1f133ecd4c50c1d3622b09c147fe9b7ccae8f2ed08a20a5c2741e3237354aa7e

Analysis

max time kernel
7s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
27-08-2024 12:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6ffa89b4e2bfa275110c6823660f114c.apk
Size

14.6MB
MD5

6ffa89b4e2bfa275110c6823660f114c
SHA1

4f620de841b1c52f81b626508a33c070b9fad009
SHA256

1f133ecd4c50c1d3622b09c147fe9b7ccae8f2ed08a20a5c2741e3237354aa7e
SHA512

8e8ea3b1aba6608b5fb26687a876d94d88a83034f747d8cd83acef0dc17739cc4fa93dfbbc4b9cf75705dfaccc35c3d78342a49416be2a859e7aeba05405ab5b
SSDEEP

196608:oTjxDh6r5ltMcRcSQuYvFj3fboCQTJ+E2escyuRMb94xm0TrTZ99EVFdMSV:kxDhE5ltcRFjCJbtbYwzT3D98dLV

Score

4^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.playrix.donow

com.playrix.donow
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4268

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.playrix.donow/files/profileInstalled

Filesize
24B

MD5
6995dd543ece95bc1ee1335b397f06e6

SHA1
08413ac294bcfb0ac4ffc90c08d8d457809d7e6f

SHA256
8b300025400de48632411adca76d9b034ee8cca64e42273b7ee7f232363c42aa

SHA512
ad777ac653512634619c6e4bf8937d9c44f416d1177874e9ce96557d55ec009168a077487aa475de186175ad124d189e46e187859b69baf66078b7a8acf66b09

Download Submit
/data/data/com.playrix.donow/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
007ef8151a9b20daf9ec7fc9ea3be921

SHA1
d2a23f0ce04a4642ffd4233db0a1efa673ec4d9e

SHA256
65a88e063239a9ce4a9222d76c6cf3d807d9e66dba2054d08bf54a227c27d458

SHA512
2aecf21c69faa8cb765a008a58cda0961a9600f002b1ad2f0124105700dfe7375ef510a4833844edd09e33d8915010f9f76047978902f8ca8f9e5551cad29970

Download Submit
/data/misc/profiles/cur/0/com.playrix.donow/primary.prof

Filesize
2KB

MD5
9539eefa6573c0887cce14862efe166a

SHA1
186736407ba688eb172c9baf656f6bcf2e0acadb

SHA256
71163417995c6dddfc8b6c267caf5351507ad85514e4c218d02c05adedf0d74d

SHA512
1afa128fc8d35eacdcf0b9ee24458dde82c1ea4a12e4e6999ca4fd2278dfc230e863783b92de1708eb8725b45276e15390e824a6a8b6fafc2a1275943ae8c60c

Download Submit