Analysis
-
max time kernel
122s -
max time network
178s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
26-08-2024 03:10
Behavioral task
behavioral1
Sample
base.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
base.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
base.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
base.apk
-
Size
2.7MB
-
MD5
efa0b8a9cbd8ccce8c9280e9ad6efa5a
-
SHA1
e458000efd9566888ca4a625c828bee0856b24fd
-
SHA256
e6a7dee5d1d9e6a5182ec0dec4b0ecba4f4bd7f87df5f06901d6da40ba2de68a
-
SHA512
2dc20efccab468d728bb5083f8e83af7a4e4068cbf80b0b13fbbbb30afd933779f77e7dc9ee52ceebc838a06345049ac6c72b2a500bb7a1e3043981fbf954dd9
-
SSDEEP
49152:E/24gOIbEPSShDkkQOjEahfwvlmKuSscn2SbqLjFFko79sCUXF3X2xTcxIKpU:S322SaDkJOjFyvlmKFsMbEFFphAXF3X2
Malware Config
Signatures
-
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.Mad.api -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.Mad.api -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.Mad.api -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.Mad.api -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.Mad.api
Processes
-
com.Mad.api1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4250 -
/system/bin/sh /system/bin/settings put global sms_outgoing_check_max_count 100002⤵PID:4299
-
cmd settings put global sms_outgoing_check_max_count 100003⤵PID:4318
-
-
-
/system/bin/sh /system/bin/settings put global sms_outgoing_check_interval_ms 10002⤵PID:4339
-
cmd settings put global sms_outgoing_check_interval_ms 10003⤵PID:4358
-
-
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
16KB
MD5e5e39b698e7eccfb6fbc38f524602efa
SHA114ec1a5e350165ab82ae3d6df71686a51f4e9260
SHA256696ee84b4d88f5564484d621e77849ad4e69684275932a0707683da4925edbf4
SHA5123c31f1a09385c7e979e5b08ed8e6bb1522fb281fc560220b3589c3f9020181151f2e99fb742af3df8e2b1cada3cecf03ecffabd12910b218a8ca58a496038142
-
Filesize
16KB
MD567f7beae2493a87790ede28cd902a240
SHA182ba2b70446a9d44f642bca9b7250fbbcf431b53
SHA256fc0969e626cbcd128c2ecde9aa862c1540c3c24091adf1bf0db4c547d9b4f2fe
SHA512727e694a28bb31bba561ca0bdd50fe61822c2dbb608b2ef8ef06c379f704b1100030c2778c4b2706c633214c5982150a111325404facc2da3b27e6c8d7668184
-
Filesize
16KB
MD5a2022f3f291573f6bd4e7e27ee7c04f7
SHA1281901d043c7cb7d36177b6345dd670dac5090ae
SHA256236027c5cf87f8e09ac75f1a49c59134c899606378cfa6bc29b90b45d67af084
SHA51261c6222ecfc9a929b8c670bdcffc91b9f0bd481dcb8d7175d46f51795dfcc6adbeda1cf608ff36b232ece1c28413e7911be414527a29c9e6569faec662e6b116
-
Filesize
16KB
MD50c3db515e62a2f13f4691176fb32dcef
SHA10f10be3fa6198911864723a68ded527315a2adfb
SHA256432269a4fb76ee58bd7317acbb78b5dfc81482997b1a657dfc85303ae717ee42
SHA512fcc447b2b3e34c2892189852c59ba17396652f2ddf939f34efe1c0f4614d39f670aaef9ca28d0bd09a22a1b20f78c71e3212a820b68e4d0241a1f55419785f36
-
Filesize
16KB
MD53e881d9a01ca707bed38018ac69f4518
SHA15820f9351d7cc8082de6e5686eb9f8fedf6fb830
SHA2564a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c
SHA5128f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
512B
MD54c620f895ac31b16f52f408a8b99fd81
SHA19defc4d498d141bd7c224d47677a7171c3c68be1
SHA2565abccd1c2b37746cc39e37d6f42e8a7687561bc68bd0a03604adbfdbee706b57
SHA5121f425b17518910ad85e37e56158fd0d59088e19d507f3614e467aef62df977c878488f90a5ef69250dbb8ec17ae8b33c3c9a207e392c8f9280327960ce33487a
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
4KB
MD5511db25d7eb0a327b7486fe3506d2530
SHA1faea8dbcc835bec336800240ceb396a39631a1b5
SHA25679fdfd9b6c7131ef2e5b9bff7d8c109c1673ec0f746fd0ba6faff2f5fa7143a7
SHA512ac443fc4419636a4bb56249611f54bc3bc536ebc2e9bf2e9fa62227bcf3d4c33211657248a777da24f031370ed51e85b27f7443cfce7434b162ce493fea64078
-
Filesize
4KB
MD58a8de4cad5aea425972be9708792464a
SHA182d52b9e48d001ffb238ecdde09e679109d1043d
SHA256fb950b3d8454d9e9e0d72b01524cc186e39b9b8a0d669495df36b0bb35c9deda
SHA512e45ec88452a1d2f425ea79053cd54ebf189c0bcf53729d9f1f1c7154d9cbc1f72217d8778b00bf13d7ba637afa447d048680f547eb55d2ce601082db1c415908
-
Filesize
4KB
MD5c4f046d7578ed61a27ec444d68b7b11f
SHA1f63e212f9419a26a3714a129f9404d2a86539eb5
SHA25692e6302b14b5181edc2fb912ceaee23f175260e9e419dcdfed52a55d56d7715a
SHA512441fb2b5da98e7090380b82f16286f93433b86acb99f74b58985dd23436abad79567f35d82310ac36df236596e16b0441bf26d36231593dc6b2215c0958005ac
-
Filesize
4KB
MD5dce00ef0a2a8ab655d17143ad33bafd8
SHA1c47015d67d83c2ea63496860716585aad3f75366
SHA256c0cfcc3a72fdd833c1edc554eeabedb7ae3fed01ca2d48f719b6f5ae5220d333
SHA512a7c99cfaacd55e75f2b183c28c7321737f82d51bad3bdfa0bbd743b931c2264782ffce7f55f5f378a45ee8ae5b7d8c420a2e0d93f4445fdd98bb4c5c1fc90939
-
Filesize
36KB
MD5bb2eef9e6695476924ef4053a934f4dc
SHA1bace19ebfdb491a67c74e549589e69227aa49b87
SHA2567df912d59acd4f3120a9edd7db9566154befa9880d1d44c443a6cd87ba2d5b66
SHA51289fe307c78cdea27936b032bd8c4ab5a8850954db14280bb2b0bc281cf3a7f1d7bf160359e0aa84c4f36bf9c307476a7e605fef45399fb6fa06b93a8de83322a
-
Filesize
4KB
MD5e0d3cda6db0101cffb0656e809a682f0
SHA1b113cb53b4e0519bd660477ba3cf01d02509c9a7
SHA2569ee3e73301678710de92c404aac01ed3a5bbee47821b2ae0562736f36b0b8ce1
SHA5124b529d05d3a2130950d709f19a448eddbbca25d5423caa53970aa721d1bb514328844b152440ce7a01cb91710a6388c721c4e227dfb0da0f55a2e692879c01f1
-
Filesize
90B
MD56cde940a16caf5dc23cb6d3915458f7a
SHA1f56fba807d2d488d9c2937ff44468b33070cc6a7
SHA2569ddd649fbbc8e7b8f61b48e5e96f878908fa1ebc3317a5283e3dc726fe34c176
SHA512547be177d61dec57c9d441908e26f2dc6ee6abf524783053b9972f29d2cc4764491b70bd20c78ebd269860644cf074d008fa420ff16f964ae0ebbe4bb3705006
-
Filesize
570B
MD589268f12e629fc64a348a2dd6ccc60b4
SHA1a46f92a3fdcf5d0e5e6afc4a1ab2506ff4943077
SHA256d8526766780deef37277ddf54591c686b0baed1a3e84b4eec2be35e4d429b8a4
SHA51298e4534ef5f869421b5e5be9a93fdd127bf3531180e580e4ac856d403ac22741cbc63cfcbde47cf67ab483b037b6bd217b87342f75f2dd082d90d772c695f0e1
-
Filesize
4B
MD5b326b5062b2f0e69046810717534cb09
SHA15ffe533b830f08a0326348a9160afafc8ada44db
SHA256b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
SHA5129120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de