Analysis
-
max time kernel
47s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
18-06-2024 09:51
Static task
static1
Behavioral task
behavioral1
Sample
AnotherHunt.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
AnotherHunt.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
AnotherHunt.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
AnotherHunt.apk
-
Size
3.3MB
-
MD5
3c450b5c8f8d8223df41b297d3e7f8d1
-
SHA1
52e09e5cdd30f5aa29d12373d50c9a325a578197
-
SHA256
8f0d59ad0bfaaa237e60a5b9be1da0f69f314ba15d0ef41338987ca575cd4944
-
SHA512
4816dcb53fb6750419144e0767324666803ac32c0a49141c88746cf6de58d7a9cbcf1508a70ae00fb60fc6741cb898978d1a23527344947521bb623150fa103e
-
SSDEEP
49152:JkPbz/YluTEhu77+Z+8UqxcDwgCMHyL9FNqkIHpiNd2ZrjXfG2s+/OeQuC7:2bUlZhumZGqKOdzd2ZrjXC+me1C7
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
Processes:
com.cyq.jvfioc process /sbin/su com.cyq.jvf /system/bin/su com.cyq.jvf -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.cyq.jvfdescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.cyq.jvf -
Acquires the wake lock 1 IoCs
Processes:
com.cyq.jvfdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.cyq.jvf -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.cyq.jvfdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.cyq.jvf -
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes:
com.cyq.jvfdescription ioc process Framework service call android.app.job.IJobScheduler.schedule com.cyq.jvf -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.cyq.jvfdescription ioc process File opened for read /proc/cpuinfo com.cyq.jvf -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.cyq.jvfdescription ioc process File opened for read /proc/meminfo com.cyq.jvf
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
52KB
MD5f1427539ecc4cedfa892efc1776ba3ed
SHA1814607670e99768ae6212224860b0a1fb93733db
SHA256491c9687657ca71661a5cf42a763249f88fa222edaef20eaf552c4599458f99e
SHA512c3ebbf63c4e876e471848f810e7ad7c0cb56a946230073b5196f7b3ce5d1f144c800ec5787992ff2ee057f712d7c7f1b92b47761294aede13183c796e5ab043d
-
Filesize
512B
MD5782abd9954e94a831c383ee0bdfe8ce8
SHA1c05d6534e5c7b2c1e19aacfb032c8136cf0c0e8a
SHA2562e425f25efe2c8293978eac80c02018039959bb2ca434412956cff1d963aefc9
SHA512cfef8d95cf1194906465ba7e8b30afadba669a156e0fddb9eb46c0848d6a204372ea516dc61732bc4b23b202ae3aeb42941a0fdacbbc78d783d1c1188827a144
-
Filesize
8KB
MD58b917bb7d3225f151018bf7a42909dcd
SHA10655e36a50bcaf1af586fcd865f3ad789d69c99f
SHA256f68c2045f8ff33204b30cad9756e724c81bf7083b22f6c2871f764cc8a4bc1b3
SHA512eef128345365b509fce40426cd5f51c62c17ba31b943ceaca5eaa3569c95576725b417fd9cb3a8ca186ef1a7b84596990a75e068efa50edaab1c9e07b924adf1
-
Filesize
8KB
MD52a13d360a945e2854bc06f1d7096fd9e
SHA1efa57fecc22107f4f4b082c69fc91cfe139b88ae
SHA25608b12c59ebad9a3880f38415febe5d076d871d8f83692e132c618bd74687bda8
SHA51286f0fcf8f4ea2c1bd977a3f72b037949ee1246db0ed62da3a432d2c95be3a91eb72351b8154cdd88fc38b0f91adf02c480c8dec327422d1f5355e1d5f6b8370f
-
Filesize
56KB
MD51632d94967f4266990841fd8c1ce8b4a
SHA13f1bbece52342460d9114570847cc638537d7136
SHA256a262c319787a2674787d9ccb024ff78cb812cc465616196668862682cac73c4f
SHA512f16be16026ea01e0362aafb1bdf5c5e1ddbf7d0a06cb995c0d0cbdaabbd9b742c8d260f945de65033cbbc8d0286ce27553f5b0af90454ec7cc32388f1e16d22c
-
Filesize
512B
MD5852e96920ca106423e292840ddf5c1d8
SHA175e1718f174b8f14cbad0bf0783a4b554fcf2815
SHA256e811babb44eaa1bf5016ddf8facc515e362e173ba54e99ca4c34e2974b156845
SHA51254726f4e60ea73a68a0ab7bec9eee08a266036b921b27b7815998cee8bf3daaf05bdfd6386996e32c01b8870e2f345db568b21b846b368ebd5b6c0829835200b
-
Filesize
8KB
MD5b31e0fa5414b4ef954a1e50d970790d1
SHA11547e6b0622e2e469f3f70269720e9c77f9cf5db
SHA256765b8b4193c3ce04d19cc27c8eae35b5f65100a2a2e35e05942637e890e440f6
SHA512f6e646f7d7cb4548f4c05223c6862089bcb788638f2e9a05cae50981b5019479f26d4f50806e725916b367c334df023ea2093b43686c0f2a6a1f1e4f97082467
-
Filesize
8KB
MD5edec410a2f780196b3f51257a5bedbb0
SHA1374c15449eb355cbc9c55e5cf7d873f25009a845
SHA256775b4e71a4d282af193ade777f6cc41df33cacc7461597f3dde1a8e6cd22aeda
SHA512c62ef58ecd2bfd98e2026b811b12665b93dc5101a3f2d0cee958c41fca2b5d565d348ffb3666a3bbebafbc1d82debede039f9e29ed75e4d03a56fbf88cc52e16
-
Filesize
90B
MD545449330b8b371dd652afa60f10157d8
SHA1f38016dfab54cf791b836193dc9558adc7f271cf
SHA256aec350b0013b7f02fab79ea9ca7e4a1fb23c8cc39d2445d4ffed59e2c3cb1b51
SHA5124e51010a5f973b77c0093293a4be96e38cc39b8ceaf1290f42b4233ca423f7cfb400e6daf7a432542dc36044db956593ef2b6ff1c07acacee260a0eb550669b9
-
Filesize
567B
MD50a061889ced4b5c7260f2e0628340703
SHA125037a89b9e2cbd366426e7bbf160eac2ade30cf
SHA2565faf80e1015e05efb083d5370ed00ba752060ff1aab64c56a87c893bb57bd88f
SHA51296584de50b1d51423ea65ffb9f5a95b296f6e3b0e357be4d08e0947005ecb8cc1cfced9f69c2dfc21e38922e0191d04fce83b016b5a669d40b567ce8ee0713ca
-
Filesize
4KB
MD57e858c4054eb00fcddc653a04e5cd1c6
SHA12e056bf31a8d78df136f02a62afeeca77f4faccf
SHA2569010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb
-
Filesize
512B
MD5c9320266421592bd0cbb810a0c0a7fa9
SHA1cf1fb6183ef2a5f13b3186e783a5b8aaad0c9390
SHA256b721996166a268f4d80b476f78203f76560964168db2cd81b737e292aec15d24
SHA512b5801893eadef4edf52c268d14116d672bbdda754230c95233416225a2a7dc4665a02fa8d40052234880bc807f68bd0d039dc03d7f9770eaf5d7893e9c4eadfa
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
112KB
MD5e5f336a31032675bc72358a0293a2744
SHA11946f2893f5efcb122d4677b6e0bcedecd5fe507
SHA25618dbccec29592fb8f9100fff0b660fa31346862a141bd43985fa195f97072dcb
SHA51216991bf01d518a0cccf70a9db81f4de23929ba746bd57d698baee74f2ad075032e2c9d372ae97c9baa67a7577583581d42026d553d9334a4a708ba5c333a51f3
-
Filesize
193KB
MD5d58f0314b548c94923d566d0bceaaa72
SHA186221f3041e26a72a9f8a79b3861edc8c20fed87
SHA256a5e429d3e20093a6178d0cb05a31be1fddf2e38c394fae95605d4d7ea0b6314c
SHA5120bee1b7efda64dc698b1d43a8ddd430d6a2440344f6a6ce3a22e389aa1edb010a4275d63745bb4f300729ee48f331a0897aa1fc6b647a085c1acb1f41f145b46
-
Filesize
16KB
MD51abb7e20a3cdb14f40dad49d3a85c1e7
SHA1346996e6397948f941afc61ec4ab2f000a331b73
SHA256d80385b101b91ddfc99e041e6b55bf20d20d721209869d08435c7d416079ae7f
SHA512ce63dc0d46c9311f7bded2d010803618ddeaa2e18eb74d84aa222778a82e55a13cacac5d658f6c30e55a8064e41a763fb3929195d5a5997510656a829383be4d