Analysis

  • max time kernel
    175s
  • max time network
    170s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    21-06-2024 10:30

General

  • Target

    3b5558487a749f6b653a717a1061aee1d44a5e1ed501ac2651de1075ed865913.apk

  • Size

    531KB

  • MD5

    3d62760cc1b53064b7cabb6ba5809aa8

  • SHA1

    87f23e331ed8ffcc5e26d43e38cda7723ca67f3c

  • SHA256

    3b5558487a749f6b653a717a1061aee1d44a5e1ed501ac2651de1075ed865913

  • SHA512

    a18f05ef5aa1c2c08c47f18f0040e2f1c9c11395097bfc56fccc4e44c06d94d0e1fffdc4a9de4c175bf59d1115b99a268b18e873598e58aee7d478d8dfd604d4

  • SSDEEP

    12288:J1vJnNQoG6nIA0uqMa9nWUjojagxLo+ghB5KrnjSw:JVJnCoG630rnWFjHoNhBIHSw

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.AUTORUS.JapanDrag
    1⤵
    • Removes its main activity from the application launcher
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4186

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.AUTORUS.JapanDrag/files/Config
    Filesize

    414B

    MD5

    c763f628d20461f9e1a0725edd675b72

    SHA1

    95abfbffcdba1dc656adbf42a80592203c2e4aaf

    SHA256

    42525c157399c9e2c0fc69cc51120fe02815aa9df397116d328c203aada60cff

    SHA512

    27a4beb885ddbdddbd32d19f3c5e775d282f30ddc76ccf5de296e1294a03966cc79cbbe7dac9d0b7c72fca347436609e88beff1daefd29898150f3543e89d7de

  • /data/data/com.AUTORUS.JapanDrag/files/Timer
    Filesize

    368B

    MD5

    7f0fb662309224339999a9a0014eca9a

    SHA1

    21a540e6f6acf41fb443cd56bbeffe5d68b64622

    SHA256

    a1014328f1dc18efb803d227bc9dd31dd002d0488b79bfac169410933604fdd5

    SHA512

    96f6ec61d46f720dcfb71d61dcc698fde64b56649c9b5e95db5dec12e3ad753be917e3eb5cc1062c30a70b24eeda005e7f63384388ef8f97c702ab8b283cd3b2

  • /data/data/com.AUTORUS.JapanDrag/files/Timer
    Filesize

    368B

    MD5

    9833d74268b7cd6a4b497ace27bb85e0

    SHA1

    e3835211608f007f59d45db2dfa101c2556aa1d6

    SHA256

    581940d2b1bfb99cf3701c9fc236ebdaf52a979e2da506d2caf8a109bd04c00a

    SHA512

    134479701487c223e782f492ee82a7612c0c23e007769a6339c1aeaa540283f6d3ff3c52864b47353ec2568dce948ea4d79e7e654b71665985656cb0e0abd229