50af5846877c26f984e50336ae58572a247397835b73c48d376dbb9ff8bc01d9

Analysis

max time kernel
73s
max time network
347s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
24/06/2024, 21:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MGC_9.2.113_A11_V14_snap.apk
Size

442.6MB
MD5

01c9b0268c1616ba1beabbe1c0acb1b9
SHA1

e985c6e89384c49a4159555f280f457db76e7004
SHA256

50af5846877c26f984e50336ae58572a247397835b73c48d376dbb9ff8bc01d9
SHA512

531e9eca292b4f402b6c9bdebe08d08f0af6efbfe4ab79e3e253a867107806d922d952f849a2540f8fb480add545a35e0e46d093fc5074889394efc56e63339a
SSDEEP

6291456:KZ5cobyQSBu9mV2nXdISx6ftE4e3sJazgHlgrn30tiRRDeegDfy1:KZ5coelXVyqgV3x+l2MeeegDI

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/system_ext/framework/androidx.window.sidecar.jar	4692	org.codeaurora.snapcam
/system_ext/framework/androidx.window.sidecar.jar	4692	org.codeaurora.snapcam

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	org.codeaurora.snapcam

org.codeaurora.snapcam
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
PID:4692

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Process Discovery

T1424

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.codeaurora.snapcam/cache/codec_hevc.lck

Filesize
32KB

MD5
123a68e5514e51846bbb6772818df6ac

SHA1
7450fb0538f88e34cf7713b12659baf23dfaf3b6

SHA256
44a28a5a9a7058d07932426df27b14320b362b68288dc840f4b1a190984e1a92

SHA512
5fc29f281c2fff2b5873a74ce51f8b17f513309b2cefb89fb46294cdef9b8e696904cf7baada83e6557d47a378d1c9d1a3d206e68c3fa4516218d8dd2984208a

Download Submit
/data/data/org.codeaurora.snapcam/cache/temp_arch

Filesize
94.6MB

MD5
c700a6e7658302007df3b2d5c5e0aa37

SHA1
ae4c3864aec953f379fb2475f7b137277ba314bd

SHA256
3f31f9ea0f2c047f924f0855f6374d7a69d8f424afd3034e5eb4458a190b927a

SHA512
f8d5a6872f7420911e4f3407c9797369bf9b8248954d677761ebefe03e5cbaab2a8897b9b3bd194197f9dcc014474e445aec79846ad7392d61476aea3f95813c

Download Submit
/data/data/org.codeaurora.snapcam/cache/temp_arch

Filesize
3B

MD5
06895b5fe0f6e19f7c9cf763cc6e2573

SHA1
318188c18b08fcc9b26d3b3c1688f38ea06fd830

SHA256
91d7d090d6d2658d820be3973c86a6d1414f8138dc99aab9b998610c641b4d51

SHA512
525e5a3c7bf8a3f3c74cb38adc8ddf80eb5bbfeb96c712cb2d879a70c24e205ca0c95b8bd943ac24b9a803f8847e2a9d1eff630af13144e8743fcd81e107d97c

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libannexbtoavcc.so

Filesize
5KB

MD5
ec5a8cd0b4d4f0a5c9c0eeea35053dc0

SHA1
e8f5b1fc6696e57a5bca6994745b51fe864304b9

SHA256
fc7a603499dbb90f4d7243c1cc9ecbbbf897e7b90d3b3be2e96d14033e1cfd2d

SHA512
828846936d6b38d6e14ba5525e2f0344661386327d91cddc26cac5cfef61a9e8ce919427511ea65af705c7561ad50b0d0c838fa7d59df8730bdaa98557155ef8

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libbrotli.so

Filesize
203KB

MD5
b73a47f9cb4767c2a2a9c68c0e5075db

SHA1
b6b7daa09180f1eea29049b308a15c71a67ae53d

SHA256
8b0c5db17d1952294ceaccfdf0a7263a73896565226adf81b6f84974b990e44c

SHA512
fa7951dca15fedc6fb333c5e7f1973049e1f4847782538a7e5b2bd2ebb982863d6a033ca90a1dd3e17964dabea0ba6db808e25da6f8920bd5cac252cc3d556fc

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libcyclops.so

Filesize
5.2MB

MD5
3d69fe16ece90da78c33785661ccb6ed

SHA1
c72a8f8f372078c0477d84ba690b528e375c58d8

SHA256
15f02cdfd308017f5efd7a9900dbd3078f419cd816b396eec8cba92b2049cd65

SHA512
4d320ea7ab5ba10dc715c282d87b306bec5d6cc7f2157c939d745db87851be0b02b54c6b7b626e5cfaffbfa09d9017a3d182d3c901db5878c9c9b68cddc8ae4d

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libeglimage.so

Filesize
538KB

MD5
576645bdac7e1899e20b0ac4c86912e5

SHA1
557538bf15be5a804955209d68be604fb77e9377

SHA256
b909dd3c910ae636dee712bfb7e1a8e55a0b5c2d2e0a5d6e019e57403524d469

SHA512
7a149cd1478eac6d6d775a8e6f8cd2f4a63ebb4749ed14377a82b9b7ae6420b74b19fb6e112bac2a5143e52026dfdd846ecf46bae86b984a86d825737523446e

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libfilterframework_jni.so

Filesize
71KB

MD5
821b625265ca0993c9eb80425e8e129b

SHA1
93d30e6c1d3d54250855c78943343444bf08d063

SHA256
d11d4d432596f614d921e2b7882884ee5c1efa96de207233ac956b3d6a1c82ff

SHA512
68294715134fc7c7b15027beefd54addcaf8084d13937a6458dbe4420d877f92f30fa5e267045898da01baebb66d739d5ca7ddb0f8712a9da568d6822f6c8658

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libgcastartup.so

Filesize
103.4MB

MD5
8adc7e8e7af487598d225c49abd99cd7

SHA1
4890e76a12467f1c90c864d6e7391312e9aaef44

SHA256
e8e486ca4dc5daaa2a4af747431d51ec3edb56d193c9b0c0782705cd243d4c9d

SHA512
6770e26f95f7e90dd7e32132a9758c4e37795fbac9017cf0aa53c66e857d5c3c06e688288c8618de01fb1cbacee773e9c3fa6a505f765ce9feff6693f9ea5390

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libhalide_hexagon_host.so

Filesize
33KB

MD5
ad6bab122c51a0036fe63c8af3226cf7

SHA1
3d11d12e41f76cb922123702389ce6b4632ee897

SHA256
51d63129eb81cdddc7d3703475695a9d205b799690e53fffaa7621f187b01aa8

SHA512
dc3a31039afe9dbc695c25ff2a08341486fb4c64a31c01157e9fe186aa6ce68fe31d94d664c7ead09dce3ab93fae055ee8f035f72071f40574ef331ebe568aab

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libhotshot_object_detector_jni.so

Filesize
16.9MB

MD5
e1a924afde9c5c8d69d1e990ae8cf69b

SHA1
81c5db114faabaac677f32b9dd8af3729a9449db

SHA256
3b8dd7326eb8348d72dd01ada80d505c50c39147a8ea37b71f6722ec5e27df2a

SHA512
3558103303dba8b2b8c31a3e9838aa7700dc69972fb2486435fe775101882b67ea433096b29c9b1ade7a8c0f8b5e2180aa7631ed437c14615602a835c007e51e

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libimage.so

Filesize
183KB

MD5
c44422752f0b847f4395bc2a55d5d310

SHA1
13effc439c0997c848a56e0d6a3bc5a9318ada5e

SHA256
47631e998e277e4e6ee9dc9159c9db416d818db60414161b4d3d41ace02f2fe7

SHA512
5c21aff752481ac5cea0136922516c58e0c98dbc568fbee438c23080ef165da1890c5ba384318b676d646f1170f3a0366b27ffc221071c90f6e44fac45dbc871

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libl2l_video_processor_utils_jni.so

Filesize
1.6MB

MD5
01e294c57045d9e27f9c49dad031eaf6

SHA1
ff513774f92a9baa0bafe003487c000c21441866

SHA256
f98e4fa9c1a3a217a4b611bd19d22386f2cf047abd90792d8f1a55574ed7617d

SHA512
3e1df4c54666db5125162cbba1e78e425be6bc9c5472ee8922357e1ed23dbe3afcb921b4af3730357305e388c1b84e60867bd8ab4db9645e195dc2388f94f731

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/liblightcycle.so

Filesize
4.9MB

MD5
ce84bb60d3cce91720dfbe62d70535c8

SHA1
b1ff4a1e9aabee8421ee6c5c1490a10fa0e69129

SHA256
2f034495f5d18442720b08ad31a29281a2db1d0bea8f109d9755f41238e58348

SHA512
9e687d3807981f1d9ddd1af96eb00c673176d45018657c9a2c63f10284054beb815a221f8ac1e671eee52c76f01f35cffcd4336523932370daedd0517bdda6e6

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libnative.so

Filesize
750KB

MD5
f000301fdf90e79dc07dcfa8aa48282d

SHA1
1d82d037237eeb27e96e11df6032ea077e732c3b

SHA256
0f79c6c5fc00bced2f4237b973db2ee6135c017c6d3c04cc8f20fd3f6f032f1e

SHA512
75d43e682a47b15f9f0be16e8a4e9aa1e273fc962ade6935c983d85dfba44a15adda68aa59b11d1b6ca7e6f8f30b8496b19a4c429ef84cd43d5e07a4be17c725

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libnative_crash_handler_jni.so

Filesize
34KB

MD5
80b23e9d3226c90d4c7303030fbe3aa3

SHA1
983e86190ec9fdb8b7ca33aa90c4ab81759586e6

SHA256
8d10d0074cce19556a81ae6b6d39ff84b519999c6606fc6a790c8ab64134b20c

SHA512
e473c6cc21a68bfb86337ebe636126fcf49f414a81907af8930921b61644cf2b856fcb7a31530f0537e4c3beb7ea55252a54c0ff071bd127cb036ad80ab74424

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libnative_utils_android.so

Filesize
342KB

MD5
931e4272545ea025c1bf940350fdf5b3

SHA1
a6f190a2e0415382c964aaa57bf5be75dcc01705

SHA256
aa20ad9378ca6a710bc43cebb67d9aca904c94afa965206dedfeb42959119f03

SHA512
7e3deb1e7379afe07e9cde4025a93c6168648a55eee18e42d077eff073f9d17d0dd55dcb492900e54b5bf2a28b4ef286a4b98e0f42c903265cdda0fc1fbb960a

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/liboliveoil.so

Filesize
80KB

MD5
d523edfb03ae9173795940c37285a96e

SHA1
4495d912bc65ca829350f9bd168c43dd6e88eb8b

SHA256
df1c312181b6fadf3249ff64314d2859cdc1779cdd8ea1e51f1f8b711bf084a1

SHA512
ed0084792acde7a778f57cfe08feab37595bbf2e59ce6cf68ca5e6f3aaa63b751461b2c99e499ab12fb456787de12bc161fd4c7a67f101200456d415ae4b3153

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libpairipcore.so

Filesize
382KB

MD5
7941f7580b3254d068549388793d2fc1

SHA1
7e98579da177f9647dcf2431df810fd5cf73cf1e

SHA256
8f94aef70a3992d5ced98fb8a38f6b76c8898554503206a59ed1d1c064bcd97f

SHA512
57985cf494533b98739ee59909151eee0d9b28d69c170eceb9d87a7fdcc5ef2faa1a4114a4422579eacf0451b7cb760d7a59cb0be2254e4500d6a31206e17cf9

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/librampatcher.so

Filesize
273KB

MD5
4f2d9d89f6142bee5b02544fff7a339e

SHA1
b4505b60004d12a0efa41d782827b75ec5e2f2bc

SHA256
6f0b2d37f46c6408cc3bfd656b2aca544682997bca7c31ba76a8e91d2b371715

SHA512
8534ee34ae5aa93e88aa123a094b2214fcc5510ad8f8148312f9c74b480c026abc080c1f30b94c5827fb1f9ba0112295c07a35b5815897d1c682be42fb660d80

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libsaliency_predictor_jni.so

Filesize
3.4MB

MD5
5018602b7bc341757a6ed4aa453fc17b

SHA1
881d77b37a60e2a4c3be958f58eea8ec5a92ecab

SHA256
c4889577142fb2dbd841542762fef8925317f693f4e8f33f72d415783dd763eb

SHA512
7a13c376ca32a7253f370abfcae4c110ff29c65d22884f252ddc0e29df9a01f70295ff46feb5bc88108a9b342c86cdca48041d04e60a76b81c76d1720fe0f4d2

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libsmartcapture_native.so

Filesize
15.6MB

MD5
59a787fba57374e7d6f0f2a177dc3eb3

SHA1
6e2b754e2709b862de4d735c850255ffd9dc6921

SHA256
048878756889c742f6c0044e3e7c3a22fd22796df54ceabc05eff53b33be5117

SHA512
15b220e97ebbb8fc7d9b95cf7bfe1906114bfebd6cb422b6dc77f28f09caa2bc68a2875506d8811abf5030c0bca150814746b1dc414e8c6aff754a4e1aed6d2b

Download Submit
/data/data/org.codeaurora.snapcam/files/lib/arm64/libspeechenhancer_jni_avenhrealtimenative.so

Filesize
8.7MB

MD5
b52333779db050968d3d6f019d70d4ff

SHA1
a0b1380f067f0624c4933afe7f884c8ebf159272

SHA256
b8121ee1167a135c75c6c68268f3f87a0749156b6aef0c420d189beb56ae2b06

SHA512
7915a3483515cebcdd606cc01402ef5178cc8d4646282951d4f0342f0a88a7bc5573123ffd3e77c44f93313cf9d068f080a5c5ecb61c1bed07bb0112687e890f

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
12KB

MD5
bdf3529e80318eb14e53a5bf3720c10d

SHA1
25c9ace4b1af6e80ebb2572345972c56505969ba

SHA256
bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b

SHA512
48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

Download Submit