Analysis
-
max time kernel
7s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
-
submitted
22-06-2024 22:51
General
-
Target
c825891d4b9f37aea7a2b782c4a5da0368e58c8e9f31ed47e3da5690be91e1b8.apk
-
Size
4.4MB
-
MD5
fde8e734fb79ea09b473dc643b70cc98
-
SHA1
18b7e9e68ceaffa10492a15efdb03bec56ac4822
-
SHA256
c825891d4b9f37aea7a2b782c4a5da0368e58c8e9f31ed47e3da5690be91e1b8
-
SHA512
68582e690658f764c941bc3280949cadd457270a2800ca75c3cb7e440fb7f5d46d5d32859846d412b3f6a3066db08302de3d67ae693dd8f82d5d4a08a75a582c
-
SSDEEP
98304:lWoCq7SEzurJZZE+mxW1f2o9oF35p0yhZqpF55rIWDgkbr7db9GTs262LoFb7b:lWoV7FurJxmxUnu3cyhZoVDdbrjmUzbn
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 8 IoCs
-
Checks Android system properties for emulator presence. 1 TTPs 1 IoCs
-
Checks known Qemu pipes. 1 TTPs 2 IoCs
Checks for known pipes used by the Android emulator to communicate with the host.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell information.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
Processes
-
ru.SjPgYpMH.tUEhMoGVR1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Checks known Qemu pipes.
- Queries information about running processes on the device
- Queries information about active data network
- Requests cell location
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD522b2b4f3ddbe1532306e3ee225d9bffd
SHA1ff9f10c0de07c435f6d68226ff0f5f1752441e10
SHA25607e8295c7326ee274cbc997af2df53136af9e46ad19dce59237266bdcb92f3c2
SHA512fc0083362d7afc7cc1f1e7604b62e8efef916ad19c17445ac4a01ef05d687ce66e78b9eafa6cd5226a74b0b47489de0d422e08c6cdb188a437d2cb9c256cb450
-
Filesize
2KB
MD5d767d5fb76e7b1bfd2d0400deeffebcf
SHA16d6c540c7ef7f5caec54fb6a4c91c628425e8b35
SHA256c26c6254b4710db963119c0733885d773fdfde7480ba7b65d27bb3a524a6ebd6
SHA512d1ef387d80a78e3802d10628b545d249273214198c7caf0928eace2f4bc0cbcc017519e78987c9840c1fa20c980aed507cfe2d47b5ad04e29254475535565513
-
Filesize
719B
MD5447b479a214536d00d4322b9dfa69227
SHA1a29a06b52d86821fd8c607c66aa479db49b7556b
SHA2562589cf6dbd4ef06bdcfeab283af9abf4f21f154ff382af8c6d3788497794c157
SHA5126f3b93cde848935b4975d9959188aa43b71bab8cefbdf4fc692f4f467174ab377103b87765281e20e1b072c32f2b95595c4bf9be8b4da4b53ef928afeead831f
-
Filesize
884B
MD54bde471e7a872f0ed7688cfb104adece
SHA1c43a64c8687503dd8970cd5eb6018f5174fa0e1d
SHA256dbc9aa7f48ecd75278130d3846b1ce2daaaadcda37feaf79ec2fd8b481539af6
SHA512a3067face23e2727a57a889f3d1892a69cbb1bfa2cd5902317af34b558d6ff2879507dc891d294fd90c30073233cd197ca0d6ddd052052f9f685b34f776c8729
-
Filesize
1KB
MD559168c19f52b92351057e5590ae7b67f
SHA1c3bb2412838e5a499d3a4089c8532a9d2d8b8093
SHA256e47a4cf8d8ec5f97772b51a75b6f8fb0aca86f0164759b0802ee688554fa958b
SHA512ae8c347f35c454fb7ef58b04e991704d72964270cea61ef5b4073f3bbb69f1ab2413576d76bb633071a13da42d58755cc7b8014e90fe3ea8eeb087c2a61f55da
-
Filesize
153B
MD565026ee778e1372d9f4aed742772e893
SHA15a5f1c821d7639424f3c75a44468ab5f7dd4e8cc
SHA25615070f52136d5a8332f8d70f790bd7bb04cd6a99b386d40e0abedc40c42caa3c
SHA512589c4a12c6b6ec1a1cca957da758aaa900e68a23b4bc2f42524b0e8dd34f6c5378541d9293eae1ae8d478bf5b5229ce4218c058fc3b399eb5756afeb05c68616