557ed02e192458648b6c544df1b3c6e3dd16f1094bf9880997b87be44255e1a2

Analysis

max time kernel
179s
max time network
157s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
27-08-2024 22:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

557ed02e192458648b6c544df1b3c6e3dd16f1094bf9880997b87be44255e1a2.apk
Size

3.0MB
MD5

a622c65197086b0d7c28e42f19221820
SHA1

0d3193adb56050091cd38bc25e950e609ac0b001
SHA256

557ed02e192458648b6c544df1b3c6e3dd16f1094bf9880997b87be44255e1a2
SHA512

aae8b0dee7e263a9691c0abf6a6db19836b6bbe18eec446ad7f6724f0dea05d8cc4e5dc4470fe41ebf1eea9ba97797c9af326b6ee546505c510d5ec9065d5538
SSDEEP

49152:aUoGn0W1Y5WExu8phIY29dIaPgTevuA777737fympQb8jD6VOQCHxDzgRtUc3wJZ:50ftUc3wtu8

Score

7^/10

banker discovery execution persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.tikuve.aggregation

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.tikuve.aggregation
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

Scheduled Task/Job
T1603

Processes:

com.tikuve.aggregation

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.tikuve.aggregation

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.tikuve.aggregation

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.tikuve.aggregation

com.tikuve.aggregation
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
PID:4982

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.tikuve.aggregation/files/profileInstalled

Filesize
24B

MD5
0df06faac9d418669f217ba4b89b311e

SHA1
fe2a74520f3f4514dd060322e4be5aa40c7c30b3

SHA256
e25cbf19b079c7d409e4cde0626bc1da3f7a3a372c0f44832897f30a56a5fd7b

SHA512
535b2f5490cb5d3b609f167eb37e681f014d1b03194fb6638f4a48a1e5c85a159e89f0b0d1046cd3ad9ffa97472f9fb6cfcd6b2973c8086a4198e799361bb563

Download Submit
/data/data/com.tikuve.aggregation/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
f1b974d25c51b2732d2a442ae6ffbc16

SHA1
c8d66846d56d9c6418f8ea9f88e4571fccb29c73

SHA256
6120f0afce3eaf611811d704dac3d729bf61fd0250751fb012e101fb40bba1ee

SHA512
2faffbc073003515e66955464ab70197658f416106f5f8b373a9a527bac23d9c725f06adf8423c52a226fbcad13282495f2dfb9a5fa336dba15747b375edf753

Download Submit
/data/data/com.tikuve.aggregation/no_backup/androidx.work.workdb

Filesize
104KB

MD5
864760f88626fc009b664571215d1293

SHA1
55c71f8e02b1c4055385814d876f99229aa82ff4

SHA256
1a21e3bfbc32829e633ea76e03ee96deb07d5e00b691f0b17121b7889358b7f0

SHA512
3486aa67a2fd5264f242584c89e35e6f600251c39c2b636c529705e4db3812967f83adb2d66647d906cf7d101de29ce194a1484d0a4ecadf725190d7b97b7a3b

Download Submit
/data/data/com.tikuve.aggregation/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
a74968f5c0cab26fd29bac579cfaf664

SHA1
f69450a47b8dc38e3691e8c25dc128bf03b3799f

SHA256
717a948325563adba93fedb76c1a49b495df952ccc80a42565df931d1f0b9cd8

SHA512
82d192b5b86923b9d1a527b116e50645209779f535b2fa1ddf532f181dda5844e6765b1915915d5dc36475b4b032d049ed8bb392d9891bad13c1e6cd11b258bf

Download Submit
/data/data/com.tikuve.aggregation/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.tikuve.aggregation/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
b7f170f3b67b3cc70f6ee89d8d504f8e

SHA1
360bae2087f050ca3867168ce215fab4d9ba9620

SHA256
4893b3704a47b8b20c87c0e20f574f704468dc2eda77b0c79659156ec39abf9c

SHA512
9ccf54920330c64fbe13926bfa57b650565f78a6dc5b6528d9d962507e01d4944080381c6ecf9fddef5fc141617aac4d17c9dab9c2ebbc187a8d8ec0b0ef0982

Download Submit
/data/data/com.tikuve.aggregation/no_backup/androidx.work.workdb-wal

Filesize
116KB

MD5
d84eb1d97e09916880b34f24ec8991de

SHA1
287dd50413e7c0852e96d7b212c92667cb80531e

SHA256
5385f4b2ada2f8a431a5416c5adce4e5713f19ceb7d4cf12731f3aad4e09aa60

SHA512
904b3db68b68bccddb82de5b9de26969b0f943e67feff97278c2171c7a1298b5decc7f58ce86dbeb790990021e5315b97564d852d07a83dcc2a466583f2419e5

Download Submit
/data/data/com.tikuve.aggregation/no_backup/androidx.work.workdb-wal

Filesize
406KB

MD5
9bafc78a1c6ebf67d426dd916dec83d4

SHA1
e06e5a4340fb04f8db670b893099ad02a220893f

SHA256
d48e376db9e08b770b6cd8308ca00ece67147fe4ef4df03d533f94dc8aa89468

SHA512
909a8b81c52ba94b3c9273d1e96df930490d1bd447bcc1957b9905b22971aee564fcea36a23be8472e237b3abc5d4d3efd9395de869d1b38dec94c75458e9691

Download Submit
/data/misc/profiles/cur/0/com.tikuve.aggregation/primary.prof

Filesize
4KB

MD5
d0db03a067654259a0a6c0f0c7fc4a4d

SHA1
312cc618ad782e9df941c4c8b8d2de66dbc55172

SHA256
df51cbcfa9ab74d3927f6fd0239289ed01c72fbe121042802ae79ba97926cc2a

SHA512
4b142eae6fea5094dc93d4bcb59425f0c2942e7903c51e68c799f41f62b2dd1c480fd8f0d24c388069714e404747b6eb29dc2181f4bd2cd10ede41566fceb2e1

Download Submit
/data/misc/profiles/cur/0/com.tikuve.aggregation/primary.prof

Filesize
1KB

MD5
d42ce87c7b384629c77daf77eebc6c9a

SHA1
32c54262853a9e58ea0570f9d78fd4daca715653

SHA256
a87345ca406e2c20a814f04104b9ea3fbb43d04cd04930f51d1d1ba216ed0fbc

SHA512
1bda90d2b41f526f80da5c70f04577156aada9eaaf4a0e948b8573a26dfd39cc462bcc1bc64977bde36eb3d470cb4c4f1e55f333a93b93d865534865e26bb985

Download Submit