db5ecea3d99fd9850870fb720d863b900ac73bc915ca41f64b6a5670b8ed32bd | Triage

Analysis

max time kernel
64s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
06/08/2024, 22:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

db5ecea3d99fd9850870fb720d863b900ac73bc915ca41f64b6a5670b8ed32bd.apk
Size

56KB
MD5

cb94bf4a1371019e30a441d85aeb0f02
SHA1

c27004069daf746b2531ecb0b1e001da0a55063f
SHA256

db5ecea3d99fd9850870fb720d863b900ac73bc915ca41f64b6a5670b8ed32bd
SHA512

d6e0bcc6274cc4233a0e905162f042ece43b4c45e9095b90b3b8d79942749e749a3c6db11fc3b94a968edca9a557dd35d17bec0d2b10919bdc11049269f8c73f
SSDEEP

1536:JbgLKxe7wu9Y5DzhBhTPd5HBBqR7C1HL376:kKxhD7BPd5H74C1Hv6

Score

7^/10

discovery impact

Malware Config

Signatures

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	trial.app

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	trial.app

trial.app
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4505

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/trial.app/databases/a

Filesize
20KB

MD5
f6636b216495f5b5924a6d57607586f2

SHA1
fae6c64204f5845976af315623d78a87af3fed31

SHA256
961c764146b532de7586f14cefffc446b97a410ecf44c66b10d8166c133a0b23

SHA512
a859ca423f84687168992592fca99b8c2fe1e26c71d2120af8644ca13f70d69ee5ce06831472904c67a3ac82014b7106cc1a8059c87670d215fce2bc9c934b3b

Download Submit
/data/user/0/trial.app/databases/a-journal

Filesize
8KB

MD5
e4fbea17486b8dbf5f8180281fcc4a4d

SHA1
6799e4236327b8702e542c5d08036addc1d88c86

SHA256
270ae3517755856d729cdaef4e9a46e26c86583a5e9ed7f4fdd2083763549808

SHA512
50cd2496ccbf219709b7df51a08138a7b2743fe8aa8af4673355bc1ee537c1f12f2cd8eb5a37ae73d068a43df09ed2fac08d5b4b1b2eb11eb21f1d7d08132a19

Download Submit
/data/user/0/trial.app/databases/a-journal

Filesize
12KB

MD5
d60d2e91550cc0fd8ebf2b6705688ba8

SHA1
5f433f6de99d5b876b536ea1f311cad3dc2a8681

SHA256
5a43c79874ab3ea277dbfbc91f93d6c6564bca2a4db9cd0f74bdbd9ebd0a1c6a

SHA512
e155d544cb1cb696bd3006e09d3e4c8786e18a02f3555fb8032b22a771b0452a410e6340a021978ae52f0bb609a496404671526b06bfec9999dfa27cdd6026ce

Download Submit
/data/user/0/trial.app/databases/a-journal

Filesize
512B

MD5
c0fcf3e3321cc189794bcf23b9a70dca

SHA1
3b9cd61bc33d5f5764725a97dfbf39162faba255

SHA256
23310838a07496d5db61d1520e1e18017264c8ca53e8d77d6d2e89804e71a5ef

SHA512
a67dfdb36699cd2040c254ad952c811ac431cfc63debcf656819b9dfa0184c6607fafa03b2f9d13a7ebc31c27455ea1b2c68dc1e6ba726b32b929a0468290120

Download Submit
/data/user/0/trial.app/databases/a-journal

Filesize
8KB

MD5
609c14ed6ed31255c2759bff02044b2d

SHA1
2c47b5e2cd64fd401826bb84500e79f892161b5a

SHA256
9c3bd2e4a88b5b50b880e156de4df1a7ce7db957bb7c3aeb9a3ee0334297b931

SHA512
719b892cf7e515f8b72350bc631f4146115c5b6dec1b8f3517b7f9129cab5d1bab409c36495e7d854d532410488f612083dbcaac3d8bbab9a757c00e4481c29e

Download Submit
/data/user/0/trial.app/databases/tasks

Filesize
24KB

MD5
49bb4fa9f1dd32193578e5a61d33e16e

SHA1
29b879c8618cf2e068f22e6d2ac79d06114860d5

SHA256
4254bf063b22f835f4ea82776f33a3c763c43727585dd62a1fcca4f41fd1a2ff

SHA512
fe0066d4a06f902605e5ccd645ce68d9cba9c034a77dcd2f1990aebd5b89b93a2912c13137a01b2514b772847e6049b3bd8205a9e63a86702055f5ddc852ae34

Download Submit
/data/user/0/trial.app/databases/tasks

Filesize
24KB

MD5
522c507dafabba7f548d42d11a962e97

SHA1
73202c05c1dbedc4721cd41435eb88f856e0efb9

SHA256
290a0296ab9782882d8e2852a22ee2b3e8bd6af6f42e381c462602043776f212

SHA512
30ba82839d511653a247924df52347346103fb8b0cef5b80ef87dce49e8c61dee60a30640db745aa826e7213dd4295bb5fb0b80bdbd3bbad9fe6779b9af20872

Download Submit
/data/user/0/trial.app/databases/tasks-journal

Filesize
512B

MD5
9bf4927218d971c35d28b0cdd80ae035

SHA1
a288e5e1a0839f387743128b934f9c8904b0ffe2

SHA256
b54917b2b3f9d0169fcf4b873271d8ef12dcde582eb78d859713713d2d0c381e

SHA512
e1f872af89fd8062180a14d1e6e18f084286596cbe5cd9d41c425a27049d41b4c12f25aa5cb9b823d75dcb92d2c72ce629a21d216ce77511645c02caf3528524

Download Submit
/data/user/0/trial.app/databases/tasks-journal

Filesize
8KB

MD5
b4132bd5051ab14e76493aba2a1ee433

SHA1
2053ff9b5236ee244ee247770836742dd87d9717

SHA256
a7d78e82ab8a581bd705da63a81cc3c8aa3ba5ef17fd0015acdb6742c1a8df67

SHA512
b393e35e27188bb3d0df77c82a0c2c3f9a24c67eff1b202becbd228fc638fe4d9ae68425345d1c3e4304e99fb014b385a5aca105f510652e9ef2ed735051f9f5

Download Submit
/data/user/0/trial.app/databases/tasks-journal

Filesize
8KB

MD5
f9867882ffe76f5ce2ee2d05c10ae171

SHA1
02822a65c98ae0a9f4cfcf35e052c956aead950b

SHA256
82aad6058f241bf22a8de1522f5edcc872b4c61e728e0069fbee236fd68c1f39

SHA512
d22347b09b09692cd10af428a177838c8c470fd9496e3dc3b6fdba1b17dc7c4a0b6266d0d4086c5094952d4251963b1a1c15152babe399b8ebd1829f87f7bddc

Download Submit
/data/user/0/trial.app/databases/tasks-journal

Filesize
12KB

MD5
22a11ce722a51d309469a9f28c57dece

SHA1
71a27306937c2341800a32e425720d1718ef101f

SHA256
7c4726ffbf81ed9e9d130230499a0d9e44b0bb9869d9a5c33fbecc656789694e

SHA512
20924b1e905a1e00fb0a3de8b660f52562046cb7b81a703663ca573a65f589c0f5ef742497bc86cd287c399461d5e109f9cef570ea5a10672461f31fe27c6b9e

Download Submit