197fc60029137c2da90914897d13c1b1af03391542f5b3fbac5cc5b8e8053a7e

Analysis

max time kernel
67s
max time network
131s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
17-06-2024 09:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Translate.apk
Size

11.6MB
MD5

224b0bc609b3ae5226c66ce80ab882aa
SHA1

3aad911b21907053a69b49086a6396c50714accb
SHA256

197fc60029137c2da90914897d13c1b1af03391542f5b3fbac5cc5b8e8053a7e
SHA512

caa84f65cebc7429594f9e0239682476f7a29cec596a46d22699f5f9c6a594ebfceb682bcb2b204e29411f8773bca80f581099328a74c402cde9af2ea51ff18c
SSDEEP

196608:akAXX5HJwFmzIjgG0zwxBCc3E97gyNMwNXXeuzoyy/SbdTBm4f2hMYKZowfz6KKp:ak6JHKFmuf0zi3ENrNb+uty/SbChM+Dp

Score

7^/10

evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.appd.instll.load/app_ded/X7FIuzgvyl0oka8ldEEIyy6Xm8ZymN4Y.dex	4465	com.appd.instll.load
/data/user/0/com.appd.instll.load/app_ded/X7FIuzgvyl0oka8ldEEIyy6Xm8ZymN4Y.dex	4465	com.appd.instll.load

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.appd.instll.load

com.appd.instll.load
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4465

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact