Analysis
-
max time kernel
34s -
max time network
40s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
29-06-2024 08:23
Behavioral task
behavioral1
Sample
TikTokPro.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
TikTokPro.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
TikTokPro.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
TikTokPro.apk
-
Size
1.7MB
-
MD5
9fed52ee7312e217bd10d6a156c8b988
-
SHA1
3e23c0d93b51e06918c69b138ef5fbeb921c9f95
-
SHA256
6ac2fadf96fb423f7c22521fcb106e44343d26c8d682e8b5a460cdf8388b2178
-
SHA512
dfd8dc7d623d2c142cbe11473324f34250115fb3c7e08a6b60f319ac9f419aa5301f3e042a525639398c54cfe3f1175426af09732cbb05932e4487baa91f5f4d
-
SSDEEP
24576:0ZCqpP9JH/VoVPvQrHs7zOSKHynup2usCAdYvgK5zT2y6HvCVMjny9L5hX/zqrI:0ZxxVopuHsOltFgg6abvX/zuI
Malware Config
Signatures
-
Processes:
com.example.dat.a8andoserverxpid process 4959 com.example.dat.a8andoserverx -
Acquires the wake lock 1 IoCs
Processes:
com.example.dat.a8andoserverxdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.example.dat.a8andoserverx -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
com.example.dat.a8andoserverxdescription ioc process Framework service call android.app.IActivityManager.setServiceForeground com.example.dat.a8andoserverx -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.example.dat.a8andoserverxdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.example.dat.a8andoserverx