Analysis

  • max time kernel
    122s
  • max time network
    178s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    26-08-2024 03:10

General

  • Target

    base.apk

  • Size

    2.7MB

  • MD5

    efa0b8a9cbd8ccce8c9280e9ad6efa5a

  • SHA1

    e458000efd9566888ca4a625c828bee0856b24fd

  • SHA256

    e6a7dee5d1d9e6a5182ec0dec4b0ecba4f4bd7f87df5f06901d6da40ba2de68a

  • SHA512

    2dc20efccab468d728bb5083f8e83af7a4e4068cbf80b0b13fbbbb30afd933779f77e7dc9ee52ceebc838a06345049ac6c72b2a500bb7a1e3043981fbf954dd9

  • SSDEEP

    49152:E/24gOIbEPSShDkkQOjEahfwvlmKuSscn2SbqLjFFko79sCUXF3X2xTcxIKpU:S322SaDkJOjFyvlmKFsMbEFFphAXF3X2

Malware Config

Signatures

Processes

  • com.Mad.api
    1⤵
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4250
    • /system/bin/sh /system/bin/settings put global sms_outgoing_check_max_count 10000
      2⤵
        PID:4299
        • cmd settings put global sms_outgoing_check_max_count 10000
          3⤵
            PID:4318
        • /system/bin/sh /system/bin/settings put global sms_outgoing_check_interval_ms 1000
          2⤵
            PID:4339
            • cmd settings put global sms_outgoing_check_interval_ms 1000
              3⤵
                PID:4358

          Network

          MITRE ATT&CK Mobile v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/data/com.Mad.api/cache/~test.test

            Filesize

            4B

            MD5

            098f6bcd4621d373cade4e832627b4f6

            SHA1

            a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

            SHA256

            9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

            SHA512

            ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db

            Filesize

            16KB

            MD5

            e5e39b698e7eccfb6fbc38f524602efa

            SHA1

            14ec1a5e350165ab82ae3d6df71686a51f4e9260

            SHA256

            696ee84b4d88f5564484d621e77849ad4e69684275932a0707683da4925edbf4

            SHA512

            3c31f1a09385c7e979e5b08ed8e6bb1522fb281fc560220b3589c3f9020181151f2e99fb742af3df8e2b1cada3cecf03ecffabd12910b218a8ca58a496038142

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db

            Filesize

            16KB

            MD5

            67f7beae2493a87790ede28cd902a240

            SHA1

            82ba2b70446a9d44f642bca9b7250fbbcf431b53

            SHA256

            fc0969e626cbcd128c2ecde9aa862c1540c3c24091adf1bf0db4c547d9b4f2fe

            SHA512

            727e694a28bb31bba561ca0bdd50fe61822c2dbb608b2ef8ef06c379f704b1100030c2778c4b2706c633214c5982150a111325404facc2da3b27e6c8d7668184

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db

            Filesize

            16KB

            MD5

            a2022f3f291573f6bd4e7e27ee7c04f7

            SHA1

            281901d043c7cb7d36177b6345dd670dac5090ae

            SHA256

            236027c5cf87f8e09ac75f1a49c59134c899606378cfa6bc29b90b45d67af084

            SHA512

            61c6222ecfc9a929b8c670bdcffc91b9f0bd481dcb8d7175d46f51795dfcc6adbeda1cf608ff36b232ece1c28413e7911be414527a29c9e6569faec662e6b116

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db

            Filesize

            16KB

            MD5

            0c3db515e62a2f13f4691176fb32dcef

            SHA1

            0f10be3fa6198911864723a68ded527315a2adfb

            SHA256

            432269a4fb76ee58bd7317acbb78b5dfc81482997b1a657dfc85303ae717ee42

            SHA512

            fcc447b2b3e34c2892189852c59ba17396652f2ddf939f34efe1c0f4614d39f670aaef9ca28d0bd09a22a1b20f78c71e3212a820b68e4d0241a1f55419785f36

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db

            Filesize

            16KB

            MD5

            3e881d9a01ca707bed38018ac69f4518

            SHA1

            5820f9351d7cc8082de6e5686eb9f8fedf6fb830

            SHA256

            4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

            SHA512

            8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db

            Filesize

            16KB

            MD5

            7237409e0640cfab7bdbd429bf821a3b

            SHA1

            4c3da934842f8d4835dfe2a9c275a300e5123309

            SHA256

            5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

            SHA512

            c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

            Filesize

            512B

            MD5

            4c620f895ac31b16f52f408a8b99fd81

            SHA1

            9defc4d498d141bd7c224d47677a7171c3c68be1

            SHA256

            5abccd1c2b37746cc39e37d6f42e8a7687561bc68bd0a03604adbfdbee706b57

            SHA512

            1f425b17518910ad85e37e56158fd0d59088e19d507f3614e467aef62df977c878488f90a5ef69250dbb8ec17ae8b33c3c9a207e392c8f9280327960ce33487a

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db-shm

            Filesize

            32KB

            MD5

            bb7df04e1b0a2570657527a7e108ae23

            SHA1

            5188431849b4613152fd7bdba6a3ff0a4fd6424b

            SHA256

            c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

            SHA512

            768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

            Filesize

            4KB

            MD5

            511db25d7eb0a327b7486fe3506d2530

            SHA1

            faea8dbcc835bec336800240ceb396a39631a1b5

            SHA256

            79fdfd9b6c7131ef2e5b9bff7d8c109c1673ec0f746fd0ba6faff2f5fa7143a7

            SHA512

            ac443fc4419636a4bb56249611f54bc3bc536ebc2e9bf2e9fa62227bcf3d4c33211657248a777da24f031370ed51e85b27f7443cfce7434b162ce493fea64078

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

            Filesize

            4KB

            MD5

            8a8de4cad5aea425972be9708792464a

            SHA1

            82d52b9e48d001ffb238ecdde09e679109d1043d

            SHA256

            fb950b3d8454d9e9e0d72b01524cc186e39b9b8a0d669495df36b0bb35c9deda

            SHA512

            e45ec88452a1d2f425ea79053cd54ebf189c0bcf53729d9f1f1c7154d9cbc1f72217d8778b00bf13d7ba637afa447d048680f547eb55d2ce601082db1c415908

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

            Filesize

            4KB

            MD5

            c4f046d7578ed61a27ec444d68b7b11f

            SHA1

            f63e212f9419a26a3714a129f9404d2a86539eb5

            SHA256

            92e6302b14b5181edc2fb912ceaee23f175260e9e419dcdfed52a55d56d7715a

            SHA512

            441fb2b5da98e7090380b82f16286f93433b86acb99f74b58985dd23436abad79567f35d82310ac36df236596e16b0441bf26d36231593dc6b2215c0958005ac

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

            Filesize

            4KB

            MD5

            dce00ef0a2a8ab655d17143ad33bafd8

            SHA1

            c47015d67d83c2ea63496860716585aad3f75366

            SHA256

            c0cfcc3a72fdd833c1edc554eeabedb7ae3fed01ca2d48f719b6f5ae5220d333

            SHA512

            a7c99cfaacd55e75f2b183c28c7321737f82d51bad3bdfa0bbd743b931c2264782ffce7f55f5f378a45ee8ae5b7d8c420a2e0d93f4445fdd98bb4c5c1fc90939

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

            Filesize

            36KB

            MD5

            bb2eef9e6695476924ef4053a934f4dc

            SHA1

            bace19ebfdb491a67c74e549589e69227aa49b87

            SHA256

            7df912d59acd4f3120a9edd7db9566154befa9880d1d44c443a6cd87ba2d5b66

            SHA512

            89fe307c78cdea27936b032bd8c4ab5a8850954db14280bb2b0bc281cf3a7f1d7bf160359e0aa84c4f36bf9c307476a7e605fef45399fb6fa06b93a8de83322a

          • /data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

            Filesize

            4KB

            MD5

            e0d3cda6db0101cffb0656e809a682f0

            SHA1

            b113cb53b4e0519bd660477ba3cf01d02509c9a7

            SHA256

            9ee3e73301678710de92c404aac01ed3a5bbee47821b2ae0562736f36b0b8ce1

            SHA512

            4b529d05d3a2130950d709f19a448eddbbca25d5423caa53970aa721d1bb514328844b152440ce7a01cb91710a6388c721c4e227dfb0da0f55a2e692879c01f1

          • /data/data/com.Mad.api/files/PersistedInstallation4224931582877625319tmp

            Filesize

            90B

            MD5

            6cde940a16caf5dc23cb6d3915458f7a

            SHA1

            f56fba807d2d488d9c2937ff44468b33070cc6a7

            SHA256

            9ddd649fbbc8e7b8f61b48e5e96f878908fa1ebc3317a5283e3dc726fe34c176

            SHA512

            547be177d61dec57c9d441908e26f2dc6ee6abf524783053b9972f29d2cc4764491b70bd20c78ebd269860644cf074d008fa420ff16f964ae0ebbe4bb3705006

          • /data/data/com.Mad.api/files/PersistedInstallation4743700110204123264tmp

            Filesize

            570B

            MD5

            89268f12e629fc64a348a2dd6ccc60b4

            SHA1

            a46f92a3fdcf5d0e5e6afc4a1ab2506ff4943077

            SHA256

            d8526766780deef37277ddf54591c686b0baed1a3e84b4eec2be35e4d429b8a4

            SHA512

            98e4534ef5f869421b5e5be9a93fdd127bf3531180e580e4ac856d403ac22741cbc63cfcbde47cf67ab483b037b6bd217b87342f75f2dd082d90d772c695f0e1

          • /data/data/com.Mad.api/files/starter.txt

            Filesize

            4B

            MD5

            b326b5062b2f0e69046810717534cb09

            SHA1

            5ffe533b830f08a0326348a9160afafc8ada44db

            SHA256

            b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

            SHA512

            9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de