hxxps://github[.]com/Endermanch/MalwareDatabase

max time kernel
112s
max time network
118s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
19/08/2024, 00:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Endermanch/MalwareDatabase

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs

Web Service

T1102

flow	ioc
75	raw.githubusercontent.com

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.android.chrome

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.android.chrome

com.android.chrome
1⤵
- Checks CPU information
- Checks memory information
PID:4316

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

files/dom-0.html

Filesize
202KB

MD5
56d5b409aba2c557debd4b0a99e2ae01

SHA1
a430b96bd5d8364e4c698eb6b3e5ec3adff54898

SHA256
de9ab573b438e451fa53fb911e28c6cda235be8dca61af5cf800ac2470908efa

SHA512
775647305b907714fcfa74243ccc457c11adbb1da09d34326764ac9a9513ce7b35b0f244548cb7b267b389e02ceca2cd813552d4e385901b8849ba4f46eb7513

Download Submit
/storage/emulated/0/Download/.pending-1724633404-PolyRansom.zip (deleted)

Filesize
642KB

MD5
0ab3e0bc35f2a5f92eedbc5b3c6d594e

SHA1
e54219a5cba5f55e0089da3197382707024ce8ba

SHA256
0f131bd204a0dd848d09165522a326b0a46017e7d86269cc3e73f067c4a883a9

SHA512
96aa9d53866a83bc6edbdbc36b05490448ae02ac8cbf481b8b8ca4f84025c8f72960d5d1ed6af29447451f6d88925906ea5751c590eaf6410259704a5841bbb8

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads