601884de6c11f18f11c61503ad8873636a1b9916144031ce33e313d3e3d785a5

Analysis

max time kernel
9s
max time network
156s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10-08-2024 10:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

setka.apk
Size

3.4MB
MD5

d8408ba5caf6e3fba21b62d7d59a8dba
SHA1

0b09bb73f5d2fedab3f87e614834c14eaa47abd8
SHA256

601884de6c11f18f11c61503ad8873636a1b9916144031ce33e313d3e3d785a5
SHA512

a8f2a16c53cc1f817962ea14d978a8ae7ed5da9b89f0b97327987576c4d59eed66632eaed2682597d5b5cfa5ede1078fca52c94306ce6aa9feea7df25292876b
SSDEEP

98304:snqj3IRtMXG5TAMbJ8C2xPiKx2/1lnWgSzICupTH:snqj3IRt35T1dAxN2XnWhwVH

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.Mad.api

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.Mad.api

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.Mad.api

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.Mad.api

com.Mad.api
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4250

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9d1c414b2c2487e7a1ffb3660e17d752

SHA1
ab765a6dc01d7b625570bcb970a5d3fffa96ee59

SHA256
739413d0084ce5be21fbf9e9d832f7715569ab5bcd997d734cda7d113df4ba0e

SHA512
bf3e541a5aa4d545b12d6b16539b1aa9807afb0dcc67b08178795b58f1ca209e54c6f8a927b143753cd6a2e66d07c1030ed4602f344aecee68e760229ba1ac26

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
28d68f8db532891edaeeb48491b530eb

SHA1
e8822e383cb627bb6d59c36cbe93eb0342db381f

SHA256
a03622fb0a2b4693cbd9f7fb280c1c8dd08e74c1fa1e63d789bc6b34467ea365

SHA512
fe66120640bf2f6fcc88fc989d21c0a9023e076bee7b792a784db6cc4b63cdd711bed30f68a59377e06a029cb770a02370c696dcc3354d2f22545a54f69291f7

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3683980547b17d64de8ef65b2d3c4533

SHA1
da0c0c1243a5d341313f9f9f5241386879543ad0

SHA256
0bfeeaa0d182218a34e0bdeefb5d88884afa689ba2948ca8bb103cca63fe8004

SHA512
f5e579735c8ce04c5c75490533c087b37cd8a0cff8012d34d7f6ecaea6e463b15593b53c7d6c4cecd2e5ae3f506d34d2c87b612a17b0b5feaf4437197308cbd8

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4b5a1e5e340f32229d38af8fb447b324

SHA1
c8db23c6110a1f24872884d66323f70a10f5a4e6

SHA256
829667296697c650763d9f6181658978cdb87b57c138874ae1025232f579a72b

SHA512
6796771ad1b42e78eb5197c9f1eec741c08b7ecc41d536c6e78a4d18f7946f070c55016913220f9e37f4cacf736db6cc1f68d98ad6c0aefa33b10e8570799bb4

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
557510737f1da5fa7fbd0ba4501a9d08

SHA1
cb45c74763d8206ba7c3b09b8a1262d9b9df8ed7

SHA256
0f089b622ef0bfd860e3ff0093291c9b01baba7550227662da0f6c48682c4c55

SHA512
4f37be101ad328cc580125d9af97187e27ee8ec4b2a413976a795ff716c6d448f13f6018410b2bb025b8fbca76cf94b6401d7e6f18061df9a2fc7206007f995c

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c0d8ebabc45390092df23d1276cd9b6e

SHA1
7a6b0d7afa85bb28e5d01baf1fd2f360eca7bb74

SHA256
22d71f4ed43d178e820c9ba8e9189bde2a5c5cd75964a0671b74e026198d1b74

SHA512
412aa64d4c627962fc37a4b73ce15a0a1c7d184bbaa379f828b2a52e7f609199563247cc3fc2f5ba543647d06497becb0a7a8adef3ce52bcebefc8a1e20cab09

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1665a5766769eb6dcd12da0492c9becd

SHA1
e68a7c8f8b1809f1780b28952e6f7da4e1e26185

SHA256
b4235201684f7a07c963627be94864851643f3990c9cf00e9ee46e9a881329e7

SHA512
63b8cba8162c041109e4f67b5ce96a785a3a82c55c98f8b8b5a34f242bdc5b0e644eb10481733e5bcd804aa48c40b5350cd44166911745f0fce4ca3fce517a37

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
9325003903b9b06c5a45e703f9750fda

SHA1
d0ccaa625404e4c81a090fc08fd863c681d8339a

SHA256
f693b567a1d85016a7a0795ed467932840787da28f19e2f40e2c04421bbe4c34

SHA512
8e120f17e9022a802ec8cd9bc7578fb75d95414d92233124b80d3c17e719c1b3ffe72d829d8470488f1468374ff77e69c784ef67e5de2b4973fe5b0bd61611ea

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e4b0fd22b031a03071ac2be6b772baed

SHA1
53cd78bb5d6e3aab634f6863348f8b6d8293a698

SHA256
dd1a6ee6e16c4e9089b74454457d80db748df49841d61630cf82ded773d0bdfb

SHA512
32eab17a8d9b1098017c3ff17c3d4d04bcc262ebea6544f265dce6e1b14f59e3ea019ffb15fd08c72518353fdd7d709a79ba6707941b8d2961902b47b3a0dad4

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
5ade87ee8c3b9cbefaf96e53e40c355d

SHA1
f85de730487439d5a54ff09c598b309d5b100ae7

SHA256
09dd76f360562cff0a6f4dcc52dce84a11998dce712a1a28943cdb2ea35f49fa

SHA512
29951d180ce4b8d145e0be47be22759d5d6e7d75c485e7aa3d14d44a4cb858a4ef7324291caa774596ddafe6b9d74dda7e0ad1e98023def6d7664f64efbc6deb

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
d08f1affb28120fa32fbd00f5e4d543e

SHA1
eec1f6b171997acbadf5eee26d427677a496a615

SHA256
311bd121af702cbc2fde336da4a0f2acc015ce4846259274d4de016cf62babee

SHA512
93153424ee161c14bb32ab2108888eed25d6334e5092206e62ce30a5874ea55a906c320cfb4a0b03253d1688660ee656ea513cff0e8556187985fca9696c58c2

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation3839936608075398824tmp

Filesize
90B

MD5
8437c47be42d9e2584221d1876b5095e

SHA1
302d79a78aa18aaea412866fabe28597f0b29760

SHA256
ef698782d8ae61bd525318dae384a96281cc758f65f314642b46620a174f3874

SHA512
e5f93087a773103a1747cfbcedb9bbd29193423189ed93e3608c86b2aecb78eb6af61bf3d30c807274d4475ffac671e72a59f86206f6c29367af6cceab026fda

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation7026885293820180481tmp

Filesize
567B

MD5
c7dbb0527c90e4ebd370a525f8a98b5f

SHA1
563e2828b9e9ca3bf6c275f1954e9cc8aadd0154

SHA256
5399565753ad55cfb3eee9bb7de31445103ffe705c497e89637af361424ba60b

SHA512
2627c411c0fcab5cdd008fdf4fce57c1725cfc33802a955d568408ece36cf9f976eb578dbb4438f058426eb6fe57d388a21f009815d09ebb19fa0b77633dc61e

Download Submit