bc850c692e84f67ec59c08e6e893e479b6b1a24a5b4097dfa3c70396c9bb9b40

Analysis

max time kernel
7s
max time network
23s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
17/08/2024, 12:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bc850c692e84f67ec59c08e6e893e479b6b1a24a5b4097dfa3c70396c9bb9b40.apk
Size

254KB
MD5

241c0118347f7af0a76b6d868526e896
SHA1

c34f1f3911a04513e69a6ff042fc1fb619459f81
SHA256

bc850c692e84f67ec59c08e6e893e479b6b1a24a5b4097dfa3c70396c9bb9b40
SHA512

f5fb725f19ebfa69f04e3dcd311d1d8e7f7b5ca5f1c83a38ff5a8f266ca6620ee7b06dac3b943a1ca1c912e177b88e773bc1f5abb4145447bb9e9042df52a20e
SSDEEP

6144:oyxr4i5JBuB6SdsQN8zmnDbAYWDz3X7OdcibM/ub881Fn87JGcC:JmyJBuBsID0YWn3X7O+ubpnWJGb

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	net.droidjack.server

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.droidjack.server

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.droidjack.server

net.droidjack.server
1⤵
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4934

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
ab9b76032f3671e636504f620ed4d205

SHA1
21e1e3ef5f95af48acdd224ef1f40ff12467521d

SHA256
4da0f7c511a540be366bd92014b6279194cf5da3c47ddb8acb48526f1ad967ab

SHA512
9e133dfb122855076eec7967f0e73fef6f8cdd655b32f9ee5d8cc7de1114212d10764839359b38b63e73772517910662109d87336a8507a99ca1085758841725

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
21cc619a1a864ee67061805e7c2212fd

SHA1
9e7f72def852059017b649e9ca81ecb022b7fe65

SHA256
42d8efcb7f308fa14dd407336f6032418452c0989687ab41f4010ed5b2499240

SHA512
46850b69e173021667efc89981c77819ff253dba429447a1279637d343d30116f865f1753fa1664ff3e7ae1395efb52086886e6fff240dd91d004443e1ee3bf5

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
30c5534cc8e193d6d44d7f88cf958b70

SHA1
0bd575b2d455d6312f5c03d66f1c98c1636481f4

SHA256
d9053d1f628d3c65bf30ce45e82d2c0bec1fdc1506537b9d9903ac881707054c

SHA512
3223db8fa8f50069c5ac9d223c9c2a881c308cbbbbf62ab0329beeb693171995e4752aaa0e755a6352ee2152689cd361220dba4900154e57e4f0a1f3958a5330

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
512B

MD5
0e36370c7388fb8caf288b809f7bbc46

SHA1
3d2e641e1738b0e6a732bdcb2b04c6394a3bcec6

SHA256
ef973a23566b540686e436a0a657f668fc7a17bfac8cb3696bd7abdb0be51bd3

SHA512
afee1bcef5f81c0d2fb9ae6759f6bcc286e85353e8f03acb8b17027da7c58991cc9cc2fba729d56aff8055f4e79539cde7e401ef906a77834771d4ff0b54538f

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
100affd0465a4addb285574e6022cb42

SHA1
8e6896f48a19669bbd1869ff1b017a7eae5962e2

SHA256
585a5771e79d2bedbd79c898a85c2689c65fb88eb33ee3e81f884a1eb5b214cd

SHA512
7f5f4b9e24f8ba015432220a33844ace53e87dc0d2022e42b0a66884367c38d446c26fda2653e483f85238021f5d451afa5ba4203e03c28f0145ad4018835207

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
d091be3fe27f61b104b887ed7f7557cf

SHA1
9ba8693b95d4552047b2b2afc5818ff039c88105

SHA256
c8e82f19cec1af2968004772161f1210baf282293d1d2e72e97a08db08cada7c

SHA512
1906c91a8827cb709c3962069e739c5165b36533f2752043c07e8ce4d82501a323da95a4bbfcb28897f78906a1a05675f1e3599fc0c8e49d2a0d1451d93580d1

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
38643035c1e124fe44c8efb74304898f

SHA1
d8e3304efbd791396cec78504453c781db8c39b9

SHA256
f8dc0d9ddd6c6987b55c4f47517d31af5e1b62cfd4ea566682c22298c7db8cc6

SHA512
268aebfdaf3fc32ed53d07467ee88ecc272cd00982c29511e78d5ff222630df44712fce770c1fe0b7c13fbefdcfd75bef63aea25b1dc92aea3d335052bf7ed1a

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
b0ef47bb16a922a86cbb369aa885f7ec

SHA1
e308f1b540842461b2c07b1279cc00c7ec37850a

SHA256
f60e7d3725e8f98c205868d29bbf8fa20f0b14fef87d1b32821ae68bf9962396

SHA512
29749a2d0f57f2fc9eb45808deb5f18a6f9079a9d18c788414df3441aac249caa768c9a5c5f1ced9466647c87f4959948474d70499ebfbaa765421e0bebe5962

Download Submit