Analysis
-
max time kernel
132s -
max time network
147s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
-
submitted
25/07/2024, 22:02
General
-
Target
legacy.apk
-
Size
43KB
-
MD5
e741a9bc460793b9afdadc963d6e8c1d
-
SHA1
ca71f5827faebeb1292774730db30d8e27d86875
-
SHA256
15039c74764f1d63d52f301708997f6f64dbab2a6c1a46ed4701ff550e69f040
-
SHA512
f615bf5dc06b26b1583a2b69ea849de4d9426256452eaf081ad7a4360721febd00722ced3d382a7539450f5ac37427407dab6263b0b3f9b89e00d1bc31f19d10
-
SSDEEP
768:aYWCc+52Zr6tRrMxu3LJjTb/ZxMYf6n71XNUbw41ExOHNgj7:vWfsRSutTb/XUn9NUDExs6
Score
8/10
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.google.ssearch1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
-
/system/bin/chmod 4755 /data/data/com.google.ssearch/gjsvro2⤵
-
-
/system/bin/ndk_translation_program_runner_binfmt_misc /data/data/com.google.ssearch/gjsvro /data/data/com.google.ssearch/gjsvro /data/data/com.google.ssearch2⤵
-
-
/system/bin/chmod 4755 /data/data/com.google.ssearch/gjsvro2⤵
-
-
su2⤵
-
-
/system/bin/chmod 4755 /data/data/com.google.ssearch/gjsvro2⤵
-
-
su2⤵
-
-
/system/bin/chmod 4755 /data/data/com.google.ssearch/gjsvro2⤵
-
-
su2⤵
-
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
7KB
MD5aff5e8665f58068339d76ec74a42bb51
SHA17554ed5d0a630aef34e1b59882a2f9cd55729d29
SHA2561198eaec6d6dd55810a5acfc1ea6ac8161aa9573b7565c10932da59d48a31bb3
SHA512c415b9519a536f2c10821aa0d19f758d430f518822442cfd99472bf255c45dc213c5a0b9852e8678aeca1b63b61f8f20e81977aca26e61aa062784d0fe2bac2e