Malware Analysis Report

2025-01-19 07:45

Sample ID 240615-cl189azblm
Target a6b1a6a144d71dfa5e1e456db76284f6.bin
SHA256 11006e9ef09a5c7411a61c7f36affcb3220cee53638703afc75f2e560946f272
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

SHA256

11006e9ef09a5c7411a61c7f36affcb3220cee53638703afc75f2e560946f272

Threat Level: Shows suspicious behavior

The file a6b1a6a144d71dfa5e1e456db76284f6.bin was found to be: Shows suspicious behavior.

Malicious Activity Summary


Requests dangerous framework permissions

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-15 02:10

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-15 02:10

Reported

2024-06-15 02:15

Platform

android-x86-arm-20240611.1-en

Max time kernel

3s

Max time network

141s

Command Line

easy.drum.pad.electro.kit.beat.machine.maker

Signatures

N/A

Processes

easy.drum.pad.electro.kit.beat.machine.maker

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp

Files

/data/data/easy.drum.pad.electro.kit.beat.machine.maker/.jiagu/libjiagu.so

MD5 1da618896802fdb4b6f17c92703424f4
SHA1 b48aa81ac014a5a7f6e95e618e4f951ee12d34c3
SHA256 2cbf986b5e1357e00347d75d6f631539c0f368208079df36bb44603ac4e6973f
SHA512 620a06d8df24597467318582a12bce45e2e2cb66069ffbd6fa27ac5a164c58398ddb9c2348e6ef443272a22ca85fcfa03439d0f0f22109a93708d562e0737cb6