Overview

overview

8

Static

static

6

EB5EBF23DC...93.apk

android-9-x86

8

Analysis

  • max time kernel
    178s
  • max time network
    144s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    27/06/2024, 08:27

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    EB5EBF23DC99F5B18F7597EF444DC5F93B7B743746090C2C6776F76B2851AD93.apk

  • Size

    32.4MB

  • MD5

    e4a84aea5f303259e7ef905bfc6795a6

  • SHA1

    88197ebcdfaf167a1ba7e31e9225ef8d332082c1

  • SHA256

    eb5ebf23dc99f5b18f7597ef444dc5f93b7b743746090c2c6776f76b2851ad93

  • SHA512

    049603ed986a28e274916b6320e278c55ac3b9eff9486403ff65bdec3fa5b9c6fc6015a82d4b27e7c82abe835141956d02982f117db291b4cff8d64d79ff1187

  • SSDEEP

    786432:B7gHenUWXo4kQEloEDve9ecVXl2Lt2UQGOjAQXadpt1RUK/VOkj2d+:B766MloIe9l2LUVBKtMK/k1d+

Score
8/10
collectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

Processes

  • com.sloth.akhaltekewall
    1⤵
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4268
  • com.sloth.akhaltekewall:Metrica
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about the current nearby Wi-Fi networks
    • Requests cell location
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4392

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.sloth.akhaltekewall/cache/volley/-10570255611274006261
          Filesize

          32KB

          MD5

          9dcb545dee6c15f24ba1774e6790217d

          SHA1

          a8cd2f45f184036893c0cc4e451eda91a51db95a

          SHA256

          c231092f37a94f5e70bad06af0db6c90e0154d5657d7640c070b7409a98d4f8d

          SHA512

          34ccb3c54251d4ccc21d2cf269ab07a0a3d666af969565579b3e8b4a177ed7dd71ccc2212ef2d1e3f29aa5317773ca5ab3cab311565dcd07839b7784d9d4b508

          Download Submit

        • /data/data/com.sloth.akhaltekewall/cache/volley/2093157561961742456
          Filesize

          32KB

          MD5

          974e5f2f636badc433f6185f1b097302

          SHA1

          817b0123310b40ea0de1829086975748fa9fa889

          SHA256

          3fd5f3e8205b0b77b6ec2fe79a158be8e70532adc016d533648037505fe96a50

          SHA512

          8cc59a525f488bd56af41cae568fff8e157d8f8eea80dabaed6c3025e39f64c775aa3e25bb730cee532347faeb52c37e08e6e8b635f68ddb8d633eae070f9067

          Download Submit

        • /data/data/com.sloth.akhaltekewall/files/credentials.dat
          Filesize

          20KB

          MD5

          fea719522c9a1772dd631b811af8cbff

          SHA1

          3c2963780c6af8946410b62bd4e6a0af35d081e5

          SHA256

          ab7b1dbdce234fafb158c91b422b12eed66b282e33b283198532426eb04fcf07

          SHA512

          4b3f36678e165b0e127dc8717a4ba3f0da87b83ef40c9e9765c94c84d74adf935f8f2b0440ae2d25c6462c3ed86fa27a11b331b13072cbfdaee8d4853fee30aa

          Download Submit

        • /data/data/com.sloth.akhaltekewall/files/webWidgetConfiguration
          Filesize

          4KB

          MD5

          f2b4b0190b9f384ca885f0c8c9b14700

          SHA1

          934ff2646757b5b6e7f20f6a0aa76c7f995d9361

          SHA256

          0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

          SHA512

          ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

          Download Submit

        • /data/data/com.sloth.akhaltekewall/files/widgetsController
          Filesize

          936B

          MD5

          989ff84d8ffe6ae2d490a785fa58f444

          SHA1

          08527d90d07bd0129ba14cf6003af44b0666084d

          SHA256

          ff5a9417ed878c0674169c5f7ac4fd273c51d6a152aa427bef1ad56cea329cd1

          SHA512

          d7f32a7fc2691d6fff4761cc8058105c176f43ee8a358e39a8a679c39569b0f7ac93ae59c11d78acb24af9de175a7c3b68abf54e68a4f000e26af1a84eeeabe1

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/credentials.dat
          Filesize

          8KB

          MD5

          ef0a96bad04d8b24a7e0bcd7d9494404

          SHA1

          0f8c59835d46da10e73ee9f6faae7cc48b41dd3e

          SHA256

          4355e5120a6ecf11b8989a0c63d188846b77b6b5bd6708edb40110bb0d32bbb0

          SHA512

          615d135bebf5bed219de2ae5f96b217946418fa81bdd5ef0cd6b2fe0dd0c66d568644f521f8bb3668f0dcae594847d0de22c6623cc75accc282feca6fcd018f0

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/db_metrica_com.sloth.akhaltekewall
          Filesize

          40KB

          MD5

          7f0efbce5c9d6d690c4ef0986e923b29

          SHA1

          55f69dff46e33ea831e046ff270ce1d8d11b1886

          SHA256

          7a084342f49415418f25d3447b7e8ab3f77507f249d225309a9b4b8965482920

          SHA512

          89534e6703e592f0b195deb35740c7fda6e8d9a76deabf546e85f35db3a38c5d2d4bd211af1bbb60667a2582eb73c770f7dffce0fa557eb7775854169115934d

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/db_metrica_com.sloth.akhaltekewall-journal
          Filesize

          512B

          MD5

          064a38933e269a658ab143ca6d603e4e

          SHA1

          b3eef4ff67059035e2e95077320a57429591f2d9

          SHA256

          7994bca284fa4d0ae1ae5d4e1d46924cd53cc9829939f9dfa3348cb9e30f0326

          SHA512

          5610350b497ac2468d0f8fbe466b4c0a2321f6304d8e10836651ae83e934b14dbe91a0a4edfc4f59a51695f701ef7a906c370e52e767c2631ea0fc68cda0b74b

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/db_metrica_com.sloth.akhaltekewall-wal
          Filesize

          402KB

          MD5

          84ca21088a32634b76a452fce8677e88

          SHA1

          4e0e8b35943c3a7f475e3cbbac33ed84e15cd9de

          SHA256

          ec289a489dc6ed18271521d7ccc97cae5f3da77b1cbfe1167d9a44eec85275ce

          SHA512

          f0ca6ca2d38293e08dd075c5de5c6e187a00689110a7959062ed26313d5545863692a8b149062bac7e65bf2ec1b0a0cb205912eb0e8aff5a5f1a689b622b972a

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/metrica_client_data.db
          Filesize

          148KB

          MD5

          c1101ff955b4d9ec18589baff4e82e43

          SHA1

          26b42b6372e9dda87c6ab9f157b77556c3e4ae2a

          SHA256

          914fcb0a64f60ee1ddde5ef90e5cd761a3655b85e092eb94ef0a7e46eef8d7b4

          SHA512

          2686ffc736ec6f24869b817fe145057b8c699fe5aaec94d556d6e35e36fd7e27881ad4ae3d84651736228b5bf762ca9e625c7c13ddd2bfaf687ff79a20b6a8ca

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/metrica_client_data.db
          Filesize

          20KB

          MD5

          86f74d49a23fbf1d7a2534d449f964aa

          SHA1

          06e6c9cc2bc6841d1d7499fd359b03f518ac1751

          SHA256

          f541ed555accf2a7bb0b4a288182935091fe5d375178e338812e612fe0c74f2f

          SHA512

          0fdef418176bda61995fd4b87eadd9d756783194579b29b31702ede4df753d99d429f5dcdce32a5640c0acd7ebd6d345a796d162ad328917a3eea0891bad8c4e

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/metrica_client_data.db
          Filesize

          20KB

          MD5

          d9d44564c257d511eaaa7700df4dfbce

          SHA1

          eecd59403cb771e74d9362b370b5c96961719c00

          SHA256

          99ccb7f2f95658c9c7b3bf38316aa11664460b814fca6d2ef9007c8c6ea1391e

          SHA512

          6ceb7555e023377dfa5df95df1c4413042940342eae353cdf009b1b8a257b44865ef627026869918fca61a2ff69b50d73e884f1dd8901c93eab3ce2492396268

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/metrica_client_data.db
          Filesize

          32KB

          MD5

          880011fa7df8bb90a5adfab8364e2e49

          SHA1

          8640c23913dc2b771465a63c5f9417bf5327522f

          SHA256

          b9b37a47c3aa2e7b718df97281ea8885b70c12c9456918127987552ab36098d7

          SHA512

          e32127b9e15767334e13903462b81df74cbb3bd894f35d64aac97e08260ecf3245a3574234f13021e6ad3cc8cbdcaa6824179442e06e2a18c28c44a22515a5c3

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/metrica_client_data.db-shm
          Filesize

          32KB

          MD5

          bb7df04e1b0a2570657527a7e108ae23

          SHA1

          5188431849b4613152fd7bdba6a3ff0a4fd6424b

          SHA256

          c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

          SHA512

          768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/metrica_client_data.db-shm
          Filesize

          64KB

          MD5

          cc54062c603ff10c04396086607c607a

          SHA1

          3c2c240743a34bce1030e268868f8e54ab870124

          SHA256

          11d67e384792d149853ec81e25ff48b18a8171bada4e887ee40d709330832412

          SHA512

          b37ac3cb62a022d8bdc077937805ad2fbaa4e8ef262508d8b665175c1e2a658764f18ff8dd0086b033e5eb1b33febe2e7ae568bf3325e5b13039e2e931c7d4a5

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/metrica_client_data.db-wal
          Filesize

          8KB

          MD5

          e798aa6b52c16b69713de74d6f1b4491

          SHA1

          30ea086a95690a9f25fd98fb43cec70566f4fe80

          SHA256

          741a63ac26700a1eb41a4ef2c2e4861ed2046be2be90082350ebd5feec23d762

          SHA512

          9c13f23832571961057eac5de84a606a28c1c6687e4bdc303741e06d1cf86fa0228ecbf40ed7d033a6824df2a8d952badd92b73a5c70610fc3651ad7bcaae600

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/metrica_client_data.db-wal
          Filesize

          8KB

          MD5

          5c722771fbd5794e48ae7d8475c78842

          SHA1

          22c84072fa3e7e3ff8e7abb794a90dd77d181cf6

          SHA256

          2eb887cf4217e9784fc8f7a7ed54e19be792c7f0da5d0e35f45530cc653db96b

          SHA512

          499bbd4b0bbf83cad186fb4f531d2d4d0e7b2f856f98dc9983f070dc9753a73e862bdea307d865a4776db1dbbb318be1f5e8b7aa82e1abff67d4c4c9226af350

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/metrica_client_data.db-wal
          Filesize

          8KB

          MD5

          11b08c58eb18901e7a772f186bb6a0bf

          SHA1

          e11be68b8ba2a3921929f35649ee838c3e297e0a

          SHA256

          ce0b3ed4e6108a2d63cc3683ece5644ecfcf77a8a5f4d8a5ca888ebdf677aa8c

          SHA512

          dca9f392f183dbb54c03cfccb0f544ab857c3e0668d259525e5343b67301ef5f6be919cafbbb8e623bb88a309024cf727717662ea54d00a2f4896a1fa19ab0d4

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/metrica_client_data.db-wal
          Filesize

          32KB

          MD5

          30f0f3b9fe4e358b5aac12b68b2556fe

          SHA1

          d2c12b1967a054b5f69f6d9897f465673bc85d10

          SHA256

          5b308647bf90c5757f2a9835ffc0411682daef949d3c4e1f41fe1a5d6b309f53

          SHA512

          16cce52d996d7b1fb50cae039d595a536021394193ad44bdd9e278bbac1b393b3bb0ba704aec40bb1ce01b9ca0d25fae3ae53d9082884093aec0e335ae4b3af4

          Download Submit

        • /data/data/com.sloth.akhaltekewall/no_backup/metrica_data.db-wal
          Filesize

          136KB

          MD5

          ff7a74825a15e2c8b0bb9791c3027736

          SHA1

          3c7e20e1dfc554594271db595d30f06dc830e4c7

          SHA256

          cd6be811aef2c46bf29a389b60f3a92b2cfc6e7073fa84437899322599270d48

          SHA512

          8813741b2c0c54fb1d999c709a564f92ff80c4f6643cfe47bc0dcb39899d8d446b9c97ed56832ffcbe4085d8da0a8fae1d33368c7c6738b718c9352bc69ff430

          Download Submit