a1647fd5225a321a2fd16e3a08cc2b4bfed6e645ccc1ab3d854d5ecd9bc3b633

Analysis

max time kernel
168s
max time network
153s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
15-08-2024 22:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Live_Net_TV_1.1.1_.apk
Size

11.9MB
MD5

f2cc29dad8d228009d8ba0427e80d862
SHA1

67833d6b9da1dadd22e523ecd7057e52fa8dcdd0
SHA256

a1647fd5225a321a2fd16e3a08cc2b4bfed6e645ccc1ab3d854d5ecd9bc3b633
SHA512

7e6d3c37672c23cd3512fb951e3c184aebf5e6ea99eaafaf6f33731f9dafd9fa953556fd453b2abd5a5a368ba999d30e3fcd1aa952fc48670a8fd38c480c1d51
SSDEEP

196608:BV1DluXHrLs5k01rFQRRwanrEheTOFoxSMh6D/OkuJ0Dt0L+4zFzSvu4+9Coq12N:BLDoXLLs57rFUyeqFQ9eOkuJQtuh5F4C

Score

8^/10

collection discovery evasion execution persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 8 IoCs

evasion

System Information Discovery

T1426

Processes:

com.sportsmasaladev.livenettvapp

ioc	process
/data/local/su	com.sportsmasaladev.livenettvapp
/data/local/bin/su	com.sportsmasaladev.livenettvapp
/data/local/xbin/su	com.sportsmasaladev.livenettvapp
/sbin/su	com.sportsmasaladev.livenettvapp
/system/bin/su	com.sportsmasaladev.livenettvapp
/system/bin/failsafe/su	com.sportsmasaladev.livenettvapp
/system/sd/xbin/su	com.sportsmasaladev.livenettvapp
/system/xbin/su	com.sportsmasaladev.livenettvapp

Checks known Qemu pipes. 1 TTPs 2 IoCs
Checks for known pipes used by the Android emulator to communicate with the host.
evasion

System Checks
T1633.001

Processes:

com.sportsmasaladev.livenettvapp

ioc process

/dev/qemu_pipe com.sportsmasaladev.livenettvapp
/dev/socket/qemud com.sportsmasaladev.livenettvapp
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

Download New Code at Runtime
T1407

Processes:

com.sportsmasaladev.livenettvapp

ioc pid process

/data/user/0/com.sportsmasaladev.livenettvapp/files/audience_network.dex 4245 com.sportsmasaladev.livenettvapp
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.sportsmasaladev.livenettvapp
Acquires the wake lock 1 IoCs

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.sportsmasaladev.livenettvapp
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.sportsmasaladev.livenettvapp
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.sportsmasaladev.livenettvapp
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell information.
collection discovery

Location Tracking
T1430

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo com.sportsmasaladev.livenettvapp
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.sportsmasaladev.livenettvapp
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

Scheduled Task/Job
T1603

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.sportsmasaladev.livenettvapp
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

File opened for read /proc/cpuinfo com.sportsmasaladev.livenettvapp
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

File opened for read /proc/meminfo com.sportsmasaladev.livenettvapp

ioc	process
/dev/qemu_pipe	com.sportsmasaladev.livenettvapp
/dev/socket/qemud	com.sportsmasaladev.livenettvapp

ioc	pid	process
/data/user/0/com.sportsmasaladev.livenettvapp/files/audience_network.dex	4245	com.sportsmasaladev.livenettvapp

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.sportsmasaladev.livenettvapp

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.sportsmasaladev.livenettvapp

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.sportsmasaladev.livenettvapp

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.sportsmasaladev.livenettvapp

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.sportsmasaladev.livenettvapp

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.sportsmasaladev.livenettvapp

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.sportsmasaladev.livenettvapp

description	ioc	process
File opened for read	/proc/cpuinfo	com.sportsmasaladev.livenettvapp

description	ioc	process
File opened for read	/proc/meminfo	com.sportsmasaladev.livenettvapp

com.sportsmasaladev.livenettvapp
1⤵
- Checks if the Android device is rooted.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Requests cell location
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4245

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sportsmasaladev.livenettvapp/cache/volley/1909143955-1598704453

Filesize
1KB

MD5
1544902601e1860a1475048c5529cc00

SHA1
47ae87d0706d4101be84325a95ea9554ce3d510d

SHA256
60a0612ba01d57a06be4170e89c9cdb0056d6e8c7e3225bb0b75016b19fdc5d6

SHA512
7ce5b57a4dab9903896efe137208d448f698897426b4aa6a440b73a8d833c1a11779d82a7e118a1d95a0edbd20da483a1e34e23ec0d49321e0e277602e8790dc

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/cachemenuCache.srl

Filesize
1KB

MD5
908827893c1c1371f31525789c093f8a

SHA1
9f5c1c23ff599a2dfa3d992664e90f79b92b99e7

SHA256
7bfd7738b5d314a4da38b79789be79ff26dbabc4a0d2cd38a2807de0f9141402

SHA512
a2567009c3274c30aef7fd9c4e803992de505ffa0a9d6df012e19e8b7b7328cb2c33fd5c5c5844abd1ba416227a3aa2379d7fae1928ed86ce5c62564c93546d7

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/OneSignal.db-journal

Filesize
512B

MD5
4e59b56a8f9e27c33a089e7d59a4a14a

SHA1
bd216c70df9bfc63ee8700cd275c5f3b92bc1cd8

SHA256
a0fb42e8b40f44fbcee1a01f4d3ef4fbe68621426a6c76775fb3407a569acd31

SHA512
2f644cee4cb1295148580e0eb6a768198d8200e191e703ee87632cb2b09639612e851bc22f1df35cf6259179f2bb48f50a4a7944d1a06c3b7d1561865527e345

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/OneSignal.db-wal

Filesize
64KB

MD5
0426ecffc4c4af4270255be3b665a4d0

SHA1
16727c44c580ef278c4423a758aee2cdb7202838

SHA256
7b5ec7d8d38cbc02d3cb41ced5ed6e193596a3f4bc1e07d58f2b01eed79062eb

SHA512
4184245f7f27e5f9c5b97d824c675336f19a162bfaebfd5ada6dbb216d8b0503d0133484d58256b7bfc509689762c0b8b49a3384bcf38c81aa77aaf3d381f768

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/StartApp-d6864f2502af7851

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/StartApp-d6864f2502af7851-journal

Filesize
512B

MD5
62f63c1c288c4c4195825600ed3dcfa2

SHA1
de939542be76dbd029155cd7c2f1c2008de5ef55

SHA256
849dc3400952109e7067ea5ad4e875619f0639b6df17ba7bdee0d504205b470a

SHA512
aa45ff8eb572a147a28efdf7593076de56470239b7394f86d2de6b39eeacbd117534f46ae8eb25611ef1cc4e0674c93acc7f3f1744c77a0e1db3dfad449535e3

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/StartApp-d6864f2502af7851-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/StartApp-d6864f2502af7851-wal

Filesize
52KB

MD5
6c9fc9e4cb7c0ea2928847b5bb1485ac

SHA1
35d2251bb8d5c57cb63850670c7aa561f1db07b1

SHA256
3712fff32ce06b4c1c477005e729c0384c0dd3f832bd8966a87ec08f7766bc76

SHA512
c86faac8f2f14566988c5a0d770cb1b126535356d05f8cba9791bc820e97b6f6d6d5fee2e02f87a713f318ebe53f47029beaa9322b04df3dc9922a8c1815eb57

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/androidx.work.workdb-journal

Filesize
512B

MD5
5eec0d413142f2e135f341ed50cdcc4f

SHA1
a2a469c70667169162cd9af464f4d83813c21f00

SHA256
306423b27dbfc647f81bd3e35bbbe48cff2a1f56f0588e2b35cb7d4d6b3a4bbd

SHA512
76f8e11f98e8f9366100f2fee26ddaf3b775579621a1f783872610ea79cdb75b3f0f3b2fac2244436b0cd785af3563ee476ab02cb7c8df9ab87f663f7d2d2cd5

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/androidx.work.workdb-wal

Filesize
88KB

MD5
074a337b6ac529fdc2aadc289ad0d335

SHA1
59d6459c0b48986b6d5de424bea0046779451052

SHA256
f9ffeb313ea6ebd8d191c51aceb8132e76ad452f3e30e81b5770807355885ce9

SHA512
b935c55a8e6b58baebff8a3b5f75ef79ce925758d0d92fbe05c120c39499ab7d1249b80da7fea9349e1bfe3313d776db55d28219d674fb5fdaa8b386197bd2fc

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/androidx.work.workdb-wal

Filesize
16KB

MD5
703f64bf4bd29b0ac150e2b6e54a9325

SHA1
f16443d4907afb33e94e7c034a6764c2caf04e2a

SHA256
b40ebfbd3a40a6df1782c4034a09ecc132395015364c3be4a9236d88966d70fc

SHA512
86ed1539ad49ac71eb8632091c0f27919cc8e0c411364108e72a0e6af9ef6ccd01313cc2cbeeff014f963c4d7dc93fcd1b0493fa9a09523235edc33196f21ece

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
4377f1bdc3f9dd1ab2db58aca7d93a65

SHA1
ae8d2d3270bfe1f0d6afe67584d3187ac1a637d4

SHA256
9fcb9f7eb38e8767cd956ed494cf407cab20e1471e7a8e05bfe1a82132d4f799

SHA512
26d851761c221c51330b9c4d1ba426c2aaecf01ff9909a08ac2794fbec25f1536dc07421a145ab659765c69f000267f05c0c1cd7dab34ba6fd9431be22a00dfd

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
a4a137ec4987915b9eb745019524ccbd

SHA1
e8f9eff272fd9a7c337f06b258a00e736c38d9eb

SHA256
07ffbead68c4158d4bd29b17dedfd8f78b0e6207011bc1d6b6606a28001542aa

SHA512
8fa304ccf7965ac9720be79b38e4b60934863db0c9f1dfab27772c8cb035d9ad3c0fbe587ccbc4dc4494861f9b6db2a6ebfc7638cdfc33fb51d0755dc510f245

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
2eb6cf8cfeb9ec2a99e74473c976d23b

SHA1
f0e81d82e7d026a61c63b7e59f67ca07ebd91113

SHA256
0cb0725754283618b08134587aacae42a1309f3b58ebcdf1d96cf468020ee78a

SHA512
8f7dfeed84d5a7c0bb3bfe4292f3a0961adff7ba75d14b408fce7b3d98f2ff99f88501c672ac076f7a67e210d40e796031f675907df892285627d0ded0e6eebf

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
489d85f10345a2aaa548a25f95b871f8

SHA1
701408aa2a7be63e59235752580c6fedf788d79b

SHA256
c607dfd20d408e35b51271107351fc9b20fb62bf3b52731a0a7fbc8e81d9b219

SHA512
3294bfbe29efc7bced4da31280b8a1be3ad26d2cbe561ac061bab93071c44ca191c04c3a2443469e46efb2832d83fd54ae5953b1a16345e6c1f5cee8a731b2bb

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/PersistedInstallation3378165027540197391tmp

Filesize
567B

MD5
87ef74c093b17765fe545467b7dbc7d8

SHA1
420f65cf0cc5214c65f2be5e74e0868942858abc

SHA256
4c5393a3173111b636335bbc37e0bd741371532e3cdcd7e69d3cf3821f5094fe

SHA512
6eebf98689195ef13817fd907719734eba193a82c7bae0da6f735b41309463990f050f86a66fdce3d00839914d74c735960e534e53f0ffd180bd2677e733e19e

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/PersistedInstallation6514761079457433031tmp

Filesize
90B

MD5
c2199222193676d36ecde485657ba705

SHA1
4a25519032f4f4c7b6a4e6a45f721f7e216bb005

SHA256
aa74a5501be49db0b38b9b616abe1526f840330480f5672a9fb80372dc7585c7

SHA512
25f8a3acee8063a8241e29f18e84e6032b912b1c18ad6a3793eee3c411ba7d715e6fd1b2eb05ef2641cac60d268a45fd03832635e3890fc09e174fc24d6ed79c

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/StartappAdInfoMetadata

Filesize
1KB

MD5
a3b24295d3d6b709f58e4e77a68b36ba

SHA1
f8675aa67b1a075396269cf295c0d5b06656393f

SHA256
b9d4c65cf55a19828577597f3a9e391c78707b56e247979454ae759347fbb6e3

SHA512
9578456962eda7fc0fd09ba551e78c12b35d6a0a6ce464dae7b4548b9f64d031f3bf1ef17a80c3c58d1c6a2f931092f2b93491432cc6cb6b15e967cfa16e2f3c

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/StartappAdsMetadata

Filesize
2KB

MD5
477383024814479845712605568a3761

SHA1
9f758c22396a57bfee2093f9c36c2cce40c98424

SHA256
0b2ead202c01d9ae14dd76be9301c57ae6d7e4ef49869e0723f12d6bcf38b912

SHA512
97a11b2a22c61055d1df7b15c958ae788ebab4a16bd1e617da81f8b35bde9d56003b8cc85d9a1fccfb75bacc0f150089d0c765b2521b8db034451757940336c5

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/StartappBannerMetadata

Filesize
719B

MD5
0bb8aa5a3510fb98f74a7eb6f9c2d3a5

SHA1
57c61988738af76f1feb1a9f53cc86558a1883db

SHA256
05a7be94c1197782ff06ed4ccc31625efa90dd1e1983b29ee9295101d8872105

SHA512
a3075427c33ec3d9f1f971ef540b3eba56a2c298912d02c8d447d8218acb94944ea5db58fed13988edd11847e9972d76884d294567e33fc05e0e313e750a7684

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/StartappCacheMetadata

Filesize
884B

MD5
dad84ac9f386f3ccf07e4834f5b19355

SHA1
25c11358a51cf723ac67839297d00b6a8868c77a

SHA256
5e5b3c030c5469de14cb6f9687b7c003aa8216660c0f03035f2ab9e2e71ea09b

SHA512
c34565c19ed20d7b3e9f102eeb93e2a2d88322a800aaac0312f3fa70ac71efb47e32097df9f9188d50df13074a8cba614a57bfb277efc8f711020079cf024a18

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/StartappSplashMetadata

Filesize
1KB

MD5
4262ca4487ba649cc1a9edc24ccc8a62

SHA1
eadaab53ea9792c3e94c5edc7794a08376eeb672

SHA256
afa4a22f320ae1da2ed9fb5ed8abcfe193d5afcf37b40710b807b9a0e6f7e70f

SHA512
a02694b98bc80e46ef2d31f47e62c43b8c7da04b16af7ef8af4efcc2c8b8b72381347aaa7e6fd54af1e46dfcff2d52f10f9fc2e5c39353041007b3e18e955c55

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/audience_network.dex

Filesize
3.2MB

MD5
69cf159b893eefff9a8106cc3ee37e03

SHA1
165207adfe8c6047ce9f3dd38aed50796c1660d1

SHA256
26fb1a790377e11135bf8bfa7552cc2797d351df60154ea032ceeb4463776fdf

SHA512
379960366739517c1c856834227aaa1a30a20a9bab730d4229f200192f2c643b69a3e2e114dbdd743a69577e0b7b477c0d14e71c31ee491e137ec405f79e71aa

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/shared_prefs_sdk_ad_prefs

Filesize
153B

MD5
65026ee778e1372d9f4aed742772e893

SHA1
5a5f1c821d7639424f3c75a44468ab5f7dd4e8cc

SHA256
15070f52136d5a8332f8d70f790bd7bb04cd6a99b386d40e0abedc40c42caa3c

SHA512
589c4a12c6b6ec1a1cca957da758aaa900e68a23b4bc2f42524b0e8dd34f6c5378541d9293eae1ae8d478bf5b5229ce4218c058fc3b399eb5756afeb05c68616

Download Submit