f6d53d4a98a8d40f8d8dad1fc6502767d8a52ed956820d7bcecedc08e4f4798e

Resubmissions

14/01/2025, 08:32

250114-kfc88svmfn 6

14/01/2025, 05:46

250114-ggmbrazrdq 8

14/01/2025, 05:45

250114-gf6zrszrcp 6

19/07/2024, 13:35

240719-qvnw6stdqp 9

Analysis

max time kernel
179s
max time network
139s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
19/07/2024, 13:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Tactical War.apk
Size

22.2MB
MD5

c2e4ee18898bd519f156940930289b09
SHA1

dfd736b78b5d5c816bb47cf190ceb5859c6fca81
SHA256

f6d53d4a98a8d40f8d8dad1fc6502767d8a52ed956820d7bcecedc08e4f4798e
SHA512

33b912cf25383c9dd3a26f41299fbfadbe756ecf673f379a0c4fb4ad8204339344cfabf15dbeb93410cb142210cdfc0c7a55f2b08c020d7d98c35b0b517bc660
SSDEEP

393216:awhvPxIEeCr0jbNZsgaUnWQUz3x86Ttt6QIgVBMBqWXKysikEJ80709C:Tles0sRuF6TtqYBMXKysiDO9C

Score

9^/10

discovery evasion impact persistence ransomware

Malware Config

Signatures

Renames multiple (51) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.magnta.TacticDefense

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.magnta.TacticDefense

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.magnta.TacticDefense

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.magnta.TacticDefense

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.magnta.TacticDefense

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.magnta.TacticDefense

com.magnta.TacticDefense
1⤵
- Checks if the Android device is rooted.
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4243

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.magnta.TacticDefense/databases/store.kv.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.magnta.TacticDefense/databases/store.kv.db-journal

Filesize
512B

MD5
4b3b348b0281a02e27342c95b2d96ba3

SHA1
9c5d459b4a642bf850ac2ac44d81c8d4d87dd5d7

SHA256
bb3b676a6616fd659e63d2614404d8bcb8caf7d27ddc4298dabd16ab7dec61f0

SHA512
09ca0e35f00a555cc78f8fef7d9f885a6a7630f6940b36d051e3c0ff8334c60aaf9a0a508af272ce0e64232c8b69c4fee6a906ff58e6092a6775f17b42a516d3

Download Submit
/data/data/com.magnta.TacticDefense/databases/store.kv.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.magnta.TacticDefense/databases/store.kv.db-wal

Filesize
32KB

MD5
0dc507f84440bbef634135d0776b196d

SHA1
891fffbb8097b7af997c101016aa66799729bee9

SHA256
1bc45ab29eee79e0984a6a2920bded62252375c573aa333640eca14034c84a07

SHA512
6c8c21fd4201f913ae17e9c1c2fd2a5321043e78e7e3f2704e6b948c540c9bc2b78094b3dd136a30069c913fa5ab95dc60e190bedc96780c4fdbd748f9927c2a

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/Unity/6156c9bd-3488-4b59-8e8e-232f5e28a086/Analytics/ArchivedEvents/172139613100000.1faceaa6/c

Filesize
1B

MD5
c4ca4238a0b923820dcc509a6f75849b

SHA1
356a192b7913b04c54574d18c28d46e6395428ab

SHA256
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

SHA512
4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/Unity/6156c9bd-3488-4b59-8e8e-232f5e28a086/Analytics/ArchivedEvents/172139613100000.1faceaa6/e

Filesize
554B

MD5
1e41984f9e98df6b2c6be38be33938b6

SHA1
093c2d7e080111d1828adf8afcbaa0a0c4b90d27

SHA256
718a12090b01e6080e129f58a978f3f89e2e2552367c058adda2c1d41a5ae0a9

SHA512
06305c1678b14e2b3a7af4ffe5977b7a383e6e2af03f3376b1503f3eb80d85eef511b361ac1a7e6064fc572ca2e4ec0b89e17ede112445b4b525305ea71db409

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/Unity/6156c9bd-3488-4b59-8e8e-232f5e28a086/Analytics/ArchivedEvents/172139613100000.1faceaa6/g

Filesize
1B

MD5
c81e728d9d4c2f636f067f89cc14862c

SHA1
da4b9237bacccdf19c0760cab7aec4a8359010b0

SHA256
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

SHA512
40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/Unity/6156c9bd-3488-4b59-8e8e-232f5e28a086/Analytics/ArchivedEvents/172139613100000.1faceaa6/s

Filesize
433B

MD5
797f3b1d1f827724cdd11b5efd6fcaa3

SHA1
2778046dee0535268307fc239697515b0990c209

SHA256
04b7ecabb0a63e8f655c40f6239e55d0758eb03c160d67691cac166bff2754c5

SHA512
c2965c4fdcb3990a3590b4bfcb7c02b1858bd73ca695ac3e9148fc6d32f795143c3914f07a52be5a8794c8de5f3c0330a93417941ba12de3cc3c9cb083e27df7

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/Unity/6156c9bd-3488-4b59-8e8e-232f5e28a086/Analytics/ArchivedEvents/172139613100001.1faceaa6/e

Filesize
577B

MD5
107229ea60e9be3a096e2c885ff2e6f6

SHA1
709e6fe409087bca5f651dae198fb443a965b2e2

SHA256
3cdfacc35b0058899592cc3f2d6677af761b69edcfc882bb50743c90d3ba7011

SHA512
090f0d1a7c37499391c7a631378d7339545d62f5c5bcb8f67aaeb5bab7300d2e8e6c569b128139e4749c4438e87454751f1cf0336e5a15e82f0320802ee7fc53

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/Unity/6156c9bd-3488-4b59-8e8e-232f5e28a086/Analytics/ArchivedEvents/172139613100002.1faceaa6/e

Filesize
1KB

MD5
0e25fcbd6de058cd6a8f168b6bf55978

SHA1
fb67fc9cb67ce840bb205a052b0291ed6a435db7

SHA256
c7660b59499a442d8520d901f6f3350a353275fff0c597eccbf2192a92fb23f4

SHA512
964021ad6b159d882065a0dbf9c3a94997da8b99726565ca367901b2e2349759a794688d98dd45059b496242584a7addda52cbaaffb16887738288fed2d0f778

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/Unity/6156c9bd-3488-4b59-8e8e-232f5e28a086/Analytics/ArchivedEvents/172139613100002.1faceaa6/e

Filesize
1KB

MD5
caf64762329573c9214eb0c54ab62993

SHA1
d852aa1272a67a5a7041112bb619db11c116a214

SHA256
a40c613a3116b1edabad9a9898382f0948974021f54e338a3f0f614b2382de80

SHA512
842ac7662d2fe0eb4647753edd0097f2317edd66317432c820a7e9d09f31dbc1c8d1e8821db1d2a95694794412e42e67403626c4005bf4c9b55756f866cbe9eb

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/Unity/6156c9bd-3488-4b59-8e8e-232f5e28a086/Analytics/config

Filesize
293B

MD5
8673a8ac0b06a9d056d08d62f857ba4b

SHA1
a351bea1932270bafbe468584058fef20dcfc31e

SHA256
83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96

SHA512
edf28eb7fcef654f139285d308f817ee230d6f064a4c865109d6dfe6f73c11f8f35737c8159c8a302118237ab980899ba5773f547cc9da4028643a53b08e324f

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/Unity/6156c9bd-3488-4b59-8e8e-232f5e28a086/Analytics/values

Filesize
134B

MD5
f363be3ee08b8f5f1635b7f9a0e13c0b

SHA1
2246bcc51cbc21ddcdc22b2040765fb3ea575360

SHA256
452e8da3b467e4158e9cf2256b574d37978f805e88a79071646c6a301e4559e6

SHA512
1b2e6005beb1b51d56c43d993a7fcc4d0bba8ca85b38005dcbab442dc94564d9b026bf3735a926ac7c7949b77818259133dd31971d3ef6d0139c1c2f88b66cf9

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/Metadata/global-metadata.dat

Filesize
3.6MB

MD5
b3df0274789f05b81548ddcf084cc8bc

SHA1
53bca27884603c2450f89bde8ca3045db7ce8f04

SHA256
37cfa9b642ac00e8b4566f14367f26a1d88f669637041855566f1e4d3146696a

SHA512
7551a6a12b8d264e244ffbcda8f41d991e9340378317610731c92ba7d14cc8eb9bb17343f238a241d25c1a998e76489a7a21e232cb6c43460a06fa0f34cb70ca

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/Resources/mscorlib.dll-resources.dat

Filesize
329KB

MD5
21d06dbc8af6432b2b49536ed30609af

SHA1
11a1c0e2ab2f8c06fe4507535ed47e0dd279a60d

SHA256
c5baa176a5b72cd545266340e42102d393a5e43d38c95796bc828918bb95277f

SHA512
2971f54eaa14c3ce6e2352e5a1aea5b044f0894bf4eac92de8cd92515b6473b5ca56ebfcad4369a9d4935cbefea2540a83f332fd4d832c37768310e8776ceb5e

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/2.0/Browsers/Compat.browser

Filesize
1KB

MD5
0d831c1264b5b32a39fa347de368fe48

SHA1
187dff516f9448e63ea5078190b3347922c4b3eb

SHA256
8a1082057ac5681dcd4e9c227ed7fb8eb42ac1618963b5de3b65739dd77e2741

SHA512
4b7549eda1f8ed2c4533d056b62ca5030445393f9c6003e5ee47301ff7f44b4bd5022b74d54f571aa890b6e4593c6eded1a881500ac5ba2a720dc0ff280300af

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/2.0/DefaultWsdlHelpGenerator.aspx

Filesize
59KB

MD5
f7be9f1841ff92f9d4040aed832e0c79

SHA1
b3e4b508aab3cf201c06892713b43ddb0c43b7ae

SHA256
751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a

SHA512
380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/2.0/machine.config

Filesize
28KB

MD5
cad24142abba464dd90777c3d347ef88

SHA1
d8db7111fce5a08d8b7c9a6e1e0ad2fbf34cfe12

SHA256
edc5bcf685d930a607bc097927260a3f9ac7f52dd809db68158298bfd934b7ce

SHA512
5d3ee2ee7921c95cc30790ae670fcadcf091d4fa1b9b5e1b9c7500c67230abe25467236ed160c51aa662e764ccea10e4955887359a65b09432b727abf27f8454

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/2.0/settings.map

Filesize
2KB

MD5
22c818a23169e12bd3c8587b6394c731

SHA1
dd2be2dbccd34736719301aee92429d4258ea5a0

SHA256
49c6160f9d54af4270a3b4e997fc4a8301f79b9e2070118fa46ddbcbbc44f9a2

SHA512
c1352e817e01277413a1790a94a4f979dc1b8333874fef28d735441c034c97bf8ce501fd9cd04c47d25541a0c1d54fcd4dd3bee9ac3e8fbde83ada9a1d2662d7

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/2.0/web.config

Filesize
11KB

MD5
2b6303c4f12762b71051db6e947f90a4

SHA1
a4d7e05516f63d6ab67327b299d4fb2852cb840b

SHA256
3c1a76a5849074b437d297656a208a3bef6d84b982153542b9c797046c601dfc

SHA512
80f5da60654e1851ef21526e434b32d94e18883a08bacbbaa0e1f85b80469c46510b6ddb9b429f16cc4be89c6f2bb2627bbae9cb1d0c7e45b665efb7721c6d86

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/4.0/machine.config

Filesize
32KB

MD5
24c866ce8037fcdca2287234eddff637

SHA1
9245befcd116458e9619694f1a785c50fa61b58e

SHA256
6919d5af506aae0d93e91bd83418a81895a5554b9f54cf94aad20d025a4db664

SHA512
f9960b5d5e7db35fe4a492dbba1f90cd0f0f0c4d84349baf33de3a941de57cffdec670b5be9862306503f7b5d57a697208921e7099cea13d4daf3310840ff4d2

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/4.0/web.config

Filesize
18KB

MD5
b127480ee9f0b8dab6a3f73ad79dd332

SHA1
7d776d730cbd253564713f36573dd8366782788c

SHA256
f1a6416eeedd9d040387fd85dcf7d6e074b6644c6829d08be220ff9fc32efb31

SHA512
00ddca43ad38127cf71477810c46617fc2ccdc33f197e26ba761151107eff701fec2caa51e43575fb5b4fbc11f640f525ba70b6b3e97811cecabc63773492401

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/4.5/machine.config

Filesize
33KB

MD5
0869544722561f5aff0eefc83fc7b001

SHA1
1e118f4b5c1c6a7b1858e3fccb1b1d1095561976

SHA256
ef9b9387168fd1dd6c996f96c134d9c44f8eb06f9587004bf997252a520182d6

SHA512
ced7c9a5363cabdb87b01ed6b4ca190a690640dddf5cbcc0438acdc611a8ee942cb6cd73c78d3fc2d59f70171f22ac832a10b1e23758dc92599ee24acd978ac2

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/4.5/settings.map

Filesize
2KB

MD5
ba17ade8a8e3ee221377534c8136f617

SHA1
8e17e2aec423a8e6fb43e8cbe6215040217bb8a3

SHA256
ce1db1ad8a9512073164e3eccdc193f7eda036e1a9733caec4635de21b2865c8

SHA512
c18bcbcbd4b9a20a72b1a934d70db1eafef047f34f3ba2c6357d8e3afed07ecaab861e5571ceb58c22d4d3e5ebb34b51e366a0553c3153fbc263d1d80472e297

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/4.5/web.config

Filesize
18KB

MD5
08101241b15b53ef0ab908f6d388881f

SHA1
ea3e2ad6d71d483c54b12852dcbdcd0baa569988

SHA256
15a2c7a9242bf54d3ccb3e07fa6d8f84ba8b303d8877243787a1103009941bdb

SHA512
a1ee7f17bb069ac42483d1f98ca839ff1bd06f3fc15cd379dff4aca3732a5dac24dc17e15acc8f8fa39e60e186219f4fd70664f9ea284002274a4ff8609791ed

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/browscap.ini

Filesize
304KB

MD5
378be809df7d15aac75a175693e25fbb

SHA1
2d5454e161de8a5b65910f27bd70d9d0ad8fa476

SHA256
4ddd50f31fb968f30bedefc253a46dc3f2890192d05cdaa9e0a64a056eee807e

SHA512
d0d181e806cbd2c016eb0a8786f7d9db877463eaac0195db4e891be111c9ed87491a1abcfa0d9ed7c2743e004e1f4a3f4789333d0b535e63358c672ae833c363

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/config

Filesize
3KB

MD5
d9bc824737177af5792846f26507231c

SHA1
c44835e4881d95a97b597bebff5deba0233a5887

SHA256
60099cf91bb1a5717fc1f2d23cf36a61d3bfb70d9489fbb6f4bae98c560bf3d5

SHA512
f9558f9e985643d8205b5534998412a5896bb6f5712bce5d6cf27469200eed64f29efc01936ab00c4a93625b0fc573036fba00ba2c4eb1d1d7c47555608f11e8

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/etc/mono/mconfig/config.xml

Filesize
25KB

MD5
f34b330f20dce1bdcce9058fca287099

SHA1
936520d5bb5c00a1985d7a4c4f0ef763a9031862

SHA256
0c56e34c69124510fa8c19e7b4c2ca6c1c4ff460ae19f798dd0ca035809e396d

SHA512
d6d4a8321eb44c117755a41a2590296be86a0568d27a5347f9d7f32f2d151d8f7e169675c83faed2dab5ad0f8d81858f8cd1167e439cd4bff7e68c243e3544fd

Download Submit
/storage/emulated/0/Android/data/com.magnta.TacticDefense/files/il2cpp/unity.ver

Filesize
8B

MD5
bde7798ea5b8370376ee285754818ad2

SHA1
ab6033922cde1d1d849a9a0ae8ccd7aa22cc12e8

SHA256
81c7400a2ba4571a27c3676e0d7ab905dd25dbff9bf77c710bd3d755ac28ba5c

SHA512
8f808f6cddc9e692eb6b7d88ed4b0094252bfe9e384d2fd0a6c85308af8cd0abc98bef839218f631f6999b87314c65bdb43e8cbca9496324fa549302aaeb7fc9

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads