c6213e451e4a23b7725143edd1c725aa748fd9eb32e33304b4f87d63c19e0504

Resubmissions

29/08/2024, 22:52

240829-2tw2yavhnb 10

29/08/2024, 06:19

240829-g3gcmaxeke 10

Analysis

max time kernel
2s
max time network
186s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
29/08/2024, 06:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

appα╕¢α╕Ñα╕¡α╕íα╕üα╕úα╕íα╕ùα╕╡α╣êα╕öα╕┤α╕Ö_DOL.apk
Size

11.9MB
MD5

2e6530985058179a8adf2bb1e729d516
SHA1

1ac24292df9fb97a07472281378ca460d3a419a0
SHA256

c6213e451e4a23b7725143edd1c725aa748fd9eb32e33304b4f87d63c19e0504
SHA512

99c9b1be06f063227d8c6e84056ada5d44284bcceafa22ff15895d1281f042b4d2452d0fcdc1ab4a5ac285c86d53c75182c95db83794685e1678dc3a64dfb3bb
SSDEEP

196608:laQ8jJjB6zkZHOmwZuXJi5J8qUN5+C8uBbXxm1B10wDQCr8wGj6yIkjF:la/NsSa38qUN5Dhg10w0wGj0A

Score

4^/10

impact persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	nrmahn.kwqzdrb.nahh

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	nrmahn.kwqzdrb.nahh

nrmahn.kwqzdrb.nahh
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4247

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact