3db0d587001285f306fbdd73d29ad62ee826a0c27585ebaaf1d993504fdacc5f

Analysis

max time kernel
179s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
08-07-2024 11:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3db0d587001285f306fbdd73d29ad62ee826a0c27585ebaaf1d993504fdacc5f.apk
Size

5.5MB
MD5

deba43a71712c3a501970e3fc5ab1ced
SHA1

0d9f42ce346090f7957ca206e5dc5a393fb3513f
SHA256

3db0d587001285f306fbdd73d29ad62ee826a0c27585ebaaf1d993504fdacc5f
SHA512

331ca7455b08895c4821e24abd052f287570494862d54bab9039b0bd6476b897c679cdaa0e4f542f1d562063f18f9d076a76876d2807f37d331b6fbfcce6ed5f
SSDEEP

98304:hU7aQYpE7Bm9K0E3Lw1QPenWTCORGRAhvRNB4p31aVCH90fr+6vSI:hUHY0B0EEmPCWdGRjp3cT

Score

6^/10

discovery evasion persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.tech.sideswipechat

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.tech.sideswipechat

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.tech.sideswipechat

com.tech.sideswipechat
1⤵
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
PID:4285

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.tech.sideswipechat/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.tech.sideswipechat/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
645603ef8790791bf1f1ecae806f46bb

SHA1
5dff701d0246493e38a3f2ffed918937d8dd87cd

SHA256
01e531d1cbcc2ed7afe29bd37e558da5668cbfa286c310345051f598d13ae9fc

SHA512
101b65999a4bc98cda20aca260c6ed6697958905175a25cde1329c38ee932ced7816527001a8eb7e4350bdba5a3821f1e2a3d7a40bd48bd90874a2d9311516af

Download Submit
/data/data/com.tech.sideswipechat/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.tech.sideswipechat/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
f39208d3e5d3047bf5eba35a78ce2686

SHA1
da1beeb43a6297364cb0cc351726a656bc02cc5d

SHA256
9af63398559082adbf120f356de810adaff43fded1e190a53b2ae292d5461d16

SHA512
772ac28dc1d61e7b5afc6fd74360783a478ffa734f03a9f33482636fa4cafc0fa0b4aba9ae9cc6aadf53512fc69a5984e6f2127a75f44f479d9c338808164c1f

Download Submit
/data/data/com.tech.sideswipechat/files/PersistedInstallation1142685941237222023tmp

Filesize
90B

MD5
b96eee5fcaacd73f6115a693830135fd

SHA1
d5ff11236d161793e2e36f26bf92d8c5a6294312

SHA256
701d165440fb559ea94f643832d48b86f01c26658509141e8d6333d6bf9f259f

SHA512
a8ef0422fa69b3a36d1c62b8813d27ce249974e4838f0fa77c8609bba9f83157b5f86d5ee8d4f76e25ff8dac82404783872494e57410d3a8f01efb1a50ae749a

Download Submit
/data/data/com.tech.sideswipechat/files/PersistedInstallation7706883030657325717tmp

Filesize
114B

MD5
b45744920313bb7692b63c64261810b4

SHA1
c18a6ca526ded36e91fc3e811a345e693b219978

SHA256
a650b77b91a288794ccb0e0cd06a8f077844a78e6586669dcb687127507d8ad7

SHA512
893247ca3f8fae1b7e65da0384bdb34fdf0c2f04254b9ecf63c971f3467449f55e2c48ea87959db0007ac754812803f94f7d81b3789bb4a8235e24cb081ae471

Download Submit
/data/data/com.tech.sideswipechat/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
a464c5bfe14e4b6577dccbd6c048ab78

SHA1
be11d885bab85f760ccd61db49092f4d040100c2

SHA256
dcdc4f70fa7c0629eaca6b84a3901fd0f8a52b305a6eba9673afa256cce31d90

SHA512
335e193c2736189f5e1dec68bd95f61733f9ec43ada8cfb76bc13a35606e29dceac371bfd65c872822f7cb350d527890d5485907b85533c5ff99a4a378dc7ab1

Download Submit
/data/data/com.tech.sideswipechat/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
bc3f08e285e53b23200707983b48fa05

SHA1
17cb05ff31dd164b85121d981848250cf5d89a9d

SHA256
4f19cc3c98c01c835b89266d655993e74cd7c4f0b8d1ba7431bdbe0253b902ce

SHA512
f15bef4a1ea62f555628b20120198af27f857c2941c6c79617190d415e9ee53153af47b586595907e9cc9809b73f179e8e80a3612777ea88919b3644151ec613

Download Submit
/data/data/com.tech.sideswipechat/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
d43c0db9629cf9111a339fc003054b48

SHA1
539b785de307b17c67c618a7a22b02d468c0cecc

SHA256
a37506d0265cbc9c6ede20c3037ac0a276524e91125a871101039b4d1034a286

SHA512
7059d59742a8bc892056939f6cdd0c823b40696610a9a77d8248e2e5e276c5f18a50d5e794921528258e39fa2a5450a2024b784478520a1a12f334f88a6d5ae6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads