5604a97bb438d66e71e2dc85766a6afef45ff29e4305dd38ec9a6c3dde356e54

Analysis

max time kernel
122s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10-08-2024 09:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

3.1MB
MD5

a83594f9fe6de44660884e1b126d26f8
SHA1

3397315e766395b5e35771309b833d37e34f6d5d
SHA256

5604a97bb438d66e71e2dc85766a6afef45ff29e4305dd38ec9a6c3dde356e54
SHA512

c42fcf479211266ffa186aabb9832f38fd48cf69e34cbd89b69ab3f79f7a26788c4c63dbd68bd47bbb51804624b428b5a5aaa01bf215f018455c398ccabcaa06
SSDEEP

49152:A/coYJslBHFyaFOD8TsWYGpS8oWvxK6Nj7LjfXsgRkXT3yA/PIWW:OUIdFdHTsWYlW5Kwns6kj3yGIT

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.Mad.api

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.Mad.api

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.Mad.api

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.Mad.api

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.Mad.api

com.Mad.api
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4249

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.Mad.api/cache/2

Filesize
23B

MD5
96193e959baea1e2f27d995ea1a78f4f

SHA1
35ca86f177dc40ee897051d7a25465229eff16f9

SHA256
5b8965479df32457034e64cef1a1c6c5f1012c3af1c92123f11f8321b28c5a03

SHA512
cf6acd549795ee14ef3debe06f22f021c13ef3108228ed5b8a8cbd837f7836680646aeb4a5119ecb9da8ffd8917dd8f105be2ae442c7401a1ebfa5ca3120413a

Download Submit
/data/data/com.Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
898a1c9b18c633d08f8ea8995095df53

SHA1
a74cd9ff916cd10092b571f46ce4730a8f33535d

SHA256
8dbd20a4b78d0dab35c2731583c68dfbc5b27ae1825e61b80a9e5f38a2e87f93

SHA512
f8261a262694f0e548f8b3ce41b4eea0b0e9ef34a51ffbad5a7729bea387e59ca099243e7c29ec1fb376018821a9556fcb15b166200889debe6cd7525ec5039b

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
754463f38917c95490dfd15e96de5ad6

SHA1
ee2b66c1ea09a463d2b401926ea1b70195ac3cf9

SHA256
88bcc454bf6937e15942ced1c27fb43011ea14a57792a650e466f9f4838afcb0

SHA512
f613957356c6ebb1dbc4cbe1b7eab290d9f8569e7d4e02b72fb75e6f700ca00224457c419dbe33b3e073c1cfd124a59bea2f0bd79ea6e08ebdbea8b535dd410e

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9da5e0689e103b27c75d805bab9b0536

SHA1
3f5ec0f47b12fb37f44617c88df40aa3e6d85db0

SHA256
c58e44f7599464047844c9a942a3cbf4719d592c8a5c27a3db2aeeda65e118a2

SHA512
59d00371ecf54856c2d625bed536d5b0fe5cbe5a98d14262d21712b845bd0a950db4362c0d053665af458f5d5fa35466ff1513dbf8bd6e8e52c8f292d9bd4d1a

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f918f1df7494b37e2cb2e8529f6ff6b8

SHA1
13bd712c95d6b75382d8581d881a92b114a88d8d

SHA256
23c2c2b372a883e88783541da010f0802b72a5559055850c79f37780fe3cfcd2

SHA512
8df5b7ead4f96018e9c69296c303c2a8d3c163f4e2892a9e7b36c5892d2a9423d07a2dddf40d011b6fbee49a14e224a34c2203c36dc405f07e8f83efa3aba6e5

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
27ca8789bf3dfb1a010126968fc818a2

SHA1
4d7f154d5ab52eefcefed110b37d923ec9b4f2b2

SHA256
df8a92fd76111ae131b94d3315a9b6a5613295956fc50a0663919e1f2d8cf260

SHA512
7daf57305ee2ea3a64ef7b9fd1709aac600dbcf8c2d18d55aa60bf2ac71a10cd8fc27f613c31822ae0e1de3907b75f90223669afcb1387f5a1ddff92dbb307a8

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d2830134cde5cde675bac6fc2314c6db

SHA1
b6643bb43c57f5eb55aa2a881f9c9da9d9e607c1

SHA256
30436b763678bac6df3d6fb9663c256c00ffffb76a41c04c34142c0b24ca5698

SHA512
21162fd1c10c640e45deac6fa00a4918cf9e16572cfe71daae38bf5bbb32152448414dadec1a43486e0239f1584874a5692bc5c30512feb71f4bb1f4b7416150

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
cf3fc6e0f44a9c094afa5512254420b0

SHA1
2aabfef8f8496a4f239fdf0ae8a7222601f766d5

SHA256
73618f1538fa16184fb0bf562c0d2039c5913974931ddbacfe172735e9d876b3

SHA512
e26538d80ba9f20b10995a031abf00a70b311a940c41097d888851ec3922e74f5e273e444284d526f1c6098ad1aec14c91aa199836b781508a6123fbb5b222c4

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4d4e86728ad393e5d2c92d5402f3e294

SHA1
3c1e408918098a328cbc6be732435aad65aff723

SHA256
2b79b6508e4afd6093cc7c377957add0d47a51a06a6be4c576ec173e09153e36

SHA512
dc6977583a5c3763bfa50e19392e674bcddf43907c2313bef0261378f043ec2578f8607a8fae9c8556b27b7aaa4723649dd494a23b17ef247950f4e48a7614aa

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
3ee876898033cb572de9c8676730260c

SHA1
fd9fcc9f3e970513f3bea9337b36a7252911baf2

SHA256
7ee12bea7d14cc41dddf145764761009cf4539baea4d7883c5013f18c65f8b84

SHA512
10c78cd8fa02978ed4d815424374ae72b285488b26ec2c876b7572894ccf8c6f27b7db4c18cbafe9114b03f9eca3e2a3b4a96a60621134d7306778cab07b6f47

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
77ab2d5574b243b759d80fdb550a39a7

SHA1
673abf757ed3b905c9f996538666780b8a8a3212

SHA256
a35d04da2cc11ba3227969843a63f8daf93f6288a6ffd59b2e4763fb2279292d

SHA512
97b63f059da5de4f75613b205577f96008d4c416788554bac58d2530b2a92c31be3d40fb195948ed71c798bc21d253d81ed6e5ccf8ebb403772e92a75b14c4f8

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
93182b16e7505b2b2e738798078e6ee1

SHA1
7a9d0b712a5b09d82e7a423cb1544167394d2f22

SHA256
6e4ecb7684a4f4bc390c2239961663a8adafe94ce8aea4a98197daaf7a132fe9

SHA512
7eece1d01c5c4bf91a9b9145e3272a71388ce9de3ac3eb613802d3b4178923656a732a597f3efa0a6b34976ca2fead9114e707823652acfca51e113051dfd850

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation1996145144004375501tmp

Filesize
90B

MD5
247766f47066c4a8626f3244d7a8d17c

SHA1
c6a8af6b9a2d7c4385f0f14f0c250097fd23899a

SHA256
fb92fcfea4f15f40738cf9213eb90838c17559b88dfda16b8fed4ee4c25969ac

SHA512
50449361ed9c498051a5934435a3be2bdbb90a550467032cecd30ff2666c896de7fc7505c7fa46efb1a31fa4e77475d2cbf81104a2674b8a9cd8a95982469011

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation7790112604488864260tmp

Filesize
567B

MD5
7d68a6f66b898dd7ab425fee420b3a07

SHA1
dae127b0eb6a5f470b6c1bcab08049a4b12cf156

SHA256
361867eefa1968fb6f28a738589bf67398b8906c21c5c391c2213002df45128e

SHA512
fd44a13367d4c084d284014e23b9949dd60cdba8b69ab3beda62ab305624548fc0f309f02ab6a4440916998f96a827baa695b3799a8960668e85108fb2d9c773

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads