54583791e1d906c2f77b10feec1d842ddb8afebc14f4ceec0483e89fccd194e9

Analysis

max time kernel
12s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10/07/2024, 02:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

54583791e1d906c2f77b10feec1d842ddb8afebc14f4ceec0483e89fccd194e9.apk
Size

1.7MB
MD5

edc01a21edd133ad5bc5aa55b3ea69d8
SHA1

ed8fafe6d124ba507a5fce9ff85d2f86fb27d8e1
SHA256

54583791e1d906c2f77b10feec1d842ddb8afebc14f4ceec0483e89fccd194e9
SHA512

634f5d0b1f0feab2664dbdabb98349132f00c1fe2d23081b0eaf6fa6ac2798ba6dd990b673e20604c3f61e5b270be9c6b8ed5b7d136cc25fd90a4f546e4fffbb
SSDEEP

49152:zLs/83DZwPJ9KsCC2VxBTFnovCnWhlvF+LclM2r0:yhPJ9VMxB+v+Wz0Lcy

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.epasufob.kybavfgt/files/dex/5ba6eb5002f180c9.zip	4278	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.epasufob.kybavfgt/files/dex/5ba6eb5002f180c9.zip --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.epasufob.kybavfgt/files/dex/oat/x86/5ba6eb5002f180c9.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.epasufob.kybavfgt/files/dex/5ba6eb5002f180c9.zip	4252	com.epasufob.kybavfgt

com.epasufob.kybavfgt
1⤵
- Loads dropped Dex/Jar
PID:4252
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.epasufob.kybavfgt/files/dex/5ba6eb5002f180c9.zip --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.epasufob.kybavfgt/files/dex/oat/x86/5ba6eb5002f180c9.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4278

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.epasufob.kybavfgt/files/449741.so

Filesize
145KB

MD5
a5840239547e86ff7233c95bf43e3fd1

SHA1
a76f73100e88f790bc4c802f08c3ce94ec11e8a2

SHA256
8d3357f889f5f96aaf4dbdf854fc8585a72dd3830174ca6a108aeec0e067b973

SHA512
efcf40e66faab794a3c88aecc9900f26e060d259902517550228c404a05d9e386d4e95642fb35c4e16285f324e3c9f36a0173e6cc3bb63b96357d1ae05a0f926

Download Submit
/data/data/com.epasufob.kybavfgt/files/dex/5ba6eb5002f180c9.zip

Filesize
451KB

MD5
b4cffe9e1e850db674b8360c64b57d75

SHA1
f538393f3ae2c14bb6f1f0aa33b0544709fb56d9

SHA256
6c5834655a200497a66f0b7fa6fdccf4a0803e940789c1abb54501148fecf435

SHA512
cf15e56af5234447f1caf357ab8659d70dffd2ef2cae9596d5f510037ba0a00712316db58ff2dd6d8348990176f56d5b5027fc2b4a4123b848602455e451ec56

Download Submit
/data/data/com.epasufob.kybavfgt/logs/Sistema1720578311776.log

Filesize
2KB

MD5
ebf658627194a57db48bcdb2f9654d78

SHA1
5f0987b671f6889ba348fc6544f95b7f6079e7db

SHA256
39fb40e06eabcfd6ff4cca670760fd2d74476ade2dd89b1a15e7a86781be5f7c

SHA512
9ead93756e334244e7cc37d02028372817397ab60b58f8446b37d9c82c6b1b262d2217b22f48f408c5bab04fc0af459df7036e28085ae9f10f05b5159fb7abc4

Download Submit
/data/user/0/com.epasufob.kybavfgt/files/dex/5ba6eb5002f180c9.zip

Filesize
1.1MB

MD5
65864da36c3fb139d09a1821ebc96201

SHA1
811b86b467fff05a9d2223b82d541eaabe93ef8e

SHA256
4e308316d1f917781c9b1295f844f58cad7d126c37894b96de9698b7464847ab

SHA512
3bf049963eabb998e983e03f6f3bc0a71b7b9c2ab64ebf0bbf2e49e966125fdfce6c8ed47e0578cf8d638bfa530536ec9cd4391d3925fbdcbc751905fabf25c9

Download Submit
/data/user/0/com.epasufob.kybavfgt/files/dex/5ba6eb5002f180c9.zip

Filesize
1.1MB

MD5
e0d7369df2ea7ecebc70205bfb6edef7

SHA1
2c39cad387047163608aa3a29ae978b7252e6448

SHA256
3f52b585382c52dc33eca0a533a3fae045457fc23a7966958c9379d88b6dd617

SHA512
d6efcf5ffd7708a855fde8a366b15c84272a0e6340c30d2688ae6bd80997f3ec78747b3f10a6ba5bc7bfe3597988f19d54a31c0831bf8923a09d70da9673d7ad

Download Submit