Resubmissions

09-09-2024 06:12

240909-gx9f8avdpp 10

09-09-2024 06:11

240909-gxt2jaxekc 10

03-09-2024 10:25

240903-mgf3matgml 10

29-07-2024 19:19

240729-x1hexawamq 7

Analysis

  • max time kernel
    47s
  • max time network
    142s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    29-07-2024 19:19

General

  • Target

    Mellat.apk

  • Size

    6.4MB

  • MD5

    9cca6bc6dcd20c4e2e61e21e72bec62c

  • SHA1

    a157d6b9f2ba4bd8124f40a8b3e3d3006b21fa62

  • SHA256

    0bbd59618f244b78e5ef449c183be032096ed408049cf8a130508ffb928f3382

  • SHA512

    bd6310ccd78b474aff7eb317f811e9f326c196bd681bc8a2b697000deb8f44828a620f42b11d43c5e909911eafb38353d6fe4e4be21e2c1055c914e61be3480c

  • SSDEEP

    196608:N9ZCIRe20kC4GwFzQ1bjbYjaF8N5jxyBBfLX:lCIRezkMwG1b/iwy5jxyBBfLX

Malware Config

Signatures

Processes

  • com.formelleetae.com
    1⤵
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4250

Network

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.formelleetae.com/files/profileInstalled

    Filesize

    24B

    MD5

    2d81d5dacd5cd52ee8bc4411e5667c47

    SHA1

    db2edbc2dfed92adf0a519d6b72bc7b115d1a4d6

    SHA256

    77cd6536dc30c02762e32c958319edf0409f5a77435f1d66cb4794001ca4cd1a

    SHA512

    11a733af2496e7c50ba3ffc021b6d51c4db80b4f94f04ba33d34702c06809e3a7fa5f074526b64e55e072e00f310b07a50f3bed94f15d376ecb18ca48ede60ad

  • /data/data/com.formelleetae.com/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    1dff63fcdc0eb8323636f36376511fc7

    SHA1

    25491c05d4839ad5623d83df321bbcf8346fb0dd

    SHA256

    f584caed7d937eb1f6465e71554e0c472127c796298c000a3daec867cf89f3a6

    SHA512

    d68a6135d25a83961c14918f064bb58a056cb6e62148050b204a746cc2ff765fe686307753f003c4043aee04b212d279e95b35bc7d1d25b4836cce1e5008ea06

  • /data/misc/profiles/cur/0/com.formelleetae.com/primary.prof

    Filesize

    2KB

    MD5

    7dcfa09da25f186d481da6501b55aadb

    SHA1

    431dfef5d23c4d6fb0f2f5a2a90ec8d215475f33

    SHA256

    d0332d7c3a791a2d01ee4ad2cb239c20778d358113cf7ed5447974ea192e1bd5

    SHA512

    84ef089fbf1c51913ede84525641725eb1bead3dbca041924517fe516589e41eda61c1ff7046a3e13d541edffe9f26be789922f5a05ea2dca4a1a827be89b154

  • /data/misc/profiles/cur/0/com.formelleetae.com/primary.prof

    Filesize

    25B

    MD5

    b9d9e0f8902d129e1aeebff0ae7b725b

    SHA1

    cb0d2b4c9dd60a5c1fc6261fb581bcd3416fe781

    SHA256

    25a822139d06016af8be1296c0242b60e35074f94c713e03323636be1162ce91

    SHA512

    f158a9dc753e0cb41f71a98714ff02198c576bacdd792a6153fdaf6f9a7b52d8cfb6d09099a269d0c1b0d31e2ea5a307ea1db85115bdc6797887a6de36d597f6