cbb34018e304fe3d88abbe31bd8da90e52f62c9200024ba7df7d80e6bf2d32c4

Analysis

max time kernel
122s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
27-06-2024 00:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

8ac01d4b53f2a6d14c054c50ad9166c8
SHA1

e5e90998b6f6416458c9f9bbed12943826daae1f
SHA256

cbb34018e304fe3d88abbe31bd8da90e52f62c9200024ba7df7d80e6bf2d32c4
SHA512

e71bdc8653037093923d72207155e6a81129f733acec256ec28d328819e51790e6f1600886251527eb4ff333226ef39281f97f83bce6119a1dc6ad47d24cf256
SSDEEP

49152:S/76xEtE8qpwRxqPjPLnJe6QhXBJw/OyH3EQnBAutAcCanljLIx/zCf6GMSs1Eex:I76C+9p8qP7LJqcLH0QnmutSanljLA/l

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	Mad.api

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	Mad.api

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	Mad.api

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	Mad.api

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	Mad.api

Mad.api
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4254

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/Mad.api/cache/2

Filesize
65B

MD5
27c687faad222caddb45b3f83388215d

SHA1
d0c778c99e4d16464759e5dd4f193338372bd000

SHA256
ccac02d818c9214c7a52ed051dcce3bd63e5df576ccbca90b1b58d4492d579f4

SHA512
af3227b2dcbb61bf0f4a21d46dc53f845877218ae1f8689795fb6a93240a6a163457587bd11842d2c8c9b8283a2fc211c0f78bfba020b8505d4a22fb7f66d65f

Download Submit
/data/data/Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e475e7fd32401056dbc1ca6a10aaf84

SHA1
7471fcb6f3a7dbe651724bb9e420900dbea932ac

SHA256
659483b1893c403b3855737b6536f0d9974d8825b67671244c79f7bbefd5744a

SHA512
3c6c96de708bba8826d32330d62fd099d4959878343b42b5a2ffdd7f7543d9e6c4fa272b55cd215b76d885754b0121a7455965a350f8c3ea8c7f50d034fee504

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
117ec36803f77fb03cf883570e7ee1a7

SHA1
0dd719327abdbd31d2d17945ac05c55477e9dd4e

SHA256
e51cd2983805fce2b1162535cee8370f7f104441bb66dcba020b6728f54e9ee3

SHA512
384a0387977ee3b884c2622c0d4d6b90d89136ac044d815e6a6e83484cbec42add070ec63448b5c08338607aaae90909124c09fa25aa2b120891a4043a5bb5f2

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a1986e8cb920bcaea2d8bd0f4d0d81fc

SHA1
64a9977fde994d0672b116718479dc47ec19541f

SHA256
14762b7d79d1625dd308d2e2d43fbfa9fe1c0f09742032c51a1f9f7f831599eb

SHA512
f5530cb6d985a0adfc383a0737b1e2c685508515be1f3ec3c396caa1d1f80a27838930a2cc1d63fb8d60eef789656ffd0839bea5d0602302c14020bfff7cc74f

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7ca644b535d691c82513bd48839ac142

SHA1
735c83d0cf4e88e68ea09b4c14a583bf948b14c8

SHA256
6e4aaca3eb7e266789fc657f588df8882a299bd37110b54d60dcce47bbfd232d

SHA512
dc7cae117bf02afcc9e77e3b55ca793cc9e9d8579d7e64d2602b2a633e8fa61bd61f725aa7dfc7441106f32176395b902561c41a7e24d7f6cfc449f1213ce1bb

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
6b829565ef1308f314f4c440985d4e38

SHA1
4c174098284ade60e9790b9e434c2628b6b5cc62

SHA256
b3d86e97f6050ad8e5edaef04a1c976a34a0af85ce195b260369cd8055d8015b

SHA512
69c5eb4196946f337c794aa8d72f4cd4d1869dd8e8cfd31a335b0f7b9132897d9760f5920dea4a82eef0e721e2ff2bf5c81b6b67523a9882308cb48e7dee4aeb

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
00e73d73f57b51ed514eb3b511c092e4

SHA1
63e3b4a05b2894bd0d2c71bcecda337a480e234c

SHA256
97ebd21f99101db32617e108999c3e6a7ccbcf1e88ad09631db531641f5d9a18

SHA512
222f4af8fcd5768fe5329d422c955e8698ef67be62aa781689dcaca9497390dd66be25c65cec151ac377f823907858c669d399784eed3ec65ad6d86ce48f4c2a

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d612a2c85695d769b7cfa4e74fa8dda9

SHA1
4f63ff4b38cc64161123c69d655fc89947826528

SHA256
1a3a7d9f9270045f4466697402a0ebe63dc8e415b9f4e8e17241ae891db7a874

SHA512
8fcd21444af55329e247eec0aa6c212fd6732556502f48859ea7cee6934ac78fcdf9b0d77aec996b4fab2c92ed220315841842050cd05b676e6139af99733fcd

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d5f2725ec3b266a429c33c9bcd33d878

SHA1
79aba19e107c6da877ba5a73811d56dc1d620c90

SHA256
4317d9b86c15663ae7c43890105dc37248e683f03fab0be3d5f736e667a59731

SHA512
4e6554143c3aba7cc1e1649f0ae1012a65c20a7291629e1c28f1b700ef94da8f9493ba706503ec1b1b7a427957f407ef72ab5587d61d6d94878299314af59a66

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
fac2692374778dee1561835ec488055c

SHA1
3d4dffdbb9dd3dab9b12cccf354dc0b0967aa6ff

SHA256
9e9946053a8d74b146635350f85b3fada8049c973c908ac25452fb24b1e68b2b

SHA512
d88cca722b113c5d56e8613224b3c9c3fe89a9b973026fa02955f61912eff799d9134f0d476e381fbd5fc6b641c94ba9a9cde79dd732bf1908bddb0d242fc0f5

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4ec0478428bcf372104565e3df9b2c7f

SHA1
f334f2e81601187610b9ad345cfc1010689b7665

SHA256
67f2f777f80c24ce4f743483d074724791e1c63d94f9fb6138a78f58530669ec

SHA512
590f608fa6ebcf724606497311db0f3da6d8773c9d6c2bfbac68d19234c08adb6674ecf1eb92d4dddb936de9a740e4cf6475c3dcb56ffe38ef95a2e66785baa9

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
f90868bbd231b696634d3c48ee5f96d2

SHA1
d9095c712813414bd184c81f81af7ec5a29536bf

SHA256
82eb6121cf8a1480f37583b4064d4535dde87ca44041eb0f1a14546cb5397d3f

SHA512
d69677648c27058ad017df6c42047d160efbd4fb08c503b13ea19d9d43ffc54f6a5f6296bb646910bd7c42b9958ff11e769b9026dd2e4ccbacd659cabdb2a299

Download Submit
/data/data/Mad.api/files/PersistedInstallation1844287530750051452tmp

Filesize
90B

MD5
f313820a4e78934a92df8a90770472e8

SHA1
56ff6be14a02cae3667a43e2b113f4fa610a5dcc

SHA256
1cecca95d3736cfd4155ad29a9804444d072aab1a8a21d814246fe6ecb1a1574

SHA512
96d1846abc8628da4706bbf1794ef1d6eca5af32070358fe4826cb199c7bf7c831d45a7832ca8bca55fd392ee5c2ede746be9cbae56b3a5be8b7d6a59cf5a11d

Download Submit
/data/data/Mad.api/files/PersistedInstallation2380986089723544071tmp

Filesize
570B

MD5
218d1a7baedff577eb62e6b3b02c833a

SHA1
d614af483028e7bdb3e33cd94866566ea697e1f6

SHA256
2b5b0c31ad2fc9f4aece657b05468c34a9cbfadd41f6525c1699299a2a025f53

SHA512
dee58c3b4a93b1f6f481a9cb96d9f2e70ed11cded445b047f23f85a97c367f8166106e594dfc603a5e21dc70bbcdac9f551ef45d748f508c1c14645d067e07a6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads