b15ae5265b825461da1bc334313377d1e997955db614889afaab5c9a7f1a9495

Analysis

max time kernel
9s
max time network
137s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
29-06-2024 14:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

adliran.apk
Size

2.7MB
MD5

50fc09fb31e061f807af204c0c8dc9a6
SHA1

db528e79afccd632370148f9c393f987fa623586
SHA256

b15ae5265b825461da1bc334313377d1e997955db614889afaab5c9a7f1a9495
SHA512

672843406a6c1e770cc54e72e6f780bed320f7f07a9de1153374c515fbf6bad177a32d2a3a0a6b50554e8a2c50438241b145fd99e1c4405db7a17f1e46ff59f4
SSDEEP

49152:2XccGsAkkZlmDWDBmcagPLslKhLzmJMVtEQ7skbLshAu7RQKdrr0jJVTs5AA6pEP:2XakkzmDWDBmcaGH2CFAMLshRmYrojJ4

Score

6^/10

discovery impact

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.temptation.lydia

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.temptation.lydia

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.temptation.lydia

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.temptation.lydia

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.temptation.lydia

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.temptation.lydia

com.temptation.lydia
1⤵
- Acquires the wake lock
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
PID:4940

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.temptation.lydia/files/PersistedInstallation3100452884118868869tmp

Filesize
564B

MD5
125492711f028221693f55f9a0157aa0

SHA1
d5c87701b57edb3945da25ee6b24d7c361ce1299

SHA256
fc6c889369143118a6e12ed530dc901e608b55fb8fef3e0ba9520344b9195d54

SHA512
5d567fbf06d8cfa2551d4e90592a4760c6f58465fb1b0461b285719d7ecb7e11e15beeda51e8c10014ce202e22fe03fac9121101223a25c8614820c9f9e3800e

Download Submit
/data/data/com.temptation.lydia/files/PersistedInstallation8750819041178053641tmp

Filesize
90B

MD5
e79474a20ae235763900fe0422e21a77

SHA1
91fdb44157f04683e2ad2bd134d54f26ae8a4b4c

SHA256
8a2bd946a5633213b3afdf9037393ef5609dd5d266f2270c703ae34570ab77ce

SHA512
10b1a563f0a510bd3d834ca016627f9f26e61a36507bad1afb8560a0334196b10404e1c6ae1831f6766a69883564c3cd107fbf60849ceba710fa960fd32ad17e

Download Submit