c25189fb8305c5cd43ddee7fa6aa4f039dd31e9de7edfcb6f6c99119ff9f1a13

Analysis

max time kernel
36s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
17-06-2024 00:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c25189fb8305c5cd43ddee7fa6aa4f039dd31e9de7edfcb6f6c99119ff9f1a13.apk
Size

3.6MB
MD5

1828d56abee745687fca63f1739e452c
SHA1

997f30d11284314e7b6950c54a520b7132a0fac7
SHA256

c25189fb8305c5cd43ddee7fa6aa4f039dd31e9de7edfcb6f6c99119ff9f1a13
SHA512

de2c101d4e7a385dfa5f661350ddfed2098267fc58b9187bed87f0f2fcf593e9bcd1baa318a190f9ff7af178dd0aeadcb70b4be48430c65bfd469d60e38c20e9
SSDEEP

98304:D4+J37xLu4XuLnLOLZLMyLHLYL1LcLQL4LVLURQPXR:8+J1y4+7y9gyr0BoM0xFB

Score

6^/10

discovery evasion persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.cordova.shishi

Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.cordova.shishi

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.cordova.shishi

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.cordova.shishi

com.cordova.shishi
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4256

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads