a862f15f9fc48c0a455be82e86f1f2c1a1f6191404b53ffc380e2780ffe9ef10

Analysis

max time kernel
12s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
16/06/2024, 11:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NewMuMaYiMarket.apk
Size

3.5MB
MD5

060475bb8935b6ce583372154fff7180
SHA1

084a087002c04ece06626a3b2685eb62c731a8f5
SHA256

4653d410a8fe58822e6eb45e8548a548a48feb33ea8eec31ab763974299ef4e1
SHA512

98786b62c57c4b121c178bba53fcde931ab9c3d02b4f303561dd9fdb365799806923dd6f4728700d6a1732b9888fc919466d267650a7083cdcfe4a6ad2fda03c
SSDEEP

98304:CODDQIol5oqAzyK/wcU97IbEENbcuHDl9X:JBol5bAzyK3UWRcujlN

Score

7^/10

banker discovery impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
14	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mumayi.market.ui

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.mumayi.market.ui

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.mumayi.market.ui

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.mumayi.market.ui

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.mumayi.market.ui

com.mumayi.market.ui
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4318

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mumayi.market.ui/databases/mumayi

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.mumayi.market.ui/databases/mumayi-journal

Filesize
512B

MD5
223003c5d7dfb2e47b7a8aee67174f13

SHA1
34c6b25b9a35fb728774894741509871d9b45281

SHA256
cafbb146cb8666c18c83eb53b9e861389a7032560429f8a4aba4b2e6e391fdb9

SHA512
0defdf31356a74cff95ecb27b5dcf6c070db5d5845f94d1561598a4a41125fb3b00954219525f746e25e52cc8cd61c3cca41351d6f8b286588f48c456e0100b2

Download Submit
/data/data/com.mumayi.market.ui/databases/mumayi-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.mumayi.market.ui/databases/mumayi-wal

Filesize
370KB

MD5
dc83ac086183d02ddf187ca37a390f0c

SHA1
e5ddb564862c5e642753af90717754d2d15b925e

SHA256
736f165ef2dc4125e9d0ab0514e08d0c58665d0fd0bb47c3b5414dd231328a7d

SHA512
1af084c06775ed61e0d760fea48b55c71d3868afac016a8bd141fb24594f60e8b2793ca33dbf925cda0f1d0c64b1f4c04dab590f827c3cd83a1daa7ba83bd36c

Download Submit
/data/data/com.mumayi.market.ui/files/umeng_it.cache

Filesize
294B

MD5
485022d7d489a1776019ee34396a05e7

SHA1
0801a5addbafb929b0f74baba2d9db3e79521989

SHA256
484b9a40c65e287e605a5bd3d9f9a7e7c08ecb4a4ab8dcbb9aaf2e48c96ec05e

SHA512
22662f79de6c30d6b94052d9279e9d21e457107eed85e1584c5a3575476c50c21a9179bf51278cd244774522a3d78601540b10cb4f40eea62b2d019264c25dee

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
37125fc142fc5e147eada4b686098b99

SHA1
c3450a6aaab44f4ae05ee5e9ba35fcfd22b34ae7

SHA256
3f1e6f6cfb2e7b06259dc8921d07b0985de48b300e25981de3071fa5ed77c19e

SHA512
5a1c0999fa6073b2d2b0a8de0ee948d3b081560b338b299e975bf9877c22b8ee668053cf0ce93ce4db4dc0d3a87fdde4d0daa0ca641c1470c01f7264aa3230ba

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
4cecae1ab8f3df12d741c557f00ba83d

SHA1
3b4b8dc938685fbeee0d1127d3403bcde8444563

SHA256
4d18650078cb69b30fc1f7f42d6a98a61774151781a7c281ac5a016ed7700c67

SHA512
f3b1d94bc285aa2510ecf13b9f3bf8a58175e5b05910fdd48f2b3ecc0a11d1d2d02db6869fa88bd4b94b63cc65e414fac43d90d49c9b9d0d804fbc17cf0f7a0d

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
381B

MD5
e29f22cc5af52dd9aed40e14766a8eb9

SHA1
294f4d56b87a66cb4b92054431414f2672b03bef

SHA256
96648a417ca9e212b5b75d2ae4b576d9a25a2778d6cdb3a3d5b5cc7ea8dfd20d

SHA512
567a5434ce9209c0adcbf7078ee37d05f79f715052c522d866cf50fb023b0700bca74ca06e5e54ca9adf346394df60d7c3e1d345b5f8d79b3139a4156d9b1fbb

Download Submit
/storage/emulated/0/mumayi/alreadyIntstall/intstall.db

Filesize
507B

MD5
9c1e6681d806c08369d4233ef1adb119

SHA1
48552fb0ff0a4480e24c95cf4ed089b9b5a9334d

SHA256
4929803d650c73891804826b483cff61f540da9362732c4d905ee86184360e11

SHA512
5a1e0e04d0bf3b4297ed7377788bd6a8944322d5683e985f00b4608bde62e7cf7aa8a5b4095ea32363c9d53981d24fa77b7fe7e0a0360262622d180b08d1cbf1

Download Submit
/storage/emulated/0/system/android/mt/my.dat

Filesize
10B

MD5
b35b0cb70712626cd5eba5433ab312fd

SHA1
2c9c1c56e999f0983259a2ca110caddb63a20ae4

SHA256
6e07237854ae3ada9e905f3d57523b1450f98d67255c79276836f994c990c132

SHA512
86cf406beccd2bb9bf86e92d7c63f478115c9eb8361f4b13b366846c0d9f39e480858fd46d51ea501b18e8f320ed0b139a76d6f9f10660a63ed66d5129b2fd97

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads