db5ecea3d99fd9850870fb720d863b900ac73bc915ca41f64b6a5670b8ed32bd | Triage

Analysis

max time kernel
63s
max time network
146s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
06/08/2024, 22:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

db5ecea3d99fd9850870fb720d863b900ac73bc915ca41f64b6a5670b8ed32bd.apk
Size

56KB
MD5

cb94bf4a1371019e30a441d85aeb0f02
SHA1

c27004069daf746b2531ecb0b1e001da0a55063f
SHA256

db5ecea3d99fd9850870fb720d863b900ac73bc915ca41f64b6a5670b8ed32bd
SHA512

d6e0bcc6274cc4233a0e905162f042ece43b4c45e9095b90b3b8d79942749e749a3c6db11fc3b94a968edca9a557dd35d17bec0d2b10919bdc11049269f8c73f
SSDEEP

1536:JbgLKxe7wu9Y5DzhBhTPd5HBBqR7C1HL376:kKxhD7BPd5H74C1Hv6

Score

7^/10

discovery impact

Malware Config

Signatures

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	trial.app

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	trial.app

trial.app
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4998

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/trial.app/databases/a

Filesize
20KB

MD5
7e4be44b3e542359f195dc8e64adb855

SHA1
09250cb2d6cdf99d5dbd2cac6bfa7127c4260a2e

SHA256
55279715b6eb679f0c7612a9eb4c68fb019bdb83a774c0677d93e6db46507b16

SHA512
37c801f14b7cbba421b50b1f975d5d229509995d054e1353ef9a38d698f1ffdec757e7cccab8f0faf4a011e68e1bed4858d9314e2464d1be4a69167a72ee092a

Download Submit
/data/data/trial.app/databases/a-journal

Filesize
8KB

MD5
46fa2a342f27c81e353ebf923d16bc44

SHA1
4f4f4c095d411f0975566d66c4ed7d383ec6ab10

SHA256
905e6b422734de64e8aae0998e5896403c064734071cd4d597ced36d51e6513e

SHA512
277c3e6a323c19054484c09458392810d9d30a4f7d2752787c26822bcd567e82238150a59534842a3eed89cd3fed1f66a323680e4581fdfe7d0c7ac321b1d195

Download Submit
/data/data/trial.app/databases/a-journal

Filesize
12KB

MD5
2d97791b87581068e03f633b86e63beb

SHA1
1f0d64fee1f5fc2695d1f5c1be8e8107824b58c3

SHA256
364f075c257deed41936ce3b4c2bfb90d336d2418199df7cd6fe92b3222ac0ce

SHA512
c134822d36a5acb087b52ce597336b5dcdfbb6b0e47d8ea2f3fde98ec24a0cbd6b4abeba290385225589d60a75798070940e275862ddf47ab72c942ce38bb287

Download Submit
/data/data/trial.app/databases/a-journal

Filesize
512B

MD5
7432ee671c1e8140d10f23d172aecd6c

SHA1
65831441069444e1b7f09602a67a21700e6c65b0

SHA256
718f318d7f0b7086724969db706becdf89fce7faab039c83e2809940d2b8d06b

SHA512
0b8be4a4d8b6f844c511fb97cd8a3c40547e4d15938b5645b37cc75bdaf423dcfbec104e0ea19177bc3b1d4af1ec2c4fd0a423fbc22196ae7630f0233ac54bd0

Download Submit
/data/data/trial.app/databases/a-journal

Filesize
8KB

MD5
b438430b8ecd6dc6abe181cc5f5a29ee

SHA1
3ec2fccebe41405d811063322e502c67dfea3e55

SHA256
8e3747cb7dce210393588cff1197322437b244a300c1529355fb70e3ebcfe6db

SHA512
a3b6d3b7c0de903c9ec440b4b468baabf326cb51683da30c9130788450bddb3e4f34b5afaf4ed3ee9a278a8cdab3127b05d20bb4191026a7553440ac505eddf4

Download Submit
/data/data/trial.app/databases/tasks

Filesize
24KB

MD5
765fdde431be43a291419c64bdaaa828

SHA1
d58edbc22964b7d0f0bee72abf497897893dcedc

SHA256
10c56c206274e5539b6322f1cf1c9d000295c21bda1424b967e7c53cecd117df

SHA512
9cbee922486b2c8b0eefd28a2ac23d60979bc793fda29e201161421eb2af71eaa0f26fd2d5ca8e897779983d197671cafb6932ec613cf81004d05060bd5feb64

Download Submit
/data/data/trial.app/databases/tasks

Filesize
24KB

MD5
9e4683f0005851c8272396d66150c55d

SHA1
243d69179ae334e9904759639f2fdf7443eb83fb

SHA256
9df0d8c9b6d5e93cff88be6d4819c816403c37678df356aa2f313b10281765ac

SHA512
7b9117ce3056017f12865f10ba7d028c7bc0fc40e37a92b02cd88fb338c875436e0cb40bebd328f20c3ddc974f5365f949cd2be84808ed346c3c5db2f9bc38d4

Download Submit
/data/data/trial.app/databases/tasks-journal

Filesize
512B

MD5
98d7f2a1960c127bc8ce5a58776f3f46

SHA1
0f22f921b60f482a6063a24dfa563b429703bec0

SHA256
e8f3fdb03bdef1f6d9111a50c429a131c6bb581a0baac583c57d9fc1ed59c781

SHA512
55fe4e453f742e7bb51261b02638ef65cb2b15d5047bebc55932db5e418e116687161e4257979d7a2de1f4a0bb8343847ff6aae21014078f9541520572bf8755

Download Submit
/data/data/trial.app/databases/tasks-journal

Filesize
8KB

MD5
16e547e940d99522cbb31757befd3713

SHA1
de329d36562d82723301f26b44d99bc0ec55a3a6

SHA256
0c71748798909d303098aeb9365975e17a5f43574e4bd1ae874a70dd1137ad27

SHA512
0f6f536c1eb934417db4e3f521a5e79dd89438438b8989236bdbf3424f616be18cc00410fec8c1d6bfb2932c58c3fed8716574a9145a3e2e3c4fd99090b6f336

Download Submit
/data/data/trial.app/databases/tasks-journal

Filesize
8KB

MD5
5a11f023e5113ff26c2ffb911010d940

SHA1
9fe07ae28ecacafd907758f9fc3a43ad59d6a92d

SHA256
a60cbf78cd997ef6444f10c9df06a4917b7d14806fb38eaf783466058211dc1b

SHA512
9c2419800d0d341ab1c8105e2422e71943a519aa5a6a743b9ddc68da9f779f2f272f1daa30297d208e204ca8c17596fb4d4985741908b3ebfe90e20c275c6321

Download Submit
/data/data/trial.app/databases/tasks-journal

Filesize
12KB

MD5
b06074cbccee1dcd5492de7ca641092e

SHA1
7566189ee0dc96ea0488892134c6698d5a2bdda7

SHA256
3a3f240d084eac0ff20207da66cf54e335dd6de58570d2da1f779ecd4c88f597

SHA512
c8a08c8b50b65a86599f2801caa942ade90bc537330e0c3a93fbcac01d0e0f634c6f9c4ddad9171bcf794b52e4d706b3097557f04a9702c96d7aee76dd64a76f

Download Submit