Analysis

  • max time kernel
    179s
  • max time network
    158s
  • platform
    android_x64
  • resource
    android-x64-20240611.1-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
  • submitted
    17-06-2024 23:59

General

  • Target

    vending.apk

  • Size

    308KB

  • MD5

    c7379ee2e22d7a8b8152660cafe2ef33

  • SHA1

    ae875310bf21980059ce960bc33b09c197ee112e

  • SHA256

    de7dc88e311d8a7dc6d63eb7e18acf85e7d5b3bbb797040bd7d8665a87d4b388

  • SHA512

    f7478a219d44cb29b78a506d339afc16fa413bae41adbbefc982d8945a5b93a7e0136bfd0076c5e13fd700fd92f7b170802b2c1a8ea68bfd81e9cf354b12b5e8

  • SSDEEP

    6144:Hgb9QMiBt+qCcO1B1TL3QrSmrQ8uO3w1UqzZR6Qudl:Hgb9at+pJmrQ8FhmZR6lX

Malware Config

Signatures

Processes

  • com.excean.android.vending
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:5092

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/com.excean.android.vending/hook.js

    Filesize

    922B

    MD5

    3dc2e0358cd098ffab48dd777178231d

    SHA1

    3205a0259ada02818c19df9dc6469148dc560dec

    SHA256

    018f4a25446f519dbf49557da24ecd0b4d92d7b827748a27c6da5db243bf9004

    SHA512

    a05233fd1fe286d67d92c42fd6426f7fcc7f318c9ffc1117a66ceb920c570032ad3254f55822fb4320a89e0164c0b338f0449e60bb568450bb2f658cd790d464

  • /storage/emulated/0/com.excean.android.vending/tt.js

    Filesize

    4KB

    MD5

    e92fe1f2a29f509878e61217a2563a99

    SHA1

    c57d5fea1e372ebd538fd3f97b7533bc2f7cd5c0

    SHA256

    dc9ba26e3eb711105170b59195d0fe19e18d39b1834544a25436e9557bb4f572

    SHA512

    26a7eee6bf621486fb76d925392c4f81eacbab21a860ea55687c721f61551539f4c8710d4d13d3510194e064cb5f29f698f16b38c7791d8f73f9343719f9cb8a

  • /storage/emulated/0/com.excean.android.vending/xx.js

    Filesize

    438B

    MD5

    a27daa00d9ddbdecb227e27cb3372e68

    SHA1

    79405ced9eb6768362253abc54fef3e9fb768209

    SHA256

    78f4f184c43f3757306297516127d511a773b0545535013fc68548f26f15f749

    SHA512

    6f4d904f2551a8a24a5f37763165f4bcdefd90a4fa40a4da1c9a7ad5e1bf608a1b8a1840de026a92a674033d7e0b683d9fe0aa88219ef9cee715297652c8170d