c62648cc00aac1b9bbfcb3e5c3c49348652a2436c1550463764bb781ff16d3b8

Analysis

max time kernel
2s
max time network
142s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
19-06-2024 00:12

Target

c62648cc00aac1b9bbfcb3e5c3c49348652a2436c1550463764bb781ff16d3b8.apk
Size

4.9MB
MD5

854f2fc91be2fbf8b4c47de183d72aa1
SHA1

e068524f85d626c1aa60c7b3377c0e5414d79a2b
SHA256

c62648cc00aac1b9bbfcb3e5c3c49348652a2436c1550463764bb781ff16d3b8
SHA512

efec1b951aa82a1baeebf69041d62065cc19fdd92f880997d7f002a84d86c26050913c449de235ffc79ecdaa72a97ab87ca90d452c2e107cdc6d9b088fbc242e
SSDEEP

98304:6kjqJL0p8tWYBXG+XBsOTHFiwXZkkCq/u1mGmQJtQ:6kmJjWWbsOUwpmq+7S

Score

6^/10

discovery

Acquires the wake lock 1 IoCs

Processes:

com.temptation.lydia

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.temptation.lydia

Queries information about active data network 1 TTPs 1 IoCs

System Network Connections Discovery

Processes:

com.temptation.lydia

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.temptation.lydia

com.temptation.lydia
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4164

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

/data/data/com.temptation.lydia/files/PersistedInstallation7943880083964356447tmp

Filesize
90B

MD5
f5806c2f3679b1b2a5fbd1416f7f77af

SHA1
5ccbef0ea6c165d41f82e578ae5426ea2f95e648

SHA256
a4353becc532a28711452885f9dfb6c23a6b92261502801cf5074c920b6b9adb

SHA512
3bb482b39dc1811c177a4b4ac44eb27607ab52bace3c4fbf1978dc3ed785ef008f691aff0523dd52f9f3a596092af1f02879ca3b99fde63f05bbf8c21dcb07ac

Download Submit