0e8eff853c75ac7d0a70019798b1d0d8fa7283c80ac11406129387cea1dd1ba8

Analysis

max time kernel
23s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
08/07/2024, 01:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app2832367-dn47fm.apk
Size

23.3MB
MD5

90dfc4cf6bcc91d68c57fa27ff436218
SHA1

80f74fdd692bc37f8cc32e9a919d80982a1c60f0
SHA256

0e8eff853c75ac7d0a70019798b1d0d8fa7283c80ac11406129387cea1dd1ba8
SHA512

37675811fa7d303fca8babccfb6f24f09413e330ea86979578f2f8642203b9b4cb39edda4da215b55bf120d969481289fe770991339d7ea63489c083a4623236
SSDEEP

393216:D1W6n+R5k1gZjhzRKtsByaYjhRWXkePCNTVrReYJLvButK+XflBBwCI+q/hOM2Ys:ZIQCphUtsBgYX7KT/1JL808flPwv+q/W

Score

8^/10

discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 8 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/data/local/su	code1xsport.apppe
/data/local/bin/su	code1xsport.apppe
/data/local/xbin/su	code1xsport.apppe
/sbin/su	code1xsport.apppe
/system/bin/su	code1xsport.apppe
/system/bin/failsafe/su	code1xsport.apppe
/system/sd/xbin/su	code1xsport.apppe
/system/xbin/su	code1xsport.apppe

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	code1xsport.apppe
/dev/qemu_pipe	code1xsport.apppe

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/code1xsport.apppe/files/audience_network.dex	4280	code1xsport.apppe
/data/user/0/code1xsport.apppe/files/audience_network.dex	4280	code1xsport.apppe

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	code1xsport.apppe

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	code1xsport.apppe

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	code1xsport.apppe

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	code1xsport.apppe

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	code1xsport.apppe

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	code1xsport.apppe

code1xsport.apppe
1⤵
- Checks if the Android device is rooted.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4280

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/code1xsport.apppe/databases/StartApp-d6864f2502af7851-journal

Filesize
512B

MD5
d94d12aa95d9444434560d9a60020ed6

SHA1
41b5534d07805bc2765bea4a2ff7e6abe6a06317

SHA256
208d394422e2169171ce8dd304c8670f077d385f1f40a102fef6c663f83a9210

SHA512
c39e736f01a5d142574fe83801a74fc6798136420924f037498d8cba31e7abd23742c1c316aeb9d9aa3537e52b6e239f7497925d97264e273c8c802f2316c3de

Download Submit
/data/data/code1xsport.apppe/databases/StartApp-d6864f2502af7851-wal

Filesize
36KB

MD5
60d16bc9f4d790263103db81cd7ecb19

SHA1
4d503c9f94b8c557d5ecbcc80e2b7e2c61c51886

SHA256
6a5698e074211b015b85174cae5e5342fb57bef63091e9a025322f94c62d500b

SHA512
b96ad0bf64beac51523d7e57fd5c75144aa3c378ff3681c2205aaaefab20a46dfa08c0220db9623b736c877cc39b9e4532d3d3b4cb1543d3f42f736995e3aed6

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2f07f3e4060771297b863d86954355a8

SHA1
7ee6bd8d527a639dba0e7c34d8d31ee19c35970a

SHA256
48918a611636d63c91e228f401b2dc3819eeb5338b89264bbf6126d087ef45ae

SHA512
cfdb2af74a77e39deaa0c76afc11a78662d3aa7c605509d1cc949fbd269e21f95f73460572d7633fd2e2eb6bcfc1df31eaa42c2806f85d890927a17df0ba0e0e

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db

Filesize
16KB

MD5
88f895bbdc9c1ea350e23a442a6508d6

SHA1
9aa297a383c6893fcde076718cffd128a268d880

SHA256
560d64bd403c4d3998122cab8dce66dfc10a72630bbe27ca1f22fc88be253352

SHA512
5cbfc4bb7675280eeb00e3f9b59a50d50116990f49e90214c16767c8b9aeb0d71803653dc25292d3d852929c0f167ae9466c2eab8d34ec5abc47f24458e264a9

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ce29ef2b94cb868c9e1996921bda8d9a

SHA1
e4e50c79d519e7ccaf1a703dbd3ee1077f9d6832

SHA256
f76ffccb28658a64cc1546b330fbd847c6583853afa8cf2854fd163dcc2f7458

SHA512
591095fa4d4b58160c6349ea0d4b059a7786bfc8b1a00a611aca47d5f96226a5b9de1efbe941bd727748ca8507869499d9eb5c9ab77fe53e4244c80322bedc1a

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db

Filesize
16KB

MD5
09e649d800114e40663d349b1bb3d499

SHA1
a62150324188f7675939aee3e2a7dc21eff55cf5

SHA256
1eb34a7a39c2a67578106944edbefb9d9199d76e90a8509519fac57b0a161107

SHA512
14977020240f99a8a0507dcde374a37fe0f7d0a8870010841ca7f2c5cd372cb6d124c2b6e22ecbf43ada1615cee6a790ab063ef84eae33b440e946f38d360aa2

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db

Filesize
16KB

MD5
00a62fb24d06075c6092dbde825759d4

SHA1
cadcb44692a9d6ddec3ef20ab5d8dbf4b3ad2153

SHA256
7d6b0bf7ff3b3fe75dd6606ed3b417211c9aea134f57d74342cbfd3ebc830a6e

SHA512
21b76bb5808e3c55c83b2260c674f3f5d5107c8694b046ce2b71b68be3debd83c03fccd990c09d6959a22e6e61747222ac2ad031309cafe8646b3a3a49e0d787

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
977e58eae332fc6fb45d8f0cd01b9da4

SHA1
0d09753576b407215945c06d1f2e8b6df8092f44

SHA256
b9d3db1aba378adf4bbde500ad35388b9bb3056997c4a04d1e37972f76aeeec9

SHA512
7374181fe60dc7ea34bcddee7028ae0933fe732dfcf9ac5eb093929043f22b775cf02deb01c0633eda1af8b9c7c3ac519ca0d36607583033415ecc57992c48c0

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
7a6875a7626eae4d13763d21c6b7198a

SHA1
0514ccf1f7bda7b1739a969d8d2a681e4d91ec75

SHA256
bc6fcbe702f2d28cdcfee0f714aeace82d380fc3734c27aad6b516b47e904f38

SHA512
983ababfb4f86baaa22375167b1427166060610003995a0dc1d1cd8f0d67c17efc0db84d36b010da3e54e5fbecf887fe1dbad0a8f7a04425a485f89d95f0fbd4

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
583e771924a1365498d346e86cd19c39

SHA1
b00c9727766c4a5a18119903efc1f37e8e7ea48b

SHA256
2aa4d302653bf519c3b56629107dc382a3508c2e850b1310e8bad25ec17b030c

SHA512
cda57d7738a031d998e7fa1ce6b22135a1d0d236642c008d71c4bc8a86f17a504a2b460d9d9461caf17ae8c010bb2b4919414ec1295f1d33a4d0166c43a27d75

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
9832d37f8e622448ce387448d100833e

SHA1
d63190fae61dd2979246b08b37abe3b38746bdbe

SHA256
e4435ee61633ea15e7de772f5b71805c228f300dc044fa0b7bc5d5f233a31f38

SHA512
7007269d1c9d3985a172afde16afd61449823d95d44e0eccf54b38f058d997fb92c9235a5e52e59c97e3dae4db105a269b446bd2cd5239bba8bb34a3fda766da

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
dec1287ed1a13864c4611673b2ff9c28

SHA1
828d03393059c459589f84fd371983917b82a15e

SHA256
caf1f4e0ba9b2165131575de42816523cb7bccbabf09ff546bc9cb09ec387963

SHA512
b70f63222763e2a607ffa7701ab3835365ad6d03b0de2a608fde0d420afb56e3c956b136c0affbc93a859395ffb406c3bb3c79c7e659418214e36bc760503379

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a791a958801ea1851aab6597b0953860

SHA1
6139bd0608739fa0fe0901af7dfa4f3238228150

SHA256
988e3d963f633b7111c78279032c6b1c452fbf73997fcf73511226b46ee3809a

SHA512
a8b00b2ecbd7dc54f5eaf8deeb02eff04f865139d411c65634dda043154e697e9bba3a81576a21de23bd260f7bf2ff21dcf6cc543f331dea9d63b4ae6fb68b55

Download Submit
/data/data/code1xsport.apppe/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d4ccf879866d5b1783aca248b16fa3c3

SHA1
e97d2d693e446f0a8684240137355d7076ba0680

SHA256
d4dbd1996ce2868715d0ea9f61e1147375ce7bc1a8fdda140554eeb1ef947bee

SHA512
a81ba6cfa7f920ffed14bded3d02c88b747a15970df5f91d071d7bb8b74305e790d070229f1a2d991b7652073393835f648f7f9a1594e36ed202c5121ede5d87

Download Submit
/data/data/code1xsport.apppe/files/PersistedInstallation3782920545207187081tmp

Filesize
79B

MD5
3c2d3c27344101b0a5c5db3506f40aa7

SHA1
3486e5bdcb888ed3caae10415b0c4021eb700c0d

SHA256
79b8d6fbd702312855a5e27f445feecc0bb192bda689bfd7eb2810cdea2b8829

SHA512
acaf49ec17ce4d75a1be8f5641895174eb83367576866b28b31a37906db1e002a68fc4e54dfc809a727a79f74e64af859bafcc9a600bec2ad4ad47d50e68a093

Download Submit
/data/data/code1xsport.apppe/files/PersistedInstallation9156880756585248773tmp

Filesize
561B

MD5
822888c7e257612f84794bc6ac9dee76

SHA1
ba8d583ebc647fb7777642ac84f52b181a5f9450

SHA256
4ee6e6718516a31a824ac30a81ecdb14e2b14ce536e385e9e360009143052f83

SHA512
2925a54a85203ae6d7975d6953b6656a8d09db11ad6c7743b75c732ed97fcf946cbc8afcb39547fd8de85324876e1a5123bee565f9f63d18360963d4a48a19bd

Download Submit
/data/data/code1xsport.apppe/files/audience_network.dex

Filesize
3.1MB

MD5
9b8164be4f0ffaedadc82125e5346c14

SHA1
c4bf7a6383958b493ed5c4dd6a19862d366fca4a

SHA256
8e632284c9b0180ef28e309b4b0f282ef608cfb9d9046df899d8bdac227ea9ce

SHA512
352b3e9ef70839d0850ff7ca4a1f19f3df546412ae5cac1243a80588e573fea6371edd4c408a2edf1b48d70a10a5cb579513d3cd38a4b5ccf4b7528dd28704a4

Download Submit
/data/data/code1xsport.apppe/files/ico_mb_it750149

Filesize
2KB

MD5
e6d73f9196760152bd24814c8b23b18f

SHA1
64780e2ba7df0b7332fa31a99d0bd45f22070be2

SHA256
827515cb136836548d324149a48b90eaf10210a551319798492541a6d6088187

SHA512
c2e34559824c264a4d9a06c9b3342c68d916d6e3704291ea99b3f89e12c3c1d6d511a4a3fd2099317181b80d62065e71261afba5c70f102112493df006664bbe

Download Submit
/data/data/code1xsport.apppe/files/ico_mb_it750150

Filesize
962B

MD5
f2ca0d4911817c92aabbec242d133487

SHA1
17979d9d5a5ed454c065692f7ffa7d1e931c5de6

SHA256
11fed64e50ecfe5ca631c598cc90d26267aeb9062180dc7bdac21dbe6d4bd701

SHA512
9e91dc6d9c01c6a1458876a4fc5e2ad8eb3762ac685e94b5139d21098641205198d87f7d0762d946fdaaa10072d991247109182779aceab871fa5b9037bc4a31

Download Submit
/data/data/code1xsport.apppe/files/ico_mb_it750151

Filesize
3KB

MD5
a1d1ca3bb391466e691a8673b45bada7

SHA1
3f5fb02b46ca53c39056a951a0995aefc0cb1603

SHA256
f171a96d481be6cf3eaab24607e6b3a2895237f75f3af8e217f69ad6a536095e

SHA512
f4540ae8679353346245947dd900e2ee03e2e4a2bec759f00db8abba2917b3a1e363f580698ed422cb6ab20b13d15c79508d56773f42fe4751245bd7a1f877b7

Download Submit
/data/data/code1xsport.apppe/files/ico_mb_it750152

Filesize
30KB

MD5
cd3145523369f49a7c0a5bd69ae00b3c

SHA1
8c6282f0849697917e1bbf2f88f6279015c3a1aa

SHA256
805f6071ff83a03dcc1faa930f7115ebce0ed4d24b7daaaa0ed04da03a3ca0d2

SHA512
be5a41e18add71151d84f211b484739b55a01efaef0210d8a554f1b7a51ed8d196d59a67fce0a57b3109cfd3b99c692b7a83ea21c46dcc5669b4c218b127beb5

Download Submit
/data/data/code1xsport.apppe/files/ico_mb_it750153

Filesize
16KB

MD5
648267eeca00a52e18e6e8fa8e77a504

SHA1
57fb6dfd07c9a69b30f42ee0fc356ee85c467a55

SHA256
fdcf53ea66416c56a8a2827b39524264c58bd214e30c5e5e2249d8e85866c267

SHA512
7b3a4b8acdbaea47b130410735fb9dae284e3a5b83526b8abbe6a05c89a2e0d384222ca23ca2af9369d3d97c104b6938d6d6a015d72185e13dbdeb5a497def36

Download Submit
/data/data/code1xsport.apppe/files/ico_perfil

Filesize
4KB

MD5
d57adc35e181861c57c008977a709c53

SHA1
93a12cda101ddb74adecb975aa0617b78fe3f5e3

SHA256
e0d7957fc98a7aaba531092473e1d73e1553d7b2b8e7c8da620469000c6b8c52

SHA512
5d53eb0b8e3a0bf1059df8df28dac2c57c72672a57c6dbc40212adb5d004b3d1ee05ff69a1deabf07b8a103b6ac17078f1825000a830b308599f7d4bf5ae8686

Download Submit
/data/data/code1xsport.apppe/files/shared_prefs_sdk_ad_prefs

Filesize
153B

MD5
987cb051364aa6bea7d04c511cc9c24e

SHA1
9af0868fd62c3a0b4e575e4e1a982e4e77a42f83

SHA256
442119e7d928fb4104db389d612cea7e759921dfab3054367414d3fe7e6392ca

SHA512
48a57fb0e3d08471df1ac3a2fac19e3a59bc1b487aee5281bc70e30952428022e2f3d032ad5775e56bf21264b9f0f874e719cd3a377a152675e7a8ef17c6c1b6

Download Submit
/data/data/code1xsport.apppe/files/splash

Filesize
1.1MB

MD5
2c3dda52258a86ac471a08e232ca040c

SHA1
90c8e508d44dc2ce83a6c74c29658f3ed04c2df9

SHA256
8b087ed97dcc929baba584ebd13d337abf955a0ec785ad9b04a12983685ce67e

SHA512
bead851597569320215017d788e90157f5c446b08f2e800b7f3b9959d4c996285d2569becf4d6047c9fc7d715e345234833cb3172177f62ddd996130a4ae1fcc

Download Submit
/data/data/code1xsport.apppe/files/vinebre_ac.txt

Filesize
19B

MD5
c42250e84c57ba44f3806c9f1e73e9ac

SHA1
07dd807a59043882f93380761a834385aadca241

SHA256
eaf06e5b80b6e1002545d353a0921d66454ff5470092ca3461906f48cf9392cc

SHA512
147eb76ed8ae266e826248ea84fa9f102083e0c26c82d5f15df1ffff7e640481e5c55b0e9b99504b4ed8cb0c4b90040adfb712e8736f3c4b37cf3b175cf877c9

Download Submit
/data/data/code1xsport.apppe/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/code1xsport.apppe/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
294d3312a9c630dad59ab1f731affa0a

SHA1
0e295c6b855e20667150d7a48dc65e4865226fd4

SHA256
12848f49dfbca1ef6deb8f2154b1007333f4c4a452232996a574b0760c64ae4a

SHA512
5ed0138016b675635b66f292809720ebdfd9109f499a083ecdbbb914285d9a35a3ecb8d0e1d004762476aaf6e13601c1397fc0925d01c0237f6fa2dd1a761259

Download Submit
/data/data/code1xsport.apppe/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/code1xsport.apppe/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
75ecf4723d749d086c47b3e2ee2c3670

SHA1
5e18134fffc6e8088c02a3c5d062407621758bdb

SHA256
cd9b455bae95602366d6c801aaa8000aadf75b534d4786d367bb8dc42fa189b5

SHA512
037882224a8c578e2eef34f8843a4d1b1d64773326ac3592cde38858d8016f9a17a6267f4717c537782db0c7e603bb1cbf5e20a7307de6e4b89caeed48131251

Download Submit
/data/data/code1xsport.apppe/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
ac63a62b21cde1d8a217308d3d319ddc

SHA1
a9353060869a61ab5aee9f901d792e4c7f123494

SHA256
18edd788899a7642c85671563b6f8e2b0af12ad6ff336cf5b304edc38d2e8098

SHA512
b522785d7a204b951c6cf41bede59c9e18bb59726cd63cd3329d813ae392689644613c6b0e0491dd4128dd8a4f98a833178afdacd69c2fe12ffcb0bd5c25b64c

Download Submit
/data/data/code1xsport.apppe/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
d81fb2401359add3ec04f3c86a7f806d

SHA1
4181bcc8aec0be119de6913e28e49b6b0d0bd757

SHA256
074aba083de0b43b7d2f775e07cf6a63e4e701e94ea23ff15c46d20f5403625c

SHA512
81f3b3783616bc0262e02ace64aa3a439308e8ad792c42d26e3bcb3de59aa3cafef63e1d7bd393d01bcb162b00d783a4e5f6c44ef39b9e8cbde5ade0570ce759

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads