6eca47f1713000790d4bf4eeb3d7565abb78a091fedda2c78061203e660a4041

Analysis

max time kernel
46s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
21/08/2024, 07:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NewPipe_v0.27.2.apk
Size

11.2MB
MD5

25f81a14b92437773129d07e2460e045
SHA1

da9ae44ea0e405917e26b5108b2ecdf2e0f86807
SHA256

6eca47f1713000790d4bf4eeb3d7565abb78a091fedda2c78061203e660a4041
SHA512

9b58cf11ae1b651ed360f5b181d8682058345503b19ee9447d6222efaa83bda20335aabcc8ec4e59be0f69dd24eed88b438a7cebdfe5abd6e52f42ad1484d1f3
SSDEEP

196608:JH9kbpOx/87VxfaV4pfwPc12mIIXq2D3nytxK3pBDipLHE:xSp57VxfaVjPc12mB6PtQpBGW

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/system_ext/framework/androidx.window.sidecar.jar	4478	org.schabi.newpipe
/system_ext/framework/androidx.window.sidecar.jar	4478	org.schabi.newpipe

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	org.schabi.newpipe

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	org.schabi.newpipe

org.schabi.newpipe
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about active data network
PID:4478

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Process Discovery

T1424

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.schabi.newpipe/databases/newpipe.db-journal

Filesize
512B

MD5
3ef6312cf81c248928d46eda966e3caf

SHA1
571cfe2d1eeb95f44d0e52b868de9d4c125d62df

SHA256
19ebea08185a4fde8c5f3d830a0c05384202119e0540b8530ca7e988cefde271

SHA512
e35346559959ac57d8f0f623e23d29ea36a0516765f670186c2b8dcbb731e2e50b4c188155c449fb01b12b2a1332498cf70cf474ebf87c647c370d4db2e05448

Download Submit
/data/data/org.schabi.newpipe/databases/newpipe.db-wal

Filesize
16KB

MD5
832ca997755db08a027b6f873d0b9db1

SHA1
3b14a0ee0e676b04654add1b3c45c0368105ed37

SHA256
e24b94299e0f73060446a590decebf1ed40fc073da684dded4d43903c552e29a

SHA512
20affe53589622ca824e83a2a679be08b5ebf5e3f577e7b6e2465b133ad2c5149f98d79e51057e91bf02f5ddf1bf5dc54a8e3d975d00d3cf39255310636d7272

Download Submit
/data/data/org.schabi.newpipe/databases/newpipe.db-wal

Filesize
144KB

MD5
2ba40503645ff9233debc1470d6ee4f7

SHA1
f78be72a7f85ba571314753eb169f2b97be3736f

SHA256
f8354380cb907f84bf9dcaff6c796bfe6b25c66871ac25e0a09e955ba569884d

SHA512
2ebd46c7e17c36e19895ebae7716d6b0b66705b0ff765c5ec95b47b975ad5a8432f9213fb503a50e68931e0baf170c60f3007727b961c0991d8b2686564535db

Download Submit
/data/data/org.schabi.newpipe/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
b3d467e2d514afb0f5eca572f1c3c5f4

SHA1
b1a51f63bfc2f418d664f355895ce26872c624b0

SHA256
8358c53fc2d604148eb9e8e8eaaff1b1e0c090cfa43bdda4366c7bf9f33a932b

SHA512
7475b669e5fc904c5be11968dcc2dda7c368cc9aae539824592851035fda6432ea6881f86ee6c295f12f901227526b4b6e42df4c00fe25b0bfdc346de0589eca

Download Submit
/data/data/org.schabi.newpipe/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/org.schabi.newpipe/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
e6a12c8b0712e5b8bb5b61dd1baf35e9

SHA1
d9984a87a5c5c14762d9fc602bc50bb6069b4bf9

SHA256
c11311985ccafcf04cd9daefb766728564da0e4cee8d0798fc909db354594465

SHA512
79fd880e05119fbd0d907276537e8135e8d0c206271df031a093d03d47ab83a5193ed49be37b1a3cd5e059a873c1eb74a85d5a2982c0bba0c117accfaeb16ffc

Download Submit
/data/data/org.schabi.newpipe/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/org.schabi.newpipe/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
2dae700faff42172b60ecd303cea014f

SHA1
94dfca6d456914e6ee191033c8a07f19ffd532b7

SHA256
54ec426db33cdb7d5f72151140a8d03215f6e079583a55b5e46673187c78eac5

SHA512
e6392ad4bf2ef7e387e827713976836c1090633195c870304a02f10f3bbf6972e408086e84a06cf98731d453fd501c4ab96e482e93b57e4cd5cdeae45b36a3ca

Download Submit
/data/data/org.schabi.newpipe/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
fc9cce4ea135fc8c87a2e57e342fc586

SHA1
ab69af764a727d53e28151e9a84150f8d50ceddb

SHA256
8370a2981ccb5f2ec70d1d713dfb2980b38c0008c65f6b6133c568a05ec942d0

SHA512
9feeb888a95f17f214e29d8f6b8b9db4608b61372eee758eca61b7f528c5ae9ed2c6c3054cd59a1c89564c10fb265fe992a6d0c9b8aa5f69ebd333491e7928ac

Download Submit
/data/misc/profiles/cur/0/org.schabi.newpipe/primary.prof

Filesize
3KB

MD5
fabca60dc5613785081a31a6986e8d67

SHA1
6ee70b07db29d31c8d6a2137c4cab849021f57ee

SHA256
e4e7483dd767bcb2d4765c50d5880769cc85e1dca803e94abf97e11bc93b80a6

SHA512
ca0a26d2d45a49a1e7c57d51e8923e8bb0be3c49b53b041fa31ef327759510465b24a7da95fe8ca0ef66e320309372be5ac8457fa24258b48b0a5c2ceabbd59d

Download Submit
/data/misc/profiles/cur/0/org.schabi.newpipe/primary.prof

Filesize
14KB

MD5
d716c3f7eb9bc9e14a48b2c8a1e237d0

SHA1
6ae5ebb9540fb7d08ebc20cfe7da19dffe7d4b3b

SHA256
a4d09a8d99fa6068e0eb75f01ddb463cfc2005ece80b828022058316d8640e91

SHA512
0f209278cc07a4fbd8eb41bd7d5e37ed0ef7f95c9bf4b47b1da015e76f2cb527d2398919952fa0573bddc6eb6f204e7f53bb0a8ac4aed430f82b9a83ea6c9bd3

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/0da56ae2ef23dedca0645b0303173fe5.0.tmp (deleted)

Filesize
6KB

MD5
561bff7d7db5035cd8eec31c3373cab5

SHA1
1cfb26acc1fc1ce24b71c7c8d5bb43abbb8882b9

SHA256
1ea8a0adb2a2f6c473fe48ec0a5949f8e4dbdc16c0aea79d5a2ba0642ef9dbba

SHA512
0750a31e5810677d54c1208cfb73191d011946f7630012976d199a13631e9799b8a7624c3ee241c58e8ed8f3bf57eee914567f443769f13475e5ff1c22452612

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/0da56ae2ef23dedca0645b0303173fe5.1.tmp (deleted)

Filesize
18KB

MD5
be629b12bf042450a3c4c7998ca16e52

SHA1
1eaabacf0929b5bf332aec3f9fc85012521528eb

SHA256
aee7b29099553c6c629a5f7b7807373f1670cd9d63ce667b1dda9157f98f8de1

SHA512
3a3f74bbb0286a30f2d88904241b2c393b746770aafa893c913ad0500f7ed0be641b62b3ffe43c154f56825caa0fc4de9068c64028014a81f7a99fb7367127f7

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/6b5a591af0c263a394ccc5920e6aa31a.0.tmp (deleted)

Filesize
6KB

MD5
67f33bc6ec690a7409fe9b6e68fb22a8

SHA1
4c4cdc4172f24121d49b5138cd8d593b95d064bc

SHA256
10385e78d832ded68ab26eea369cd78f0d7f0276f046056ac7419ed15ccd4747

SHA512
8a4383cfcd8004b8a5e2246a4a9d81b1d14473014cdf2548b3a094c73330d2b21f116ae1901711a8aad9afd64f5d465a4ba42b50c9f3bf272c2a509de37ec9fc

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/6b5a591af0c263a394ccc5920e6aa31a.1.tmp (deleted)

Filesize
21KB

MD5
cf728000c6decc13c948ad3db4048187

SHA1
296514ae28d75a9e76581353edc157c02664f24a

SHA256
b03bdcbd2e31724f33c18af92b7006a1a14930c2ec949694d85e55e664f78ab4

SHA512
c0103d7e571f9558ef40ae81620623dd40b154a2972c6ed5dab3410474687ea54de912e4036665f15214900f7e9a64899506fe40bd1d60616d2674e31930253f

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/c21cf19eb6f3d9aa20347f8211e9f969.0.tmp (deleted)

Filesize
6KB

MD5
50710fc79a890bd38d000a882edef84d

SHA1
9e578dc65e9566a2bb7c015b9f01b9118494d60a

SHA256
e54c979f5fceae0ba0054ad1eb64bc52e3add2e82424e8bf79e633de205710ac

SHA512
362bf78ec500f1b3a3d7f3370c12ef0b756137cde4abd1d8fbb22c7b78f134085447f9d278cd7d44967c66e9157d36d16d2d4bbb275f343f64f529e6db855306

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/c21cf19eb6f3d9aa20347f8211e9f969.1.tmp (deleted)

Filesize
14KB

MD5
1023f474279a9dc5e6c8cd98b656571e

SHA1
bc960a7869cd8b75d231f55f473c2470d309a5f7

SHA256
6f7faf1219f917ef700d7bd700533ba68be26d3703130654e86dcf0e48e5c1ac

SHA512
e1d89679888648e57fafe9ec5faa38f594bf930b07da8b0359ff64b0ea05caf32dff5d3676f807f291de7ab3e9f8bbabd953fdd715a4fe2de71097950b5baa99

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/e1d178d8e350836bab78cb85a3430be9.0.tmp (deleted)

Filesize
6KB

MD5
206593551ad5cb3243723e1f46935921

SHA1
4efb8e9b64f2e937c2db0a10392240432cb0e72e

SHA256
153f3e73388c3f590ed92594f168e536a42de56ca9f8e83753a66d2f17de8a94

SHA512
da9d1f92c538b7c415238dcfd541e9439f4515c77f2fb8238ddc4086edbd871ec339e08de010768776edddfe13df4f65d09d9bf9aa7b33c49f68051b5a418723

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/e1d178d8e350836bab78cb85a3430be9.1.tmp (deleted)

Filesize
8KB

MD5
0c64365e7e99f1af90dcc36311a2779b

SHA1
e39d0c94281d2594d9a5660419eae6c107cb1072

SHA256
b8cb86d7a3401d129b247ea19b89bfa02df4f2ad96688a833e89e7bba67e039c

SHA512
5e1fe96566d8ad2ea68067d139d1c745b54df774ef6fa90720cdaa259b28d6f20601c4ac57438c2283ddf7c1911ab949072411309123aa1b659bce62d5e7e8b6

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/e5d1b3bbe87497953ec6b0e14b3d7c88.0.tmp (deleted)

Filesize
6KB

MD5
03da792074efc3ff9b351c483fb070c0

SHA1
38dc10868b92cbda21430719ab677c13e67daf6f

SHA256
61af7315aebcf5d938692ca010e4e828b49df27d672303c06f3b88daf6f9ace2

SHA512
837e79a014d8beef5c0d2c043efbb34eaa5a2c61d466a3d49921e731fbdd4a96810d5f43638f74bd77b1e6e74f96634064a9b535b5968a4641abe6206f0a1fb9

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/e5d1b3bbe87497953ec6b0e14b3d7c88.1.tmp (deleted)

Filesize
10KB

MD5
f5c2f8575e6d365985dc895fdb1bc75f

SHA1
f28165d32a305c4303c63d3653137af3b2ebb3cc

SHA256
ad2b99576ef98570219aebefc0c7e4cbee3399f5467276660c7091733a4ff16a

SHA512
cfa0c84511bb30d2905f592c96756e18e761c861672f580cfaa5e174221629c5ab37635531a21a778c8b477c8049ea4c5837ab143b2fb03cc091f6b39bebdca3

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/journal

Filesize
480B

MD5
9641813eb6f6902c4961302fa2346604

SHA1
a035a9053d9a92d25668a0cd0f8030f48d01260f

SHA256
5c842502f14ed100a4854aba91215ca80f6e8ffec43079d7e684090dad1f3fcc

SHA512
8582b4c469ab65ab8a2f5567284671272bdddeedb0c10961d0351369b0eb6d835c05842f5ca7d9297bf3221443aa43bbdb30fa61fd1c96e712642f38729f729c

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe/cache/picasso/journal.tmp (deleted)

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
12KB

MD5
bdf3529e80318eb14e53a5bf3720c10d

SHA1
25c9ace4b1af6e80ebb2572345972c56505969ba

SHA256
bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b

SHA512
48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

Download Submit