bc850c692e84f67ec59c08e6e893e479b6b1a24a5b4097dfa3c70396c9bb9b40

Analysis

max time kernel
165s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
17/08/2024, 12:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bc850c692e84f67ec59c08e6e893e479b6b1a24a5b4097dfa3c70396c9bb9b40.apk
Size

254KB
MD5

241c0118347f7af0a76b6d868526e896
SHA1

c34f1f3911a04513e69a6ff042fc1fb619459f81
SHA256

bc850c692e84f67ec59c08e6e893e479b6b1a24a5b4097dfa3c70396c9bb9b40
SHA512

f5fb725f19ebfa69f04e3dcd311d1d8e7f7b5ca5f1c83a38ff5a8f266ca6620ee7b06dac3b943a1ca1c912e177b88e773bc1f5abb4145447bb9e9042df52a20e
SSDEEP

6144:oyxr4i5JBuB6SdsQN8zmnDbAYWDz3X7OdcibM/ub881Fn87JGcC:JmyJBuBsID0YWn3X7O+ubpnWJGb

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	net.droidjack.server

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.droidjack.server

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.droidjack.server

net.droidjack.server
1⤵
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4255

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
f553d76d0e3fd64242b0834f349ef2fe

SHA1
26ebf0fbe2ee1bc0e6ee3b3f3381a2bf4b90144d

SHA256
2e41ce5542acec52b8e568ffb9bbce1dbc00ef5c3d2acddf2a316072fca59985

SHA512
af168732def9efd1c5323cb8b8fb869ef90f5718bced01f04c9bf86d581f06880d5ffb4d89c26092f3c250aeb81ac3dc6c60a445e6bbc7215160da2d30088f58

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
366dcd0101303feb8e6d3b5f30a6e02a

SHA1
057d117b04ecfe1bba14df1e1283eae319047d16

SHA256
82cd3095d30a0499fe732a916c2d661a3ed16027c8986ca83119eaa3bd43476c

SHA512
c54eb01d949e2a19a34fb5017fb8927138436a6887010cd986d3a6dabe4860c77e26322854af2094710d728d2c3061fce67ed0f491d9f34df925be12123b8940

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
225ff2943f069280fb3c94a1da4d2783

SHA1
f147f4c474f61b5033314e9e2628c87b857b40d2

SHA256
1330a0185f0ce94f7458d214932319612b0ffd4e6824dfcd749b037f585e8d5f

SHA512
4dbfb833e9127ceb9d5d00cb5cf4eb1dc15daa687a60a04de427824e88dd2e76f38df972967b2c2ec31dff0efa1bafbd92f74e931336e883e23a86315b60799b

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
512B

MD5
03d2ddcfe39e53c4ccfef1e7025da9ad

SHA1
a5605c354b167969d19564704d1e7c4d36dc90ad

SHA256
c6ae97415c196180ab0bddd6c7e90d5a0ebdc9dc8a4de2deba8c981a6e19daf9

SHA512
92ac9193ed83d327e59364ddc50454592baf86c15858bef17c0f9a464cbc31ddf7f2df1e7d461eb084db3e092cb839362d1a933676d9a057eb50fea0c06ddfb5

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-wal

Filesize
28KB

MD5
70e0774841b5d163c5e786b19fc3c9e2

SHA1
258869a444daf75fde174cb307580bf75e14396f

SHA256
023b9360989b75a8be5a157e0ab53b36d58c2dd2b4b9866abedfa360fbb420aa

SHA512
f0ed1fc9b795166acd075756a62f1a13addccb337ad701577d36ae18967c30f405c04dbbb91643941f65e99c85212e2ba75c9a68765c59c73f70f483ce6df231

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-wal

Filesize
4KB

MD5
172bb3559d34bcf56441bc5507519b12

SHA1
7b659235c0ef35fcb1594923b3e7cab0eb904512

SHA256
2c1fe5d4ee45f89b0d47d2d956417c13961ec7d3970eb718d715a6fa53b9f973

SHA512
0b9b7b8aba2b8151deb6c48ff062e8e634be0d9d874980e080aa4dd5fa28933416aa35300d733e6bd6f99d2508fce5ad5b445e7df4ab92ea06f952b2e2fbe4f9

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-wal

Filesize
4KB

MD5
999910cf62fc0abe15e11fb276a4e10b

SHA1
910f688abde4cd693ee22fd400e9623b80d41dc8

SHA256
ced69d35cbb4344257c06ccdbad0b7c25a05e9c7124e03fa77ee63503073ec61

SHA512
d8c8fae1da6cef3578e54bade2347f8e9daaca6ca4bbe7db06a33d7c06e11a228e05395aae054482a7a6a17d59aa29330e6b9d1bc4fee9ad454403cb245d4179

Download Submit