a862f15f9fc48c0a455be82e86f1f2c1a1f6191404b53ffc380e2780ffe9ef10

Analysis

max time kernel
14s
max time network
150s
platform
android_x64
resource
android-x64-20240611.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
submitted
16/06/2024, 11:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NewMuMaYiMarket.apk
Size

3.5MB
MD5

060475bb8935b6ce583372154fff7180
SHA1

084a087002c04ece06626a3b2685eb62c731a8f5
SHA256

4653d410a8fe58822e6eb45e8548a548a48feb33ea8eec31ab763974299ef4e1
SHA512

98786b62c57c4b121c178bba53fcde931ab9c3d02b4f303561dd9fdb365799806923dd6f4728700d6a1732b9888fc919466d267650a7083cdcfe4a6ad2fda03c
SSDEEP

98304:CODDQIol5oqAzyK/wcU97IbEENbcuHDl9X:JBol5bAzyK3UWRcujlN

Score

7^/10

banker discovery impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs

flow	ioc
8	alog.umeng.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mumayi.market.ui

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.mumayi.market.ui

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.mumayi.market.ui

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.mumayi.market.ui

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.mumayi.market.ui

com.mumayi.market.ui
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:5042

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mumayi.market.ui/databases/mumayi

Filesize
36KB

MD5
e953c604b0442feb901af2cd744de008

SHA1
09c5b66ca6cf27eb0c5417a1ebb33bbf404847e3

SHA256
4b5ba8755c2c61b3fdca77511de21b4ec6a03204cdd1ff053035972641426916

SHA512
cbb096551509d54dd1baa31a09abf9785ab18f4b0b5afd947c03e971fbb41685aaa3d90d9ae6fde9211ec5ba5367b8bf634c0750f5d3e4d126f1fbdb5c97e277

Download Submit
/data/data/com.mumayi.market.ui/databases/mumayi-journal

Filesize
512B

MD5
b940d506d7962e8d2639fd8822461709

SHA1
92700379e6593ca76c7960d3139dd301d0c6d29c

SHA256
80987eb96d6a6b05c73a8f9aae3a087fa8aa6ee702cb70e76e85883e7342fd8e

SHA512
91c6c909f200392e989839594aca45b3fc3915e03a2d9ff1f49911843a84589a8d2e898c99a326c6d30c6421c1a60c6bead72870cb826325d41e17fc8e4e9de8

Download Submit
/data/data/com.mumayi.market.ui/databases/mumayi-journal

Filesize
8KB

MD5
12ca83773d8dd2b874b12e57a8f82877

SHA1
aa51561406efaa006bc9da8d60cd1ec88f7f349a

SHA256
be8bf8289289ac869df5fe69baf8e5fa01781119950c296656dfcd4f16051b39

SHA512
378471239cb964820f9ef8d63fd6ab255914c7b6a897ab94d1c41c7705010c27b2cd52ff6f81173120a19d92c89b1baec96eab5661ba57eeea41b90c6140b4bf

Download Submit
/data/data/com.mumayi.market.ui/databases/mumayi-journal

Filesize
8KB

MD5
1c9c76a19ab34bf6bdfdff304ad64402

SHA1
2bccf65441443fb6cfde3107351b92ad3b40a90f

SHA256
97af76300920f4306f21851e37350eb4b93fb62b20ece44fdfced406619ea287

SHA512
633da84b989ad639cd7c274ec7bc11a28e607f269628ac0258241e2dd4490e2ec381bf0b672a458345478b48a4c26ce8c70db0a1a659c128ae5159e9e7c41a77

Download Submit
/data/data/com.mumayi.market.ui/files/umeng_it.cache

Filesize
231B

MD5
6e528cfb51862f6400317a95c1a36e45

SHA1
d1c4bb183e29b3d6a2ed74cd5a0b8abcf6c8d449

SHA256
d046ca644ccb2c10a2266d4b69e85fff40887b423b583910eba79678010a2e72

SHA512
2686ea13467c6243251d8fade6e13dce0d413035201718e1193cdf6db9c46f32ac24a0ced8cb9567b328e86ff3c59140c5706c59008593eb00c4557e36943abf

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
ceefdab6d2fcf39894100f3b5f9096e5

SHA1
1b29af99df0564e27e883e0994e42817f3143866

SHA256
14ed39d89043c835dbd92660d2abbb470ee363586a1f9b6e7697cf45a95c582b

SHA512
45ff240a6e82ac646d5ec33596528ab2da8cca0d0d143a51e9073719cdf64f702d2e8514dd413529af660fa5354e9f036063203571cb8c6356217e813926a97b

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
76e914b41215de83888c25c164767e73

SHA1
67c991b56a64c1c45d2c545c4e949ffb2fd578f3

SHA256
52d416fea19be2208b3106395a9f25e84d953921568012e4a38aa9d6eeea9fef

SHA512
15b213fcba4b993cb95172831ff744b63ba6692fa7fef731f2f5fdb01254c85f6d8bbbd9a3da00c73eb52529ac5c3f00ad298d4810ef99c7c17efa11f759475f

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
408B

MD5
958b4366cb9f1619174cf5716903c850

SHA1
cb64889b75ac9ad43024009d0df247f76173111e

SHA256
11a9f38fa598310733bf6dd140d2674ea1530f1a17b9e42da541c96a291073d5

SHA512
ff86bb9f6d0a2cce24d101d30fe0fbe95ebb0452f8decd555ad276a4b37f73a841f95d9eaab048e3fbf49d3dd170489312ed377889c9ab094753a837ec8497a4

Download Submit
/storage/emulated/0/mumayi/alreadyIntstall/intstall.db

Filesize
507B

MD5
3240040a62f978de594ff5fe34084d41

SHA1
7e35bb00bf002c82446dd466713877014f34f61b

SHA256
476e4a910ef093ead104f72195af1c0b45af60e56fee513050f8ece6faf3083e

SHA512
4b97da18a5c272eb9e6b8d21ea660a73c36d1ee78333dcc948e41af7227c09418a7f303b086ddf803b587d39c96494c26383a581d5a8432ddaef14139dea509d

Download Submit
/storage/emulated/0/system/android/mt/my.dat

Filesize
10B

MD5
b35b0cb70712626cd5eba5433ab312fd

SHA1
2c9c1c56e999f0983259a2ca110caddb63a20ae4

SHA256
6e07237854ae3ada9e905f3d57523b1450f98d67255c79276836f994c990c132

SHA512
86cf406beccd2bb9bf86e92d7c63f478115c9eb8361f4b13b366846c0d9f39e480858fd46d51ea501b18e8f320ed0b139a76d6f9f10660a63ed66d5129b2fd97

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads