0ac41af2a229522de3197395ac25525a01365d3b74fd0008bb7ee67f901f5f35

Analysis

max time kernel
15s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
18-08-2024 22:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0ac41af2a229522de3197395ac25525a01365d3b74fd0008bb7ee67f901f5f35.apk
Size

639KB
MD5

44e6a9f4fe703ede9f0c23de1f439c9a
SHA1

ad7d76747a738f7947c51b7fd6e2efbb91468d4f
SHA256

0ac41af2a229522de3197395ac25525a01365d3b74fd0008bb7ee67f901f5f35
SHA512

60c5cb77ab0aaa41edda1bdf84599c9145a76f8ebbd90c2809ec71faf92811e1b61b77d4fadf33d49f8f56cbba24251cddef4621d1b7a9893cc967f2f4932360
SSDEEP

12288:lcat+V0bPTkoDY7rBWYyr3yxjoBEQI+t/w1PvbhIL/PEAktFtM+D:6q+VExs91yr3/EQI+t/WPvb+rP+D

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.extend.battery

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.extend.battery

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.extend.battery

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.extend.battery

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.extend.battery

com.extend.battery
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4252
- ps
  2⤵
  PID:4352
- ps logcat
  2⤵
  PID:4373

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.extend.battery/databases/applicationdata

Filesize
24KB

MD5
d3ebd20615144c4622084e59f5cc8110

SHA1
fc48c0ab1bf4bb0b6bdfda07c2513f373f48947a

SHA256
5db17a6e1b85d7ce6d31b6e6d841f0d2591852c5822c0d6126ee1d0991889174

SHA512
a8bc5151a0f8c48cbf752474a1b04d3209fc106ae9580f661b93f03bc62ac384903070dc8f62b9b9878c397c6c3e9c12bc93b1e93de9e23155d7d2908bb7fcfc

Download Submit
/data/data/com.extend.battery/databases/applicationdata-journal

Filesize
512B

MD5
332f1a162187ddb04fb5325aa69f11f8

SHA1
9db840a81ee4833fde876290ede6ed5fb49a49a3

SHA256
d44283edff70676fda366d6494d0bde6f5831117506afeb8e0116cfec32a2ba2

SHA512
319ac7f1878ed80d4321a561739506927f5909f5e368ccc64be1a9198cd1998e3f4b4fce6280856af2f39811b5ebb60cba172ea774ad776e22630a44da015c6c

Download Submit
/data/data/com.extend.battery/databases/applicationdata-wal

Filesize
40KB

MD5
76bbab0638bd87d4b74c49a8377a51ab

SHA1
224ef8ed6b570f0a19d75d82be845b7102f89784

SHA256
36b90bfefefc55c7e69a6d171463b15679d5dc79d5eb71456b86e91e59fd3124

SHA512
11e1a13619823f56a6695299dfad29fb5e4975aa0eb568deddea275d06f5d809ee364c90d16915210190a61f4b9f09fda5391307e6cd54d6a24b3245b6bd3139

Download Submit
/data/data/com.extend.battery/databases/com.localytics.android.85fa3c81fd09990a1141a3ce1d959e36226617d1d7b0cf4417616d3534cfc566.sqlite

Filesize
64KB

MD5
a9d080b7fd31eabfc2461ce26ddbbd40

SHA1
bf38160b3fc79e31a2459e976fbe30f0f0badae5

SHA256
27ef1a6fbfd2f52f851145841952c6e25fe1e88193cc6ddf68dfa6d36b99fd6b

SHA512
601fad277854f734934765c2b38cfa83c7fe3dfb84ecb0b7ca84deefcb745f8643fbd4fb1419529ab31501fb3c1ac4d634c36e23b83b303649edf42ce18c7996

Download Submit
/data/data/com.extend.battery/databases/com.localytics.android.85fa3c81fd09990a1141a3ce1d959e36226617d1d7b0cf4417616d3534cfc566.sqlite-journal

Filesize
512B

MD5
6c9d5b694360c4b9a7c6b5aa85846e49

SHA1
747979f09bf1d4cc15e9b70ef6b59c554d29be7d

SHA256
2f6ca6eb6f1b1668919a2137aaabbcc8ee282be2f9cda730f4db203cd37f28cc

SHA512
3eb37b2da974735352efd64865c52e8bf9e0e3902043763f4992133974fbb1cbd62fe088dcaccf1f9d0514f4660c2e6034860f928a09d3039b2302635546bbf0

Download Submit
/data/data/com.extend.battery/databases/com.localytics.android.85fa3c81fd09990a1141a3ce1d959e36226617d1d7b0cf4417616d3534cfc566.sqlite-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.extend.battery/databases/com.localytics.android.85fa3c81fd09990a1141a3ce1d959e36226617d1d7b0cf4417616d3534cfc566.sqlite-wal

Filesize
402KB

MD5
4cbd6a246a25745c7f632e30fcc22ce6

SHA1
ec6fb37838ffb32d471ae31bf5466028e932aaae

SHA256
0bfd70b3b52bc60e42358998371a06588dd42ccc28fe769d02ec8d99ed287668

SHA512
a6e49d56d4b057c80964bde87f1b63a25b8ed6b33221e45d6b99b82f669af134e34b419cb6e0108be59a392188a1906a21a1cda7909d4e73222e7eedabec4a66

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads