56e64d9351a9d4a61901daec5376b31414715c19d56dd31d43805faf59b522ee

Analysis

max time kernel
179s
max time network
133s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
13-07-2024 19:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

racing-moto-1-2-20.apk
Size

8.1MB
MD5

331b4fe68ab91ea040c02ba8e18a6486
SHA1

f659f7eddd23f24d6fb643117b0dbd86790fbba1
SHA256

56e64d9351a9d4a61901daec5376b31414715c19d56dd31d43805faf59b522ee
SHA512

1d9d4c0e9bf9d39e4576429df0dd76d07a479094e057313e197f7671362b6c705aeb5a3c137a040441e12ffcefcda11d1b3e05ed78e8d5e14aa17c37fefedae8
SSDEEP

196608:+i8ybI4dKh5cZ0FFx66oeNWVhacdp5AD4AF:dpIuKhYo6DesHbSDTF

Score

8^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.droidhen.game.racingmoto

Loads dropped Dex/Jar 1 TTPs 6 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.droidhen.game.racingmoto/[email protected]	4323	com.droidhen.game.racingmoto
/system_ext/framework/androidx.window.extensions.jar	4323	com.droidhen.game.racingmoto
/system_ext/framework/androidx.window.extensions.jar	4323	com.droidhen.game.racingmoto
/system_ext/framework/androidx.window.sidecar.jar	4323	com.droidhen.game.racingmoto
/system_ext/framework/androidx.window.sidecar.jar	4323	com.droidhen.game.racingmoto
/data/user/0/com.droidhen.game.racingmoto/cache/1664557424545.jar	4323	com.droidhen.game.racingmoto

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.droidhen.game.racingmoto

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.droidhen.game.racingmoto

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.droidhen.game.racingmoto

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.droidhen.game.racingmoto

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.droidhen.game.racingmoto

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.droidhen.game.racingmoto

com.droidhen.game.racingmoto
1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about active data network
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4323

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Hide Artifacts

T1628

User Evasion

T1628.002

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.droidhen.game.racingmoto/cache/1664557424545.jar

Filesize
10KB

MD5
dfb68e70e8eb84d844c9ce623ee069c1

SHA1
369e761858a904fe9fb89efcfc9bd3e6e56ee44f

SHA256
8ba015cb192f34326e6a46f765c6712d87c3797661541275c84b9a30ee449eec

SHA512
0d5f8ff91d3cd5c976cadf774b8d5cd6f276793b9eb9f3d8e7168eae122b0bfcffd833be9762de441d4b52f7bb3eb3850479aea37ac327be9b71910c6fdc566a

Download Submit
/data/data/com.droidhen.game.racingmoto/cache/oat/x86_64/1664557424545.vdex

Filesize
948B

MD5
480d07e0214aeb0d51a0d29f6f0a6a22

SHA1
bb1a0580bf436ffe93d91756a9e2e646e449be9f

SHA256
e9e16898bfb89b40c3e9972f977730473d9b45ed0fdc5cbf868ff0e71f064290

SHA512
31c58c4bbeb49cc1ca7c705b829c55b50d980e9248277f9c96f1602fb1e6be8e7e3d3add5d3b002d28015822dc277e21905eec9dcc5685567c36e5ab97444171

Download Submit
/data/data/com.droidhen.game.racingmoto/databases/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/com.droidhen.game.racingmoto/databases/androidx.work.workdb-journal

Filesize
512B

MD5
542753024e25cc83e9b3f5f927782653

SHA1
aca9a130c3dcac713fba8b2fbaad829f6664574e

SHA256
589ac9ad7ef0dc08ce6411a6f59dd675f690d6fc1e106a9ec47b50bc04ac9387

SHA512
3986ed3ce075be583ddff2d6180f8b81f2617ed5c77e1d74ec0c3459b08747e32215baee12ed88df05284d4623305603ae84deaec33037e891be4489416c6670

Download Submit
/data/data/com.droidhen.game.racingmoto/databases/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.droidhen.game.racingmoto/databases/androidx.work.workdb-wal

Filesize
16KB

MD5
f987f6859e36e179812c3cc5b1dc5feb

SHA1
c37ad3e312793aa5f7ab0a389984461c5df93ad9

SHA256
41f51748215ec9b9974e6b71d7f8e6e4815ad3570867ff457dc20b8826e48dab

SHA512
622dc5504887c0e33f17e8e4d7b56d145de8bf3ef66b0e0c8b673bc8257602d9abb3bc9be4285201a56b1753f1b445caeff17dad4e6097da8a76311a89de22b5

Download Submit
/data/data/com.droidhen.game.racingmoto/databases/androidx.work.workdb-wal

Filesize
88KB

MD5
5d82c0f381771853a08647e44a610b7f

SHA1
d54f1bfdd4c8495cd169e190d469b25a35e10ae3

SHA256
485722720f35bee6631b8c57b9d44e463d6585a2c3439e5ee722d3181a02a2ee

SHA512
65f6e9b01ed963820ddd9713795d3dd8d8e7ea46fea77fb30fbb94a88f8fbdc6757257213c70caf98e3ddbccd074c8d7a0bb052c6fe12e1d63a5741c50fd40a5

Download Submit
/data/data/com.droidhen.game.racingmoto/databases/google_app_measurement_local.db

Filesize
16KB

MD5
da4c81d9a032121236a4ed034c0cc9d9

SHA1
6ea1d3d14a34c4dbe056fc4380747d3970cb3498

SHA256
30b7dde5771b5ef3cb6cd033fa2b1618a0674f41f47c1441855f3da24887a0ff

SHA512
e61d8e6af3d48cc6e95e34568209bc24308db9d751dd1451538907df0e7caa67e329c4615911b0c6614275f3e5cfb2a8a38288f5818487c5d292c18dd857849f

Download Submit
/data/data/com.droidhen.game.racingmoto/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
b54c30cc4011dc42aad7e3e8f4bd44c4

SHA1
e6f9424515c02b81dabd922615189530eb469bad

SHA256
7330948ec17afa7ec56aea99adc08bc9289b8fa3bc9a9611a90ec496ccaed4d1

SHA512
3456f47d741986f996bf875b50c9351878d962638dbf7ec903206d97f2dd4c621e5fe218bbee98fb4c023ee20a02d20b8851c89dcfd27dc3ad4e75c54253951d

Download Submit
/data/data/com.droidhen.game.racingmoto/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
cb75133f3d861eba0eefe959d6c24b37

SHA1
e9ac89d69cf2bb214a982e06107e244a8004a9ce

SHA256
68bfbcff9a8caab5d4f31abfd070e112203501896a30426a66641437961da069

SHA512
0ce447534770666659fb50a822874c34954d72bbbefe7a911acbc29e5734beec39f07ea067660dca9158ab9ff74e1fea287f50c2daa85072cc6e1a785b5a689a

Download Submit
/data/data/com.droidhen.game.racingmoto/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
44edfbbe4a9b9a00bbc43dd8cc781220

SHA1
023cb2dfd0e383352eb15782329c373b6d1db4c6

SHA256
78552b369c4485fd9213facd288613ecadd4b6bc25855b2335261fc9b0ac5c3b

SHA512
38bc30ba114bb507f660bd6f73112fed8abd44fba1b5a14b22e74f287f7898f1b552d6eb53de902b636a382480b9a3085acc2a8a4d7062568be3e6f5a6f6c10f

Download Submit
/data/data/com.droidhen.game.racingmoto/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
30b8512d0e080341f3a04c261f1241ae

SHA1
51da09abb9b1308b5245c9f263844333559af8ce

SHA256
2fb189b7f0ffb288450f3360ef59219996706512736ab07271ac1610c526c0ff

SHA512
90f13fd9a17f04010224f8771bde9e5ca8b452bb3a81964a32f38fe7af5cf8e85caa6b2e94aa4f4432a93828fa68bd5817c5685c0b543248f6551cb7956ad018

Download Submit
/data/data/com.droidhen.game.racingmoto/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b8cceb5c54c8e949bdd07dad210c8118

SHA1
64cab1dfc08c65921e2bc9b58b0b998c9b6cdb91

SHA256
1ecf76db1632b092b3c933fc53423f71c69d81b7aa8d6835e4976add2094bb9f

SHA512
811ec7164f33eefdeb0f4cfd6db6dbbfea40571df35affc87cafd4786cb09e7f3e67dd8297e9416b7d9ac6f66fa597a3dac0ebec03f067c623a3fba38007e761

Download Submit
/data/data/com.droidhen.game.racingmoto/oat/x86_64/[email protected]

Filesize
59KB

MD5
d09af27f52875f224f663b8eb9e07eed

SHA1
f6e54236c0604d3aedac87a578d2520c4ce936f7

SHA256
16363cf43b913b04da13fb3e6e48c5cbe1e6f6b5b4aa172ee455b4ed488a484b

SHA512
5a1eb49093bcf4d80dd0db4a13e153e094d1f1a75194783dde6f796285158932dc199e52f03ed67d7df9f0dfa214da91dba430b5a260ec7d618b4642a3b68d63

Download Submit
/data/user/0/com.droidhen.game.racingmoto/[email protected]

Filesize
3.2MB

MD5
de074d220003afec1be2ecf28711bf94

SHA1
5dee3e46cfbc750907b997b9c79b38cce0f79f8c

SHA256
b550710e818a228ac6a40a6964f67dc3647b463239b9aa58554038960fce6321

SHA512
3e3bc12a19d9f315997394f7155a86a5aa59a94bfb579805ade39cedbcf42cdf2e13b4b3c902b5888eb21cfbf28779cb5b0d5fe688fdfc652ee417022d99c523

Download Submit
/data/user/0/com.droidhen.game.racingmoto/cache/1664557424545.jar

Filesize
21KB

MD5
722310b17c81cc3d780d23e1a63eb450

SHA1
0a0c1a939f923570e5da88aa5c7b105052f056e3

SHA256
9f2d7ff525ca785553557c351812252c0beface31440517e2f19929fe76472b1

SHA512
1a48e9383a0befb0c6b4755a8b56f352fba317910308f701e13ce8189c465cade6b0af510165d586745f1913a61cc68f91395949202394336a59c34596691a91

Download Submit
/system_ext/framework/androidx.window.extensions.jar

Filesize
123KB

MD5
3056e1bdb7d4e19789d0319eff484bd0

SHA1
6791ae47aa9466fe0bca27ad6643f846853bbee4

SHA256
8e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0

SHA512
c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
25KB

MD5
29469324e59dfcc052f24b5af4e7b2c4

SHA1
10c1e17ac6f598037bb51baa07945663645de4eb

SHA256
9195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a

SHA512
5e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads