Analysis
-
max time kernel
178s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
-
submitted
17-06-2024 12:24
General
-
Target
Kavach.apk
-
Size
788KB
-
MD5
b415fb908e7c73f5ed47a585f92e79d1
-
SHA1
023b6c3fff93be4dcb3d04497bc2659a51cfa60d
-
SHA256
d7d7472ae765c96d33ec8e6251cddd59d3f93bd8d9be96f7311726e842337e61
-
SHA512
626be6ce6332cfd143c77e2cfd57d035d1bc074f288d808641cffe6d0a1ee6ecf44295156f2b9ec46c2ed1be03ce6f63323fbd3e32c65031d3e03a0e3e485264
-
SSDEEP
12288:M8a1a8LredeM60GN1jJWmyX5WmpYshXZPbGwidNpgR:ra1a2edeM60q1jImyX5WmD9idNpO
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings. 1 IoCs
-
Tries to add a device administrator. 2 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes
-
cmf0.c3b5bm90zq.patch1⤵
- Makes use of the framework's foreground persistence service
- Requests enabling of the accessibility settings.
- Tries to add a device administrator.
- Registers a broadcast receiver at runtime (usually for listening for system events)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/storage/emulated/0/service player/config17-06-2024.logFilesize
74B
MD59a10ae864e5a2117b0710dc1f5889c3f
SHA1906471a72785dff40ca4a82acda096e028dd7071
SHA2566f8c850bf2de1c4877185434714d428cf58cbf03b19545b69ed0469cef8f5831
SHA51293e1f2a7ace84afb30f040050ea9a5d6df98447028c84272cbcc26f5307fc60bcb522adca82130812dbf45fe6ed8720145010c3543589f43b2d99ffb52de7971
-
/storage/emulated/0/service player/config17-06-2024.logFilesize
69B
MD553a5994e28f66e087b57b44503b8ca4b
SHA16a2f563e2194e797d217c779e02a83668d031e68
SHA2566bbf4a482b3ccc67c0ad4075c7465203d5c417b741f31ecf52406da6d91f32c5
SHA512c1890e774158cf2a58a2ba21beb926b7fae55d7f8ea64108b93b75c212d73429684d699f136711651b38153608529eab1dfc48fe8d874a08a186a05bc5b6310d
-
/storage/emulated/0/service player/config17-06-2024.logFilesize
52B
MD54a356a199f0118b973ac9a455984614a
SHA14f0bb8d156e59cea635e3133f7c69a80b62f7f94
SHA256f1e1296f9f4ba6528a486dafb1d381466398206a929d23d729035ac76d51416b
SHA512eb326d3c2155579efdfd1f681ffae2d5c0ad1e7588e1d741ae3f2d8984621a870497fffecb239e1f06501d6101f92cce3659f748518509a14bacdce04cb3cd1e
-
/storage/emulated/0/service player/config17-06-2024.logFilesize
66B
MD51eb45aed76dbdacb3e1d6494c245c2a0
SHA1345c8023f2d1e4128063a7964d7c366dd5ba430b
SHA256e7e34f872740199c4757d07857745abe06087b4b7383aba2fd8598a0b397414f
SHA5126173aeffacf11a4130028c15ebe9879c5bcf76a46e37205752f6cbebf61501d26f4492a178a79a8eec7b40f094dd6050a190931851d79db87f9f06972f6599cd
-
/storage/emulated/0/service player/config17-06-2024.logFilesize
67B
MD57e46dfbd60dae170e80369842cd9a519
SHA1a5365d6ce3d59fac8ff3cb2c123e4cac62531320
SHA25617247d3d76e2b5dd9488a52046a03e6cae8f444da385851dee8a8f12884a82a4
SHA512c7c7b3a6d5b40c4cbda104b386689796ef252659a2fed9d66615b46f1231e577b07eb7ef0bf258d7bb4c44cb8436cb0df85f9a8ececbf9301a88a0d477d4364d
-
/storage/emulated/0/service player/config17-06-2024.logFilesize
243B
MD509ef1bc3589ed27c2263ed27b772f5ab
SHA1ab8f589d90c1e16261769665613085f65035e0dc
SHA2566a0192f31538cf9ee3bf087d11017dc6b6c2c173208f177f5d2645737b1c005b
SHA512f9f48d58331cbf6f20b7a83291dde342b6985d3729b13b0e09f18de0be8d277479ff5c2c67a439934be87d51fb31d320632cc2c2ba56f87cb14a6ab4857681d1