obfs/0.obfedex
          Filesize

          156KB

          MD5

          79ff8b753903a2541c13c6ccb9e93109

          SHA1

          49ed84eaf2dd9ca8d48bf8612f6bef52e4b0bf56

          SHA256

          f7863153862d525b07b7f00d8602170827437340fea24c90b95bad8c22fffc2d

          SHA512

          2373b8b9d0049251cb4f6734b5aff3c81decebf4c3f2c2a8a6b877e0da48892532cf13f2eb1bda6b6dca1765506805d87322b048e43ac6afe30dfcd00e82bfbd

          Download Submit

        • /data/user/0/com.dsbhfjcbewucjkew1hjcuefd.security/app_qwzo.p1i.e02k.dd9/obfs/0.obfedex
          Filesize

          156KB

          MD5

          8d97d57cc59448db80d2b246e847ac43

          SHA1

          fd49f6af9ba2a60e7c42a4ec8b26697b24caebb7

          SHA256

          7d1058c58f108a825a5e3047ec450c7ed889bf987d6a180b80e73c3a3ed35b35

          SHA512

          5a256fc10f53db359dfefe558a132e36391ff7ed94795a0e6aff3e93ba773acc43286dc001039209fe11a6eaa31e466f6f13897b0323ad9850ab10f34bed49e2

          Download Submit

        • /storage/emulated/0/dsbhfjcbewucjkew1hjcuefd.txt
          Filesize

          2B

          MD5

          6512bd43d9caa6e02c990b0a82652dca

          SHA1

          17ba0791499db908433b80f37c5fbc89b870084b

          SHA256

          4fc82b26aecb47d2868c4efbe3581732a3e7cbcc6c2efb32062c08170a05eeb8

          SHA512

          74a49c698dbd3c12e36b0b287447d833f74f3937ff132ebff7054baa18623c35a705bb18b82e2ac0384b5127db97016e63609f712bc90e3506cfbea97599f46f

          Download Submit