Analysis

  • max time kernel
    7s
  • max time network
    131s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240611.1-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
  • submitted
    21-06-2024 10:07

General

  • Target

    Skygofree_pe.apk

  • Size

    1.6MB

  • MD5

    708445b8d358c254e861effffd4f819b

  • SHA1

    d190b480942ac732f282c61a540e9138a3e764b5

  • SHA256

    af848999a4b8df0e33f5a05a618c83d1f3052d4026ab77b2acf66def71df754e

  • SHA512

    bed04b686515dfa745ad093aba185b3d634ec3d59fe1ba0e9798822d10edf4308b583ecdb01c7ac86fae47919bab644ace11b00071a9cb303c21ee72826d95c2

  • SSDEEP

    24576:sMbkXftH3TfUdiug9T0QPaJepbT1+oFctqUJOfgPE2eFm1M8z/8XuB6eOr:t8tfUdiugp0QFpP1MpHeNgUXLeo

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about active data network 1 TTPs 1 IoCs

Processes

  • core.syncsystem
    1⤵
    • Removes its main activity from the application launcher
    • Queries information about running processes on the device
    • Queries information about active data network
    PID:4476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/core.syncsystem/databases/google_app_measurement.db
    Filesize

    40KB

    MD5

    1bf13917264b6e68b2af9cfbcfe091b4

    SHA1

    f70f28219e488440e286d0ed5643e626935d278a

    SHA256

    2a2f245122946a34b94705745dbde198778edc4d2a965195ee7424a1906060d6

    SHA512

    1e0c2603bf954bc2aaaea5cab099c8b8a2b9ddb3b065b2fa42fb62a2d9ca999c0974fd4fbd6cd3563b10be2aad61cf52729cdf17764a57b7217ec7f4bcb483ca

  • /data/user/0/core.syncsystem/databases/google_app_measurement.db-journal
    Filesize

    512B

    MD5

    701f39d41dd87d3a40373490779f068d

    SHA1

    34ae593732982da05b905e9b03f19b76d2f69dd1

    SHA256

    c77d46f8f2c6acf5055ade0d486525accef418a6036c27a2c2e09985b1c1e9cc

    SHA512

    03c55c45f56a6021a3a0d656e6d9646d7565a74acaa7d227154381635d1957f28183943a020fb79482087599a2e64d155172e3ceba20d92240d10e54ae00c77e

  • /data/user/0/core.syncsystem/databases/google_app_measurement.db-journal
    Filesize

    8KB

    MD5

    fb0317465f1af4c2b35c136273b457ea

    SHA1

    f58e0c5cf55a57aa515e1ff41c3beaba09823226

    SHA256

    b2d3b6bc69934a2c881871e770e5843975ad7db92e3b0b3016f44f8ddb415d55

    SHA512

    7ffbe259e726e50ab8285ac32305812780580e93bdeb9bec06dc4c1c89c031e07caf807b16f7575b2b06040ba6fd4b51dc74c26c82195ef6c04fc21e960fc746

  • /data/user/0/core.syncsystem/databases/google_app_measurement.db-journal
    Filesize

    4KB

    MD5

    d0eb5da53f53e07691636ed03b2f6e57

    SHA1

    def5eebaa48d889bea4457bf0ef7de9743ccb0dc

    SHA256

    2d2ad677665f81f22776bb5bdaf5d0a87bc483e27d5bafaa7ba99ff4f3ea5434

    SHA512

    8583f8b31fd218c087f231f55676724f273c9500ab683f1e77c82ea18b5b91a4871d83fb21c54389d7c9956046d36d251e239bf31d6f61db10f1fc0b7b9598ec

  • /data/user/0/core.syncsystem/databases/google_app_measurement.db-journal
    Filesize

    8KB

    MD5

    ce98b1bd185d31ab67341124efcbde84

    SHA1

    13f619fb2c92a6ef38c3cbbd5d250c26db3cd303

    SHA256

    73a7ec043c58a8ac2a369879968dcc502ebf2d08d905351171716f37c24eb71c

    SHA512

    05dd0fdc05c75e6de71d275b53de223959c3bc0ec95bf9b8bf973d7a32bdee65baef5d0d917ceee061a64cb1a08e853b033d3949ab1d4e75c8a664575dbaac6c

  • /data/user/0/core.syncsystem/databases/google_app_measurement.db-journal
    Filesize

    8KB

    MD5

    0b3e0bfd4262b350f63f0110a0878c42

    SHA1

    dc285381c2895b7555a692509ec58f50a4601a90

    SHA256

    b50702f27d5933cd1f220bca3ac448307709d7459fd90d2258d9f74748729e1e

    SHA512

    f8de29825f7166b79ad024b05466ce3e23613e19f69d51359febdb09d989f4e2212fb8b99081ad2557809cab36484d41d545e078f8a7c8ed0fb460e79fc2a681

  • /data/user/0/core.syncsystem/databases/google_app_measurement.db-journal
    Filesize

    8KB

    MD5

    c0612755e6587a2158b893523cd0675d

    SHA1

    fbce08a580d50f5f9047299b00a54d7d21c171b6

    SHA256

    1ffd196cf6580f6d4c4d0f873cc0a07294a0465dab05908884b1dda37ec48f74

    SHA512

    49dd6d4daedd5a66a2980ad4bbe695b5b211a53daa53a8e1706dd5d42cd095612a85cc8bfc23469a959c3d6a612384a8f471ce77738b891b5132e729f8bb9b24