3db0d587001285f306fbdd73d29ad62ee826a0c27585ebaaf1d993504fdacc5f

Analysis

max time kernel
177s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
08-07-2024 11:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3db0d587001285f306fbdd73d29ad62ee826a0c27585ebaaf1d993504fdacc5f.apk
Size

5.5MB
MD5

deba43a71712c3a501970e3fc5ab1ced
SHA1

0d9f42ce346090f7957ca206e5dc5a393fb3513f
SHA256

3db0d587001285f306fbdd73d29ad62ee826a0c27585ebaaf1d993504fdacc5f
SHA512

331ca7455b08895c4821e24abd052f287570494862d54bab9039b0bd6476b897c679cdaa0e4f542f1d562063f18f9d076a76876d2807f37d331b6fbfcce6ed5f
SSDEEP

98304:hU7aQYpE7Bm9K0E3Lw1QPenWTCORGRAhvRNB4p31aVCH90fr+6vSI:hUHY0B0EEmPCWdGRjp3cT

Score

6^/10

discovery evasion persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.tech.sideswipechat

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.tech.sideswipechat

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.tech.sideswipechat

com.tech.sideswipechat
1⤵
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
PID:4595

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.tech.sideswipechat/databases/com.google.android.datatransport.events

Filesize
40KB

MD5
1cf3f63c021d755a21623e6d0e86dbc6

SHA1
e40e0f1faa61abcca7ba3394c54c92ff7334b49b

SHA256
100c67650ba652d547d8a1128edc550a8e95541a1d9268a199d1b924294d0895

SHA512
38d72e14f3513ffd26989cbda3df46ed3dd6e731bdfae56440eff6b64760cc13f91014281c9add61e018fe3529e49c63a6892ca22479515816c768b546244466

Download Submit
/data/user/0/com.tech.sideswipechat/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
cebb47a7275b58e4e89294b1420dea73

SHA1
55602facabdb4c0f685f2f9fbd59c34edb246d9e

SHA256
82eeec449a8e277b437e9331c31cc35c22d2c3eb9e671342ab844ff435f45dc0

SHA512
88eec8d1159af8d4eee967fe81efa9cd921f171fa1e8cd808258ea027eb4b141dd4ec1e77c7b8797c07709b9a9a1edc23d373e7343889ba89dbb86977e000f7f

Download Submit
/data/user/0/com.tech.sideswipechat/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
169abe51dfb13b27c31b5184ad5523f0

SHA1
d3c75d0379b7f4dae3eaf69f6d20c8666c5e1523

SHA256
19f3ab59959888a1b74fe3a916cec39339333ba2b29cbb25a3cb2492074f3e2b

SHA512
696865227138c8a0040043525cfb37175831141d84590034d0cf90f13561dd408acf0630d99ccdb790e154878abbee59514bba9aa22f425000418b9bde8765e4

Download Submit
/data/user/0/com.tech.sideswipechat/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
6ec30a4a6b95bb7f0db398ca052ae84b

SHA1
b2f5c661269a624f492d8c778754710cad8e2baf

SHA256
e27879b49896821af52f44e8608609470966de3a3610d9dd9927cf965248d9cb

SHA512
265317122ef066be3458e2305b45d0c86934cbac7634c2e27e18df2d701667ee5de1d300cdd8d09e6b1a83f079f5134078bc01e7e5717b57b01fe8f43665b225

Download Submit
/data/user/0/com.tech.sideswipechat/files/PersistedInstallation2567127101084165610tmp

Filesize
90B

MD5
18dd627c82d64e0b5744bedb32d8ab20

SHA1
86f5354e3c7f439c3c1d2c55970a5780bd1f816a

SHA256
891e66229bb774c9b22f3e1411a2d17e6210f8db6bbb52465614a99bb438fca7

SHA512
31bec39b02f4505cba8b37a0c0887cb254962809ffcb8e6218b320646114810d6206466b7a8c4a85305deab606e338385a84e0855cc631b754b9368077cad40c

Download Submit
/data/user/0/com.tech.sideswipechat/files/PersistedInstallation8023216585873976532tmp

Filesize
114B

MD5
7c069bb3f1fd729c6c5e40550636ca41

SHA1
6eb08569d17524a88f63adf941525d056228d1c4

SHA256
7a620607c8873032976cf2681f44d0783435962f297dd2e028ee6d058ec53e16

SHA512
121dc0ef7cd3060934831ca6ed3e2e002eb1ba01e82663acd52049c9d37964b494e1004cbc1beb8760e187bdbb3727396d069825e0e05091e0ac27e46e362d18

Download Submit
/data/user/0/com.tech.sideswipechat/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/user/0/com.tech.sideswipechat/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
b2343c70eebd503facd69f7eb72eed01

SHA1
cac289d97be290bd0cd1183781b81db8eb3f1cf0

SHA256
585fda27841f794051a79a9342f8ea8f8e2aa6b428f28ca50888eb33f112fda2

SHA512
809c96a0477f176f66fc6192a175d7a12d0c0856ec25d869bcf6ecd360ce8341e02c9ef87b7fb7a477f259c7bd3c074208c52d147e7b5109edc750ac0946cfc6

Download Submit
/data/user/0/com.tech.sideswipechat/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/user/0/com.tech.sideswipechat/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
7353c9a2401d0447a6b13544eeda37c2

SHA1
e3da517b18f31f50e7cecca254864c29f3d680e0

SHA256
46d52dd8040268d56b0adce513714c6332e699303728d3fb7786db63abcfe7a9

SHA512
5895b741a52060015e221269c06dc3454cb003fa65d5bcead1cb83377d6b2babceb08a693579ab2b8502b9149a18972d43edc94b66465b118c83affea15ef43a

Download Submit
/data/user/0/com.tech.sideswipechat/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
898f1b2f684b5d8168fb8dba8a596d9a

SHA1
b9c0fa7435a6be89fdaada9ebe2bf170819e0b20

SHA256
4bef68e185cc31fab6419296aa523107770a55ecd6da36e24ea716bd4427cece

SHA512
69a6b66cd5e46e6f987c770054ba40c73f214c1917292e53cf4e51d9cbd37c4d1ffdd07c1e6631cb3867939f161255679f3ef86d28678e1cbc803810475cc336

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads