3463f2bf09900e924cd2dc0acb1a4ca89e37c74122425c43526dce9aa7a53b6a

Analysis

max time kernel
31s
max time network
136s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
28-07-2024 09:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

websiteapp.apk
Size

120KB
MD5

2a09c421bdd683df5341927efbdfa9f8
SHA1

a7c1219c08ce6497a4164a3906c65b86c56ab28c
SHA256

304acefee76fb67e6334de086ed4cb840f7db979b4d40bc4ca5a21f23a31f9a0
SHA512

9b9cfec9123b8709678c4ed59315a89fff876803078fe4f3db3f137924b84750fcd58c2775ab9c9aa408ee17729bda741c4756f1845dc7557fa7894894f24e89
SSDEEP

3072:8UTayZi+qzo0uCCTyahU63D2Wn9o4vamgFI9V8fKsavJ474M:wAj0uCCTyahU3WnVymfV+KsavJ479

Score

6^/10

discovery persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.appmaker.testappsx

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.appmaker.testappsx
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.appmaker.testappsx

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.appmaker.testappsx
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.appmaker.testappsx

description ioc process

File opened for read /proc/cpuinfo com.appmaker.testappsx
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.appmaker.testappsx

description ioc process

File opened for read /proc/meminfo com.appmaker.testappsx

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.appmaker.testappsx

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.appmaker.testappsx

description	ioc	process
File opened for read	/proc/cpuinfo	com.appmaker.testappsx

description	ioc	process
File opened for read	/proc/meminfo	com.appmaker.testappsx

com.appmaker.testappsx
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4258

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads