Analysis
-
max time kernel
33s -
max time network
178s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
-
submitted
02-07-2024 00:02
General
-
Target
Headshot GFX Tool and Sensitivity settings Guide_1.0_APKPure.apk
-
Size
13.2MB
-
MD5
821cf63752c8df3b340c6189aff29a40
-
SHA1
6d1f4b1df5450a61bbffafe22791d4914feab20c
-
SHA256
c339be84525251b3ffb5d9f0ae55345d165369d9574546638b475ed60f720a7b
-
SHA512
b720d018fe2aaff07038d360587e9e9bde14459bc3f55ea6f6ae4f4dec7d57fbd13dca43ee1db0a906748c06878c3289aa1d46313e98d3de7f8f9df4c2ebce8a
-
SSDEEP
196608:VXfcrsrI8htlaOhSMHO+LeKe95/023Xzni2gNLabEVV1DlM8wn51jQE06aWNYa:VgsrDIAFwj/0ODZgNLUKLDWjRaWZ
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Acquires the wake lock 1 IoCs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.livevideocallingapps.headshot1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
9KB
MD503ee9d194982da8259d81957162c9795
SHA1f05ab5cc908262c4dd51f3e8ca49bc346dc136b2
SHA256d44cfb6b41231f150cf310c7c4d399be9587294e3727197e046db4a1c2c3ca3b
SHA512241f97312aa3e4547ce7f3195667301872bded70880ce33641a26292530ec2c22614a85c7e2437c5a88fff0e6359ef9c253caa79fa49a025869ae5dcbae524ff
-
Filesize
512B
MD58410ad117e87f9a96d6818862cdad743
SHA1870fd8603bcf65229ff75ee4b45910cdc0e10251
SHA256ac893acc79609a41e5c8e472b8ce03a38afc81983435997cb832a26a837a6277
SHA512718c1a380533c9179c21c6138a8247dd944e70326c324312665b08538d3312fd19ff10ffcd33b19870f512161178f0b1aa662a5c26e87b165e7d2506113fbfe2
-
Filesize
88KB
MD579c8e8d8c8a586d3fe5b7c0ec6b7dc00
SHA18ecd74d7c0efd9c5509971a61430966702f26a89
SHA25656a4a709c5082fc75fdde6f4911226f952fd2ed1cedc0a4c77157b5b1b4cd8d9
SHA512016b45e1eed48caf9435f81806aee5d11d20c3984e7d63afc2f5f44302d21b30672c35f3bf6a57021413569f9595ca1c22d78a079efd140cc1e6bbed5da72eba
-
Filesize
16KB
MD51e9108a0dcb33f370e3f857aa2337810
SHA1d5db4d17a8432a4b6f10d3444e17b3cb96eaea28
SHA256daaf432b89def15e3942b35792fc333f5c5eeedfb4254487147f698733b1758c
SHA5120e8169c69bf2e07478618a00582dee0912966a31b43f002cb8bdf0541ce455fb05a608e010899718e4d05b0195551e8982555ae0404fe97bc3c3a7c77f1393d6
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD57155114e8d0d8e449d900c7b462de2bd
SHA1dab5396724c7986d3a1ab59967b1f4694442f796
SHA256773e1f807ff3189ae1ad69b5b9dee296121d57a6c375f5bb0b5cadb6600b58c7
SHA512bfc60d988f29c8fbdb3dc815083d21191691f41d6859eddd55744a615ef30649ea13747b7755f9e959c78c1428a86b4c8286b28821ecb92bff9c1b75e80255a5
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
52KB
MD52526f0050fd1b88f94e0bd2825cab72b
SHA19399fc69bbb3b7c34ebf29177d78ef3e9d523418
SHA2566056d12044f3113c7303aa620e461c14d6284ea6f3bfb478e2415cb749272cf5
SHA5126f3eecf269c6762477fcb5b6e3a13752fba47403c51902fcaf5651ece16c15c71a9196cb26f446eef635d17bcd2a090ce1f5e2e197f428fd568abb68e6c94d46
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD5a277efc4e6f80841482b4b8b7d00d8f9
SHA1e4f407c089bc984e07e9d0467a95402e921ec356
SHA256eb928b4ecc74257b9eec6381ce59d799f8807ca67b833494d05d84907bf890ab
SHA512f77b5770a4d14c23abfe060f10c0f4824b3e9c0ce8808b3397697d9660b4fb506b5e94f0d4ffe183ec319e34fa1c7aee6b9f3e2539eadf4a3889d0a1a7e1ecc2
-
Filesize
16KB
MD591ffcca9054833f11140ab73a3855e7f
SHA13e7bc59409f54aef398fdcdc99a14be21b798750
SHA256fd1472f694747221397bc0475c9da4e555d68b48dccd156a3a5ad2a824f8cf26
SHA512fd478e83e8e76d8d72fc34440fa8cd38239a90ddb6f0a333ad5a7678924b655ec4eb7c01b59c9123fad6980fc3c38f80e2b367629a86683c96dd37889db3dad6
-
Filesize
16KB
MD55f42423bedf80c52b583919765861091
SHA17db71375707f17906a189a27047e656d0f04e05b
SHA2561ba2f7094d5c6af01b7db01f1f56a9a5ac216f665266ba8fc0aa20d7771a85dd
SHA51298347fa94d91e062028b40286d90975346f1bc3b48798b1a1d995f98050fb501033103567a5949608bfbd0e0d28800878b0be8104f35541fb7d6bb0ae71a3cdd
-
Filesize
16KB
MD5920894ad2e145cb3585a2752a3d6600a
SHA1160f10dcfff555696c30dd7e2dd22dec5b909c9d
SHA2566a86224ba7328ea0304b107e341ba1ded839cc15a5722003d0162398bc323252
SHA512046bfdf42253f721f3081ff0b5e8d1844a90f69619ee57df7c9f284a678bbeaae8b406ce9e21e2cc65d9d0054eac6f801e5e895e2621cf812887b769c3c727ad
-
Filesize
16KB
MD559ff8e31b5934a87e1fc73d8e0a5c8b9
SHA153dac93cd51c6a2a371ba10209c46fb787bff99c
SHA2563d954c0be8092c386b0f65e7c859d5f8fd7b0a372a91255a9957dc5aae933900
SHA51230da201f139164110d75a197c14f363bed3977bb8cf393eaa3d77cb46bcfc8cab351b2ae359dd1e80d2936152d3ebea9dfc1b456b244a0bf6a3475ade4a84c00
-
Filesize
512B
MD55d02173568f1385e8f19615265d9b256
SHA1b87adf775275109886ec89417429d8e1c1e942a4
SHA256a58cbde676143c5a0dccd938c6fdbeed9b1a2ad7fb50e61d8036f93446668da5
SHA5120a51adcf385b9511c4c4e96a471cd42a4ffae7dc70bb7abdc906380868e6ab4596f4a575760c792c7085c22b18a4bd4b60741934f40afff502053c17d4e28b6b
-
Filesize
36KB
MD5e3ffbe40854c2082dcb478d3f4219b30
SHA13c9151f0fdbaa866cd212cba5a0a748fa07c2a6e
SHA256a7716d1a03fbca4eaef860f47d3dd293eebc5fb33086700c99016ac50d4bbe42
SHA5125d6508a44b5f2468cd57d63cab3f19647c6d2603f14098e9b1ce28952524d5e9fdba3f56d9ffdeae5c1c513b9037c2296cefe537b7499915efffa851ff1cd704
-
Filesize
4KB
MD5ad1c3bc33180264d66b887852e130891
SHA1479d4b89b0bb26b6aa9419c01b043906f64ff30c
SHA256e81376a815842e35d8ecaaca12c01bd28dce8a0ccf4e99778961534a3c42a4d2
SHA5120eb11b835c5f935511e311f3bbe8e63788c40320310b47510f465b6f491388e1fb308b3a319ec5f4f7233874142da51be6ff208662450970eb41bc41a13f6db1
-
Filesize
4KB
MD520d303e0d03044239fa250e1ea3c9f18
SHA1576d24a52822d6d8ca33b0f938f5e72c2fd36899
SHA256ec35e5a8f30f5ce0228da932eac4142315b3dda75a9dc9f03e60e472dc751f02
SHA512519c1021a84ea4ab6c7412dbcb51d7257b672ea0b096d22befdae850fdd33060fc7679956a3097525d25a5100713db76e83a7d60e070d6c253c373b4ad49bd5d
-
Filesize
4KB
MD5ee4f22fd56373963cdb59ad6ffb44590
SHA1a85cc8f2a212929e4fed9d895851c40401b1987b
SHA25697d037d1e3270979d6908a45799441dae08b63961690384a2e4fceeadf2fc598
SHA512db237e38a7d653355877db22bb0b18e799c93a286cd88033a7fdf2fb52daeb60d111ca02a2ea32e5e2d3a5cebcc1597d4a1612da7bbfc484844c291300f824a7
-
Filesize
4KB
MD5df0eb45bcd9a88ac088d85dd6a289cb6
SHA1ac31cb9779891bd1fa28d8761215c0699e951156
SHA2563708b4cbe68efaaf4e804e2ca86751ab4fb0f82fe4c5d4c071a5606a315c5fea
SHA5120ac35c10c48f5f020a260e2ef498c5a2269ede1311c8a9c0a93ad20376f72c238b45a76cd8e5f92e1bbdf96d1bba9174967909ab3b230d49089a0bba9dd093c5
-
Filesize
4KB
MD5325a8c71f283bc1d4e5e2f2a26a37170
SHA17ca3db072b2a695671883e049776b80ff01c43a3
SHA256e22621d415b034e3304ebcaa96585d6a33f1de2d42fe743ad8373e4cc1265a86
SHA5127543603a4507821f4935775aa37fae41ca086c61fd51c02b6d202a7567616b9d1854e32482006e6c412c6409b7be306611a1e6a8a879239fad4325083a23aa4c
-
Filesize
90B
MD51a74b98a8acc4dd6647531f555a0b990
SHA17e04ed0529213bb7a6e5ebe8bf262a45addbefa2
SHA2568c1bfc47d907a36dfb3f00cff33db64e695f3af061410eb6fb6860b1a144a9a2
SHA51249a96bbb76c9b3fafabd2873e1c7996c9dfe37e3616fe6619532131650217353aa34477226bb785ccdb7e2e66c1c08f383a0a366ea6c06a0a4c681ddff459a1c
-
Filesize
570B
MD5fd12ba4551258efb93fc005644000a2d
SHA1cb0af950ea81e65d3c03c527ea18aa0b57cf5e78
SHA25656717375bf094cfecbf2720a6d45288e619118edb2b5eb96b53f9b0b8f2cbd63
SHA512f7b148a3c89778eae493d845840bef09453889f1f10f3c9ce6af6e5cb2584f02c43f10177c55971692b4501c6357fcd135ff6714260c52170f10a6fa305c31d8
-
Filesize
3.2MB
MD569cf159b893eefff9a8106cc3ee37e03
SHA1165207adfe8c6047ce9f3dd38aed50796c1660d1
SHA25626fb1a790377e11135bf8bfa7552cc2797d351df60154ea032ceeb4463776fdf
SHA512379960366739517c1c856834227aaa1a30a20a9bab730d4229f200192f2c643b69a3e2e114dbdd743a69577e0b7b477c0d14e71c31ee491e137ec405f79e71aa
-
Filesize
24B
MD56fb95970a56cbb0b0099f6494595024f
SHA1b679d36711bc12604437c8d770ae5c7e961bc186
SHA256e4c6ebaea259d983df2d363f9a71ae8649fdf2d49fcaefc6c43c33b65e2839da
SHA5123506c380c3d6ba65dc6ec7d09a5ecacc9fbc4223057d9dff939a512477f8b1538f231f5dcb1a1b13c09ab32df70976426a678a0c4e89fbd469954e6f4097e1b1