86a78014f4269a43ca6c3d547e0329f56a5f12e76116d4422fa7338b7e182b04

Analysis

max time kernel
47s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
27-06-2024 08:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

86A78014F4269A43CA6C3D547E0329F56A5F12E76116D4422FA7338B7E182B04.apk
Size

6.1MB
MD5

acf037ae3c36f4c4b74f966893a195cd
SHA1

6f8c0b487f45d4f3999d84575f8bfa4e83d469bb
SHA256

86a78014f4269a43ca6c3d547e0329f56a5f12e76116d4422fa7338b7e182b04
SHA512

79c7c67d223e0d55bfe927ea1c9a9158d777f3d97f6f00af004425a548526836646ccfa177e62838b447d1974c74af5ccc1d6e2abf79fadc61f6bc73a455076a
SSDEEP

98304:RgXKPMjwNX0a5OLG5iNo9wppKrw38YkyUfvugKhdIBu+WETu7bGT6UxTiQOmYX:R4yN10SgQf9mkC8Ymf4hdIB7y7m3YX

Score

8^/10

collection credential_access discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	mobi.androapp.deusapps.c7050

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/mobi.androapp.deusapps.c7050/cache/1582435991586.jar	5053	mobi.androapp.deusapps.c7050

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	mobi.androapp.deusapps.c7050

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	mobi.androapp.deusapps.c7050

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	mobi.androapp.deusapps.c7050

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	mobi.androapp.deusapps.c7050

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	mobi.androapp.deusapps.c7050

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	mobi.androapp.deusapps.c7050

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mobi.androapp.deusapps.c7050

mobi.androapp.deusapps.c7050
1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:5053

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mobi.androapp.deusapps.c7050/cache/1582435991586.jar

Filesize
9KB

MD5
e8e0527a01aefdb89afd2c508f131da1

SHA1
f1103e6b260c657ceb3d95f1b023af3fda8b133a

SHA256
f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

SHA512
fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/androapp_data_db

Filesize
28KB

MD5
881aad1b8a92a9ea0f557778c9d6608c

SHA1
5eee2fcd3dd9b64035dfd9b32bb6fb9d156c6a8c

SHA256
e35457cc3272226d1e126c148334cf3ee3367c67337043ec9403b2378e3d892a

SHA512
b5954c0e08e17dfa2c63e53dac07fd9bac3b54cdccc1d03117185641a3e1c1c4520714f969ae7e4989ef0a195a424a41f57fe7a4847d1ac5047ff79c76a26322

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/androapp_data_db-journal

Filesize
512B

MD5
b6f626b49f108d3936f052f1f67783f5

SHA1
858cb5d529d000aac139852d1184c05ad14c89bd

SHA256
62d965430cc6137e30f183aa87861c750843f1d15560b3187ba298b48511d07a

SHA512
667a4d4e8313b5126704758f9cfd81d195fa200cd0619998b3daa50ee121ef35a9aec3138c18b896ad6a52d3d6a873ec53de1f40c0b5378db0cd06cf0e2e226d

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/androapp_data_db-journal

Filesize
8KB

MD5
01d782303c82344bbb044d32c8fff506

SHA1
851e1aa032fec668c5fa7f2ade0341de3c51d7b2

SHA256
1357135c92669adbf762a9f10f9c24d620d56436eed30bb6dbfcf50e55a61413

SHA512
f6765952dd9f5762bf043b2b9f03b2ef8b7718b106b9c5177f0357d6793f6d383ea7400bbd523668c0c7b177119a2e75c7faa9868661e5124f5d1df9509ad58f

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/androapp_data_db-journal

Filesize
8KB

MD5
cc0b6e2402b9c89d84d25cf2c352cd28

SHA1
fb2cd3943d4e1fcb2dd8d97131eb634dd85ad99e

SHA256
0814c626125bce3077c6021ef56cd3e56d3d4917a8f4bbd633a235bf78188517

SHA512
b841718e3801d39c569cde1e84f72341a06e6c91471b99b7834faabe30b1275f6637a0fac18fe0eb331fe0ac07301d6a8f8c97d2691f06ab720de366d454fe82

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/appnext_dbs472

Filesize
28KB

MD5
d31d69ec25dcf2c3652e1640c3e86797

SHA1
8ac91f3eff853379e0c3c6664e394809945d6f8a

SHA256
87949256f9e322d821d8397224e705a239d54d69c0cdda6d2268f40ef7622724

SHA512
27050e9bf5caa157fa915b6d47abd5ea0d9a15337de9a4cde0513f568a7eafe119f4b722334ebb8a449c621a9bed4902dba4657e40b43f53076425520baabdba

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/appnext_dbs472

Filesize
28KB

MD5
4c32b1a8235b6feb1a7e06165882b20e

SHA1
dd02b3f848a41dd3aff3650fdc1619d215c4fd98

SHA256
fa6e98220f0cc1824c4954b78fc229d4e327e1664b0146d8fbcc65eec6d1d76a

SHA512
2624c0a1868b897792527bf287f7a3790a7b1c63a0932e6daa06114f986d41d171b5bec6c58b96d165a8c80c8ab4f66e21c47c19f07bfcfb77d30b541c2c9d8f

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/appnext_dbs472

Filesize
28KB

MD5
87c731a390603870234977123cb2abee

SHA1
a9f204ba00e481cbdb5ed1811cb06716ae240a9e

SHA256
643d115b6b2f11edbf76f57a19ecc526284c5d4b127cadea480fa0c128d498a4

SHA512
be46c85112db9a2d8bf917718f6d90aa2d9d2a7cd71a43ad700cd4ffa9f0adc28d428cfc17e8bf7047b9bad44fb0a9625f3dbdac9aed55c0612f6578829c289f

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/appnext_dbs472

Filesize
20KB

MD5
dd56c4b42ec7dd0d2818cf9a3a240684

SHA1
f5ddeb556d26aa1a9c0a57499f9a04002e86b934

SHA256
337cf8bea1dac7c0892ff94df3fa03993bcdf466079803f31600ab260a4fe3cb

SHA512
69f4c42c79c52f0424a6698e464934a7339aba3672cfd7dd96632c651475702d4c4c416807177efbbd32bda98b878a9822b532067797ef4cca759fdc40831189

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/appnext_dbs472

Filesize
28KB

MD5
b07a57089584678db31b9cbcdf21d209

SHA1
784399d8c2b21d0c8ca9fe31726475248faf10d4

SHA256
6bf35d9208a491c9a01f4019828e7b9e1512fb9ae96bd49ffb03310a421a81ec

SHA512
ef8d7e49cd5780d96a2da46ddebf72f34e788a5242502231271be94810d7ca21321ebdcdb9fde5d7338d5b6d95da0d5cf9b359034db4f99ff54d26076e3575eb

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/appnext_dbs472-journal

Filesize
512B

MD5
2f37ee1404862b82052610e4b8bbdf73

SHA1
d70a8c6cc62e41e47aac2108ca9b1146fd183127

SHA256
544e9933dcab1d07fbf75688e526fd9b8fbc133d65c7a409f5a266e3631de7bf

SHA512
54863b54c3ce557c3e06892ceae95f7cb15a6105d6c9c68386d1fc2a0d9caa5ea8158fa54bba7ecc0f3c22bc705bd0cf49a1ceeed8a0f363c4919ba713cf0140

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/appnext_dbs472-journal

Filesize
8KB

MD5
dec0441ac5c7d63448006bcf3a954f52

SHA1
4fb950bcadccf9b7758358266d4859b7ee1efb90

SHA256
2bae8a4d61a8d98de59cb83d2c5d3e088ac2d22cfd78e66ab03b595bde49e03e

SHA512
d5610e6a3ca900564454480b3bca3bfa81964994c4a88d10693083085354f66159043059f588987ff6927ba1debc4ba91e84673c135b9f2bb686909e7315b232

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/appnext_dbs472-journal

Filesize
8KB

MD5
737194c6568f994a0b910a420fd7b260

SHA1
834f2e60980e16676995549d5ba7c8dc67e43b0a

SHA256
070229d8cec99b1de2bec5643e459794eb96ab1dde26919b1ca508ffbf9b5d4b

SHA512
b80b9352922890c4afaca1770db69583dea9f3b240eded811c08a94f54c163c47f262d892d5af0047a0320d15bb149488986f92d0a42cf8e0cecdd4fe14ab3dd

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/appnext_dbs472-journal

Filesize
8KB

MD5
bbac60535fb6d50de6d5c3890eacbb09

SHA1
5fd796cace924bd09708d9eea82598c1ab128d55

SHA256
09bdce50ab6d1a77ebdf8297e2af32ad58ebf6d9dcc4a386b9bd26c9c1059e28

SHA512
e03a6410df1f7bae17e02d5f9dcf72b084fd2b8683d150902217c9cc08994ac35f614a0393aad6f1419a7fe605ee22748037d1945eea12c6947faac3f816db9b

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/appnext_dbs472-journal

Filesize
12KB

MD5
b14abb0cc3db7bd78492f291ec54fd67

SHA1
e71b8cea80ac5eeb48f04d4b22db644b47c42fb1

SHA256
0692f49ca3f4ef6193e295abffc98ac8085eeeb1f5fef57231d9b5aba8161f85

SHA512
95b22c1339063b52453ef87e05ae385fc8fc0bd4878f9d3d5dd67f049ee8df4ad70f9a4e55b3524babc48d1589dab6797663a5f62b57b584009c5558e51d59b9

Download Submit
/data/data/mobi.androapp.deusapps.c7050/databases/appnext_dbs472-journal

Filesize
12KB

MD5
a194669e4900ae9bbdbecac0ea551512

SHA1
a1eb34f1a15d8e701cb089a1fc2191925addca7c

SHA256
df8b988bfc7efe35e5ab7361369fd4f6954e2a80ee0078f76363ac92c4fa8ba4

SHA512
5911cb3112d1fbc322649cb4fb56da00a4c70022235a2b53dba9609c3422f6f36546795ec020767dc2bfc97e6a78ccb15103db98ab0fadb851e72b75503f4530

Download Submit
/data/user/0/mobi.androapp.deusapps.c7050/cache/1582435991586.jar

Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads