a1647fd5225a321a2fd16e3a08cc2b4bfed6e645ccc1ab3d854d5ecd9bc3b633

Analysis

max time kernel
47s
max time network
130s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
15-08-2024 22:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Live_Net_TV_1.1.1_.apk
Size

11.9MB
MD5

f2cc29dad8d228009d8ba0427e80d862
SHA1

67833d6b9da1dadd22e523ecd7057e52fa8dcdd0
SHA256

a1647fd5225a321a2fd16e3a08cc2b4bfed6e645ccc1ab3d854d5ecd9bc3b633
SHA512

7e6d3c37672c23cd3512fb951e3c184aebf5e6ea99eaafaf6f33731f9dafd9fa953556fd453b2abd5a5a368ba999d30e3fcd1aa952fc48670a8fd38c480c1d51
SSDEEP

196608:BV1DluXHrLs5k01rFQRRwanrEheTOFoxSMh6D/OkuJ0Dt0L+4zFzSvu4+9Coq12N:BLDoXLLs57rFUyeqFQ9eOkuJQtuh5F4C

Score

8^/10

collection discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 8 IoCs

evasion

System Information Discovery

T1426

Processes:

com.sportsmasaladev.livenettvapp

ioc	process
/system/bin/failsafe/su	com.sportsmasaladev.livenettvapp
/system/sd/xbin/su	com.sportsmasaladev.livenettvapp
/system/xbin/su	com.sportsmasaladev.livenettvapp
/data/local/su	com.sportsmasaladev.livenettvapp
/data/local/bin/su	com.sportsmasaladev.livenettvapp
/data/local/xbin/su	com.sportsmasaladev.livenettvapp
/sbin/su	com.sportsmasaladev.livenettvapp
/system/bin/su	com.sportsmasaladev.livenettvapp

Checks known Qemu pipes. 1 TTPs 2 IoCs
Checks for known pipes used by the Android emulator to communicate with the host.
evasion

System Checks
T1633.001

Processes:

com.sportsmasaladev.livenettvapp

ioc process

/dev/socket/qemud com.sportsmasaladev.livenettvapp
/dev/qemu_pipe com.sportsmasaladev.livenettvapp

ioc	process
/dev/socket/qemud	com.sportsmasaladev.livenettvapp
/dev/qemu_pipe	com.sportsmasaladev.livenettvapp

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

com.sportsmasaladev.livenettvapp

ioc	pid	process
/data/user/0/com.sportsmasaladev.livenettvapp/files/audience_network.dex	4970	com.sportsmasaladev.livenettvapp
/data/user/0/com.sportsmasaladev.livenettvapp/files/audience_network.dex	4970	com.sportsmasaladev.livenettvapp

Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.sportsmasaladev.livenettvapp
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.sportsmasaladev.livenettvapp
Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell information.
collection discovery

Location Tracking
T1430

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo com.sportsmasaladev.livenettvapp
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.sportsmasaladev.livenettvapp
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.sportsmasaladev.livenettvapp

description ioc process

File opened for read /proc/cpuinfo com.sportsmasaladev.livenettvapp

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.sportsmasaladev.livenettvapp

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.sportsmasaladev.livenettvapp

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.sportsmasaladev.livenettvapp

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.sportsmasaladev.livenettvapp

description	ioc	process
File opened for read	/proc/cpuinfo	com.sportsmasaladev.livenettvapp

com.sportsmasaladev.livenettvapp
1⤵
- Checks if the Android device is rooted.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
- Requests cell location
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
PID:4970

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Process Discovery

T1424

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sportsmasaladev.livenettvapp/databases/StartApp-d6864f2502af7851
Filesize
16KB

MD5
263c17d16d569de965d8540f59292450

SHA1
5abe48fcc5d17a4d175dc9204b271929a7875f96

SHA256
39f28c050f91d5d56b0a7433d4429de4284199b03bb443ee68e7e3178b249026

SHA512
02057256a2201b295ebe36d0c6e23e220f701ff25dcf6de356ffe53b9a0f5fe10722558965d31a4ba4f22b1acdf700de35a1c387dfa135ffcfcaf6193e70089f

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/StartApp-d6864f2502af7851-journal
Filesize
8KB

MD5
954295fa42e801a6bf5e40e46301a6c4

SHA1
29b2cb8cb22b9a74830a137a516d8b5462dbbf68

SHA256
0118a2e4c7d57ee7a7ac5f2fe4c167e1049477d9c43fb103162e1d89dba2e8ae

SHA512
9c0907c67b9c0814e8e1bffcaf3bea8465fe019de9db8c2ef3e7a15979f66703768ad4b36806d62e617ca13e3fe42d51a9d78f2193171fb0f8c5929195983220

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/StartApp-d6864f2502af7851-journal
Filesize
8KB

MD5
854e66b6472645cd0df5f831d126e51a

SHA1
81de3642db690bc567ce412d63e8e5beb22277ef

SHA256
46b68fb889c521a30f0d3b3c7115c42e0a66e281908478ceb742e3c46119922d

SHA512
fbf186d208e9db7b56e494878d1f961f1f1f894b18b3b59de4b73f9a999c9bcedf16cc7b69818862d1e852ca96e89261408c54c314d8b80394dc5056867b04bc

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/StartApp-d6864f2502af7851-journal
Filesize
8KB

MD5
80ceaeb3b21d118b539e5d830340bde1

SHA1
fa7750696552c74e3b7127fe4b3743308ee858b5

SHA256
18e6d6f5b1f60c6ce84e5e516e1b2892a159c708d6fb39630210cc2b7bcdee8f

SHA512
f7dda5760191d1997497991e8356237a3315fad9d5b36b7dfc91d3555f2f23964c879910dba5ec002d34b9ba0f7eb57406536a93ed29bbfdd0cfd68818890626

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/StartApp-d6864f2502af7851-journal
Filesize
512B

MD5
3f7ca047e332ad2091b41adc1ed91eac

SHA1
d9f4067622a923980d74fe75475caa5a8f93201b

SHA256
bc62d34c1d46ba465c03a3376d7d1c56f8d8ba5fb39da0f938f7fd1d82036dc6

SHA512
96b1f10388983252c0e242b96deb0b644100036939a42bf5e46203877147aba4468bb94fc09a3732ce7cd4579e8632666a13cf6a9e9c174885fe71b73cea6d76

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/StartApp-d6864f2502af7851-journal
Filesize
8KB

MD5
67a065e324e862c2ea2e1a448019482e

SHA1
7aad15ea69b21f724f724f2983a0000614aaeca8

SHA256
dbaebf1ec56e04d4ec9dfaad96d1dca9ce91a79bede1987a9b840dd160c9d881

SHA512
612d4a24b088a47969d5d071cdd9cd044f31886741963f981c08707a34fe7e98f700bba6966fda33221a5acfd6525122d3ce363045c6c11aed28952f6217d617

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/StartApp-d6864f2502af7851-journal
Filesize
8KB

MD5
9c42d617be2a8cc92271db510112c55c

SHA1
a18a94a69458f76a7d23ffcb3f284d7b7c5cafaf

SHA256
464317a149a1bd129f2efcc971ef1ab5706e23a2d09fe584782f88bd049e4275

SHA512
f6373381e15f3b6228739dffee4cc4fbfc484473488347777849f970402fe26c1d25dedc0dd631c5cc9a5c40e5c5285bd481d2e6702706e1678e1e53a28aad4d

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/androidx.work.workdb
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/androidx.work.workdb-journal
Filesize
512B

MD5
ebbab71dfe4c33ec0731c31d4eba8707

SHA1
163e7b5ef864f86569ac5f2009d3582c193339c9

SHA256
03f3d0fac8f1d45f5063e2666acfe201d3737311fad9e8d14f9c5f06dc0e554f

SHA512
1f91a139fdf29100f4d4ec390fa04e34a2eb9cd4abe4396eb0b1713a0759f77ca6a324bbb07098ce29dfb5ee7014324b0a5833651293485c5004be80f9a012f3

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/androidx.work.workdb-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/androidx.work.workdb-wal
Filesize
88KB

MD5
0e34f157e303fc5b0ce0abc6aba8a377

SHA1
a5f816fe9f08cfee8bcc95f738b52e0033a9bc04

SHA256
8c3c6d3579412cd1a120fc4a50fa0e09bd4bc00adacd7cf3dbd105732d2c6bd9

SHA512
535938a0414d94c1546233b4817c174c05ff34267256f97c077892442cb3a5fb67ed788bfa21e117254e86946f2768112fe2eb2949fd581dc66dd6de2d518b69

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/androidx.work.workdb-wal
Filesize
16KB

MD5
e4e8cb9ebfbcbd1d2da919e511dd17e3

SHA1
64ff911e3f43e84bf8c022c27c4527798cb57ec6

SHA256
9cde0d2c18419cba9028916078cdaff26446cba4f5fbb57af47eee63fc1f0a90

SHA512
c2bc3a9d39684fbca099b2759075c2ea3e6b19260099c8c38e42c87961d87fdf36902ada5cec478a447bd0b53c526dd3348131a7ae16a6aaff847385cecdc0b3

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/google_app_measurement_local.db
Filesize
16KB

MD5
c37b04e1c5341ba6ea283ba0f7964664

SHA1
c13868849b1b85de3232d5677ab62908bcf94897

SHA256
93847d79b16e79b0c497c2b33803e2e2eea12b2ca86c6e9e1c0a24918ada71de

SHA512
69f56aadf8e8b731431f535a09500f18c73a734905b0c3baa86e1f03cc1efbc98aff04339dea8fd672025c9eeed759c8d4f945e2d3b2e4e779daa5c054ce9392

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
bbce945a5eeb3f3808a85e550576e566

SHA1
1da8ab547df3506c67c48bced0bf7367a7a64c57

SHA256
773030184a3c25611e5d1da6aa110d8ad9cd3409d90e08897a8e1b65b77009d1

SHA512
ba2eadb1c3144bf29a0eed23633e79e51f936a1bbcb139f45015600db2612bcb3d448da5eab6c4fd43c3b6693a25918e96f4742ae4cfaa4f7686a9bd668e2d69

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
a46fa1c958aa15d9d77c14e48a5d48cc

SHA1
0111b956955a40e446570dc6570d210d05c7fd17

SHA256
bea9472a34340e312c538c526a5f49dfb6be22f2e0c3197b961d18bbf883edc1

SHA512
2cb639ee7ea41035ad0df4e53d457225b5d5b86ebe8859de3eb4dc25d33d830a7bf707a32ad2b0e6f95a9dfe608ec51d20e170137f7e8b067ca7f644b42e1cfd

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/google_app_measurement_local.db-journal
Filesize
4KB

MD5
6aaef13a6dd6c1de80bc16d241c5151b

SHA1
22a98ba01166f0c9f056aca53fe37ac3b220840c

SHA256
9101891a74c0c10b97f505a80e29b606d04cb7b448b18ded34dc63df3877a557

SHA512
523b652109aee1c155f64b897270050683a11230dc99d5709794f8e9d780fee5abafa1e729732708444e9275858bdf3609d4817d328cff94adcc85e56022d195

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
09b104ce46813bc353a3c8a0a4a35c89

SHA1
196e02d67e4aa1ccba929e30980a6e11a44f1577

SHA256
1198554f53b40fff08463f419fd71b3be5c4160bffa65835bb8e38ae3c890779

SHA512
e43fac6a3c13c17f034477c698fae7caa30c7411dfef204f2e599a919fb0a0c1f054e64cde8fbce39de4e5fb4ae937c5ad1e8a7a98ac277795d749d1ab968870

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
b19a29185a62975431c4178bba557080

SHA1
bc856555438cc58f54fdeba502a3a57a19767f32

SHA256
7b1c5db15ad887f9ae2673a59628b35bea854208049050c604d4e5b4868d1c8d

SHA512
35495baa8fbe4a968fa5d0de72fbfc8f5aca157b7bd25c80116b1d73c2b90fa67e30a23367de590ac4c028af2250ad7f80a90ef48eb97e2353be1704c5fa1a03

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/StartappAdInfoMetadata
Filesize
1KB

MD5
3ed45b8e04c1f40f26fc533eb6a799d9

SHA1
41d55b1ccfd63c4931cffd77ad0ed12c6e68d6b3

SHA256
ca976498b22450d5645c969043abfb7d902ad8484802dc30cd905094d6311fb7

SHA512
dd020add52e8b241d0edd5d45aaddc4c61c0d6a7a09deb9b7368ef0c715ed7e54ee8ac12b9d6c2ebd73ea8caf5a67946a8f0ce552b3db85c669aec7172628cea

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/StartappAdsMetadata
Filesize
2KB

MD5
477383024814479845712605568a3761

SHA1
9f758c22396a57bfee2093f9c36c2cce40c98424

SHA256
0b2ead202c01d9ae14dd76be9301c57ae6d7e4ef49869e0723f12d6bcf38b912

SHA512
97a11b2a22c61055d1df7b15c958ae788ebab4a16bd1e617da81f8b35bde9d56003b8cc85d9a1fccfb75bacc0f150089d0c765b2521b8db034451757940336c5

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/StartappBannerMetadata
Filesize
719B

MD5
0bb8aa5a3510fb98f74a7eb6f9c2d3a5

SHA1
57c61988738af76f1feb1a9f53cc86558a1883db

SHA256
05a7be94c1197782ff06ed4ccc31625efa90dd1e1983b29ee9295101d8872105

SHA512
a3075427c33ec3d9f1f971ef540b3eba56a2c298912d02c8d447d8218acb94944ea5db58fed13988edd11847e9972d76884d294567e33fc05e0e313e750a7684

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/StartappCacheMetadata
Filesize
884B

MD5
dad84ac9f386f3ccf07e4834f5b19355

SHA1
25c11358a51cf723ac67839297d00b6a8868c77a

SHA256
5e5b3c030c5469de14cb6f9687b7c003aa8216660c0f03035f2ab9e2e71ea09b

SHA512
c34565c19ed20d7b3e9f102eeb93e2a2d88322a800aaac0312f3fa70ac71efb47e32097df9f9188d50df13074a8cba614a57bfb277efc8f711020079cf024a18

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/StartappSplashMetadata
Filesize
1KB

MD5
4262ca4487ba649cc1a9edc24ccc8a62

SHA1
eadaab53ea9792c3e94c5edc7794a08376eeb672

SHA256
afa4a22f320ae1da2ed9fb5ed8abcfe193d5afcf37b40710b807b9a0e6f7e70f

SHA512
a02694b98bc80e46ef2d31f47e62c43b8c7da04b16af7ef8af4efcc2c8b8b72381347aaa7e6fd54af1e46dfcff2d52f10f9fc2e5c39353041007b3e18e955c55

Download Submit
/data/data/com.sportsmasaladev.livenettvapp/files/audience_network.dex
Filesize
3.2MB

MD5
69cf159b893eefff9a8106cc3ee37e03

SHA1
165207adfe8c6047ce9f3dd38aed50796c1660d1

SHA256
26fb1a790377e11135bf8bfa7552cc2797d351df60154ea032ceeb4463776fdf

SHA512
379960366739517c1c856834227aaa1a30a20a9bab730d4229f200192f2c643b69a3e2e114dbdd743a69577e0b7b477c0d14e71c31ee491e137ec405f79e71aa

Download Submit