daf23d32f22832bcb0c3ccba1d912d8b6d6b1e85d942ba655de34751dc13cbe3

Analysis

max time kernel
23s
max time network
68s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
04/07/2024, 05:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

24h peso_1.1.2_APKPure.apk
Size

16.9MB
MD5

76ce6ef5d1347757906e118d081c9029
SHA1

66a10b96d11053e5369c37fe07e6e366e5d1de89
SHA256

daf23d32f22832bcb0c3ccba1d912d8b6d6b1e85d942ba655de34751dc13cbe3
SHA512

c13b92924b3cedeeafae9ac1b6d172c67c5082811532a3e98e06dfa772e75979544e5b8dfa99b626405b78dc01e0c40d4a85cfa8782b3631fe2f50e1eb6c7ca3
SSDEEP

393216:Gfagmbb+N8Ue5v5aQGxOlE0Kji9L07cYfGgVST37CqLW0:Gmbb+NdYaQG0ijeg7Q37CG7

Score

7^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 TTPs 1 IoCs

evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.hardware	com.peso24h.philippine

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.peso24h.philippine/[email protected]	4349	com.peso24h.philippine
/data/user/0/com.peso24h.philippine/[email protected]	4349	com.peso24h.philippine
/data/user/0/com.peso24h.philippine/[email protected]	4349	com.peso24h.philippine
/data/user/0/com.peso24h.philippine/[email protected]	4349	com.peso24h.philippine

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.peso24h.philippine

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.peso24h.philippine

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.peso24h.philippine

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.peso24h.philippine

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.peso24h.philippine

com.peso24h.philippine
1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Queries information about active data network
- Listens for changes in the sensor environment (might be used to detect emulation)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4349

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Hide Artifacts

T1628

User Evasion

T1628.002

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.peso24h.philippine/files/AFRequestCache/1720071676835

Filesize
2KB

MD5
2efc3a723758fdf3f59410d808fe5173

SHA1
6e8fb31bb0c7a364dd35d9e513732a0323024b15

SHA256
4bbeb5ba64e8a4521c64bb9f5ecc638d9b4adff63b6629cc931b5a863d832e11

SHA512
0a13ab1534ef2d551eb0d92f43907b44d0da4c8cb4909235a75f12dc6ea89f7dfba34b8a8ac6ed2f6198d4752254ed9aadd448dc7713a73900a3b3728ca2df95

Download Submit
/data/data/com.peso24h.philippine/files/AFRequestCache/1720071677839

Filesize
3KB

MD5
34227a4b0ce55b33be0c121e5103d932

SHA1
667795cbb583e9b9042e30ef425cdffe6f12b815

SHA256
caf159b8514f39097e614621bc912c7b66ee2d24c55f0f9776fdb192e8ec595a

SHA512
06451720b194e6547096bd4de5153bf45d932a8b22a2f7c857329d89cef324f49acd51d2498d9c1602b5ce3bdcf96439f0eabf6988eb9144e1a18dc397f5a066

Download Submit
/data/data/com.peso24h.philippine/files/AFRequestCache/1720071679021

Filesize
2KB

MD5
d37b6e09619b4fa0f6e33d399e0280c2

SHA1
c95e34647d2acb1ca3548c14ba7dc9c8fe4e37b3

SHA256
cd861877696818b2f697d812db9ab6e1baef318b39740ef972cde1a566606dad

SHA512
48e882ea462b42a7170a1fc57709445d1d50dba8fefe44c1c273cd79d36206e9c3aea860f6252aca2fb9e10868feea1958037009aa362b6a90b3b451f68813e6

Download Submit
/data/data/com.peso24h.philippine/files/AFRequestCache/1720071683816

Filesize
2KB

MD5
eae4255a2327522d65aa504d785fbdc8

SHA1
e41884a34a1525894747131e6d6348ea903ac099

SHA256
cf25995a86cd4c4450ed4861172b82b09892ca21f084d2b4a9293e13d781462c

SHA512
5c4cc7e84c1dd59947336a829a7ee59b76ae271b2497953b182905659381ebcb015347acb7c7a1cab4c03d3806bb28aa65316128d278079acb35c1f3e5740bcf

Download Submit
/data/data/com.peso24h.philippine/no_backup/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/com.peso24h.philippine/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
932c2b4d02fa921c321315f773d63fd5

SHA1
29cfce4b6b1921b538a66c2b68e9b2280229be9d

SHA256
b7182e59733f7e1f13af26fbae1eb4b4062a66b31ed4b9e9dc4942f89f3910e3

SHA512
cd740b8f2d8dd3aa1f0d5faa443c399a01676b11a15d53bbe32aad7d183de26a9130e631cbf6175ad6e0b4dba49760c9790a52f5052088f73fdc25e14a0ba715

Download Submit
/data/data/com.peso24h.philippine/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.peso24h.philippine/no_backup/androidx.work.workdb-wal

Filesize
177KB

MD5
b1b09c8f5b8fbe4ff18047a69b28e04b

SHA1
7c3c94ef3401fd7690c7c33551fb688f012f1aa9

SHA256
440837a1584a1e6071be048da56259d97c79aca167c8af61cb7d160bb4c42acf

SHA512
9ef8e5f467615df8aca54d3e4e6bd3b23a61fc5dd5413e6ef5c7f3d10b9c0fdef51542fc1c9966b4ce46a6e1857a61fd0205470d70c8844f78a411867f0f3221

Download Submit
/data/data/com.peso24h.philippine/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
6cc43c2810a40cd1ca1f870baefbc3d5

SHA1
8690b73901012555770f38d576bacdb5d6477408

SHA256
ba5686a7837ff0eb04fe976b64f3599cf9dc3fb644889fc0ce09b916f5f5b511

SHA512
efa37688836adbee1b92aa6ce0745b5de67c1df19c844a6bd572da05521ed70dd151b68e4036a582729eafdee976c821eff83d54b383e9669d5fd091f6fe5630

Download Submit
/data/data/com.peso24h.philippine/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
232cf9dbad4d42f8a19e534165005ccd

SHA1
5e4a3b9a6200f2af7823c95967a6a1c16ec796ae

SHA256
869279a429a7e27d3d893f8739f69e1692c436de71ed4e98e009acbaf2a8ca6f

SHA512
4cb5c3da8e4bfe2691bc00b500e031b81af745c3166f8425f0a5ad4bd4f847f017e193cb933ce1aa73a0aa5c0fcdd2ca692fb750487e5375d43073c0fac9b4b3

Download Submit
/data/data/com.peso24h.philippine/oat/x86_64/[email protected]

Filesize
136B

MD5
ac52f60052b895c184e2c7e7a33967fb

SHA1
aa2a42588491fbda73252f260bf7be51701a8f0b

SHA256
440b66ea6d82976f96402f78a40d9672f990015cbfc6c4f6210c7fcfa8919992

SHA512
24d24da9bd8e663e0fc81951f37e944b60fb52125734f31658f7eeb9009688409001c3442e20ffa8c5416e05b352d0a9a3f6408dfb7c0b2dd9fe88361c805340

Download Submit
/data/data/com.peso24h.philippine/oat/x86_64/[email protected]

Filesize
156B

MD5
e6120d4c73d15f907e70ea330ec738e3

SHA1
f02504089e33d824592fbad21428e45f88c9ea63

SHA256
04b6fb4b1890e5818088e1986df98bef782e6742a21cd8c32cdc46f1747b3feb

SHA512
012eb7554b7345e377c61874991530471862d961774bdd1ceac785eedfa929b836f388d36dc4e14e71b1a27b340b73532d54426baf40c923d6a889b7ff8dc0d1

Download Submit
/data/data/com.peso24h.philippine/oat/x86_64/[email protected]

Filesize
308B

MD5
5eaa6aa568a88ce1234d55e9781f7e93

SHA1
6a14c1fdfb5c234cb79e4741770576ca4cce6e4b

SHA256
140a0abd0476fe92a5ea883a44fd94239593d97e53f02f8424b1d6b33781a085

SHA512
0010228aa5c61c700e64983ce3af90e14440f149ebf07874d01eaf4b4bc91ff3c8f5112fd6f487d43bc3757bb3f4e54f85b75c1353b4c336244e04d791cba4fe

Download Submit
/data/data/com.peso24h.philippine/oat/x86_64/[email protected]

Filesize
156B

MD5
cec4fa63a4822bf10acbd0a1ec1cfe8b

SHA1
8c6129e702f305e0d61403f5de92c034d0300268

SHA256
6e85643539a3fcd2edfd9c4b3797a0e3fea77c789742f0cc26889eaa689fcb87

SHA512
9fd48408c23ab11628483c921ad3b447abd430e3b3c58176541a3abb657756cfc9eee4d8fee8d155b6dfc1b195c54850b88f0f5161a508454b8f90763c16e319

Download Submit
/data/user/0/com.peso24h.philippine/[email protected]

Filesize
8KB

MD5
28f614e640f9fd88aed53a9b7bd71e78

SHA1
ebe769c288066edeac49bafa085a8ddb82327d5a

SHA256
dbf2e9d38acf99c9ec3d50e643c881e7da029711c8ec76f5ddaf894e820a3ac6

SHA512
e6dae3e6c18f2022400815438f32436bfd6173f428b35a505422eb852868c7ccc96c280f4e029071e372bd6424944ee869d3ac5e87a2a3cb4673bd8a9723ee17

Download Submit
/data/user/0/com.peso24h.philippine/[email protected]

Filesize
11KB

MD5
fdbe9958e2b0516a82f973a1d5340060

SHA1
52c9284a402ee9581010665b34f8416adcaf705a

SHA256
48ad562e3b8af59ef06271857e86fe1731c0c9d4b1877b2f6e84e657fa80c115

SHA512
cfda12d7fe07b4183dd44164e5301458ddd4acf7ba79b67c2cca6ffedb515eb78c61224edf7a250f8e9bdea577b737ec5c19c5d3691dc98a60038ac32c9540f9

Download Submit
/data/user/0/com.peso24h.philippine/[email protected]

Filesize
24KB

MD5
a477491ca48ac8ccdcf5deba3029fb4c

SHA1
e2efca4bcaf9c5f5ebc7e579659d5c3090d4f260

SHA256
d97a96d5762b1de72cc2b5a03542e084dd21df15a69c4c47b3a9120c7f02c0ff

SHA512
bee2526eb1c4196d92bc6842fe04beb5c6c86458b4b8b1c314282b5526c716d2a8ef4b5e5cff9b44ef0d43e525d6162d3ea2d6da25b72c51c35cf5cee50b5d26

Download Submit
/data/user/0/com.peso24h.philippine/[email protected]

Filesize
11KB

MD5
63ba9a5a5637b06db740fb665e60bbec

SHA1
31ef97dbc332ac5666dc5b12b21c3d45213a87b1

SHA256
64148c98ce180506791b20739d13e86a8a28672061afefb748212dc7a294ade0

SHA512
6e45bd4f621cf8bb700eabf1b47d5ee2c879acfabf16cd9069e5d7476a85c8d497225ea4e6f66d0a623ce641da682c9e1a241234a2d6b03659f1634b077ca9bf

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads