bf4fb5b1a0f6dd65499e4b5e2fff102d4958d235f0ef79d21d4a0d271ebf2e47

Analysis

max time kernel
19s
max time network
193s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
11-07-2024 18:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

HappyMod-3-1-1.apk
Size

17.3MB
MD5

2374b9b56e0eaac81fafa5a2eb219bdf
SHA1

1af4b5f9b22268019b3f09214926b472fa188b25
SHA256

bf4fb5b1a0f6dd65499e4b5e2fff102d4958d235f0ef79d21d4a0d271ebf2e47
SHA512

3e037c437a38742dcf6f54478ed200ff149ad5dd57dafd11f87b98bcfd2cc93744adb3566e1eb498d7b1e77da56fd6b159b839ca3bd8432faf1d3010cd894af2
SSDEEP

393216:np0TcbMT8VhcEb7NN+tiqxwPDBxvghsreQBzhpGPG41VSzp:nacQTicED+QrHghsrH5hkPGAVI

Score

8^/10

discovery evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

System Information Discovery
T1426

Processes:

com.happymod.apk

ioc process

/system/app/Superuser.apk com.happymod.apk
/system/xbin/su com.happymod.apk

ioc	process
/system/app/Superuser.apk	com.happymod.apk
/system/xbin/su	com.happymod.apk

Loads dropped Dex/Jar 1 TTPs 6 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

com.happymod.apk

ioc	pid	process
/data/user/0/com.happymod.apk/files/prodexdir/00O000ll111l_2.dex	4496	com.happymod.apk
/data/user/0/com.happymod.apk/files/prodexdir/00O000ll111l_2.dex	4496	com.happymod.apk
/data/user/0/com.happymod.apk/files/prodexdir/00O000ll111l_0.dex	4496	com.happymod.apk
/data/user/0/com.happymod.apk/files/prodexdir/00O000ll111l_0.dex	4496	com.happymod.apk
/data/user/0/com.happymod.apk/files/prodexdir/00O000ll111l_1.dex	4496	com.happymod.apk
/data/user/0/com.happymod.apk/files/prodexdir/00O000ll111l_1.dex	4496	com.happymod.apk

Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.happymod.apk

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.happymod.apk
Checks the presence of a debugger
evasion
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.happymod.apk

description ioc process

File opened for read /proc/meminfo com.happymod.apk

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.happymod.apk

description	ioc	process
File opened for read	/proc/meminfo	com.happymod.apk

com.happymod.apk
1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Checks memory information
PID:4496

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.happymod.apk/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
af675d09ed1a2a8baf8f016598946eb4

SHA1
c747f5906a3f4970163c46a1558a566cab81ad8d

SHA256
3d3fc244b92a47b92f4df4a1ea1b1cc8e77d37214bc296bd1ee9c601766b8992

SHA512
51af420aff563a7188cd30d3301e0d9920b212e6c8a3de51bfd6a69ae57fa2546cfb4c6d8a5cc00f668680144d5cbbb8750e6db73f4352890cc59801cb5b9155

Download Submit
/data/data/com.happymod.apk/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
20410c79d4a5d736ec078caa872109b0

SHA1
42a5944018eb1020c2f62d3bcf8a43ca2f950001

SHA256
0251a97c205a0c57bec4d760a63810b6073d491f102cf662ad30984e763b4810

SHA512
fee716656cb3dbe292412492d6ae6f68d7bbb1029f142963d5f6f4e911619d02be4b6beffd9fdff48fb29fcf2dd98e1b59e1d9f755a387b4a13d5c80167ae5ed

Download Submit
/data/data/com.happymod.apk/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
a428d4b3586e831dcac41c4da9005f6e

SHA1
d2fc1a9ae25d0bacc569d6ae4454e411f7f6d7b2

SHA256
f6149ebe2b7cd05d6739c64093265b47de7e6f3e407dd5f4b4abf9ab898c3878

SHA512
d0ad281f91c27582306d954aa6ba87e1c4e7aca78982d9c4d6513415f930d698ee85de6cdffab0e8f1199103684692d10867d6442eda2e03c654a03e6328b4d4

Download Submit
/data/data/com.happymod.apk/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
55f9fc37695d43414079ae87b8fcdb6a

SHA1
5e40d854b153e1efcbfd7471ae8144aba07e912a

SHA256
1423db232ef0f8550838b89e18aa560afa75f51823007bc7e3a9f8d20cf47c82

SHA512
772e49908fbb5873fa9ff8b61d53b6561a19344536ca780bfe0b13bbb1f0ffafe59c6963d111405702e5626cba5197dd4b65534a74a549b5f14f1c88fafa556d

Download Submit
/data/data/com.happymod.apk/databases/google_app_measurement_local.db

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/data/com.happymod.apk/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
db398d1d79e1504d052c14b4a42527a9

SHA1
3bfe2fc7be75d88c706599b52bad9abebca51c25

SHA256
c0d63d1d332e75cc674feb3f5fa5b8a3e3f611f697ed312ba9ed74e253c7b56c

SHA512
d870c4a3060d80802e68f9f32bd6be1af555cf39f530e9f9ebc7d5e970fb1f2716afde946e71926b34e0de7a9b5959a4a313770932197cd797919597b5df0b52

Download Submit
/data/data/com.happymod.apk/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7becf8996a0f192b61a7a36a45dbf532

SHA1
64f71c24516f8331e43394e378aa4789e3251286

SHA256
d813619737b68e41f149e8d7054fa37bdba311c064590e078f6789e6e828c7b3

SHA512
2ae58c678970aab5a1e123e389aa79cbafd332b73607374f86ae53aab945c6899dc0bc2c52fc27388e9d7db56a5d2546e2066dd1c4ea2b9b4f75bb6cc67990c9

Download Submit
/data/data/com.happymod.apk/files/.com.google.firebase.crashlytics.files.v2:com.happymod.apk/com.crashlytics.settings.json

Filesize
712B

MD5
1294df19d20af1cd423090f6513451a9

SHA1
e61b8a3f08c445c9c717410b34526c1107a52e73

SHA256
812884133aa6493b36a0a354391acf9b2134c209e891aeeef5793a413c62c9fb

SHA512
0f5bd31a7f9cecc4516ab4ecc3c99d65198e9a0e43fbb37840efb3874c47b669e2f65a5d05e04af2fea157cfb09c714d14c04242075da37e036196a725a35787

Download Submit
/data/data/com.happymod.apk/files/.com.google.firebase.crashlytics.files.v2:com.happymod.apk/open-sessions/66901E3F0122000111907E4989013B85/report

Filesize
792B

MD5
7f6de211f53fdd5da3f2d1c3cf33101c

SHA1
a476eff3ec38905d795499c272e7e48fa027a6b7

SHA256
15a2c9b67f26866ecdd649718c4078a35f908f50a77fd18b3308e6b48a2329b0

SHA512
7fc186376e9961aa72b8497ac183e1ce8e11fdd883f2276cb3cd51a34baea406c1123fa9f41c35ce0bd284386b0b69933ff6ddeb898ef4a6b0ac2154e77a0c6e

Download Submit
/data/data/com.happymod.apk/files/PersistedInstallation4323689426267117550tmp

Filesize
569B

MD5
f4b971e78d4ae8c4d9785b03bc890fa0

SHA1
db4dce36aa95dad0711053126a6fb69febbdf8ef

SHA256
9fd7b57d4ff8bc4a2d06b5ecb9560e3b48635b12c9bb717a8bfb82c2301cba03

SHA512
2178ec703d32fcc42f67c48b5326e76d2cf1d60e6ac0ee893c83b2dc1a6b98f7623050d30d29effa435b8719c0a3133638ead55203a1545bb869dde36b86f992

Download Submit
/data/data/com.happymod.apk/files/PersistedInstallation8252056021509234066tmp

Filesize
90B

MD5
752aa8f394412cfe47e03eaa316ba780

SHA1
d0d486e7a9e13d0c5df604c7084ff1f04df0c1dc

SHA256
5635fc1cc91b00141af16329791e7d07045bfca5f4bf6734008f386c996a6fda

SHA512
9f4a70da11da995dc2e8967ea56848744ade9e7fa4d661f20b855d4c7871227e862946de328f1c0cee927e0dd1d7aef040ae28f6b128291192a4868e63d2515e

Download Submit
/data/data/com.happymod.apk/files/datastore/firebase_session_Y29tLmhhcHB5bW9kLmFwaw==_settings.preferences_pb.tmp

Filesize
33B

MD5
a65b9b3e4670dc3b48a9609f816ad531

SHA1
682a73f2c248815fba0cb50c45031a53d6f8dbcf

SHA256
a4aaa2a4e0cb12123b405a9d33bdd7edf8cbb41ea92e75deb1ba21bf1db5b2a6

SHA512
6c06e6791dd41c1c8d8e0246e9bf7fed81dbdb5e918e7dd78cc2af1f002f8a532ec28335b229a0ec5c1ee220861092cb1a7c7f4060663394e420d80ed391179e

Download Submit
/data/data/com.happymod.apk/files/datastore/firebase_session_Y29tLmhhcHB5bW9kLmFwaw==_settings.preferences_pb.tmp

Filesize
75B

MD5
06bd63584cc699cbc92ade3aeab0ac42

SHA1
e21167e5419847271e7f67b3b286916b8124165d

SHA256
1e58e88b20702d0a80025c1fbacc9ad5fe2565311e2230d581d669fbd7e8b0ef

SHA512
675f177e388425023df5e19cda634ab1e7673681feabfa7bb860089105353166491d15b8c86b5408833230dc5b0ac43e2b5a61e1d36ea0b40d6ce7166bfc385e

Download Submit
/data/data/com.happymod.apk/files/datastore/firebase_session_Y29tLmhhcHB5bW9kLmFwaw==_settings.preferences_pb.tmp

Filesize
121B

MD5
1fbccf7b936a9b713de5d42c6d8a075d

SHA1
7c8bbdf9151e7f53e2675329d471e552446e9ad3

SHA256
232f9626cbee2e063e25f61a08f46575d019b62f02a6753c1325957a95e1c513

SHA512
b9177426b3facda6d86b5a83d05805a4dd2f5357d4979ca7282a13ce3f08ef7e7a0c5922675ada826bde264450b1b4ddcc54eea4de62249fd3eab1ec9acf32cf

Download Submit
/data/data/com.happymod.apk/files/datastore/firebase_session_Y29tLmhhcHB5bW9kLmFwaw==_settings.preferences_pb.tmp

Filesize
163B

MD5
14770edbc1290230aebe82f8dcc730a0

SHA1
f86874de3ff45c2dd7c982f9ada6b5fc979f082f

SHA256
7495b9faf55ff02d0a2906ca3e3f4b356abd96e421815f9d07f893682da6eaf2

SHA512
c6be6c93262e0c42527722af20fdd3be2c9936eb601280c36492e0bb2151bb63f88bfb150690ae361c75d01a33647c2440bb49e290af38c5c5af5a707320e3de

Download Submit
/data/data/com.happymod.apk/files/datastore/firebase_session_Y29tLmhhcHB5bW9kLmFwaw==_settings.preferences_pb.tmp

Filesize
212B

MD5
fd07bcf7697a869c45129941df2075dc

SHA1
44f0b30ff9f2bd12d1a421263e519f63ea6fb99d

SHA256
f5545f19e88472598e65c97f0a57abdbb393f85ce6085fd7c7b5599dffcffe30

SHA512
3c1054c1143d372e2c171268686919f25b01236beb190fca8e83667ae2c13b193664a0ad126bc23becaf0ce341af3dc8b23869473b0744e56a1c151174ed0c09

Download Submit
/data/data/com.happymod.apk/files/prodexdir/.updateIV.dat

Filesize
12B

MD5
205681e4302093535196e2a8386f5884

SHA1
9b8e36528f64578f7261339c4f79d743e76f9a38

SHA256
38fceca76b4bb6d40f0cd2f4ad633818ff5fdbfd1b6231ed3b4711f33672425f

SHA512
8506e8802d794eee8b83e181dabbe1924e76f1e21f74e877e1fa0d28f5fd32dff231b7ddf7f68603b5e86cb883008356c1a89e6b037a6175080078aceec9b9bd

Download Submit
/data/data/com.happymod.apk/files/prodexdir/00O000ll111l_0.dex

Filesize
7.9MB

MD5
444d7fffcb81d893a47e376afdc77c97

SHA1
0febf800760028cbba6ddd0c33a9a96b587711e0

SHA256
66a413944b0e2e3e1343a6509327cd5d5d0ea8514606001abc4df107dae96b86

SHA512
550da39b3e823d08042ce6e3dd09a9c94509a1bf20f65a42138bdf74b38d24a4d4f8f47cd27b3c6ee5796e09149e780315b1f38250145a7cce535a6fdb1fc12d

Download Submit
/data/data/com.happymod.apk/files/prodexdir/00O000ll111l_1.dex

Filesize
9.0MB

MD5
16a657f12fcabbbb7b1e614555d4b1b1

SHA1
95e952aade38e2989294f877ee5baee809e6b8a6

SHA256
eec45ed95cb49b278561dea90de8941bd1fb68d57be7c3e2b54dae3c357ed795

SHA512
c7bfc2f02df73b18dbb0d0b2a511b328de86b05924f6b94188a7400cbd8c3b10bfaec04e9936b654ebf2ac492fed2153ab6866e426bd78bd17f54dce63881e53

Download Submit
/data/data/com.happymod.apk/files/prodexdir/00O000ll111l_2.dex

Filesize
1.0MB

MD5
83bd0d876b923330641fad3bdea7cfc9

SHA1
d880f19ee4973add32c6014f66426e699544c5d6

SHA256
ea333433d4144b47d0fd0008bb101c02bc44e1f87a6543d49a3ab5e5b57b85ab

SHA512
24ddffc9ef702b0293be46c29c6346cb8ff5b4dbf2ebebe92b50390978b88dfa7c67d9019936758ed075606186daa64391857f246d15627d0bc9fb7c07810e07

Download Submit
/data/data/com.happymod.apk/files/prodexdir/0OO00l111l1l

Filesize
8.0MB

MD5
7eac2301ab5fd429653795b84bee2d56

SHA1
72818dbbdb67f354a3fdc5db118752622e0d1d67

SHA256
deb1a076ef92b17becb068b2cafbae49ed784a10c6261cea568ae1d0ba145ff2

SHA512
1486c6d2bdfffdaf9f56662f16eba4b4d6884c90e4a1b4a5ee52434e3a0d7e67e5e318cd06d9815165df40fe52fde238c464e2d581f6e1dfd5264e180268836d

Download Submit
/data/data/com.happymod.apk/files/prodexdir/libshellx-super.com.happymod.apk.so

Filesize
276KB

MD5
7597005fc8bde831e322201a202a4f6c

SHA1
3de26a1fc12a3f34203bc705168a96427b72fe3c

SHA256
76d7003c6b340258168c070e204bd2d3d5d271794873399ce950024c94cb9af6

SHA512
6d676bcf1e74ee34d5e7d12f0c61534d74cc3cd9d7cba7a01c1d8861d192d907b3fa441f46eb3b7170a3990a1f2d18fdd040e6b322e46b7f245fe2d55b0cb056

Download Submit
/data/data/com.happymod.apk/files/prodexdir/o0oooOO0ooOo.dat

Filesize
168B

MD5
ed653d471d5de590ea1fe1b82fe1bfb6

SHA1
1b94021c3b4024e0bcd17ca632fa5f008ad44d7b

SHA256
5f430f06ae686e566b26788d082053b5063ff4866440246b59ce0c1b20cee182

SHA512
298cc31c59b9b60a73cf7baf834325148c1c9f3d994dc6e7a082c8f7a6c392864e027cba2bf1a836e4ddb269cdc523b4f53dbfaa7e04c449fa5bf38b60b0b803

Download Submit
/data/data/com.happymod.apk/files/prodexdir/tosversion

Filesize
35B

MD5
dfa772d6a95a3dc8fb4b3d26eb2bfb19

SHA1
e3d7ee22d79f803f27fb1af5aa89583441eb6982

SHA256
6512a70f696a6c1b00dc517df79b437b658ae995ac951e855e7a6132a7145b19

SHA512
2c32da75f818cf210d564b6dd901cd7bc6976f974d0ba6dafdb3d30546483f7ba65e12f2730b394aef821d3d78da90dcf666f6554cad199355a4e315f07af984

Download Submit
/data/data/com.happymod.apk/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.happymod.apk/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
8d4e3118f33a6d6b830ca002d6355cf5

SHA1
4e00772f78685864c7368de149fe4b8940918a2e

SHA256
586b60c5938a5c2a584e80626a877d41cd91903d59a41fed4f8874c13cad3f54

SHA512
3bfa3fd24f86b7c4351c63331286637110884f6e01119501985be44584b0b25656e68f527b2dbceef0f54043aed90e1f30784dfc2ed297c1ddf65694bef8d67d

Download Submit
/data/data/com.happymod.apk/no_backup/androidx.work.workdb-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.happymod.apk/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
e842d1fcb5cb2a89f70a8719f62c5035

SHA1
bcb4adccbc8c33826921766a6e5c86c1d83d81f9

SHA256
c1dfcb90417ab299d1b0d3966e2677a5d6b94d78b1dd85d628561f7c6c8fed99

SHA512
ee0bd1830ff08110d9e0dfe95c861305ff84318f015dbba6c794bdd06cae775964c89a97f83bea5c56b1ba58404bb68e91e31cc7472b833b9a98b7b0803ea787

Download Submit
/data/data/com.happymod.apk/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
b42368e2c8dfdf3d5a6a825cd017fdf3

SHA1
a467b48d75cbc0982f3023ccbc60d61e7a1a337a

SHA256
320f899fc36bda905241989b363bf6982e6f2cdde8a5ff9b520530664f510745

SHA512
221c4f7bc890615ad931be07736e9ec1a0b7b0aaec356d50a6ddaee4ea015f865c9cb74cc11ed131161f39979109a68c6f2db55d8c6c6310969b9d05526a9c17

Download Submit