0c0a65d6e01f1f6da465b0282d1bbb304038bb5c870a53b10ee552182a20ed39

Analysis

max time kernel
6s
max time network
152s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
12/08/2024, 01:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

FilmPLus.apk
Size

4.2MB
MD5

eed6c87fa4f201145c9ad7852174ec99
SHA1

b4a07f0dccb45b0a0614049541d8dcc3a52fdb16
SHA256

0c0a65d6e01f1f6da465b0282d1bbb304038bb5c870a53b10ee552182a20ed39
SHA512

89fb0bebeff640f0d6bce1771025e887b5d79b71ba208304b078234d8b800fe25f7e92152cfd2ced41d59eb2563b88d849b71339477e3612435ec25a38c273d3
SSDEEP

98304:qjpNHJtmt7UrasGk0FhCDTgbyee86JTSg7LAqM5Mv/7XUWta:qFNH+aGTFYTg56wT58pa

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.dpsteam.filmplus

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.dpsteam.filmplus

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.dpsteam.filmplus

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.dpsteam.filmplus

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.dpsteam.filmplus

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.dpsteam.filmplus

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.dpsteam.filmplus

com.dpsteam.filmplus
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:5053

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.dpsteam.filmplus/databases/LibGlobalFetchLib.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.dpsteam.filmplus/databases/LibGlobalFetchLib.db-journal

Filesize
512B

MD5
b4ed2cd628b2b4f7bc56d1cd38dc961c

SHA1
2c2343103934044b54a67a07f7be2686333e1221

SHA256
695cb2fb23a2775b3d3c83e3ae0b6b052365d583098d81a864aceaf4e9285fbd

SHA512
9c71fa09a309669f95ba1b64e8ec5924a3b15a7733012c413fb5f2e1ef03a848cecdb78388f7859ae0b86c587c8d2304e56048567180f5cc3135ad85ca6ff30d

Download Submit
/data/data/com.dpsteam.filmplus/databases/LibGlobalFetchLib.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.dpsteam.filmplus/databases/LibGlobalFetchLib.db-wal

Filesize
16KB

MD5
d82be3051ac3abac39c9039b040d5a79

SHA1
c0ec2b3cebbe5242e1c6b6f885bf93079c7e2379

SHA256
7d37e9628f0fb2c952f17435f05769318b6b46b60e219bfe984831d8871b24a4

SHA512
988ff174b35931e25cfba6781fd4e84b697267544f2df88d160b381d98d4169bc6a096307d7c7d78277f55f0e307407aaa7bda148c211fd53a8d69ab90cf759d

Download Submit
/data/data/com.dpsteam.filmplus/databases/LibGlobalFetchLib.db-wal

Filesize
40KB

MD5
ef7aca0b3ec3b70cf02c8002f2ec158f

SHA1
5b9d7e37e322e398c5e89aad3d6ee07b0bbb8fab

SHA256
263e21186c0abb646a608b9120ef3eb9aa4366b41676f4b6555024982bb6dfaa

SHA512
b4227123761097fe22038b06684a257c15696432ce11ee2439ac3393466990bb9d0673b277760b5d22399acc43e1aeb92df87a5fed962fd01598be047ff82c29

Download Submit
/data/data/com.dpsteam.filmplus/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
04566498e716390ec5025fb420a1c492

SHA1
0c567a71bdc5131c5164770af6e5f7f78c2398a1

SHA256
16858a61b142a4581df13a1a2c23d6f3f93b86d60ef4c9afcf6c811f51360729

SHA512
2185bf5c228dbe3b78f10830bf567b4ce4dad239864bc4a9d090e6c35dba036e884b7e20b9846a1a91973fff3b0ce658f564b94f3231eb4ec9bdb80450b39873

Download Submit
/data/data/com.dpsteam.filmplus/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
b802672fbef5aaaeb87ea3e66be8a365

SHA1
bcebf44ad621369441163fa60529e920448032b8

SHA256
78f3df4c3722e928d42e4ead67b1b3a0b8bdd7e10f3a8f5a238598f1792a30c4

SHA512
f1c20895dc4f681d939a3af88a0fd089818f838f20310c684e233e410abf3c2cb4e6c2b5d1979b654e593da46589b92307377706eae2bb9c520e55ee00c972a5

Download Submit
/data/data/com.dpsteam.filmplus/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
7dc55fdf019ddcf829049dc04255e667

SHA1
53b872dd534a0575d794245a509cf956c06cb692

SHA256
35f14750677f1ba3ca5be2bd14cf344573b98373419733c729ae3c9723463c57

SHA512
e3a956456f4d8c21a1f5337389b84b5fed546ea4441d126910cb4c6172b3c769bf2c51144e19936c92caecedcad52a2f5b151daf6d0eefa9c9dcb8d2549bf329

Download Submit
/data/data/com.dpsteam.filmplus/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
5e717b2a10e940d14703f839440ef4e5

SHA1
e0a24972734d5649be96c4bf0f1cf7a4d24e6b35

SHA256
6a42b650de321c43f2e09b395959cccbf835a6b9c3dd4e19603e527fe3e6d14d

SHA512
2ad170e8746cdfea6382139c312545f062a5bc9d76ca01ebacf0ef4add0a64bcfe4f119d7aeaeccce1ef09f02c89643270c0caf15cf246e7b3cbb407ddcf2838

Download Submit
/data/data/com.dpsteam.filmplus/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.dpsteam.filmplus/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4ebd8503c9a2b40dad32a529a4aab238

SHA1
48fdd43f9816b80e1c9986662b705f214cb49532

SHA256
29b06992d7763c34bc885048391f1368feab5470b9f8d59de82c53f3db0c1267

SHA512
b8bf100115ff3029d9506bd5cf8181c72c49aa82a5729fcddb6b717a0e406b24837816529c0fa78b5e007ba423370c190ed26e8563dda436f1f517e72a1919d5

Download Submit
/data/data/com.dpsteam.filmplus/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b6b6f256fc14f1b2673f28e37ae285a0

SHA1
e4ecff2b208083422530dd798b373fbf977484e1

SHA256
ca7167647ab691b8859f68d9c991a8dda9fc7a6e6b24827dff488874ad04cb26

SHA512
95401f21a32ad506359c256a5193f798163da085cfcd1c5acf796a1dad3d16de67bb139480591fe62f051d10d040e728fc7560282f6c69b3b5295ce3ac3bb1f6

Download Submit
/data/data/com.dpsteam.filmplus/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6b1fac730cd26829cee1143ff9cb8653

SHA1
e765ebf24c974b4f738145209f51b9d9e5b4d10a

SHA256
eae6e0579736ecc028ad8c16af28bdf1a8f2e8e46f852f13d7bb17615d3c57ed

SHA512
d568c198e0b80b397f4fbe2e6ffe60de313cbc0c2db03b250dc6a4a0f8c28e9d66f7d607122925616eb6f6fde9c92703ff9c6a6431fd207a831ab8e4ba1f7cad

Download Submit
/data/data/com.dpsteam.filmplus/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
5def845972f0deae47dae15659812626

SHA1
374a9eb24a78c268b4cc365320443e642baf0f73

SHA256
bd221b3ff06a305cd7d77dfa0336b62f46ff17818c554761bc75374b9d62ae22

SHA512
ff826b95926eae974c85f75d9d3e3e3c62a531d3f1df7e1f1d98518634aea66f89dd5ecad4d308d570f5867856fb6eba989b86ae0eefcab27a3067508751caef

Download Submit
/data/data/com.dpsteam.filmplus/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6ce42905411ffe2fa26de61fdaca2c08

SHA1
0ee192ed2e93f3ae5e564b640e06760217969837

SHA256
751353aa06bc371c05ecaef884c2f700707cbbd76a1c6ab79e99956b9483db82

SHA512
549f6e87df32f30d618b78fa3515bd4d6da3fd05ed0406f7c22540c71ca1d2c4a9b8dc6f8ea1733d4ca408f958e44c20b50be77969f9f45683382346cd51eac8

Download Submit
/data/data/com.dpsteam.filmplus/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
be008479c0b9c29e40c5fa0e70d7ec3a

SHA1
5b2e1f40b5f252585176e4480b1a19d0548cca07

SHA256
1df0c5cccdbbcf5a9d2a4af8a8237b7faccffeaf13f3542393801de8cc36af7c

SHA512
0b062b61041b1d817f3f47598bb140572343f112b318959e35cbf1bf1fb14a75a7bd7539ead6714ff170ec0cf6a4f03205814ac54f10c2aacb393aff1d703bfb

Download Submit
/data/data/com.dpsteam.filmplus/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
14f94ba9c1f9398bb7bc14393526f261

SHA1
9b4224f58a1c3e4dcd0e98518d2cbabccfb6764b

SHA256
3f064eb136469913fd3f78649cdd4406ee859ae111cd25e5856da4fc9d832903

SHA512
752d2e08014454482f55f23604b9d7a313f03cfff900364c5d21654b81bd57a5671f51b0adc85f390eddd6538f5f58af350b45ca87de64d5e38424db61b2f095

Download Submit
/data/data/com.dpsteam.filmplus/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
1d514c599560d502c3ac0d277ed2e4f1

SHA1
5d14ef9dfda242af23f3f33ef1291d6520c9e6ee

SHA256
d3cec3f78e21d9f01ea513c2761635475dc31b1eeb75898e5e98f3c563f14ad3

SHA512
d753c8c925ffbcf254a3d3ea21874fda026020cc7dd273a1ea9657eafd461ad2a0659fd6c730d71ff6d613c21329ac7d00e0b7c7ff6d835b272f0cf3227c0c05

Download Submit
/data/data/com.dpsteam.filmplus/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
de6d50abbc62544bdfdbb90657ba6972

SHA1
f45a466da75aecef1e5a8b6934c5c0517c80ff25

SHA256
4afa1dee070464b1c5dc27dc10107fe2e9d46883b1c09642a58fe9b6dfce37bd

SHA512
1c0f6cfe7961bd6aa60455cfb3afdeaa6c27ea7423c7d0420c6f4e278f701156767c22e568fa8057403b4726cb33aab98ba4e65a35d6536b6a8db1936698ebb7

Download Submit
/data/data/com.dpsteam.filmplus/files/PersistedInstallation1147890680681092609tmp

Filesize
90B

MD5
ac1c42c6efdaf01b3b6ab33c9e84a3a3

SHA1
a6bd0a07dd2b6008b07b1482292f4f78bfd5df19

SHA256
e58e6439abad7807dfde27f874bdef0b873c5f8f083de81b35df6a549686d93d

SHA512
a4f0f7e5aa2ebdc323bf8a3870ea081edd7b283d9d65ab03535f570459ea5d1557ea396befbd7cdfb20460635420d27436650950659b1de1e89f2fc4e283f23a

Download Submit
/data/data/com.dpsteam.filmplus/files/PersistedInstallation5825053511188993918tmp

Filesize
567B

MD5
a06d634786f74c0c17fa0df581e56ad8

SHA1
4000b48f29c5f3e4cd34c5e90cb8d784a77c78e3

SHA256
8ca9b7efd684daebd6f8f4e504858344856a45c23e88eea3789ce9ea8767ed9d

SHA512
de3ddc53f1029fff96f4f5fc5f39a620f289c66a7fa41ac7e44eebc781931293a07af9b47c244e0e49f0fb56c24836f58131b1ee0f08493c3a516a532c84c13e

Download Submit
/data/data/com.dpsteam.filmplus/files/UnityAdsStorage-public-data.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/storage/emulated/0/Android/data/com.dpsteam.filmplus/cache/UnityAdsCache/UnityAdsTest.txt

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/storage/emulated/0/Android/data/com.dpsteam.filmplus/cache/UnityAdsCache/UnityAdsWebApp.html

Filesize
2.1MB

MD5
6a94eaf467e31cf022ae1e2def28b062

SHA1
28cde31ef9173cd7543fb5169a6e0badb67e0f42

SHA256
542be2d9c8cfb724c7be840870d719b49bc00ef17e547aa850e2070844264497

SHA512
ffca3a5315a5579f9b89d3e122360cf1c2f19e1f0617dfa19d10899d2fb1ead54047aed3db5027bab54c33103b48a3a527054847346fd364e32027cb0977e2b0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads