1a34f20869907a0b003fb8cbf57a3172dd2f72ec52508474a1edc03845090fc7

Analysis

max time kernel
122s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10-08-2024 09:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Application.apk
Size

2.3MB
MD5

c3d2a0b23dd6aa4e6b78be556e16dae7
SHA1

652adaeeca58269007ef87a0bc676d4c13a843b6
SHA256

1a34f20869907a0b003fb8cbf57a3172dd2f72ec52508474a1edc03845090fc7
SHA512

da26d53d5eb08933a387998f6e4832614daad772c3052eb911256368617b18da064d471d68609e4e7855bca08657bbb9da096b4e81587e9aac513d48927b36b7
SSDEEP

49152:O/KoYJslyMY8YgJ/XMJJRLKiQpi/vsBeylmbEm2w:kKZIyd8/FcJJRxQ8/vUobEmX

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mad.net

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mad.net

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	mad.net

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	mad.net

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	mad.net

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mad.net

mad.net
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4259

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mad.net/cache/2

Filesize
65B

MD5
d92e85d4dc1f5dd9595e6d722acd5b9b

SHA1
d7a8746550315d7201cdda9b6e5804e81e30db98

SHA256
471c08b2d79c2dcc28e27385016f5e82e609fc661d1f0b0ab1a596df7c6e4486

SHA512
6522ff32ff601f9f229de0218f22e5d6d2d4c99678e7c3fa60007f4e37ab45f68f897232a9f401a967bc4ac6bd21adc03a5ccef0c4136e67deae9c782316a215

Download Submit
/data/data/mad.net/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
907f3286ac20c5ef7d3ec1133e2ff568

SHA1
541b448f0798ea414f0407abede4417eaab5fd8b

SHA256
f13eab25d09715652b1ce39abd3b418668bdc35cada9dbcf07931dc03eed00b2

SHA512
04474acff12640f7a249b822286de40baef8df67dc7091e9a1412f4ae2fb11e44685d0648a674d0cc172eb07f375cb4f4d86cfe5096f1aab963f3154d9284ca8

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a317c6831f9ddfde2a0aeaa87c3f594f

SHA1
a88704ffe0782c92442b467d33773bfd6b5c3b89

SHA256
876915cdd0d71d337e7a93dcd9799d907b9b1cdf0503758e095af0806425ed75

SHA512
a6c3975ca18e9d5ea8a1c2715aa637b879dc5d445b38b0ef6ca578eec4a40a26ab685845b2952148167ecbac0ef2c8791d5aca01ba06d5ed77600fc6e2862c21

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e5cca2652fa2d3fff256822bf6ef61ab

SHA1
bc9f21eb0e7ea7c1bb47e0121b1edf16ab5f76b8

SHA256
36dfc921d2c5775a6bbcd6f4ac59a7ee58b2acf6719bf0d65d650eeee93f9cc1

SHA512
9e674c387a698c48ccc8d6cbe78dea156fec65b5e17bc9511dabee2b480cdf888a1a10379a83ac4480b51d383eb456c399d64378a9a3b52d4e895aefcedef93c

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
473be7a5fa206fbce6acd716f7414f10

SHA1
e7830a0c0a3e724a04e70b9ede95a033dba4247d

SHA256
0582ae3b61e97dfe8851aec52c0ce333cd953819ec3393fa376e68484c098e18

SHA512
5cacebe1db363cd648cd6e276f0636e2d05ea6d0818af6b74a7f54db72760a19af28f3c73b0b97ab3cf8a14e4b7d0e401c2537e29ab39d7aaffb60703f97b602

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c85cebfa3afaae2b95885fa8d7e981ec

SHA1
b715a2783d93fdb2301c768a14a3f49fdb72a27c

SHA256
36a3a847af365cb8819cd182c88ff0bf4cd1473e80033caad2cbf221398d66fe

SHA512
f2f4056dc6ffb525fe4d4991901a03a342297691718e5f72f8c49e878aa6393bd5b1015b6877d9c5e8a8944d16d212b15db4e440b1f21a7008a458b0fdcd3854

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4e18a0017a5445be0bb8b7086f29b5b1

SHA1
53a93ff19e95046bc229e70e96e3d5ef5b11637a

SHA256
972f0c66277b25969e69f1b9195b9a0daed8d930b2d0cf3c36fdf78b21fc1f7f

SHA512
48ef70814c9df89d9c1cffc24c0b93c8cf91c37b98f6bc7d49ab528c862b39a89c3e1db20dc63b79368cd059dc36c0058268cac030ac5cddeaa14f92b1c4b3ce

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
33f39314c1645f9d24b61b7c3e640ea1

SHA1
608580a7e09448fe9c2a12e4ea8c2357c55b4016

SHA256
93d119b7037cc2677787aa92a9004d81deaa888b29396d0c62574c9c30089905

SHA512
07feec9db44149d057e3d959ac1f7802fc37aee2377bec9b4efe8aba5d75843461f5cdc4c0f470eb71e1992b676a000dcf2184a6f5f42e5fa9ee4c3730c6c3b8

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
deda5e810f6124fc1070eccdcfed179a

SHA1
d47e452b8f8af9e686f7ca61818880a445a67332

SHA256
0e8c87a8e42330ef5933d1173095de353df5837df31e0adbbe9f1a910b2602a2

SHA512
44ae45b0e72109151842bc1f2faf97e07848f24d1d44f86bd8f5e54624ed198ffba93ec15e6719305a3b495467306825db5237bfeadece846e419d1efbc981d3

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a6b3bb0f7f120f951e08dba349de660b

SHA1
48d6c5ab023a596b52748a482d039a58e2a4a2e4

SHA256
2fd6fb71b1af8d5e4cbfaa48bfa0322093b099a75c2f9a4a4ff21a5ddb6b4fd7

SHA512
2f781cb13c59e9ae189dea7d0a03255f1d68a03eb3c6cc9f67a2ff884994be7f0ba74936c8a1427569a038daeeb970aed08751783ef8e46ec28fd6e54f739177

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
45f4fca45f86542ddd7642e83be1a042

SHA1
c5139eb2f3434719316a1196425cec410c727c06

SHA256
16f031c52b9231e1b711b73e71359852954f56dbcf77fdae3b4011a7f3a37034

SHA512
09eb09c33d919472848cf62810139c7ea362a0242bb69a4fb6bcefa9574019bca98231d488326f616b36a95570eee63bfd43cfb1ba068f5e5079e528d734ea2d

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
ca30e715484ecdefc3f64cedd5e433b8

SHA1
50e6d87826d6e6cbba730021267b1bbf704d18da

SHA256
c2c3792c08aeacc4f8a6d93a50981b0378488c14346dab323a41f75804fe2d21

SHA512
508baf85c46a0ca5dc46b5a53e9a66cd96d024723cf52f438088e9dbc6e731b9a3909dbd0c3810c18f4bd77bff029b974a4058ca38a035fe29909ca0e01c0fc4

Download Submit
/data/data/mad.net/files/PersistedInstallation1418995782622976890tmp

Filesize
90B

MD5
9a43b65f385f68d3126f3a660dccb52b

SHA1
a8e575e6c3c17b7c09355df474acfa194b222148

SHA256
241a10aea5fb882b0444ab9c3416ccf3fc16b679e96a64702cc79be04633ff39

SHA512
b5be0e96570cf05166ed903b057e7f615ad7f4dcc8f77881c391d59b68b8329617572762ea8f305219309772add9c898a9a1f640ae764a64dd41c56ead4183de

Download Submit
/data/data/mad.net/files/PersistedInstallation2525092894894627179tmp

Filesize
566B

MD5
01fbd13719b9b4870aac55d83f6216b8

SHA1
e343894387b07c2ee226a58409e267f38717ffdb

SHA256
8b04b801e2dfdb201fc8bb8e3d8c596f46718f792ca8d6c6c892740f7cc241dd

SHA512
dfc68068588a4284fd94f173c2168795d18e78602a96b668074def6eb15f68178dff6cb1183c1b29bcd8eb46e5ed1e4e833b418e3e68484e3541cfd7c88abc2a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads