d7584a2d7973bf891c292569da62bc0b1259bf0f38fb7c9b5ab319d40be99f3a

Analysis

max time kernel
9s
max time network
169s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
23/06/2024, 23:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d7584a2d7973bf891c292569da62bc0b1259bf0f38fb7c9b5ab319d40be99f3a.apk
Size

2.2MB
MD5

e33fbb181f5823cb588844b08bf0a63c
SHA1

a2d1bb9a04c188af0dfcea9a9e558cd9f2e760b3
SHA256

d7584a2d7973bf891c292569da62bc0b1259bf0f38fb7c9b5ab319d40be99f3a
SHA512

06cefea2abddfe3e9e6eb3b386a922a124573e75199fb25390f30d81d5b4585f755f355caa1f304a6f471166bc0bef0187bbd31c922286d8e67655cf12538b4b
SSDEEP

49152:cPEZz+OrKSxlubRZOPeyPpNtttttttJd8yRDErpEji23NnYVxkS:cPEZyuKelOM98yNji23NAxB

Score

4^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	dcom.jhf56.j8wj

dcom.jhf56.j8wj
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4283

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/dcom.jhf56.j8wj/app_sslcache/au-ka-6-default-rtdb.firebaseio.com.443

Filesize
8KB

MD5
db7c3a484fb90dae28d165b9b825b9e4

SHA1
69c2e38f1086791bca18e58ab7f71eef74530147

SHA256
34dcaec15fdd867845864297e65781fb8f94a198b80735e788ba0d2d334503ed

SHA512
400b8fe3d15845fe70a6b07634ffcff142b9f0252f0ed2443b72ab7a9421d3ab4666d318e97461360a8b66935d7e2e00a17a1028611715e5e3a1a67d8053e8fb

Download Submit
/data/data/dcom.jhf56.j8wj/files/profileInstalled

Filesize
24B

MD5
675d26e68faf21bd495df4f769a676e9

SHA1
a3f6013f50c8bf34ce5396d425d8fe72a308dbce

SHA256
56cf35f8808fd9cfbe69662ea1e1c0028db6206bff84e2081acc9a5aebf1390f

SHA512
bfc15a30fc8a83bfab0fb9c4518a4200ee9809a030ee17e4ead37ef12f82e9defa78860077955daa23207fe3b87ebc177c2e6a4ab06c3a0e0fe80708de9e3e8d

Download Submit
/data/data/dcom.jhf56.j8wj/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
458e072b1f5ed9b549c9c7cd38efb48f

SHA1
a5808400f056ef84030c815c43890ba7364a901a

SHA256
b5a73ff4e6a00dd774b18a3a9a75f04bcca69183729f295acb7be3267cc09375

SHA512
ef1a2fcb2823e859f139332839b8ef5848abfe2e3a309350c23387af3cc710470c0004846baa732fdc535362e2c5965d104d33da4aaafd41cf3dba634f6a3522

Download Submit
/data/misc/profiles/cur/0/dcom.jhf56.j8wj/primary.prof

Filesize
1KB

MD5
b4de503b6d74339c7db8157c6139fa8b

SHA1
083cb958e691dd7f6dbd1ae6de6c4d9653d7aed2

SHA256
dfc42c0e96e567e3ffb8d0aabe2c4721c62e2eaf869d52705f5c6e1c0687a01e

SHA512
cfe95f49266ba7becba2884e95742668e1a49cc64206306de60a54914f7055f76fe59237fece4e6c2f9c329a415d435e77de8991fd6d36b5f3c4efd4b94a2e01

Download Submit