2424960addb09af62ec7d2f25873ee38801babd96d70e03a350fbbfe1d742551

Analysis

max time kernel
47s
max time network
131s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
17-08-2024 00:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app-armeabi-v7a-release (1).apk
Size

12.9MB
MD5

9e82f28c68860d89027a4d89e64f5c5a
SHA1

f7c93919b888aa956d670426a48867ad5c4beda6
SHA256

2424960addb09af62ec7d2f25873ee38801babd96d70e03a350fbbfe1d742551
SHA512

547276c4c7b1f0b72494e2b0710b5effff18d3dcdbb8126a03df8bcde8fe1f8e8eba1852746d92beb84f0cf036d1572d70f43b6d217357205d067ba84e8e13f3
SSDEEP

393216:hPLoUk6XY51DIu9IiT9r8OZv4JerIOzTSDCkCI7Q:hrk6o5NIu9d99qeHzmDpCsQ

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/system_ext/framework/androidx.window.sidecar.jar	4612	com.jhelum.gyawun
/system_ext/framework/androidx.window.sidecar.jar	4612	com.jhelum.gyawun

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jhelum.gyawun

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.jhelum.gyawun

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.jhelum.gyawun

com.jhelum.gyawun
1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Queries the mobile country code (MCC)
- Checks CPU information
PID:4612

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.jhelum.gyawun/files/libCachedImageData.db

Filesize
16KB

MD5
d1b93c4b403278d96f22ebf0ca5c4f8a

SHA1
16ed8a1806dc22c8d92e1b444b98f1488b3618fe

SHA256
39d3be04dbf159f04a61307b49408cd59921ba0399284c7415b26a46ecdc919b

SHA512
8e0e2da725638a229994fcab229ee40be53341129925e58397c769d9347da660fa1fd8f763fb1c9b711795317338f0d775b8226ec1fb538e60415ed71f4f028d

Download Submit
/data/data/com.jhelum.gyawun/files/libCachedImageData.db-journal

Filesize
8KB

MD5
a232f9f3e759de492361945aef6eac48

SHA1
80053cb0ad5d3cd9734b45c38d06e8af0bc0ba6e

SHA256
1d69f508199fb66c4355125423b5e5ecf2d9f4affe436c4f32877bde762fdc87

SHA512
6fdbc7a895ba2aed02b84a198ad4f3442f4f7161ad96290afb923f029a191b4c50e4c74430c85025b1346de3f1ef4fdb2f38efe5ce1eb76dd930670807c66f92

Download Submit
/data/data/com.jhelum.gyawun/files/libCachedImageData.db-journal

Filesize
512B

MD5
d3a2217c1426ebf97552d2441792d44b

SHA1
841a0b21363c946198b69c7f4f8d4e006cb6fa28

SHA256
9663c4c1f8955670470ae363bf2553dc57f05a9cec3c8f2db288e6892d604794

SHA512
b501e08d7f5093029da7a1c2370f8b6b95e048b31a40f931dc5b58b3011ecf9527150e8c60b6d3748ad78b9b71167d6db8c5d56e20788dc1e5eb4cb07403005e

Download Submit
/data/data/com.jhelum.gyawun/files/libCachedImageData.db-journal

Filesize
8KB

MD5
9fec47583db425a436125ff2659999a1

SHA1
8170d6f07eab42cc8375c23efd66df9483b5998e

SHA256
79d1a4aae97841dc22c19326d3ecaad7f40ed2aad54e8dbdd04069ca981f4f17

SHA512
6139c052b105fadff8e95f6824c8e3f0a5b7246396cc20c0afc4415c8c8ff32ab4e14f92acbc1e2515168932a7863f9c3179121743fe2ae86279e702c9594973

Download Submit
/data/data/com.jhelum.gyawun/files/libCachedImageData.db-journal

Filesize
8KB

MD5
9a20f4a958af0220c3441732ef9a68af

SHA1
180d638a570c818724bba7bc70b1cc0c5c943f86

SHA256
3440d9d7a075eea0f6f9bfe3a58ee0d2f3c5a6c205d5a434c36b0bdc789f8189

SHA512
637381a88443607a20bbdc2d62b6f52cba745ee3c2ea79d4b40e7814cef4e73bfafe8f8f12e88af1c4668fecab8256397c9af60c8e8955d880fa6c984dad062c

Download Submit
/data/data/com.jhelum.gyawun/files/libCachedImageData.db-journal

Filesize
8KB

MD5
1d1d51c16db2e8048ead320f1a683af5

SHA1
95cfd881ae1aa785d74147ece80ace4781287246

SHA256
1374f0bfdc8917eb28120e801bed88de125c2f96cbe153323e8bfbd19a467e8b

SHA512
fbc1efb6eb9be46c99f818015440becc0cb2e6aedf1b3e50e623c63c9c5af073c3a0834cf942530bb38541438f473691342148381dd7939d91ba33a70f2ee09b

Download Submit
/data/data/com.jhelum.gyawun/files/libCachedImageData.db-journal

Filesize
8KB

MD5
c86a3fc81a4380f2b1b521d61330d150

SHA1
37ef3d27cb527607dedd17e7ba7d89038b8a62f2

SHA256
fe7b9177a9de1350025d2f37ef565b18bd4c218ba7a779be923a432232404c22

SHA512
d13b9ce837dc021bac2b6c9f7c0c460fd5d62b378f3069065ce19d74a108af421c7311a7f2d99aa3b558f8414c58bf0806449d846ab1a72afd6e186892552894

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
12KB

MD5
bdf3529e80318eb14e53a5bf3720c10d

SHA1
25c9ace4b1af6e80ebb2572345972c56505969ba

SHA256
bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b

SHA512
48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

Download Submit
socket:[69390]

Filesize
45B

MD5
0abedc32afdcbfce6589e6a173fb0cd7

SHA1
11ff2e2a6e2484a21bb41d5090707483453a60d8

SHA256
6cff1d4fcbbbf858a71f06ccb198266ffb65cb1dc6cebd43aa79b32f7d94bb4c

SHA512
95ae31e9cb7d59139288bd8e9f494f673008fdd0afb9d29814457ee087c8607d4862ea7aa9309a0ed2722256445b0a791d714fab72af9d6c3c1765bca3ecfb1b

Download Submit
socket:[69627]

Filesize
53B

MD5
4e5b5902e144146aa9736b6198f063b3

SHA1
6b4b2b64159550d683b33582b9818d86c9cdb67c

SHA256
72a83d3079da9a6321e8fdf92f03878c26aebc8ea472b726e9d8ed34af947bb8

SHA512
844ca2ad1c86043d2d78a6a00d585cc6093690bfdfb98cec261abba32a5bfaa404a2831ca275e1354de3a3ae24e3149023930327f6490de50237f03412c4192b

Download Submit