c2cd40f1c21719d4611ff645c7f960d0070c19e8ad12cc55aded7b5a341c89a3 | Triage

Analysis

max time kernel
32s
max time network
67s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
22/07/2024, 18:58

Sharing

Report Analysis Logs

General

Target

پارتىزانلىق.ئۇرۇشى.ver.2.1.build.2.apk
Size

8.0MB
MD5

b5fb0fb9488e1b8aa032d7788282005f
SHA1

a726f0d568f0f7115724d4faeee94bb02cfea03e
SHA256

c2cd40f1c21719d4611ff645c7f960d0070c19e8ad12cc55aded7b5a341c89a3
SHA512

9aab42b74af1d08ab865c14fce25dd439028c917585a79a91e4ddfbddd4c9ffe3317e33af2addac6764900aa960e6f34b4bf71560c1d80810e6bbfdd6d2bbe97
SSDEEP

196608:pgaaD1TdevjRr8Rx2RR97Eu4U6eTiDJ8dL1iSkqQD6JODKke:maaD1pElr8Rx+zeqdLPs7DK1

Score

8^/10

evasion impact privilege_escalation stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

pid	Process
4220	com.pdf.google.vm

Tries to add a device administrator. 2 TTPs 1 IoCs

privilege_escalation impact

Device Administrator Permissions

Account Access Removal

description	ioc	Process
Intent action	android.app.action.ADD_DEVICE_ADMIN	com.pdf.google.vm

com.pdf.google.vm
1⤵
- Removes its main activity from the application launcher
- Tries to add a device administrator.
PID:4220
- su
  2⤵
  PID:4284

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Device Administrator Permissions

Defense Evasion

Hide Artifacts

Suppress Application Icon

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Account Access Removal

Replay Monitor

Loading Replay Monitor...

Downloads