Analysis
-
max time kernel
7s -
max time network
131s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
21-06-2024 10:07
Static task
static1
Behavioral task
behavioral1
Sample
Skygofree_pe.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
Skygofree_pe.apk
Resource
android-x64-20240611.1-en
General
-
Target
Skygofree_pe.apk
-
Size
1.6MB
-
MD5
708445b8d358c254e861effffd4f819b
-
SHA1
d190b480942ac732f282c61a540e9138a3e764b5
-
SHA256
af848999a4b8df0e33f5a05a618c83d1f3052d4026ab77b2acf66def71df754e
-
SHA512
bed04b686515dfa745ad093aba185b3d634ec3d59fe1ba0e9798822d10edf4308b583ecdb01c7ac86fae47919bab644ace11b00071a9cb303c21ee72826d95c2
-
SSDEEP
24576:sMbkXftH3TfUdiug9T0QPaJepbT1+oFctqUJOfgPE2eFm1M8z/8XuB6eOr:t8tfUdiugp0QFpP1MpHeNgUXLeo
Malware Config
Signatures
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
core.syncsystemdescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses core.syncsystem -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
core.syncsystemdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo core.syncsystem
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/core.syncsystem/databases/google_app_measurement.dbFilesize
40KB
MD51bf13917264b6e68b2af9cfbcfe091b4
SHA1f70f28219e488440e286d0ed5643e626935d278a
SHA2562a2f245122946a34b94705745dbde198778edc4d2a965195ee7424a1906060d6
SHA5121e0c2603bf954bc2aaaea5cab099c8b8a2b9ddb3b065b2fa42fb62a2d9ca999c0974fd4fbd6cd3563b10be2aad61cf52729cdf17764a57b7217ec7f4bcb483ca
-
/data/user/0/core.syncsystem/databases/google_app_measurement.db-journalFilesize
512B
MD5701f39d41dd87d3a40373490779f068d
SHA134ae593732982da05b905e9b03f19b76d2f69dd1
SHA256c77d46f8f2c6acf5055ade0d486525accef418a6036c27a2c2e09985b1c1e9cc
SHA51203c55c45f56a6021a3a0d656e6d9646d7565a74acaa7d227154381635d1957f28183943a020fb79482087599a2e64d155172e3ceba20d92240d10e54ae00c77e
-
/data/user/0/core.syncsystem/databases/google_app_measurement.db-journalFilesize
8KB
MD5fb0317465f1af4c2b35c136273b457ea
SHA1f58e0c5cf55a57aa515e1ff41c3beaba09823226
SHA256b2d3b6bc69934a2c881871e770e5843975ad7db92e3b0b3016f44f8ddb415d55
SHA5127ffbe259e726e50ab8285ac32305812780580e93bdeb9bec06dc4c1c89c031e07caf807b16f7575b2b06040ba6fd4b51dc74c26c82195ef6c04fc21e960fc746
-
/data/user/0/core.syncsystem/databases/google_app_measurement.db-journalFilesize
4KB
MD5d0eb5da53f53e07691636ed03b2f6e57
SHA1def5eebaa48d889bea4457bf0ef7de9743ccb0dc
SHA2562d2ad677665f81f22776bb5bdaf5d0a87bc483e27d5bafaa7ba99ff4f3ea5434
SHA5128583f8b31fd218c087f231f55676724f273c9500ab683f1e77c82ea18b5b91a4871d83fb21c54389d7c9956046d36d251e239bf31d6f61db10f1fc0b7b9598ec
-
/data/user/0/core.syncsystem/databases/google_app_measurement.db-journalFilesize
8KB
MD5ce98b1bd185d31ab67341124efcbde84
SHA113f619fb2c92a6ef38c3cbbd5d250c26db3cd303
SHA25673a7ec043c58a8ac2a369879968dcc502ebf2d08d905351171716f37c24eb71c
SHA51205dd0fdc05c75e6de71d275b53de223959c3bc0ec95bf9b8bf973d7a32bdee65baef5d0d917ceee061a64cb1a08e853b033d3949ab1d4e75c8a664575dbaac6c
-
/data/user/0/core.syncsystem/databases/google_app_measurement.db-journalFilesize
8KB
MD50b3e0bfd4262b350f63f0110a0878c42
SHA1dc285381c2895b7555a692509ec58f50a4601a90
SHA256b50702f27d5933cd1f220bca3ac448307709d7459fd90d2258d9f74748729e1e
SHA512f8de29825f7166b79ad024b05466ce3e23613e19f69d51359febdb09d989f4e2212fb8b99081ad2557809cab36484d41d545e078f8a7c8ed0fb460e79fc2a681
-
/data/user/0/core.syncsystem/databases/google_app_measurement.db-journalFilesize
8KB
MD5c0612755e6587a2158b893523cd0675d
SHA1fbce08a580d50f5f9047299b00a54d7d21c171b6
SHA2561ffd196cf6580f6d4c4d0f873cc0a07294a0465dab05908884b1dda37ec48f74
SHA51249dd6d4daedd5a66a2980ad4bbe695b5b211a53daa53a8e1706dd5d42cd095612a85cc8bfc23469a959c3d6a612384a8f471ce77738b891b5132e729f8bb9b24