e23f50927a4fbf7c0c6cf176fac5bbacd132c89687fcca3c8a6d57675ad20884

Analysis

max time kernel
88s
max time network
185s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
26-07-2024 13:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

14.0MB
MD5

6c95fd1b9364d6d5f5733e04b5cb9b22
SHA1

a1227308729d5322007dcbf52a4a281d30c20265
SHA256

e23f50927a4fbf7c0c6cf176fac5bbacd132c89687fcca3c8a6d57675ad20884
SHA512

44305e7a723d54500f1380cf8a4a51eabee8a6055d0fb6fdef07d8a994f39b1d12bede8c34226be016511be648c419d9f4d4915467604e447113aead8de359bc
SSDEEP

393216:S7XoVMGJywWBY+zhCDJwTpLuwrWE8NsGEJLZ7jKQ:S7Xo6wUK90ph16Nc7jR

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.tinders.citi

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.tinders.citi
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.tinders.citi

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.tinders.citi
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.tinders.citi

description ioc process

File opened for read /proc/cpuinfo com.tinders.citi
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.tinders.citi

description ioc process

File opened for read /proc/meminfo com.tinders.citi

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.tinders.citi

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.tinders.citi

description	ioc	process
File opened for read	/proc/cpuinfo	com.tinders.citi

description	ioc	process
File opened for read	/proc/meminfo	com.tinders.citi

com.tinders.citi
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4250

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads