Analysis
-
max time kernel
7s -
max time network
188s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
21-06-2024 10:07
Static task
static1
Behavioral task
behavioral1
Sample
Skygofree_pe.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
Skygofree_pe.apk
Resource
android-x64-20240611.1-en
General
-
Target
Skygofree_pe.apk
-
Size
1.6MB
-
MD5
708445b8d358c254e861effffd4f819b
-
SHA1
d190b480942ac732f282c61a540e9138a3e764b5
-
SHA256
af848999a4b8df0e33f5a05a618c83d1f3052d4026ab77b2acf66def71df754e
-
SHA512
bed04b686515dfa745ad093aba185b3d634ec3d59fe1ba0e9798822d10edf4308b583ecdb01c7ac86fae47919bab644ace11b00071a9cb303c21ee72826d95c2
-
SSDEEP
24576:sMbkXftH3TfUdiug9T0QPaJepbT1+oFctqUJOfgPE2eFm1M8z/8XuB6eOr:t8tfUdiugp0QFpP1MpHeNgUXLeo
Malware Config
Signatures
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
core.syncsystemdescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses core.syncsystem -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
core.syncsystemdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo core.syncsystem -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/core.syncsystem/databases/google_app_measurement.dbFilesize
40KB
MD5b320408f10590b30afabc56f070b96bf
SHA1aaba052ef95cf54cfb4140069efcf31c57032873
SHA2565a25e56b66b5cbb164ea421197eafb0bf9c18177eae90ecc707c352500f1f14e
SHA512ce2967ca944c101aefaa3bf8e25771244c8e42ccff0fbb7927409f9da1dd10ebfe46982d7c508f9adf7f645f6cd975f594a5c7c97dd61f0a5a8d95ca9acfd197
-
/data/data/core.syncsystem/databases/google_app_measurement.db-journalFilesize
512B
MD508247f5b6a4f916a987b86d24cecab18
SHA1a4274dcedf8670f1810cb9d89df0f594e0e31d31
SHA2568175d7ff32dff2cb42014ca00da96d2f53232cea27e5c595994d988ad5904536
SHA51257b5978d02b8f754f4497f9b7b90ddda2e06c3aa1da4f108551f2458b778740fd10bc57ffb9df12509637737734111c106a35f183754ff7089930af35b32cd80
-
/data/data/core.syncsystem/databases/google_app_measurement.db-journalFilesize
8KB
MD50a935e6b52127c54f2421f8e2507d6eb
SHA1f8a977d481cdf6eea3d62543de530cc897a03ddb
SHA2562ab2d6fb1c49441b65977a2b5fa92034eaf38225f4443b24d34590f63f18b1df
SHA5127d430373232fce7dd892ee0aef696681ec8c65558040ce1e0c259ba85030e9180e9ce4dce899e60123c37977b9b656814a49022daf876bbdbbc73481bfebb43f
-
/data/data/core.syncsystem/databases/google_app_measurement.db-journalFilesize
4KB
MD5575366a24ff7251d1adda3773c216944
SHA17f665050f9a4dc0d4b66fc06af071d10ef90ac7a
SHA256d00b64201179257cdf4e5f6fd1990e943baef95a88d8532c6b2a686762ea7a73
SHA5124192f315807a1cdbc733e6133d60791b0fe597ad2a7f67bb9f5c055c01d23822e9bf9bae5e7f0e5ccfe1a6c6944e7d21d06c1d309a6dab22b6b8907e493af539
-
/data/data/core.syncsystem/databases/google_app_measurement.db-journalFilesize
8KB
MD55387705a1769696b1f28fd3794519611
SHA1c510bc1a0c69c2b2dc7dd273cf7c58ad7babd9d3
SHA2566754c003841bf29e790286c3c0cff398ea44be9ce01f2faa2d170c6f919550ba
SHA5123fcfc5edfbe161ec86ac6f10ad94892cd8cbd6a94ed86710c7008092e660451120850b63aa882bb9ad793720d9c6c2df0be48ef0de64c85354f814efea631112
-
/data/data/core.syncsystem/databases/google_app_measurement.db-journalFilesize
8KB
MD5231034749fbb9c450a2c04e11365df75
SHA1effcf3e3490ef429a0132f5d28548eabd9c0cf7d
SHA2568dfeade5e3c1be0ebd49b22935f921a3f39e913ab5e997276d2c863d3a5033b1
SHA51220956612058a66e52f2f8e693583b2e2c5581507f35e5d59a3211fdfacfb29ffc5cd0c4e281c0fff727c913af1adb4759e7fd00c4a04aa8d6981753c3a92f73c
-
/data/data/core.syncsystem/databases/google_app_measurement.db-journalFilesize
8KB
MD56ee9630830b5338258b4dec2741ee38c
SHA1eebc65e1883e1d545046b0777bb8546a020b91df
SHA256044daf2658a702a922c0dddc0e8c4d68541a94842e5123d81478c850d2362cc4
SHA512d9c3f62a6a7c2e023672f41c3b54d96233c36d89af5d31af9c6c31b62059425e0553bce7914df221dfd30d6092def8a552dcebc3f0f0743bf0bbae56b8a953b0