23ac2751dc37f07078dafc79b381ba9e686ed8d18e70719e9a4786b9c38dc5a5

Analysis

max time kernel
16s
max time network
133s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
01-07-2024 06:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

GLTools.apk
Size

22.8MB
MD5

8f6f9fe8ee494c98437a11d143a8e67d
SHA1

850e8818929525a5bcf178a322824b56ca7db82a
SHA256

23ac2751dc37f07078dafc79b381ba9e686ed8d18e70719e9a4786b9c38dc5a5
SHA512

d1c8c553518a811bd7b9767d64428a96615c0ff6fb628ef09e95400da61184d7b5c76a1e92e6ecc81a9820e5400b703929101be019ba21cdd7ef3211b9c93a6b
SSDEEP

393216:jSBurJP2vsEKD3LO1HGJxEUD0XQdeayzt6toOWTw/to9EduT2:vJ2Vs0mJFIWeaw8toOWTw/tSZi

Score

8^/10

discovery evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 8 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/xbin/su	com.superpaninbros.glng
/data/local/su	com.superpaninbros.glng
/data/local/bin/su	com.superpaninbros.glng
/data/local/xbin/su	com.superpaninbros.glng
/sbin/su	com.superpaninbros.glng
/system/bin/su	com.superpaninbros.glng
/system/bin/failsafe/su	com.superpaninbros.glng
/system/sd/xbin/su	com.superpaninbros.glng

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	com.superpaninbros.glng
/dev/qemu_pipe	com.superpaninbros.glng

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.superpaninbros.glng/[email protected]	4381	com.superpaninbros.glng

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.superpaninbros.glng

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.superpaninbros.glng

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.superpaninbros.glng

com.superpaninbros.glng
1⤵
- Checks if the Android device is rooted.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Checks CPU information
PID:4381

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.superpaninbros.glng/[email protected]

Filesize
3.2MB

MD5
8b233a8492121d6070000a28406eea2c

SHA1
6430bd001a69b4bd686b8385d2d2d439cb5131de

SHA256
688d9c42adca2cacb59ccff544456da5b0faf33c47539753f4b6158d11681177

SHA512
d6b0bde9a89101a2fe255a9475f602a6cbb92d95ed07c92df214bc3579020f4ae1edec3787b13dd0efb82b5543972c2e4b039f9f1364338f6d1ff3018421a26d

Download Submit
/data/user/0/com.superpaninbros.glng/databases/StartApp-d6864f2502af7851

Filesize
16KB

MD5
9cc3a09a0c03e5bfc0381597a40202ec

SHA1
9c27f1ab68d15d207ad1a768a956cf853cfed497

SHA256
984067e21b5f95954cca231b9da5631c5a76499f7c560fcb07e6dc3a92527720

SHA512
c5fef37151e49244a6e4a42f2b2e51bb4f93c39b480eb04e472dcdc6f8e47173b1612941026f6eb57ba5404ef37e9cb26512aa7a28c01fc32e8fde9ae23bc107

Download Submit
/data/user/0/com.superpaninbros.glng/databases/StartApp-d6864f2502af7851-journal

Filesize
8KB

MD5
ef626650d4ff7e55d541e8d90fd8e364

SHA1
45c868b1683f95495655c2ca49e7c8a55da2a5b9

SHA256
e295db0b936b93bcc0be82f11886ae5c24c8459f05a0105a7bc704340776da42

SHA512
f1aaefac7ca1f618c5f3d2142a73142886c79f5359381cb953dfb75d008b2044aa1c637f51388c02c759f67e1d921ce2a6f67cc0c3e2ede4741b2458cb3e50b4

Download Submit
/data/user/0/com.superpaninbros.glng/databases/StartApp-d6864f2502af7851-journal

Filesize
8KB

MD5
8b489eb2d04ca685e20374c822e4460a

SHA1
58afa21edefdfc7e000d4129361fce445817e88a

SHA256
f92d84e4bca690ad5b24288d8c0f4b58102a74869ac2e9a10feee6ae3aaf7b5e

SHA512
dc1cc7a560dc50cc2e6782e84350c90513bf4c295ebd7ed48f7ee0ccff6a7ea6dbae2e3ccd9e8fd753311a0848caac8ad3949478e9913abc8b010a40a79aebfc

Download Submit
/data/user/0/com.superpaninbros.glng/databases/StartApp-d6864f2502af7851-journal

Filesize
8KB

MD5
a01946f5353c517bb6990729884a8a1e

SHA1
c02c679d889e444fb1b96d1764b884046f9f65c1

SHA256
0de0e3ce870871d08f4aeae46b7d2bfcc9973d35f8fe81888fe2ebe7a5fa9315

SHA512
35dd2746521c85e70bb5fe448495733b42464699555dcbd6d34b607767c3c08080156a8080c79fecc4aaa400c6c22de82a720d1c81f2e31cb82e16e4fa8cee48

Download Submit
/data/user/0/com.superpaninbros.glng/databases/StartApp-d6864f2502af7851-journal

Filesize
512B

MD5
d15a3770a7f70c0e2d4d417ca2ce0297

SHA1
084175ff0290b751dd485da433e6f2a73bb6c5ec

SHA256
7812e08660d486664fcb30ffe009fb738a195d8d39959153ae8c4f1858ed30b8

SHA512
b182fe07f767ebeb2cff8bb34da2b70e8a74f5fb26f6ecd10930243ce744dfcf6a79c17562525c327c09deb0f300d508b0ba784255b972e6498134b663e86fb7

Download Submit
/data/user/0/com.superpaninbros.glng/databases/StartApp-d6864f2502af7851-journal

Filesize
8KB

MD5
6a49b1ae6a518bc64ab1c2c8533d0831

SHA1
d3752b75de14cdfe138d546160bbe971a38ae38a

SHA256
86d2198a9c08145fb5a97d46edf5d6d382a4beea8d76237a1ad63001d870b88c

SHA512
5b4a68e16617657819dbc2574397d6e8d4d9caa729c5d4d688efca59d299214a798d0a037e20266b9de35ed47f06286bd3c836af401e45a980301d1f4485501a

Download Submit
/data/user/0/com.superpaninbros.glng/databases/StartApp-d6864f2502af7851-journal

Filesize
8KB

MD5
ff048dbac4f089b7370c1b9c2c6c55f0

SHA1
82c9b8d908a3f5ca68d9eb10b86d1fc8087ca449

SHA256
4c8a4d6975518411c31c3ec4342a812eb419453c7ffbd9cdf218e4c0af82d733

SHA512
4315c99c1bfd1434e6e73e224cc0167858bc57cd16923afcb79498badb86fb0cd07895038184c82b32fd683222cec914ea92dfd067247ace7b87d9d35cdb811f

Download Submit
/data/user/0/com.superpaninbros.glng/databases/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/user/0/com.superpaninbros.glng/databases/androidx.work.workdb-journal

Filesize
512B

MD5
4cf5c3c13286a2f49048667097a0d39c

SHA1
51d8f77fbd600778fc98d8b1e1f6a9fab04f307d

SHA256
d9da00eadda149732ed0306ff8bd9f25c02f0fc7e562107c9661279856d1b09c

SHA512
f1fd5fd33a335b66d4ea3c5e7f33a9423e021a79e971da83b85430d5799e5f9ed3f5db8ca4b78190a14791abd97d22ca2cb0944b7e6b365e3777d48f349b14bb

Download Submit
/data/user/0/com.superpaninbros.glng/databases/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/user/0/com.superpaninbros.glng/databases/androidx.work.workdb-wal

Filesize
88KB

MD5
b4f99f40230d0c9c9b026fc945179e6d

SHA1
be8b99a38f4d7217327127174e580dfb3ac66efa

SHA256
5197ac9a93da562eb0271df4f5cc7f38252031e24974025133c327674fa96b65

SHA512
232b2c7114f7ceada40d73ae98a1916ec5048ace00f1032cc5f4efe890bb9f39e9607cb9b91ea9b04a099c42c9a3947f593828f8a4c7ceb758afc96eeab2ce00

Download Submit
/data/user/0/com.superpaninbros.glng/databases/androidx.work.workdb-wal

Filesize
16KB

MD5
e4968a005efcb1046a8927d4c6a3e990

SHA1
3e09cd7b1539f8e873e421b84c9d38d1ee1b3e6b

SHA256
d94400bc3a277faaf4e802028d7235f59a69c30f4046089bb1a182325ed5146a

SHA512
f66b2869474f38cf62d50bb28bf319c33bf6df70e2e59d3345ef5bcd061b0b37ec03ec30db5e6b84409dadfef074a31ec4e0f5937afdfb3a892ac45755d8c019

Download Submit
/data/user/0/com.superpaninbros.glng/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/user/0/com.superpaninbros.glng/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f37c12104f79f120077b6b1242596eb2

SHA1
e34143b37cde4f7ac4075830079d8553138f358b

SHA256
95242e819a3a3fc8a53759322525efb1fe092f46d30208ecef32a9d6b7f096a0

SHA512
9890fdcbbcc00cbb9f10c268ac676d3aa0bbd84cc25dcfc24528230e7d894d0d72b8938b7795cd5726a3efb821bc0c4d0b976c2a12d7bb6ceecc899dd5cb2b36

Download Submit
/data/user/0/com.superpaninbros.glng/databases/google_app_measurement_local.db

Filesize
16KB

MD5
17f989e71649a45d7360f30e7dbf8cff

SHA1
e3433dba4a6127220fabb6502da903896bf34d30

SHA256
73576201d2c82f271e3c9d8700b535cc687068f347b4cd9ccc43758802080ad4

SHA512
a2b1c380e7795bed38acc9ca97b787ac745567b8bc6410a9ebe55aca1b49486ed96f7755d781709f082fbbd06e1db21056b21d194e6871554d0fb32ebd75c1e9

Download Submit
/data/user/0/com.superpaninbros.glng/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ac246c2c62fc0473334b876a0cc7762f

SHA1
fd7e2858ea56b29447a4346ba35e82993061188e

SHA256
8f9b57707aa53e56afb9556a1ee906eae7528b70e3d044733f441d8b82944d5b

SHA512
056aa182e141948f904a5a1bfde8e2781364bcfba5f0b5bc0d67d4076f38c2d9fed94717392fcd6d8654569348508f0c2605fe0c683df609714ac9498949793e

Download Submit
/data/user/0/com.superpaninbros.glng/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
23cc243e71541eed4de8b68bf1b95b31

SHA1
ec917520cad27f7fa6305273b9eafc0cac178069

SHA256
a2d4a804e5307ae2b6ca4182df24519829de929361e7817b9648d1efc9139647

SHA512
48bb9a80d5d21a4df79becd46f9723b13392c09f0d9c09d78f9fc21e3c76b41421685ab3ef440f7d515a75226d30637c1900d72ca98a15589ed5ebfd39c3c245

Download Submit
/data/user/0/com.superpaninbros.glng/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
e95e1b74c8dbdb7229c65d4be0a26de4

SHA1
1662e6cba9d7d6499f9ad73d796bbef04703fc26

SHA256
ff928fd25316cb417d07c10e77ff0c939773f7d3ad04461a328460b2e8beaea7

SHA512
4bbdd5a3eb95e653a32869d16766de4046b3ec7caca2ebee55204f8c8140f310129aaa7d283008723c7f7cf1947913fe30eb56d755a121162255a45a87ac0156

Download Submit
/data/user/0/com.superpaninbros.glng/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
988700d18256998722175936c66e9da1

SHA1
0877437b734da53671b657f51755a028103758ea

SHA256
6f5c940687af8462a40137ac6e545b616cc18a851378d8e283849a3629968243

SHA512
9178a3fdea8430eab77cf86bea53aa6c696630755dcedfc3bb76a4f39ac4d49b4d6ef69a5a8cd5dc8aa3c7d0a784893abdaf5742401d06694227310e93f377ff

Download Submit
/data/user/0/com.superpaninbros.glng/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
44f2475a789bca53aaafa1ae6b1fc477

SHA1
06ca56006b6a7ee5c451ef629c79a1769e5363e3

SHA256
8a738bfe83e7beb0e340555b15e7f8181e3cfbe829c133a4820a76f49102e21a

SHA512
237f28e1d60425d12c8d403e4e7018537d447887694ae751a3175b6889e3155cc91e3e02bee2fcb5c570cd1c09351182866a2048a8a58cd154af6bb1de618da8

Download Submit
/data/user/0/com.superpaninbros.glng/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
df46d4e5e4ed738fd435ec3002c9459a

SHA1
66a649579a0687d8862b0b9cb9e39cfb48d8dc75

SHA256
12a099d68dbb27d2afc9a60bc7e8c6536f7baec71d1626c4e04bab91c25814a8

SHA512
aa86e08fe729a09dfe9ff6d5e01eaaaeff8e363baeb9c1a1c5d35c5bd2f4a89ac35a7c40a53b537b7ea97714cccbeba5b2d92076f97fa6148ddd25ced70c475e

Download Submit
/data/user/0/com.superpaninbros.glng/files/PersistedInstallation2827854039233525165tmp

Filesize
569B

MD5
1b582b209f8842d2826415443c339d22

SHA1
5d249231adc9d68d8710633ca8eb748e339e5cd7

SHA256
bb440ecc4cf7e4a3b4e49ad617f9ebf75317d97c9b55421ad210ae4df1a72a6f

SHA512
dd5d7466091c6cc480c644098aac09c46bb22cf95032375898f0c7f63da06955882c8b2b6df5c8c6e767baa49b83061f3e8112a278a948b56ca7f4ce73da0780

Download Submit
/data/user/0/com.superpaninbros.glng/files/PersistedInstallation7484410973551281731tmp

Filesize
90B

MD5
4b14732799d4f860f6df22397c10f410

SHA1
021090919b6fdf72b2e3d597a69071c58a6a369e

SHA256
510b5a11544434bb5ea5519de20a6b8d91a73cf391fd7370966cc04e867373cf

SHA512
fd285f702372967d4190eac859f8c172377d3dd9d98373e4e98032483987c4fe33b1bf048c55495ba3105bbf21a22868d1fbca926042c323ee12188dc7744bc8

Download Submit
/data/user/0/com.superpaninbros.glng/files/StartappAdInfoMetadata

Filesize
1KB

MD5
42f832592047cedb3ddfa601fe2030d7

SHA1
803ff1bd8d2cf74260fffacb52748bc15dc24619

SHA256
3a20d122f33eff8348ba3b96efdecd213733d323b6284119501584214eac0686

SHA512
0bcb8e9d40d5edd6efea9e38f2c5fae1c5340e9906aa29f0909e5b413c1674a6d11545dc4b8fd2c1936fa06ff8bf3190ca91dcb9573b6652ef96bee31ba96839

Download Submit
/data/user/0/com.superpaninbros.glng/files/StartappAdsMetadata

Filesize
2KB

MD5
1e7476acc3433c9665f2987f1167eaf5

SHA1
07cae472f962d77f27f8e04c2c449021edd01565

SHA256
6b6e51ec547460cc1251a5db1b04030faf4f9e0c82f53060f1785ddf9c80acc2

SHA512
6ff8e21f4b0ef40da49e930e402107331e9731480ba26ad20ca854d81cab9b234a8686535ce437fe24a9dd916f6bdbf2c776aaf80da9978321a4ed5f198dabea

Download Submit
/data/user/0/com.superpaninbros.glng/files/StartappBannerMetadata

Filesize
719B

MD5
fd1c677c049c84d9a3d7ec6d33af2208

SHA1
d100166e06b6fdb7eeb758bcb6fca1e449890289

SHA256
b1db2133872df52987644f0b4c82029aae2e6b9cbf64c5ce5c30ffbe54e6f3d5

SHA512
ea0c802524982e60892716433c988de843690f64877c8d40d02e5d12d7509821477a221b85d814a5172a33fc5c69a35d629c89eee82ce372d3763528b8291db7

Download Submit
/data/user/0/com.superpaninbros.glng/files/StartappCacheMetadata

Filesize
884B

MD5
1ee0163dba426d3830a376ed693635bc

SHA1
607da0f402aa4fd3f093d09a63e7f59f6f31fbf1

SHA256
7b739d99595a6c517f288dbe517463942b084cfb7c72f1ecbefb5ddba4b65483

SHA512
2db29b0386e562c73cab4ef18f55ba77b5556609bc6ec65b728ff5ffff64f2399c15ad48c399091741ba02b06a9059b1d11a30f1e2bae8c87e00d30ffcbab2bb

Download Submit
/data/user/0/com.superpaninbros.glng/files/StartappSplashMetadata

Filesize
1KB

MD5
22f0f624fc4e0893fa04018909f5516b

SHA1
39b3b601da9279adcb28b4be796903ea65f94dec

SHA256
30432dac4d77b6aa7852f5c3a59d1afb1b1caf8ce078a9724905c2f51d0d2eb6

SHA512
bbd37280affbea47ddb7293f50c2fa3233bdcfa5cca65a6d2be430ad9cbce874970df37e0266a3eb54c646b1d2d3a2a41378742653128bb79e1979f5dcf4e291

Download Submit
/data/user/0/com.superpaninbros.glng/oat/x86_64/[email protected]

Filesize
58KB

MD5
d820b90e9069322bf4f1aae39ae334f4

SHA1
7a5300d37e2484941a40fb77ce1a08840eff5b91

SHA256
f8203fcf99a3c9855a4e2a86f1811e1ebb524d8609112c34fb560e687ce507ce

SHA512
6cab78a5575464cc4bf3f680b7a5b2d00cb2031108d209d264a96b91c1543558aaa46164f9c6617d94244ab33ed8b0ee8d0b5ee62dd60656f94ee21d5759a871

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads