Analysis
-
max time kernel
61s -
max time network
70s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
23-08-2024 20:16
Static task
static1
Behavioral task
behavioral1
Sample
03122ade6371753933299d563bf26bcce3e54c1b467465bbf7a49dc9a6c13777.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
03122ade6371753933299d563bf26bcce3e54c1b467465bbf7a49dc9a6c13777.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
03122ade6371753933299d563bf26bcce3e54c1b467465bbf7a49dc9a6c13777.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
03122ade6371753933299d563bf26bcce3e54c1b467465bbf7a49dc9a6c13777.apk
-
Size
4.9MB
-
MD5
9cb79abaac5dfa0af418aa8e34e24688
-
SHA1
d51b34ca2dd411476407110d9a6d15028114db7a
-
SHA256
03122ade6371753933299d563bf26bcce3e54c1b467465bbf7a49dc9a6c13777
-
SHA512
7d54eeb26be548f9900e576dfb3ef837b1fcb793c52dbc497a1b58ed6b22d5deb937ded093a03c346cc8d7a57b640faed35c6741100660079fe55f757bd16938
-
SSDEEP
98304:fqiOhIdq+mLHNcF1B3G5jeoi2So5aZw5IT8GUZ:SzhIdq5HNcB3G5jeo7SHZNA
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
ioc Process /system/app/Superuser.apk com.makinggames.worldtv -
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.makinggames.worldtv/cache/1582435991586.jar 4452 com.makinggames.worldtv -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.makinggames.worldtv -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.makinggames.worldtv -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.makinggames.worldtv -
Reads information about phone network operator. 1 TTPs
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
description ioc Process Framework API call android.hardware.SensorManager.registerListener com.makinggames.worldtv -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.makinggames.worldtv -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.makinggames.worldtv -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.makinggames.worldtv
Processes
-
com.makinggames.worldtv1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about active data network
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4452
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56
-
Filesize
823B
MD5ed6c90a5cc357e1f6c72fc3b4d34eedf
SHA1445413777eb6d225435ce95513b9fe0cd3b42789
SHA256b4ffcc2815b804b64068ee72b93f8b82a7d7cb993c39a44ac24d2b8c21a630b2
SHA5122a21d795233ed68fdb93c075173e48dc19353fd065dbdbf4ebc4061b9f39fb0b34557a90a4ff85f77134ba8216aac657967c46112ba544aea6bd493b75cee4ff
-
Filesize
823B
MD56cc363fe25c9ff55095148a8cf59ddb2
SHA1b6e28452afb245740ea77c2307cca976579ce938
SHA2569d60ae2a8ab58f19df06a52ff35b81938372f40c7887fdbfaa20fcf852c2ddfb
SHA5123e6d61ac1002ef631dad54661d2d62e5f85dfbbd11caa12dbcc1cdddefce8778f65373116177a8a3460443ee88fb8f631a2ab120e21836f13c9f55a2df46ca0c
-
Filesize
823B
MD56516b5a725b0d25bf6f0317dbc578252
SHA1faf2e018a6bafd335a8b7c21d65193e531f147c0
SHA2569278e8c02c9ccfa47b45171bcdea2b21e981228078d5772adb5486c502ec4691
SHA512e5bc0c77a2632ff5884d59436ac138c05776cbc9c17b198d4c7dfa0199a515b18630811da47a2950b5f3f1df1f2ba614536181c2b998aaaa12301e0362db8114
-
Filesize
823B
MD50fa53532777f05d0355b6177d57027ef
SHA18931699cd47cb3c33f4c6eb9f7531e046b78acc1
SHA2565423c0dfe14fcc190ed74e2a80c3caed3238075bc1e790356b18e0f95b641110
SHA512da8f417091aee6ad4b927eb1ebe38bbf4195949d004ae38547a3d1f5c43b32fd91da2f7d6966ed4a8256a7b823731379a669520ca0dff0e74e2a402baefbea1b
-
Filesize
20B
MD57029066c27ac6f5ef18d660d5741979a
SHA146c6643f07aa7f6bfe7118de926b86defc5087c4
SHA25659869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
SHA5127e8e93f4a89ce7fae011403e14a1d53544c6e6f6b6010d61129dc27937806d2b03802610d7999eab33a4c36b0f9e001d9d76001b8354087634c1aa9c740c536f
-
Filesize
528B
MD5ac416480fb058e2514ffd0a6c219851f
SHA14fe19dab56076cf901a74d9206cf42c2cbb516fa
SHA2566af410771a3ea6a744e7ef5dc229b205147586b2c36145a0e5ba858dde5159b6
SHA51278388ee94a25a30d28d98f8258d08c144ec854c6153bc6cae1a2140074c1dae8ea4c1bda9ea9c55b4ca3ca5506889c1a3754ee97a1aac3070857780ee5774d1b
-
Filesize
36B
MD537e8e716e0e2f4a0b05cd9571d95b84d
SHA1f8d068f6931707bddb8cd69f706f2224ad1fea3c
SHA2567080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca
SHA512e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6
-
Filesize
739B
MD5cca712be6950c36c39e72de769338759
SHA14c5635377c81e8d7d85365dab2ae5e47c559903c
SHA2562e4db25e624c1ae08c1c0f9f8c99d846caef72ee7953973c88e72f39f182c9a8
SHA512b8faecabed0e8ec46a57cf68ad3a489853d3bf41296831ca5d8d3d9843cb95bd7aee0daf8febc65ca34f1e37aa045b6424685fdc2c816ed9b6ea1a1bbb474360