Overview

overview

10

Static

static

10

app.apk

android-9-x86

8

app.apk

android-10-x64

8

app.apk

android-11-x64

8

Analysis

  • max time kernel
    123s
  • max time network
    134s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    01-08-2024 17:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    app.apk

  • Size

    2.9MB

  • MD5

    2f9e86a38a6fffb11558d6574f0c34d6

  • SHA1

    3a8dee7c2126324d207495d11088030a887fffde

  • SHA256

    5175de8c62639156f351a42d563492440884885d38f895475f4f060597e5f6c6

  • SHA512

    3646f04d461512d51db50b1cd81e67f34c6c5e21b1d3f8354be5efffb8c32e050f5427ce7305c031d1c2cffdfd95ce47c7079d981ddd746f4e27544fb951f616

  • SSDEEP

    49152:EgWFAXE+483B4UYjZsj51LUg4+/UUwXVF6G8hL8P790ewYJWIzLDhMOJfjMtM9xq:EgXEW3B45ZsjzD/UUcVPO6J0eHsIzLDi

Score
8/10
discoveryevasionpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Checks the presence of a debugger
    evasion
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • Com.ukjent.app
    1⤵
    • Checks if the Android device is rooted.
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Checks memory information
    PID:4458

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/Com.ukjent.app/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    31ae3b06eeafdb2c214ee4cade4adda9

    SHA1

    c122abbae462321e0634cb6a5c3ebaa9b2d8eaf5

    SHA256

    48bf73e63b7b9d871cbaf7dda41dfe8dcd0944051e218aeb40ac06056419fb62

    SHA512

    1757429702046e8fccb904151173b83389ab529f0ef3aad1351b54764934fa12cfea17041f8f1226e0f24efad7dd7344d8847f88872fb82808e69e791efba873

    Download Submit

  • /data/data/Com.ukjent.app/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    cc9f6a6cf1bea19de3ee30fb839c0811

    SHA1

    1d213445d95c61c94fb15305844125b6a9b0aa28

    SHA256

    44ea51a783c6b15827bc7b5f95e3e63fcc18bc713bb5f190ead4917428c6fdaf

    SHA512

    2920cbef3863e55dd73facc64279a801e2d21ecb7368b6ce5301b2ff1e90a3d9fc3fd4726e6163f39e7f9625314b787a1fd7d47015c736065f690c05ca7bd2c2

    Download Submit

  • /data/data/Com.ukjent.app/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    c9242229dbaed780806cec19573a0238

    SHA1

    767f3cab076adec2bc63c7e9eb81d589f62aebfd

    SHA256

    e9c6ed45a3d276b5caba4f1f1c676222be77ed133731cab94ee8189c6a6e4064

    SHA512

    eb5c45992442503122cc6ac0d2127bd7eb5ae13e0403d8000461ca42f6b0f506b030ffd3d74ba54b491cc177c6cbabccba46be33deb45365949ad1eb22ff5b65

    Download Submit

  • /data/data/Com.ukjent.app/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    d9cf75fdd1c2292d986f6c3d5d60f2c8

    SHA1

    07ecb1d3a26d952ae5fecf54f36699ab498510b1

    SHA256

    2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

    SHA512

    442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

    Download Submit

  • /data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    f0a97922927f75a4f25af1f6bb8396bd

    SHA1

    c8b3c75e95e8f4d3551476635aa9707a01f373b7

    SHA256

    06152d9f17157a03fe3576306eb6020fcc24a22f95d934acd23daac8b2bcc3a6

    SHA512

    33a53b1e451415954412273cae41b5921294da1fd71c8e9ccbfec13097edc3e1119d955c288f84a04a24b0a0529e5e706392fd38f7cdfc918bd3462880e4c42c

    Download Submit

  • /data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    2f27abd5213d032219a788e36713b1e2

    SHA1

    12bcae0a96c2226d02fb36400ef868b62cbdd0f7

    SHA256

    39cba9e5ef473c82ca9b43a598aa0acbc39170cf8224c30fc613b567e1e66078

    SHA512

    765c5a735f348e7ee75b2bf92e965d726cbbd405ba9c6f6fd3c0700f46adc46120caf2f57694e29e9099316655af466e778e6f5ddba575404a1297abea68289d

    Download Submit

  • /data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal
    Filesize

    512B

    MD5

    d6f3ad0f0dada4f6dfe01b5fe3627668

    SHA1

    cd58ce7be8e17428fc28db17921b8deec8c80202

    SHA256

    57d795bfac133542774156041f780655d76d872a4389130a4f5ee0f5ab9cb6fe

    SHA512

    e62bd3915ad05758c863c423c9a532299e16ec2b75fc0dc6e131676e0d6009612c1c6a05ec0bb717aa568ee03bf5e35f312d6d8ad32cfeeab281b7efed629aba

    Download Submit

  • /data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    af0bea5eb2cf684299c924517f0f022f

    SHA1

    47cac7660097f9f97fab647575a42fde37aab7c2

    SHA256

    96470254c66a91c52e6214b4ffcf41f361f51e27b93809b70f679966ed76506f

    SHA512

    f2a830b7461afa9bcd8a2dc78b66f3c805f9332c90c106aa5378a4cc049020989671f4f7ef87f0ca84362928d60dde7ab0d779feedefa0c618381e92a79b2479

    Download Submit

  • /data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal
    Filesize

    4KB

    MD5

    9f54a7cb9462332ee9e74c6b312cd7ff

    SHA1

    1d2b0a44ba9009032f1e2d89f110f3d35bc71c78

    SHA256

    afcf8bf8f692c5d568fccccbd594d07fba91bfee9ca78fd944882613184fc550

    SHA512

    f933c4821e73086a9ff58e38ba5f47e163408a9b337e4731d77b826c8308589feb3bffe7a27f4d82f19f3893f608e32cdc2a06f674aded37567e5efd530fa726

    Download Submit

  • /data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    cd933a2c521816503d6fbfc99b966cc7

    SHA1

    03ffcca5d013579648209a8236808113cd17f1dd

    SHA256

    a455525cf8074be6ee952d08f30e7d3b0b3c334625ab285514e7d7c0a579a78d

    SHA512

    7d3538bf5c5f742739dfe5ef1ffc6390a71679ae83ab19c28012653aa6214e0a8dc86b37924fb8bb3ab98cf62c78bee09d14b332ba76a8a7372546065287ff63

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66ABBF9202FA-0001-116A-2AB4526D9BE2BeginSession.cls_temp
    Filesize

    77B

    MD5

    87f1ea2d171f93b2aba317690dc9d0c8

    SHA1

    64622032f48ca622f8ef58526e3a28553cc64ab4

    SHA256

    f845bbd0ecc55e7c9a7fdba4f21a8f152b4898b4c53d58def4f38010608db2d7

    SHA512

    18bacf24fc5d32b4a265b4e07a655f4b1b6c1188608aa341cca9bbdfed6ef22b12f238388e991a518bcc0a02ff8548cdfc59a67a8994385909b69010ad3161fb

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66ABBF9202FA-0001-116A-2AB4526D9BE2BeginSession.json
    Filesize

    132B

    MD5

    8226943b1e391f2421f87167236b6846

    SHA1

    478ce51f0470235a71a5b88fb3d9ab9a4c69115f

    SHA256

    16d1a2c450ca103fcc1c9f6118487360b7cd0cca65061ca675fdac4d29e6ccd5

    SHA512

    a630471aa3674bb158311ad290f64f2ee3989cf1c1c8e9f6d3b52a159a93b13f006a3f2ba439a648504ec4144f7073a46e837d9f20e7ef182aa0f331e8664a14

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66ABBF9202FA-0001-116A-2AB4526D9BE2SessionApp.cls_temp
    Filesize

    106B

    MD5

    7b6862f9e7346cb2d657bfd5898a9987

    SHA1

    4112b6cb92d5c492729799e061ff53c77cee6b7b

    SHA256

    5429eecc32b85b883255852f17101677296058b4fd408666d8c37ee81a854877

    SHA512

    67fd47a9aa284eb82baef06ce56c49321e9371bd464927511ba578f47813fdde70605f329d62a3bd30f864279322d944d5cdb965284f4e9beafbde7bcba26f49

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66ABBF9202FA-0001-116A-2AB4526D9BE2SessionApp.json
    Filesize

    220B

    MD5

    1ee71773d11b55922fd56a8df6404f65

    SHA1

    d91330680f7fd7b918258ac9648e863df8c436a7

    SHA256

    8a1484a52be5e71fe8cd4c237c35b63e95cf1240a0b8fe6b13415ce7d28088aa

    SHA512

    68b13d9f00b01c75e4f9588e404b889ac240772a946643e3e8f7572b28bf66e235bc3349f911259961e37195b6819df7462f520ecf39814c5efdc66b4dc07145

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66ABBF9202FA-0001-116A-2AB4526D9BE2SessionDevice.cls_temp
    Filesize

    48B

    MD5

    fd6372364a5c5c9cf8945ac3ea7a5d94

    SHA1

    3c798cab71f6ae7a81e71e58712368231230588a

    SHA256

    7400bf714ca32b64dd89440c9d5ace4e0115ddce44d169839e465df0e1638641

    SHA512

    a18b18d061dfd979bce1e0b769009668c322300e7174f51d2532e86dc6018769194507a106dd30b97317f8c1a7539d13a7baeab2900c1e00da7c74e899dab276

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66ABBF9202FA-0001-116A-2AB4526D9BE2SessionDevice.json
    Filesize

    202B

    MD5

    eeeb942571fa704cf8ae49731fbe9789

    SHA1

    b5989c4cb932ffc779ee25bb3f7bfb79cf720427

    SHA256

    78809f7ae96de01e3922b6d3a134c3f7e9a0cbdacef313f70e8d9345bf5fbd71

    SHA512

    71e55c16f9f8fc936f8607448916bbfa1ba233b7120b8676fe11552916ac4dd3e3a7b0f9c31e14048933c8bb9c9d6d630ab7d28389f31749640cc965b2636565

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66ABBF9202FA-0001-116A-2AB4526D9BE2SessionOS.cls_temp
    Filesize

    15B

    MD5

    b3d9541cc92a9153d14e5160f8d8c008

    SHA1

    2e1ac80eb381dd82a03795b682f92020348c0113

    SHA256

    1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

    SHA512

    78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66ABBF9202FA-0001-116A-2AB4526D9BE2SessionOS.json
    Filesize

    55B

    MD5

    fc1dcee4e422d77e7fab7c08c8a41344

    SHA1

    d5340127e9d5f735b9d33b9dc61c772fb0e2dc15

    SHA256

    b843f05ed78cd137c272ba7f0ce8ede3aa853098a856863e51d5c223b58f21c7

    SHA512

    3ec07617e3e1008572f6f2528de9d4b827050cc5a7cf19a1604c961f9ec370ede6f5fd83bfcc252c0ee286fe244ee6734046ef1aa638dcfc689cd4407a6a8f61

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
    Filesize

    396B

    MD5

    f378d955830bf9893969527e79afe1a4

    SHA1

    705e20ac1b7a10a17b6ecbdbe2dfda7ff78ae2db

    SHA256

    3e0bdcfe622568e3cbd8ce82d5d219e6044879d506b89d35c06fc50f3d9eeb9c

    SHA512

    fd8ba3508a138a61a76da6f4da5406745b18832e5fe13c6e406815e02348172a0ef4a746540e0466f371bea3ced807250c79af5013c0cedb230ce8e14536b224

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
    Filesize

    779B

    MD5

    b9b70c4bafb776ec1b0dd89b50be300d

    SHA1

    743cc58aebf05b54ee940915a1ecf38aff693489

    SHA256

    effcd9369c2f9f79cac34bea27af3a3060ffb977e5f6a5fb79942fb4df2fefcb

    SHA512

    4eedfe053d830ee92ef0c1aa04baf25b5274b6a08e241c575e8e5f3178cb62c650da06525c19964c420db736fd2ffd6dd59ada4e847e8b880648f85df795cf57

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

    Download Submit

  • /data/data/Com.ukjent.app/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_e981957f-8d61-4de6-8739-e07c2239e9b9_1722531731967.tap
    Filesize

    328B

    MD5

    ece66b2f3f10a24957180f1c79af5d75

    SHA1

    e3df54a32d2b7713202c2b76cfc1b0b5b01b743a

    SHA256

    e3e69481c37b28983ea929433fce2b01b1d3a2c3b2c2c22b398e2eb70b04738a

    SHA512

    70474e910c4bdac810826b16aa18e2f25027ce62a93da7210968784450db6ad35edeb12a9465d96bb3684693dfd32265d2168728351ee5f59a24365ef47a4ef0

    Download Submit

  • /data/data/Com.ukjent.app/files/PersistedInstallation1823125031003869548tmp
    Filesize

    572B

    MD5

    cc270fb810d3921b2a07d095f0c27646

    SHA1

    6aa756a8b529fbd4f4ea05ca0ce031e43dc36c38

    SHA256

    5c55dd8eb7547f763e88bdff3b022455dc51add1435dbd7c0d9174736263f387

    SHA512

    d4145fa17c03f602256ae651527cc4c8b675600601dfbe16771ebb6ec9f4b5da37de350f798ac02565396eb199f9bee5670664633e0a22eae0578953617c9259

    Download Submit

  • /data/data/Com.ukjent.app/files/PersistedInstallation5628457731843686032tmp
    Filesize

    90B

    MD5

    b6f39d7b1c8c85476898b0c6bcd835c1

    SHA1

    6967133d22f071f9887c7e08ed4a9fdf81e3d923

    SHA256

    6b0fdbf92a8742240c1f443b0a21170ea0d93d78be1ddc30b04c9f33612227c6

    SHA512

    aa8eec590c7dd3713358b58a75fd2dc8c032a22df64990c696fed9d5c3d5fa480ee031c22ffa062db24b6bb5d95be26c4b39e7d60b09805099942154db4bbd28

    Download Submit