926173f0bfe3489a404da96e93bdd62649b288556940ceb03b2f7b70a329713d

Analysis

max time kernel
124s
max time network
312s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
10-07-2024 04:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

All-In-One Offline Maps_3.15c_APKPure.apk
Size

7.2MB
MD5

faa97bd31bc871ab7e5ebdb8fa8c4420
SHA1

991ef3a19b987e728571c3dcd2aba0a92961b373
SHA256

926173f0bfe3489a404da96e93bdd62649b288556940ceb03b2f7b70a329713d
SHA512

9885e3bb387a09025501f8154c8a83dfa54ca7b1cf60e47257ca4dda1e04b3722d8dd416e2a14fe41cb68dd4deea15f816b1e9c75aa09ffd1172276afb1b7686
SSDEEP

98304://0F41HMIjP2meu/MGpJoAuhuC27aArkBdeAcx2VEq1NXCx2mwGBH757m9://VtBursJojh72Drw4x2VVoZwGBHs9

Score

4^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.psyberia.offlinemaps

net.psyberia.offlinemaps
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5075

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.psyberia.offlinemaps/files/maplist.cache

Filesize
24KB

MD5
be2f851b09c359c17f2b2745f9105e0f

SHA1
edcae63569e85318a18e84a053bbc8e6a765bc35

SHA256
78a19c64ef6a97853803ea0d1b72ab5ce8175765ae93edfbc679d28af7857aa4

SHA512
db8a4be82ab476de1679c885103ba08a87d8da75a1a29e02a771135fe6ae29897aff133129755e2eac63817c3279c0129cdefc1f3eea189700ed9fd0fa27fb98

Download Submit
/storage/emulated/0/Android/data/net.psyberia.offlinemaps/files/1720587240385.test

Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/storage/emulated/0/Android/data/net.psyberia.offlinemaps/files/datastore/maps/OSM.AQX.OSMOMSROADS.DAT

Filesize
1.3MB

MD5
02c1a34221f46f90f4d3c4cb2750c2d2

SHA1
3eac7b1f0eed4a8999219592aba03aa8924e7712

SHA256
f4ec9390253540c5065e0f2bd62115874fdd67ebdb7b881317387fedd992dc05

SHA512
292ec82afee6a525f525f09f9a8ecf71b4a1f2199d43c291358f65ab3ee37496d9ad8751ae8850f11ed1d7f9397a7a9f947cb16763a484974aa31101d51e6f8d

Download Submit
/storage/emulated/0/Android/data/net.psyberia.offlinemaps/files/datastore/maps/OSM.AQX.OSMOMSROADS.IDX

Filesize
893B

MD5
7e62553a31a5786fa2aee887d9f01628

SHA1
9b065e498db6665612c860ea88c5d22986b9eb38

SHA256
ea1af38941ecec1bd06df71eec8f2f60fed47594b203065ddfcb8aebc32a0b60

SHA512
89263b7cc2df1d44bacd09844d02248ea37a5fb40502c62222e4751e88f4ab54f1eafa92e4677b063fc3ea692c5d852985347125d7e90a9664d7ef86ddf22bf0

Download Submit
/storage/emulated/0/Android/data/net.psyberia.offlinemaps/files/datastore/maps/OSM.AQX.OSMOMSROADS.PREVIEW

Filesize
36KB

MD5
296e2d9dfa2845d0ef2212fc670056b9

SHA1
ce21b5be16f2c4f6f378cfd0ccefaccfb3b723d9

SHA256
8726d27244cc92228997425632095ae7569d6dce114c4be29e05e52ed113bcf6

SHA512
1afab3a2494d4fd022b722cbf0373ea610f92e189e9853f397d81674fb7df7d3770cf8c1b18d65f96802077f5f6f324abcf5e7c3f2c44361c1b8f830f3204cfe

Download Submit
/storage/emulated/0/Android/data/net.psyberia.offlinemaps/files/datastore/push_settings.conf

Filesize
267B

MD5
02046baef80c70e48eddf3ca89547201

SHA1
99af398a8f18b4ae3b6919564e88ba95ab5a4411

SHA256
50eaac2d28408897a744d471b5f6b93d1a3cc04a63d1d5695a512fa0ebb623df

SHA512
3e079300b7e8331bb447dc0c2d25265feba8cb129129aa25982a48fb9e55c4e7beaf863d9ffe040721a95de21aa609c722bc0a1dc8e3b4a72b3d447b0fa0bd1a

Download Submit
/storage/emulated/0/Android/data/net.psyberia.offlinemaps/files/datastore/push_settings.date

Filesize
8B

MD5
a1f158c8938e85300cf2fcb965b0bb9f

SHA1
031506663731595a6c9e130bc3fd2cc4e66c6764

SHA256
c3df2522561a4504769487c3ffc1b090ae0305e2e12f692e74bbd399594efbe7

SHA512
e7b2cad614527c4f4275af46e9ce7671a8d366ea8b3a3e0b1126cef72a72a4325c1dc375bd27647c78776720072d9a29ed192b34b3622b6b15051d50fd34debc

Download Submit
/storage/emulated/0/Android/data/net.psyberia.offlinemaps/files/logs/application.log

Filesize
9KB

MD5
39bad8b39daebe045fab3b21c8e791c7

SHA1
923a6b08bf8a0082efd7bd8901a822816652871f

SHA256
0828566015831f5c99ba842b2ae0ae3269db4ee627fae8c67ae65d9f7896914a

SHA512
f171b9949877e8215136c9180a240f722e19c7c44365fbf64778866fd016a17dfb6e8509b8b3d7b8a3268631b48f66304e2ceff7dbbc2b671d8bbd2220d4a780

Download Submit