6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301

Analysis

max time kernel
6s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
21/08/2024, 16:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301.apk
Size

9.2MB
MD5

b418a20ab90b3cc2b2b2af0796cca72d
SHA1

f4470d634188aaf77c9de4289518d0cfd57ff8d6
SHA256

6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301
SHA512

4ac6f7dc1efd2fb783041167fdd4fa44ab08024d969bf0e454a1b9928bc84e9143186942b5444cac3b358bd91fb79bf2e6f45781ae5f9030c5a3e810a56d2d34
SSDEEP

196608:jTKwgo6QnjgJVrVgeNBJhoXHst9pHxp4sa5dBLiDlUc:nHgo9jgJVOeNBJQUj4sW+p

Score

6^/10

discovery execution persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.iut.moraba

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	ir.iut.moraba

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	ir.iut.moraba

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	ir.iut.moraba

ir.iut.moraba
1⤵
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
PID:4245

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/3f73925b-73c3-478c-ad12-28b09185a183.jobs

Filesize
176B

MD5
f56f328eea1d5c96a1b96dbbf59488df

SHA1
440c784cacff61932e2f61580b7cfdc3a4943c95

SHA256
90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918

SHA512
36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

Download Submit
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/44a9efb7-7135-431f-b47c-2f2da82904db.jobs

Filesize
179B

MD5
ac58f99a1b179d71e8621412ad31c6a1

SHA1
b51fdad95876f5615735c2ab411031ff67d5e946

SHA256
9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb

SHA512
faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

Download Submit
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/e3fbeaba-4fe6-40b7-b6e4-b14756dc5072.jobs

Filesize
278B

MD5
4e0f59e2baa480e4aa318e8652dba150

SHA1
cb65e09d1f1e7ce43e6262d29f5eed49b87d5d90

SHA256
46f5441168d102d1b4a5e3647a00c47cbf6bbabfc85a187e8882231347bce872

SHA512
4441b76559cea83ba558c4565e06c9cb79f812df003ca9808207a280b7f202ae1767b1c906c7231e3e98d9fd858571d02e60da8d1c9dae8f692b3e955a523c04

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
78c67715124360219eceb450c94615ed

SHA1
081a5926ad8143e7b54054581c4962ccb46b4174

SHA256
22e55e32037e568857ba1673fc1eab83f6253b5dd157f96cb50fffa604b189c7

SHA512
b5cf87527b49aff68290b9b372e8fd8aad7038357a5b9752c7bc4ed079061a0a5e6fc0469aecadf9c9a5c070d33b567252f9e99f36e8ab7151fd93833b0cb808

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-wal

Filesize
40KB

MD5
395f06ede51bba87c9b898b31cbfec87

SHA1
c3b6e0664fbd72baa85b5afc236ebab2917ab57a

SHA256
25e67d3b261f8c50a651e0e6fa9a74bf44c04009cf78b0ad44315ed39a1eafe5

SHA512
aff939e4ec215d3ffafbcb1cb477764f912c9aac80da9abd6946861f9fd9abf72a43c0a945e41564dcf960af49f36a98bdff6554a0c7a482358595a6a5aaa6ba

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
47ee28ec63a34730af62af94a50ff6dc

SHA1
9ba63824dc07674d9b49b7c5f2a311044eabb664

SHA256
449dfd1647852a4aade2872c5070a52adbb735e00d77093c7102a7a3c7928f1c

SHA512
f5c5987a7fe0b051bca8a1b61596203b3d71ef207aabb8a2338e2d162af60eee293f6de3ec00cf4ec8d3c2225934833ddd2602a9a795cf5ab563cf6a9b4a8f04

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
009b8d0e9e0c538909963b124670dd5a

SHA1
fad33834449102e3874862ed5245ecd169492d36

SHA256
641920e2251568f98e053fb1dc294754a35dd4bd7cdaa5a01d4eb82697fa5ead

SHA512
0aa2fc90f11fccecb330c7f228f75660dc242ffe20f254c300f4450919653fb9fb23ccb76dff4e000ef2098b4514072132f4b60a77c66fcd920956957439a6f9

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
24KB

MD5
1f347cea6a53594be878e35079bdabc4

SHA1
ae24631f83d3c875dd678040baafb5e64fc6ba6e

SHA256
46cc2cd48a3621ce276d0927dfaa0e367261e740d6c248c48fa48b25be769fd5

SHA512
6f09f140cda839271dcc15857faa5ec7fed65afabd0ed53164744e0b15c145b4fd0ae3f6ef0ad01cdf4eb612510f7f150ea72781740a9c6d67ed1075e5e026e9

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
512B

MD5
f5dd928c4316c59df8977c6f35c9b539

SHA1
c67536c2441b69b9ede5c10debd8a80182ea220f

SHA256
90e887b2a9b8f8c40b1bb777d73df6d80fec23c10b9e69687fad3c4ba88495c6

SHA512
14d6739e36ea0afcdd541f72d3497528513aaf0bace343a512451d52e1e9e131694844ee1682817b855c1f1a8d209516b0cbebb1cc45c34d8f08beedb3fc9ff8

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-wal

Filesize
8KB

MD5
c6124860213f688a1d3c539c774bb999

SHA1
cdb6e9e954e515c4a73a0886e8d1266e4d2bc5e0

SHA256
0625e0f77f95773398352001d21e58cc6f72950f9bbdbd4e4a24d0e8d1285366

SHA512
41303b4dd85593c759db7c5191ac8524941de5f542f896b6437cd7f734714f73ace2be28754804c70a3dea8a0a2a09c4153eba4aabfec43aed6e52d796997312

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-wal

Filesize
8KB

MD5
4aea63c3fcca79dd143ce7858637a3f6

SHA1
ef57316014582fa741e30b395cd407cfe316fe2f

SHA256
5f289ca878eef20b7b33b737305a2fc81a9a463a44687261313c9bb5fa3c10f9

SHA512
b0e01287481a2316096340de97d6c02b4a776083a95a5d2b415ac79a23503af4b6810fef8ce0414153c1fdbec57b94b0a1e7a1ba80d95076966d817ba5d245ad

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-wal

Filesize
8KB

MD5
9765f961023f71f1dd56c6c284aa2bbb

SHA1
c697a465e5d2b0ff82a54ff253c36b08b54d0259

SHA256
34601333affc40bdc51754c5afe0deed17a53d59a3b73acf689769aae085f531

SHA512
a1ae8376b57292babf209311cb730e8c25285e4f262b554c857110929e943f5e8c0c221e2a444ff0c1e4441f4867581f1eab0759d0ae8f1d7cb05562aad61be0

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-wal

Filesize
40KB

MD5
cd1d7804992e86b2a70830dbd57aeeb8

SHA1
309f05bd900f46772484fd1a0fab0eb3aa66c44d

SHA256
b549131e7a5147629bdecf6719f917dddd2d375d816d2819cd21bc0970b08f40

SHA512
f4c9d84a56416f7848b10cebf564a73b97d7178868f93a0201f620f4209c28277fd734f14078755ab9b30275e6bacb183a7dc427ec1179ffb01edab2ff1ea827

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
512B

MD5
553494ab62ab765de0fb8f80ef8d3795

SHA1
5e02baba7d94a2a3bcdb61ecd6a0409a612e4e4a

SHA256
55b3089f97c2e1a392acf100755c4cd177b2c65203d423c14e9b39b5b2841433

SHA512
f5c14e3c8104f21f686b2d1c41a1638946392130b4cf8e787eb04ae3780094a9196c9fb4404e56500198d2fb8bb56e8157a75e227e152dc4cd348a64c15235b8

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-wal

Filesize
136KB

MD5
f216071e998695c785a249c1d70240c7

SHA1
689b73224d423f8a9f82b21609d9d86b3d6a6fbf

SHA256
0381cd214a67b55f5e8b99ac78560f030632b56e2ded1e0ba2ffcb1ad25e583a

SHA512
22ab5d2a90ad9a1fceff84adfea065a65edef944ba5eaee77a5048f88c75ee97c7c80edd6f35248fa76af9bd2f8f12a8b7307f428be1519750edbecd08624108

Download Submit
/data/data/ir.iut.moraba/files/db.db

Filesize
179KB

MD5
f81ac1486079e47d6690d9ba9ae56f95

SHA1
31f20b027a77bb751d29382de19c68aa497356f8

SHA256
65a3e8d4142077b80aa203ef5028ed78c6d3ea10a25076f4f2376c62918422cd

SHA512
16c9086e9f0901f15987ce1257a81847cfb1172109aa4b488c8fd62959e2e44dd96eb9431bd1e7aee7c785c75467283f3a0d700c8ecd02b5a040373638084425

Download Submit
/data/data/ir.iut.moraba/files/db.db

Filesize
1024B

MD5
9bcdde6a06eb20885424874bea9f9a54

SHA1
41691d5b62a2a567bf71f734b6241a386a551d02

SHA256
40fccdbd1a66e073a36173ad2d48077ac3574017e76426caf1f6b5ac1cf3c103

SHA512
25e84a0d661dc51de551b153c40abd620d513535af7f3a8e954490a96e60201e93e289f4bb4497a37a472f183fdef164357438e3eac72c6b1f4fbc69b0de774b

Download Submit
/data/data/ir.iut.moraba/files/db.db-journal

Filesize
1KB

MD5
07e945fbc2c7ca0fd01c150527c30a16

SHA1
0a45b8293728d473df79aa7778a3bd4365cf4eac

SHA256
35f1f7608a0c1d31c156e9a483e383fdd0be447c1fd2360a7992b7dbbe5a3828

SHA512
27a76b219dc4cb14c2c18116f3ea312e7bdfde8306102da1bcc70cb08e10973a09708e5a451c6c4958e442a648695bcec3aadc09832aaff4f3daa6cc85253434

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads