db5ecea3d99fd9850870fb720d863b900ac73bc915ca41f64b6a5670b8ed32bd | Triage

Analysis

max time kernel
63s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
06/08/2024, 22:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

db5ecea3d99fd9850870fb720d863b900ac73bc915ca41f64b6a5670b8ed32bd.apk
Size

56KB
MD5

cb94bf4a1371019e30a441d85aeb0f02
SHA1

c27004069daf746b2531ecb0b1e001da0a55063f
SHA256

db5ecea3d99fd9850870fb720d863b900ac73bc915ca41f64b6a5670b8ed32bd
SHA512

d6e0bcc6274cc4233a0e905162f042ece43b4c45e9095b90b3b8d79942749e749a3c6db11fc3b94a968edca9a557dd35d17bec0d2b10919bdc11049269f8c73f
SSDEEP

1536:JbgLKxe7wu9Y5DzhBhTPd5HBBqR7C1HL376:kKxhD7BPd5H74C1Hv6

Score

7^/10

discovery impact

Malware Config

Signatures

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	trial.app

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	trial.app

trial.app
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4253

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/trial.app/databases/a

Filesize
20KB

MD5
b5b6247a1767f4299bc5dd8484bd2a31

SHA1
f13e13c42752e0aebcbd4f55d14842e2bd99266a

SHA256
71532ab5842f2678822230cc633f7ffedcb7b4d80a80bd6c5cb955bb6fb4f1f9

SHA512
ad03868a4bf2915ad92e032b9d266f5592b766264915809a4d276d9a0f7e50832a116c44615f041b7319a5704ecf6db41b5013d38619c8e047441e308043c015

Download Submit
/data/data/trial.app/databases/a-journal

Filesize
512B

MD5
08a86467de7b849511044de1f5a6e44a

SHA1
9b02506eba00d6fa45f26eef8a175ce7da903974

SHA256
1e9d918ccc217bf4698e5f01a092fcafa878e0b814a510978ac1b48f801be69d

SHA512
eb7ae39dd683fa4487c910126552ebb2655b34befea53a4b06886785b81910c003bd438c3051fdb5ef544e313dd325caf76a4a8ec12732e128bfe077e75fe749

Download Submit
/data/data/trial.app/databases/a-wal

Filesize
40KB

MD5
dafdd1c9ee80a059e5ec494b30297b55

SHA1
fe214217ecbed3823c17956d903aade29049d554

SHA256
a415cddcb93da63cf67a29e967f95d51fc45f84c90108867e0620194a537a8e8

SHA512
4d7f3f2273d767e9aaf29c7ca70562744b12840571828c40e093c3aac5e07dde85d9bd1b3a19be563b1f18e8791d89846fb6f66fb66f008ba0dd5b26930c5b36

Download Submit
/data/data/trial.app/databases/tasks

Filesize
24KB

MD5
923f61290c1520c545a6b054ce96e72c

SHA1
5b1953bf67048c4a9d7ef49ed2c5c0158b01e69a

SHA256
67ef46fe4f8e2bc52cc89ad00d7e340c1f4331081bd0d84a8b47321e95076ace

SHA512
6d5f7da0eeeccb4e4abb27172800f58087d1cea0d28adc24e0e8a26c2faddbaab4012e0ba583c7d4526194f64936f0f3c3a0f0b58a42d105d6b10383a5a2e711

Download Submit
/data/data/trial.app/databases/tasks

Filesize
24KB

MD5
41f7cc1c567ccfb080b95d61b61b0072

SHA1
9d01ae056613e48e4a70102b9e7d3b6a393ee0c2

SHA256
ff395213e68e57469e1c5955ee3bdfa276444dbea120993f8357cfc628ba257e

SHA512
4fd251e1b351b22dfe186a444368c2ea0c224e237673f50d81103c4e989160750a44a3c2e5dfba9beedf4681a155f9bf6468680f42f016eaadbdef7f195486a5

Download Submit
/data/data/trial.app/databases/tasks-journal

Filesize
512B

MD5
87debe7fe47374686b949a0ec3bf1464

SHA1
53618775ac5f81ce29ed1ebd86ff2b28c6ea64b6

SHA256
747618ec1d1f67ed2d715f99d973ab536b72036b80f348efa312be29eac35210

SHA512
00e30bba7fa66ca3a600fe0ea25c48fc1a01a736f67b4d11796e31bc9abc84d6588634f2bb4683dcb230a1604adb3162cfa86898b02e9a28201c68b2bc9fe583

Download Submit
/data/data/trial.app/databases/tasks-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/trial.app/databases/tasks-wal

Filesize
36KB

MD5
2952ca2864a0884f6ea879d90ac80a1f

SHA1
2a1af22c9f71a109d3f94764748935bee3559d65

SHA256
e3a29dd780a7aef6e3323041bd2de577b0c9323b30c58d764fdfd58004bf74f9

SHA512
9165d3f68a8bf49b1f7461f704d99d5af52ecbe90d19e73f536f79553823adbd57a8be5b53bd74f7008bc6e92c215ff7d0e352d95d736efbcb90e50d95991d6c

Download Submit
/data/data/trial.app/databases/tasks-wal

Filesize
8KB

MD5
eddf3421ab2ddf99a9061c4970819728

SHA1
4d8f763d7126a2b1796bc57efe32a8b38ef40a91

SHA256
04cd06eb74fb8844266ef980d773e4e9607f142081735603b7debb5a6bc28086

SHA512
8ba0a49e51fd57747b112cfeca6efe55c828aa2442669dfe61009013dfdc940704270df73187b305fae68ea348e320f545b98700f9de988f1bc3b0fca353a474

Download Submit