4e8a56e810edccfc9b8ebfef9b6d92bee819e51b08fbf3e3b8ab8afbc3b3c1e6

Analysis

max time kernel
10s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
01-08-2024 21:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

vivounionapk_v4.2.4.0_d74cb3a_201808271150_signed_aligned.apk
Size

4.2MB
MD5

3200674229ed57cf762fc3d8c5137b55
SHA1

0896d5f138545dc9ddbf0003518880d745c8fe0e
SHA256

333ee74803ab4b114d6217250623869c751a00f4748c826c19ffcd7b29476195
SHA512

31c96314a2b0d80ef3d6c04c0a6894b6a8ebff7e501fd48499ea0e12969ba4ac00cdd844caf839a16cdcffa5b51ee2f33af36a578dfd450c79c7e2bbc0c521ff
SSDEEP

98304:aQn4W5hESDzkY18DTTcDPPIKGPBhFI+sqFkSOO:aQ4W5hEIkg8DTTcDPPIK+HFknO

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.vivo.sdkplugin

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.vivo.sdkplugin
1⤵
- Queries information about running processes on the device
PID:4248

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.vivo.sdkplugin/databases/unionuserinfo.db-journal

Filesize
512B

MD5
9056e59f442f7899c70343fb63b5555a

SHA1
ee659479aa60933eeecdf3b54f0a369cffdeb1f7

SHA256
5fb202f880241199b58ba73e45e18033e50268d1c47f5ab3823481418055c4b3

SHA512
579d68067fccb214c9b554f2c98341a5dd3015dfe07408bd6d723ba55fe1c565bffd9213b103a2b4005e2e1f8712ab5f7eb0ba3d78cab94dc223c86fec76968d

Download Submit
/data/data/com.vivo.sdkplugin/databases/unionuserinfo.db-wal

Filesize
28KB

MD5
26c22e7d2e7d8ab50837c3dea9dbf954

SHA1
43a50ba3e4147e9714b2f7b1a494824e6648db43

SHA256
6176b4381246dc6be884107d69c42cbd5cb37657508d29834a573e644f33f545

SHA512
c86658ea0f1439623c12ddc96d9c0dda912bbc43cd04aa957da2b53e6e0945d65adca45d099d899fbf34c7cebb27719d8926745c5f3f58f08dbd8dd9afb137c4

Download Submit
/data/data/com.vivo.sdkplugin/files/vivo.crash

Filesize
515B

MD5
59e1c248ebdb593d2701a3fa9e1af17c

SHA1
0033ba2e7bdc8af1d6456ce4dc24f80e0e998358

SHA256
ac7d74cc267685c6d4080e72adc9fec7d3b2a3f00fca1fa32cc50871f40efda4

SHA512
0d237a3a7a8ade5b0d5de4aec8df5066de8956ed3b0136ff75c58542f2456e19faf027ee2d03ecb50afee5a7565a05c1d4c4a47a9f27eafbd5a11591204889bd

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db-journal

Filesize
512B

MD5
40664e27e21731fad6daa0fb3d3f3819

SHA1
0da8ae4c7a185baf77b3edec0b335a187638c67c

SHA256
486da1b66bce00d071457f3ba5390cf850a0eef52760da2d4ebefdbcc1b578b1

SHA512
4cd40f76ce7968755cef12c48141d3dc179ad8fc9a988515c03304e162f1375a2ecbafa8f5e13bbd9a8e0c7916b18be5265b27abe4a6218630bf12bfca57e58c

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db-wal

Filesize
28KB

MD5
6de32329309a2df2a4c5f6791410caf8

SHA1
ef1d1b15716b79e6cfd23d595deb30ef5bc1181f

SHA256
10763faf1ab2c83c472ec46e5dbf4079997eedaf544b5779f11525f4c8269713

SHA512
92b4d5ca2a873ca80e8191fdfd959f726cd6d11683a6d033c61c8776dee68a888d950305a16a8b9ab50875b30bc0c6f444cf8a60b2d2aeff589aabec1c60fb2c

Download Submit
/storage/emulated/0/.vivocrash/com.vivo.sdkplugin/timestamp

Filesize
82B

MD5
83abef49ae0975e7a5fc34bcf39a1752

SHA1
4c37b316ed212f3c0f3cef1c2a7f29a116165a63

SHA256
d115cb16f6cab304711115476a7f6796471ac8eb3842a849f36b67fa55bf244b

SHA512
c275f4784eb1c1a38a642fc6a9173778401fcf2c1d948d9465b313a3361c1c9f08354bde4b2dba1a2d88aa5c1cca0529487fd15d6541d273586377a53b8d6b66

Download Submit