97b58fc8798526bfea35ed6ff26272263d332554a75672a3bc54a0a56cbafee3

Analysis

max time kernel
179s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
04-08-2024 01:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6461851c092d0074150e4e56a146108ae82130c22580fb444c1444e7d936e0b5.apk
Size

3.3MB
MD5

b731343b083f999ae0271d19ec92da4f
SHA1

05e5da65faf6fadb2a3c8dab2eb3d888ca6fad9a
SHA256

6461851c092d0074150e4e56a146108ae82130c22580fb444c1444e7d936e0b5
SHA512

84bc70e927af425b430b7a79797e5207eb6b8d33892f2b37c80e3f8fcd987a70a8e44dfccbd3b356d98e6ed413ee1dccc42211cbbe4311adb19579db6cd46eec
SSDEEP

98304:IEVF6aL7fDW3v0AMYfccAYUMF2yIOcX3i9MNIXcK:I46x3vKcAUGOcGMK

Score

6^/10

discovery evasion persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	ir.shz.shzkisi

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	ir.shz.shzkisi

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.shz.shzkisi

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

ir.shz.shzkisi
1⤵
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
PID:4451

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/ir.shz.shzkisi/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2c216c30dc4fc23fdc9a100feed5bd6d

SHA1
a125f9b030dcf699210e82647005bb0900d7ef89

SHA256
4c26085463078dd9b1c39fffcdf0cd99702f32e47aafe6846b8df62b4f685523

SHA512
42fedd187b9678a0e5b7591d056a0b8a8c02b26e5568895b3e6a82278b0e525c1f2f022a32f5610cac8f04e733a5dfe0150df88826406e874f61207cc358b92c

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7760bcb42056b8555b32000d2fed64e2

SHA1
3fe7175f925d626bd7e0d8e253685ed8edfe729a

SHA256
69bd485827cc30d8681f839b79365f6ab6c0e6e5c1d226327d9c8ef5b9646788

SHA512
c37d9c1742967bcd194befad40e88de561f18fb09555913012b1783e80f33a5b468c9c2829c82a2d8808b0770eeb581dcd239fbb8605455df3f4d9fd9ce8d500

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
61523b4498c23cb51b3ac2d01c896e80

SHA1
b77d843bbaa942cacd265e4489100a6b97eb0378

SHA256
bb90eea701e8cc6b0e14026937e76bc22f9aa3641c33e438b2aa44494b88e2d6

SHA512
7156dacba5afbe5a95b261d5f1f040ca332df79f1a33a2935720081c67e7e804055a408629d4b6d073638dc9bcd9bf8072e25d1ef72221e1d57ab258bf2684fd

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a6c2e10eb0b50f89b88c059435edc46a

SHA1
1dc1aa1f39a0fb134eaeb3b3bd00b4ee312513d1

SHA256
211497addc7ab16d640585ede14e6f0ffeed7b3842af0f2d32d0d8739d3f7eb2

SHA512
0ca5b30c9a7bbd0e8142163b3033e6fbfd9e2e948b6b77914b95f6cac4631f5bc48f0d8fdefc6f3e10728e33d8187d26600b209d5844dfa92c81e63425e20c00

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
85f8f1fe66052f7dd6df6dc21ec2e0c8

SHA1
20c031ec0430d1ec0c040cce337eb052610ccdd6

SHA256
f5fbf22ef3c0b759046e90d5ef28d9e8e015bf698ab264d565fa75158a05f1fb

SHA512
4e7c19eaff2867d2e843d0833132896d95c7dabecf7ff364f88955c39e6cad15d09073fb13356fd17b754ca84d4d235394cf1474792beeb857edccc392a7968b

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
cedc44f87bb3a77143964e7793608314

SHA1
8f5ab9786bbb6fc03bbff4775fd0102c07fdee9d

SHA256
fe5f17832143837259bd9be43673d1f7c1ed6e96586a5eab489791beb4ff2875

SHA512
9e9d76e4a7a2ef55b7f6242f5ac57343b933530b7a42fbcc308923b9ca1e1e07d604ed6cc0a84790dd5e33aa31a27fe83d2e78ead4772233a78a02a8fd020bb9

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
3974341f257d0d8ea18eb36851ec2d1d

SHA1
28a7a8c734b98d85d02ce0aad58f995eb3855527

SHA256
3715fd6753e260f525a8d5861b6262112ff51836a46e5d317c5ae56d524b1dfd

SHA512
099493141f664750ce099b199f859e3b6aab5bd85a8d181d4e5112ab9d306990bb0a6eaf5d132ec0d3c35b0616b9014dc447bf3773e6bc38f3abeb2de5e33873

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
3f0e68ea258eb649d0d0721a82558506

SHA1
208c4c211e253e235d7664f1a1b79b0fab31d58e

SHA256
effcfa91d41fcb280955f26e641268b4cc8ebea6e53b2dd559846974b6aa2a04

SHA512
2e099906153ea27cde1b45b51caddcbcbdf6f575272c2ba91589b3d63c1f84b119579f4cb785675ec87e97775d8471839f79e7eb600a168ba6427b60358e3cf7

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
aee59221d008aa2a53c2bc9ecf32bdad

SHA1
8f742c3312df3b20b2b1c016c59630fe71c67bdb

SHA256
7231c022c57134a6a4bdadf3b4d645dc9c0180f8d5a6d7b2b374901f08f5764e

SHA512
7838bfd88e7fb2a0697e13a3a92614eb2c6aa39a3db88e2d637e79be9250e747ebb35ee1f5c30ed0d31166cdf91d6d6388553cced119e242781d916cfd528698

Download Submit
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d049ec5f29dc27e32c6676556a71c93f

SHA1
3c774b02839be9c1633b715499513d44bed3dcaf

SHA256
c3e62a7eb75893d4000477af8492f3c3d81df127d7a2dfa90107acd61f295935

SHA512
67bde59d529ec208d4da74af550e0e2a4ed2cd341777782df9f82b9e01d870070ecfd9f20bc01a6987fdfc35d094f8f84aa86ca6b0953e0b21887cbf656a3612

Download Submit
/data/user/0/ir.shz.shzkisi/files/PersistedInstallation6499255016825716814tmp

Filesize
568B

MD5
7c3fce5c3bb1783be806f6b4fb02c6f4

SHA1
5bcd0d4ef77fd2762ba271babe80a5a673e304fa

SHA256
a04e0b2a3e7c1100c3e854b60f552c30a2e0ef2988189aaa24a628f83005240a

SHA512
4b9d1e0a618d3e038f5b22b6dd39d07cceea6cfcf41d3e640d5017107933be168b3f82bd6c3c8397825a2a994098516271042513380be41b941f98edbbe8a5e5

Download Submit
/data/user/0/ir.shz.shzkisi/files/PersistedInstallation741423590388710194tmp

Filesize
90B

MD5
570a1b1b351f6cc5c570e3cb7123bb1c

SHA1
a22c007513485cd40cc89d9a081ff51f9c59c0b7

SHA256
f4498139b20830644110b01ba7cdaa6e35e27acfc9991da4075cb988e9475350

SHA512
46bd4d189f00b1d13b4364368aab0ef7b411e8246ef3f7f64f79bccef6268d622440be5fb3477cc0e66b3aff27e778461bb2238dc23d88473ecd17e15117fe38

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads