ab6e32221404debd3ba6fac8df27e63993822cfc06dfef538b2caff98ad12884

Analysis

max time kernel
3s
max time network
148s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
02-07-2024 13:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Headshot GFX Tool and Sensitivity settings Guide_1.0_APKPure.apk
Size

12.4MB
MD5

ca944a35ac4878e24e70785e66882f9e
SHA1

3e176cbd56b97512d49f21e3a09ad82038d74f7c
SHA256

ab6e32221404debd3ba6fac8df27e63993822cfc06dfef538b2caff98ad12884
SHA512

b907df3d808d0e7e976eb2e44386e468a1e27dd283d41020e03c7d4dbb7b2d36505283a98ef55de34751c94a1984be00a0c99112a66554e5a2960c1b196dd0cb
SSDEEP

196608:wYs91iQ4bveQ39vZ1CpADbtF23XznpjgNLCGmBV1Dl58wn01cQt/mvWsYP4F:wYQ5gz3d33/tFODZgNLZ4LDccFvWJ4F

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.livevideocallingapps.headshot

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.livevideocallingapps.headshot
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.livevideocallingapps.headshot

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.livevideocallingapps.headshot
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.livevideocallingapps.headshot

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.livevideocallingapps.headshot

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.livevideocallingapps.headshot

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.livevideocallingapps.headshot

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.livevideocallingapps.headshot

com.livevideocallingapps.headshot
1⤵
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4944

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.livevideocallingapps.headshot/databases/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.livevideocallingapps.headshot/databases/androidx.work.workdb-journal

Filesize
512B

MD5
298dcad5174c524257efed7ac2eb0828

SHA1
a6538063ba0f7fee5174e20b7beeb43406e84d9b

SHA256
eb0ed3da54f2794f24e718ffebecbb048610f14b74404337cfcb908a59b6c0a1

SHA512
f4aa4a3e2b60dda7438985f24353641e2d1ad9b8c95608b1e99bb9cbc78a0fe8eefe4315397aa5d1c8fb6e90b5cb87d27a0690d64c17e133b0f925d542b6be50

Download Submit
/data/data/com.livevideocallingapps.headshot/databases/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.livevideocallingapps.headshot/databases/androidx.work.workdb-wal

Filesize
16KB

MD5
ac92eea8754e672acbbad34aec9753b7

SHA1
db38d34599c019ccf92c3e4ff66f08f6521554cf

SHA256
a5fe0fbaa837c7d4e3bd2f03efebedda1ddc7298fd216aeb4d05b4467f779e5e

SHA512
861790e432ee7f5ef20f314256f59375ce65d6c0d254d838f97224e522f9c035855e9221b2f22c2130a671e8ffdf74625eac8673eedc1053b1eb119da7d60895

Download Submit
/data/data/com.livevideocallingapps.headshot/databases/com.google.android.datatransport.events

Filesize
40KB

MD5
15d5b92dcbda7ef7f9ca327a903e46e4

SHA1
ca153b66028a58d90346ff8abadbdf01b95c37b1

SHA256
e802fdc1ccd833b91d80bb1d8f54cab2b585393e6a07622c4d9feaab07633370

SHA512
2352f167ee5aa37cb3438a0a7df8f632771a1d019c5cd120fe62313fb73aed6d0e09186a9bf306a564371b846a8da020f6acd7aede0cc47ca50701611fa84aca

Download Submit
/data/data/com.livevideocallingapps.headshot/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
ebbb02dcd8a6a35b53ffcb7edd69e4cf

SHA1
54b99f3ffc83729ea9d75f091ad1f3073c030ed6

SHA256
8b7e23535a77d3e8b849b0fabdcbe1943fc46c48f835f0ad65d9b986ccd352ff

SHA512
8c4a186bce9d393aaf3e721ebebdd0d63e246992fb1fa34353168ee0bae997c1f5c486d61fee3c5ff9c49f9bdc276b029175bef731b96efb8a5354bc7e28fae1

Download Submit
/data/data/com.livevideocallingapps.headshot/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
32753c7f85cfbd6d0160ce33fea5ad98

SHA1
4e99712d7c51b07094064f12629471617da15357

SHA256
1b65d2344c4b115e32e476f9d4270c5b3d880f821d9395eb3bc1fe6ff86737e5

SHA512
4a05a8cc8360f815ccc45fdc8cf7c88cd7739faab9d601cb2c64f092d092c10bb09cad734817e771b7b754b2cc40023956d1f8e6d799b743128c4031b38aa373

Download Submit
/data/data/com.livevideocallingapps.headshot/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
49d07c3016bce268622ab240e2c4c155

SHA1
687d118e1cf7260053b11031727d482f0546f99e

SHA256
bf14bc210bba51e2d0da84b28986116b85d9907dee53b99755c1149bd41d5662

SHA512
77c21223ed55d475e55a6257830ccf0902b4205b7234acd3f1ed717069ce14842e20fb7f50bd9458df0087864cab5845ab971e0d89151e2d9c6e6fd67a303365

Download Submit
/data/data/com.livevideocallingapps.headshot/files/PersistedInstallation3918979405541705554tmp

Filesize
90B

MD5
1de97497a6332dc08c18376fdbba9eae

SHA1
e2086fd5f4f63166158eddc1df8aa228c269a935

SHA256
38041bd0763f0f1714f116f11ac70533228abd72531423ac849ea222d07835f8

SHA512
6ee4bae070c6dd1c261a41789490b94e9f3ef390c317ff22e485a58247961488cad906319b1efa64c9c0a7d88361f1dc7c20f71c5423f87dde9a4320362936d0

Download Submit
/data/data/com.livevideocallingapps.headshot/files/audience_network.dex

Filesize
266KB

MD5
b146e2e5a33501ec2b75d76a0aee1d2a

SHA1
2ae49bfd13ff88a32f0aba709d7a3f329ad7f155

SHA256
8eb43907697d3d00616b5dbbc827c103157434082b0c50de356dfe31f878e6e0

SHA512
8a0e6bc4690a16b69877a0b8af66e179e02b177f5829d524e610cbb26e7badac8ab0b1959e6a595b623ba3060f522af3e2599b08449c184873044bc8b6301bbe

Download Submit