cf234ee5c4bfd0d9b5d42d114051e252d76ac30d7f59aa19b27d8fd396f32d0e

Analysis

max time kernel
14s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
27/06/2024, 08:40

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

CF234EE5C4BFD0D9B5D42D114051E252D76AC30D7F59AA19B27D8FD396F32D0E.apk
Size

19.3MB
MD5

6b641ae9a786c6164a16e1e9dd5a573e
SHA1

01ee8608aad7afc556010f88d41edd0ca2a0ad85
SHA256

cf234ee5c4bfd0d9b5d42d114051e252d76ac30d7f59aa19b27d8fd396f32d0e
SHA512

3af678e7b6c471044ea905cb53284859a50eaea18152f45656ad85740cebffc8a685d105b67b22b33a0398dcca8a779eb403a0b5c1f759c6aa030e95b414069d
SSDEEP

393216:FIlLmLPbqxuptUKDCjoK4oJQvBLnHp9guOU9gULD546QV:F6Azqee4xldv5462

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/app.main.bossbai.net/cache/dp.kotlin-v1.lua.mph	4461	app.main.bossbai.net
/data/user/0/app.main.bossbai.net/cache/dp.kotlin-v1.lua.mph	4461	app.main.bossbai.net

app.main.bossbai.net
1⤵
- Loads dropped Dex/Jar
PID:4461

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/app.main.bossbai.net/HarliesVpn.w0p

Filesize
6KB

MD5
827f9a54220708c4f8f04b08bfec119c

SHA1
d0886b3db5c8ae9b5a26a0097debfeaa8350d213

SHA256
d3993527236d4844c49534f5aee8fb8ea8ccebcf34c8bee375a4c75058d6d6bf

SHA512
3a3657318cb2ee9c171598c68dd20b54a9ea5ddc891360da72200e09be7f4c57ec369498ec203e24403df9327c1707155ffffc449a033aeb565c182daed7f201

Download Submit
/data/user/0/app.main.bossbai.net/cache/dp.kotlin-v1.lua.mph

Filesize
5.9MB

MD5
1ae33787be2848e375f07131f779c90b

SHA1
84f429cd259b198d8fac4a3258e5354417209c07

SHA256
5479f7a56be50810d73d8ac3e8d83ac47685feb9a86f3401c419b4a0fe7204da

SHA512
884918a6796fd698b011fb85e6ce9fc8fc388b45c67a57de0b0cd2a7a2ecb8e884afd0c07a72c4698b3f94a327dad9d540c86eac6e470715c08c0f4421119fd1

Download Submit
/data/user/0/app.main.bossbai.net/files/m.vp

Filesize
3KB

MD5
bd4785c0ae9e185a140d0ae9995d783c

SHA1
f5f2924a75d7101d5fcefff835582535a01a2c7d

SHA256
46711cd006e8bf8c0234c777d41adf3af651dd45d110d781781ade3a117f1156

SHA512
ff604a84da1c3cb77b59d99de6d84c38ed6a45e1c0bebb81594d024cb8a9f27eb0e2ee992a90a152fa9e0aaddd097c54cc2a70215944c0759a3088eaffb552ed

Download Submit
/data/user/0/app.main.bossbai.net/files/serverVersion.txt

Filesize
8B

MD5
4c05702c137bf33f75935c14daeaa797

SHA1
769d8f4d016f8caceb73ecb8e1fc25506df93fbf

SHA256
2cffcfcb66609128ac55531799d064a0f6807e3ebae5744c8b5061455747a461

SHA512
019f203fd5f8ecc570fe56dd2896b8c6fdfe94c91fc0db00994ea51a851af4a89c4c4e20b576f8aa26c1745c2606b2b58c6dff70e9eb451d1e678e83a88cfa1e

Download Submit
/data/user/0/app.main.bossbai.net/files/wConfig.w0p

Filesize
17KB

MD5
a1a1e506a1e5c52cac69d58b16906d29

SHA1
0300df5193f2c9fa3089069e39f10478b686a16f

SHA256
79366034f83edee52db8f1f3fc89c854933646da67f8dc312892490be1e281f0

SHA512
de982fcf1381d1fbaf3e8156272690d3487b791a354d223576f11397935996c4efae321d115b0deb7b20f84da490bf5bf290ea7daa7123eeff7a017197183669

Download Submit