6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301

Analysis

max time kernel
5s
max time network
130s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
21/08/2024, 16:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301.apk
Size

9.2MB
MD5

b418a20ab90b3cc2b2b2af0796cca72d
SHA1

f4470d634188aaf77c9de4289518d0cfd57ff8d6
SHA256

6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301
SHA512

4ac6f7dc1efd2fb783041167fdd4fa44ab08024d969bf0e454a1b9928bc84e9143186942b5444cac3b358bd91fb79bf2e6f45781ae5f9030c5a3e810a56d2d34
SSDEEP

196608:jTKwgo6QnjgJVrVgeNBJhoXHst9pHxp4sa5dBLiDlUc:nHgo9jgJVOeNBJQUj4sW+p

Score

6^/10

discovery execution persistence

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.iut.moraba

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	ir.iut.moraba

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	ir.iut.moraba

ir.iut.moraba
1⤵
- Queries information about active data network
- Queries the mobile country code (MCC)
- Schedules tasks to execute at a specified time
PID:4612

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/133ebe6a-2d03-4dad-b87e-4130c73a4d9d.jobs

Filesize
176B

MD5
f56f328eea1d5c96a1b96dbbf59488df

SHA1
440c784cacff61932e2f61580b7cfdc3a4943c95

SHA256
90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918

SHA512
36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

Download Submit
/data/user/0/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/dcc25ca7-e215-4d7d-ad4e-b02c15fd030f.jobs

Filesize
179B

MD5
ac58f99a1b179d71e8621412ad31c6a1

SHA1
b51fdad95876f5615735c2ab411031ff67d5e946

SHA256
9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb

SHA512
faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b

Download Submit
/data/user/0/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/fbd8d2a2-877b-4f36-9752-ccbafcee067d.jobs

Filesize
278B

MD5
4ba9bd0616ace99ef9ba341e64cec034

SHA1
75e82cbd1d86b906635c2337bd8f49fa8134dc13

SHA256
63285c99ac73dd5d1f2d0e0f4addf726e57ac519fc9384e0d343df66aefcf398

SHA512
8d004d380babc87af6c3943b2752f54ec91c685c72b44a85efbc7848371ab739a97295395817fbdeaa740b5a3fa5e777a246b556ae9e2f9f63297d8c6d6bf9a6

Download Submit
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db

Filesize
24KB

MD5
c1ee557d813101ad80e1b9025e83edf5

SHA1
37e0da12354a6f58c2efe81efe851e741fc5a171

SHA256
337a064ac10d422bd89ae2f75b2c470161df84959b48898493b5f42ad76eefce

SHA512
5f5a8d2a5960edfffadfee2c129b7021e12286977af2f82feb4f427e24101ac8483649213cce60cb7b68c449f0e7efdbd474396ff4663f69efc37aeb545a5dde

Download Submit
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
512B

MD5
1b4f971b75107b599cc6faac124596a2

SHA1
d2c139454cb89e59bd36414cfd0500ddf74a7a7e

SHA256
2f1fbf53f51a614c3c5771892b0fbb24f196a7ed50d8ec8e42543cc7cd1a5be9

SHA512
53759eded0253b1b563ffcaad26788d40d4fd69f9ca11a216c528ab4fb68c50ddf42124bb611fc60ed4fdd2a552e2c4cca57827f30bc41f3cace36f0e735e4c8

Download Submit
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
291a4fd272168220ac2a03cb5686bd1d

SHA1
7648c9ceaff2c12d74fa93c5592ca63c85d78eb8

SHA256
764c0f806fd87c774e1ee53e500174f0b18361f2bf265da6dff06850e88bec9c

SHA512
9828bfd327f2b7a9c8c3e40460af7935984243426c772b12239022717bd2438a1962b2f6e928b598b55f89121b9a02645abce9d5a0eeb3f86c98f976accfd3e4

Download Submit
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
a40c2ae4e47fbecf372956cab1f3bb2d

SHA1
b211c733aadcaa525b529d917da54fd67b58f33a

SHA256
1387883975566018ef36b4bcf2f77f5559dcfc73e73c19482c29fe1eeef6a71a

SHA512
ed43a9246a554d23a61628e986ff21f17b28febda17e1d00000dcd43208390a5b1ff86e3324bdb2fbe292f622285d9486965812c75692227a2fb6c1f1cb50409

Download Submit
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
a46f7b47dcd73bb0011d93077784999b

SHA1
1a1b389ec3477688dc0da21bbf9aacf5385b587b

SHA256
7c8f540e56948eb6953b9d1e1ae96e9972f3f525dbefb0808171954a7866ba78

SHA512
59e056c13b8a1ef9bc8dca00dad0d367d9704797d1991965aadb06683081870e953ed38e7186b76006040b47899c18c3c5735539f322fb2ae3eb073a8b4725a5

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb

Filesize
24KB

MD5
0660d3ef5f0245096a9fa0f61d6a8666

SHA1
282222362a5a05e3153b7f6b49ef35c667b19542

SHA256
1091580378b83e0ab3222d05659ab9aef1d2c65d766d5e04735b628d7a760ba2

SHA512
18bbe88051278314b76611bd68156ce60a9c3af3818d39991fa58d28bd9bcb8476eb00ef52ad8ae7d16c1d7ffcd9f2e8a858e2fd806ae59b5d85a8c3a9ca12a7

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
aed974c0b4559caea3e0c44488022c10

SHA1
9c448bc0c11d4a702b480cd23e6cc8031f1f87b4

SHA256
b496721fb8336b180252a9cf8456c5ae9f7d75e57769bd158fc86ae80f25cbf3

SHA512
3670dff10ec744c98c101beb70166cb390dbc2bc7b1d4040da0805011bec87171e7cf1b91c92f49979d4a4ccb4caedd3fcbaaf28dd5c66189ee04941b4873fbb

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb

Filesize
20KB

MD5
93712663f80d829f6256ce6594a2516d

SHA1
baf3f74b45398911605c13b53f3f64c61e02b69e

SHA256
9f129de2dff0f9a357034e67706eb9f215cf03035103eb935a5052577a64544b

SHA512
995607e73cb89aa0db4067b64b2c7d28360177af319e63419afe84e681d183c0aebefb8850a2814665a79e3a0ee43f5a7cf316cc4c80aaf6ebc4217ad62a9f68

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
512B

MD5
3ea2eab2d6cb690b4a7a993debbdbd7a

SHA1
a97849ae9022bff173b77944e413d2a6217ba7f6

SHA256
293f7c51d586336f187602b79e7d815b695f0613568c6af767e756bf39a69241

SHA512
55d7c3e67d8029c66ef11414de14f3b46aa7bd56276c89fdce820a3ad4b57e4801938676748085dcca22d007bca1451a7821fb7bf15eb06be01e28710a7485be

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
c956b2e8933bf8e116db5e242be0e2a7

SHA1
e9083ec9ec5613f9a8ca8506d0ebd1ac20a5b107

SHA256
d08c71b317b7d2ee93688e1373563e439cd6a21303ad07ee5a1a4e7e3ba9d7d0

SHA512
a9585baab3d8744b67b51577689e875457799b2cdabca74b46f347c4bbb06185579df272058070870b3478148c68a5fb1a4fc70aee2143190a7ae21157eae50d

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
cb6213dfbaa066db6f5be0535793f2a5

SHA1
472343a8554ebaf47757dd5b0e8b0743353ec639

SHA256
e6a04a221c8b6edd8782821199494da10a63fd64b25aa2736f9fd87b49089908

SHA512
83c221473c12e6e8e3e2ef34fb5d8d4ec8a01959a1c6e7d56bf18e2f46336a6df01592e4f10554704c5c575c9144580fc38ce314ce50b325e55422dce1a8d164

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
8KB

MD5
db9c4f3caf0af10b051d576ce0533f24

SHA1
a3ef9d59167875f416651b2f75890047522a9d56

SHA256
f3709c2015434d7e1d23e1f1eb484780386f88d5203d6fa3bbfd2bf27996adc3

SHA512
da2223849266b744b3d6db91a097bcda30f4dce427b1217dc98b634bfe25fcc8234d54499e7b39043d7f80521d5ae678ad75f8f52be5ed3c096cb20da91c61f4

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
12KB

MD5
4ad491b6f38c2e5616bbc2c8c28b8959

SHA1
31eb96d6579493454df7f76f1c79e1c64c6617c2

SHA256
3bf3cbcade846a685cb440efab930d9ac144e08a5eab1b23ea539ba774f796fd

SHA512
a4be9a1a61f392332e3e031bb3b2542c213445e8296c005415c30bc535cc1c4336a87473db643f32ce3c149aadb45edc7a4f2b19397d4815054d102ba3dad9a4

Download Submit
/data/user/0/ir.iut.moraba/databases/cheshdb-journal

Filesize
12KB

MD5
94558c31d3dcfc5726b9908c231ef246

SHA1
366d2839cee75cdcd8de0eec7882709b6fd2a78f

SHA256
9cc04a14a8177017a498ac3819eb33b4dd09d459b6758df62e3bed6244805f43

SHA512
12b21f2fa3f77bbc2d14ee1c67dc336bcccc528283260fc65200e8131bbc2ab8d35fcd0fc6fd7e77726e9ed185d2840b44fc17310f95abfceefcf8a8458fe858

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager

Filesize
28KB

MD5
2c61c0b568e36fbb7836710dda8f12bf

SHA1
f30342b1660099203a4de891b7a14f3c262487f2

SHA256
62f936151d0b7ea2b25d73cf6833ab6d3d28e4e00d67c81a42aea24d3d85d37b

SHA512
e3a89fe075fb884defe27b335212dd5ef2339586a67dcf310dbdcdf6ffad88bfe4ce4e33a7898f1b5919214d8d863d0b5508d9c62951a81779a76a35dd0200e7

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
12KB

MD5
e1d373567e34735f4078b1407dff2f31

SHA1
a678b508d207cd7e3426d7623f5cc7d279b70fbd

SHA256
9dd46b3b05da80df1ee35557c88d3ea8c4adf73c66386d91ae9d937ed42834f8

SHA512
e785cee300ebacc7c1e1b89381480e7ec1172953c20788046dc484049d653d9b7e1ac206fcea7425fc425ba24eee37bbb8302b40cb067fcb82560f5f539453bc

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
20KB

MD5
b61b71fe8587f6e743cc5611416b7551

SHA1
6f84b900b4bc97de266d2394d6564179787b0520

SHA256
44d7264aa58562e146d8dc69e455ad97c3120b7ec139fa7edce297484870ba80

SHA512
b8d044bd07d607d3a816d23962b856d9087d45372f212584eedb8f7d16405c1da7cff5c0e86fcbb70d4b0f738edfed21d8768cae02e01253a98ddcb2a3195a0c

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
20KB

MD5
e07a510f781fba53badc5065c9810c50

SHA1
dc45a84af83cb6c440517c62c47bf78fe212aad0

SHA256
92e5e2b4d13d44fc51480eea58db3c3effffe5cb064903b535effa4223a44463

SHA512
c179bd4058ba0d2b79d6e8f062b4a294538f1babea77cef30799f5608851ea3fc84920beb59511ea0546aebcd707408d18a6df0962e4c18a94fc0f21ace94204

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
512B

MD5
7bfe818a66284c1717c8111d17ef1e48

SHA1
7fe477e74f25bbbefaa06492b151698b4dfcf88c

SHA256
416b985691e648043b11c4118b4088679f1d22b51800890bb755c9417cdeb698

SHA512
5a82089b6a0bb8f8f2889aa59dc7ef58ec74a53ed2b2941384019393130ddf0884222ea643033b4a50d5310737797bb18dcffd9f067618cbbd713772a73f4194

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
8KB

MD5
d0714610557cc2d55f82c6427826f657

SHA1
21eed319550179a806f155a77ff1647f258e3362

SHA256
3607aa7cf9e05195552a63a13a61666fc478c287d02f0bde89f92e6abbcde1db

SHA512
37591c7c748866831afcd35f326cf5dd79d013baf7a2b4de669ce08fcdc00773bb1b98cf29700bcc9955d6749f12fee19854b48b4dea8533333517dcea1e0e4c

Download Submit
/data/user/0/ir.iut.moraba/databases/db_default_job_manager-journal

Filesize
8KB

MD5
36dd4686c9a61ef4c580a04364f99814

SHA1
f32187300151d441e27a9a0d84e4ddb02c02ce74

SHA256
9f36fa750494b6a196861bfe5d8681dfb7f6df8071a2e43de11351b833b2abc4

SHA512
61ef961cc872de4894d1b8b28d951ef5d9603a27ccc3e655e0bf2b818cab23d6ae1bb95ce663ef87db3ff6c348e7a58eb4fca7605c9856aa1a0cce6b4cccb58a

Download Submit
/data/user/0/ir.iut.moraba/files/db.db

Filesize
179KB

MD5
f81ac1486079e47d6690d9ba9ae56f95

SHA1
31f20b027a77bb751d29382de19c68aa497356f8

SHA256
65a3e8d4142077b80aa203ef5028ed78c6d3ea10a25076f4f2376c62918422cd

SHA512
16c9086e9f0901f15987ce1257a81847cfb1172109aa4b488c8fd62959e2e44dd96eb9431bd1e7aee7c785c75467283f3a0d700c8ecd02b5a040373638084425

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads