6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301

Analysis

max time kernel
6s
max time network
138s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
21/08/2024, 16:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301.apk
Size

9.2MB
MD5

b418a20ab90b3cc2b2b2af0796cca72d
SHA1

f4470d634188aaf77c9de4289518d0cfd57ff8d6
SHA256

6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301
SHA512

4ac6f7dc1efd2fb783041167fdd4fa44ab08024d969bf0e454a1b9928bc84e9143186942b5444cac3b358bd91fb79bf2e6f45781ae5f9030c5a3e810a56d2d34
SSDEEP

196608:jTKwgo6QnjgJVrVgeNBJhoXHst9pHxp4sa5dBLiDlUc:nHgo9jgJVOeNBJQUj4sW+p

Score

6^/10

discovery execution persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.iut.moraba

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	ir.iut.moraba

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	ir.iut.moraba

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	ir.iut.moraba

ir.iut.moraba
1⤵
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
PID:4946

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/b7feb02a-270a-4673-be1c-0df4b9882b3a.jobs

Filesize
176B

MD5
f56f328eea1d5c96a1b96dbbf59488df

SHA1
440c784cacff61932e2f61580b7cfdc3a4943c95

SHA256
90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918

SHA512
36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

Download Submit
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/cd76d627-30a2-4cef-8e9a-8faef212d27f.jobs

Filesize
179B

MD5
ac58f99a1b179d71e8621412ad31c6a1

SHA1
b51fdad95876f5615735c2ab411031ff67d5e946

SHA256
9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb

SHA512
faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

Download Submit
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/ed6f897f-28bd-42b0-93f0-f173e815915f.jobs

Filesize
278B

MD5
7ce9ad29540471e7a01e1273dae62d36

SHA1
760a5bec5198116c9da32d39a0395a33eafa1a3d

SHA256
b08e00879c15d60de812232e9b3d0e06d9193f38f210dd9d6a8c0808d1f56b6b

SHA512
f6ac706aa11f4606b9df2fb2d8f059dd1cc682de0efd9ec7b5ab221f19b20fa0e15ad507801f35dfe5bae0436cede25ad69d353c6fffe3b2cd968c0bcb7d8dd8

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db

Filesize
24KB

MD5
2a9aaf4ec103e3e5e54157776f42895b

SHA1
13b3ce5b21b1abe4b0c5681ccb8306b152ab2974

SHA256
f3ef6ef0f7c7eab7a527da2448044eb5ebcbf032db75d2820a4ed4b1f22a4f46

SHA512
62c544832e4244abb7c8bf38cfa3f6990ba4254e03ade5f20c4e66c391b03056d6c935027daced31de6d1c05dcedb36251a164abdaa106e2f61e50a2b28f275e

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
8e3ea5e5f7fe003b9340600640613ab9

SHA1
b3162ed0dc22431f4b31f203e0351438122c9d95

SHA256
2ba97949f1ef1bbd0de26ca002b28209df5a9c4a72652ebdf1e0eb9bf91ce6cb

SHA512
82c9dcfa76329e4893d7de0cc58846caca528b3000940c1fab7f32e9fe0f02ad6f293786f2910de66e7640384077ca39d95ba2dfb2a77bdcb4db43df618747c6

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
970513e9ad5c486f80736a5a613d5ab2

SHA1
2bc0a4f59c2f3c31ac25f5a9b6c92fe75e404b05

SHA256
5e1d4d2728340747aa7709b04868d3386385eacf0e614102db7c260d7aee7ca8

SHA512
021b481fdd46f8ef831cff53dc6210cb28302c400752e54f0c1464dbb9336c8c9a2859c9b43ff4c800a9ed65eac3892cdfca76172751d4d213da51532db2536b

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
cd39445a2a9eea269e6ece24edcd2908

SHA1
892d84585e2ca2bd6cf41508efe275b54e846855

SHA256
bf873b62e4dec77beaf96033ef782395bef7b0b65614290379f0c46a0973a0c2

SHA512
4fed5d140ce0e9dd3b2aca2fd2c4bf1ad1e181fce9dbe45b99347925563edbbeb57c48f5a5c40cd43922258947ae70b759043048679f7affe7a79dd24d136bcb

Download Submit
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
59c21ea19a3000c42576eb2654488e8c

SHA1
8a764e6929c3902da987cfb2b03c3d74d1ef833c

SHA256
ac3eae566a2eee372ee5529dc0e11b0ae7c62126f2ebf9e0407f706765f11456

SHA512
d75bd237b599acc54a3fb293b84d8ef797aacc9e341b72c3511a764cb7e1d0f199d423a0e508e5e728aaabc66b595a08e426627c69713511f91398c4ce2650d8

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
3fc1195962c34ce55bab09c074cf5c87

SHA1
982e95873edb83cb99d64e6fac3913def1294a88

SHA256
6cd0ab8adb61817a4b1103c83826d07f28ef741231d781d5cf376c00e509b32d

SHA512
b41ddb5aa66b0fbeb89f8f0a6f3cdb90969e46a74ec51fff726397fa4bc23f57d13ba4483b515db054bfa7f67b3c1c00f7fa13ef576e4a1493045569f2d620e9

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
8a19df91e67b3fe98c38221024506215

SHA1
64d2efacb82585d25826734ecfc46f0760ef07c9

SHA256
6200cf14b78cd2a083a8fff7574ff3d8834efbee6351bbda8004b0bc33079e54

SHA512
e61579e94c20959a98862a670d0f3798c1a23c6c210b90e9b492577cdea07d79f153d4a40c07162182981d8f1ee7360774c7529251e265804f8b933a36730d8a

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb

Filesize
24KB

MD5
259a1e4e7ebc4b0d0341ffcf0c3bc2ea

SHA1
9b8da5a0b24833a3e84567d9d8ee0d2f54d7b48c

SHA256
4f4987ac3d84abad3490459fa7a32b7bfadaae5f329e15dcff36e07d34faaeb1

SHA512
dc1296e2b0b18dd83a3782acb700e155ea9a60ef193bfa8c98999e7cc3c5b73a97c20a974cc956ab438aeeba812ec2d2f401fb2e714bb9bb5fb421fa4b7a2313

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
512B

MD5
1ca3b468208175b820301fd8b58e06b5

SHA1
9dadd1e5a01d861a3bbe713266f338f90e19b433

SHA256
ed498212df3b4a28cffd82a6fd2779a24f8d70afcaae9b9ea116095cd3687b38

SHA512
f0e58db553925ebb97e002d962b27464ca40b163a3af9f51280e40781bf26a5ba99f737f8467f3de4d65c4a71a5a8f1f7624703612e83a1f337a1aee0c853266

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
e8eb44a2390762cf3afc6644570ca8b3

SHA1
3a68b1a94541efc6fe356ae17ccc93f9615f5f4d

SHA256
2b6cacc1e9f038af50eae25dba8c834c803467cff9c7667a799571fe51323ae3

SHA512
6a5bd8ed4c5010bec26897a48ad09454f8bbb5666db448519a6244bec8209786d81c68adfba8b4e5768e5987e8561c7775547e7f16f873157e670a94f21db5f3

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
298ff4b9f4483189e781e8851f6ea647

SHA1
968a9df9bc09019115d4bddab2308631c2fb345e

SHA256
b2a8a58684e0cec441a3691ab418532ccadd0dfdd1c8fb5617c54bba81b1a77a

SHA512
3c3f22f912fdd0471cb73ad5412463403e33779ec27358dcfebaca2897994bccc53046daf326e364d919bf22bc867745e765100f9b89446bfd0f6dd2cf6e8c9b

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
6abe63141b407edcf813f5e4392166a8

SHA1
f76a264c93b105d2e29c1d09b3c86bf5d8255ccf

SHA256
425606731dd45314955459031d319372ca3bb506608579373ca4516849cf5e61

SHA512
91bc27694209390d3276d1e9b696b494e138620f41a70dcb0c0b57540fe98994a31976a8ab92aaad80ee345e191a69e61fbcadb40a53e82253666559097b2a89

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
12KB

MD5
7f33f17404489d1d425510d95cace95a

SHA1
fa22a2f92032cf25f6ddd28533e983598d3a94c6

SHA256
fc4e4c78683ca2fbbe0e2cb4033b9a97eb3953df40e9f87da7a9cc0790677cfe

SHA512
bb4a3cbe28c2d5378c3585e1c35cc3b33b75554691d0c9bb0c59f1b282fdc808e2d00b58075d253c1ee29073c3e9f922877c8e3a23878bad573b25b8fe64a883

Download Submit
/data/data/ir.iut.moraba/databases/cheshdb-journal

Filesize
12KB

MD5
3761aa4e7ab7646bee94655d04539e8e

SHA1
271b46615cecd0ccc67cd848ffc768d8e1467d0b

SHA256
1f7f3f714a07b100ca5e5bb35f07c31096a9356213e8b9196839db69a078da03

SHA512
d69d8155a10503e0847ebaac7dd01f5d26c890710c58b89dd6d6a0d625ccc44037e1444d2627e3e881058e2336eee9cb9b14f68444f25405ab63eb89a6181957

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager

Filesize
28KB

MD5
4adb7a83903a01e4bc957df50590782b

SHA1
4e35b4e34baf2a9c7a7509acbf46802ce1c052b5

SHA256
52109b2a4b4395f5c201a57f25f043d95e4fab7ec7708f0e197a7a97ddbe2039

SHA512
3c5849e5471821de9940154a045cde13b0373b93fd0f0d682d64c7e538552cadf48e5d15da5ae2ff1a8fe87f7e55d758a4a4bcbcb4d06bd34e8862be619bca32

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
20KB

MD5
0be5736abdebe49d44125ef157844cb4

SHA1
c0b301c02fd90a9c70ec776f5057f026deaeffb0

SHA256
39990a989fbdb3e804a3e1203b86335b66680f82c0cc4ac7e4c2941328e887f6

SHA512
dfc7e4d78cd1f9eedbe56cf03162ea75188774b7f5caba33236934e60c4c4a23f8e32de57d940a71258fb8189f4012f238aef884be0b8fcd2e69025ce4226d76

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
512B

MD5
0ccd099b95526a580e7d396040ddc9c5

SHA1
3f1a783f79aa7a057a2448643646d2ff5527cb3e

SHA256
7f94dc49caba4944051e8c629d6f18ac25178ebb1b1f3776e8d1ef3d4e89e0fd

SHA512
cf6814fcd89525c54549834897fb837a4e8d90e4f4ff4411ddd02d1becf5fea98f5bc25b9b6234b356f8cf47311f5a7906c7631fa496ee6867562c1fe3cc5f47

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
8KB

MD5
41b78f40233aa6eb938bc665c1ca4f6a

SHA1
fb805fa4930e4be91ce7b8d8f096822cefb313d8

SHA256
1fe0153f6be1aba89aec4d1b0d4710d13c3e5966966e19e4b2049f82bc0c93f1

SHA512
9bcfa6ca5c1939931f780413aac6d5721a05b19fa84b880047f37f707b40a062758d9484cfbe038ff716046acd899dba8d6eec8453e439b9fbe8fefb78d5c9dd

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
8KB

MD5
b5f7e2b9f1c5804229d0f6f1d5802e71

SHA1
8b7c850dcbb8b4d8dd98263ca64a4ff0d9a141e1

SHA256
1976e16e124c73736060d3e4065657a176ef7601039748cbef545bdcfeef4de5

SHA512
07db0e13fc963e02c28dac96beb1e39447b2f419900d956a051ffbef77b0ae12123984261614f3b44b913559526e1d95d098ac616e606a1d40357eb0518e29f2

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
12KB

MD5
6fdfc5e9413cbb20680a64788ae91e19

SHA1
7e77d807e94fb23f694c502d68c63ec80c41add2

SHA256
e901a12e50ce13129aa6ddc0749888a7ac67eb7e270e4bffdef034ed5ab40a76

SHA512
96e5e300c63fd1af185156eb73c536ebbbcfcaa6abb87849b3a12ace8fdcabdb4d3e2bbee747d0ddc0a974438f25221c613d8fbbf16441f3fec71ed3da3b08fc

Download Submit
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
20KB

MD5
e095a1fa3573c338dd03da898009abe2

SHA1
65371feda3c0e4a904c669edb616f5fa5e4a0b00

SHA256
94bcbc9f735dcf50ef66e7fd54f150d7b429c628859de78c5887839184a82065

SHA512
a2d704547e5fe4d21dc30d6f382fbaba69e3ed102d11d4f8566dfe282c30bfd20f6b4675acfb4a23fdddea6d0f462fa86630c407898c34f0986696ecac7c04b4

Download Submit
/data/data/ir.iut.moraba/files/db.db

Filesize
179KB

MD5
f81ac1486079e47d6690d9ba9ae56f95

SHA1
31f20b027a77bb751d29382de19c68aa497356f8

SHA256
65a3e8d4142077b80aa203ef5028ed78c6d3ea10a25076f4f2376c62918422cd

SHA512
16c9086e9f0901f15987ce1257a81847cfb1172109aa4b488c8fd62959e2e44dd96eb9431bd1e7aee7c785c75467283f3a0d700c8ecd02b5a040373638084425

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads