0f20b4a9207324ab17c8935cbff4d86e5912e058d1e0caced636427a8696ab45

Analysis

max time kernel
8s
max time network
134s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
29-08-2024 10:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

add6150ac7379b57ac72d97afeb75c7d.apk
Size

14.8MB
MD5

add6150ac7379b57ac72d97afeb75c7d
SHA1

885db03db68a51c10ad45e3fbcdeed9251918957
SHA256

0f20b4a9207324ab17c8935cbff4d86e5912e058d1e0caced636427a8696ab45
SHA512

404d141bde662daa0c20d83baa517122b9a987f9a95c02f8f0be8320a3c3ed8c1fe58dd8923cdaa5903b373e267c25bb2e82188718e1040dd491c15c65cb6a17
SSDEEP

393216:GiT2xVikSMGYOpmD98dLKKtborzTN5sPi:VKxU6Op1ZEz7

Score

4^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.playrix.donow

com.playrix.donow
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4318

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.playrix.donow/files/profileInstalled

Filesize
24B

MD5
9027ca0cc5566f0ead41aa6b4922e9cd

SHA1
39e7a3da70734f1dc4e2253d949865bb1a04d19c

SHA256
774bcc09d9abdc623e07fcc05befb1f47ecc788030b5f3831d2deaaf9e630b14

SHA512
f17bdd759059b3c3fb83e0bca84c44470e8e77f911480f1026460165d6a819d4d14c07d14ae138eb0890bd79efe4d8f16a19f1fb7ffeedcac967c7550aa1bdae

Download Submit
/data/data/com.playrix.donow/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
95db1d673e78ea18e230e8c984cedaec

SHA1
fee7c1b55495461e07d696791613155e75bb3626

SHA256
317f09a2940232f1d41fd8976bc4a755fcbe2fc686ebfe2d6b23bedd5a245364

SHA512
77e5fa20584c42f3ec25d429cfb00d07d69b6a10a563b10da380cff2d31224dc7d42041c2d1d8f31b1b5c946006c3751eea3903144e49026a9793bca12526e89

Download Submit
/data/misc/profiles/cur/0/com.playrix.donow/primary.prof

Filesize
2KB

MD5
9539eefa6573c0887cce14862efe166a

SHA1
186736407ba688eb172c9baf656f6bcf2e0acadb

SHA256
71163417995c6dddfc8b6c267caf5351507ad85514e4c218d02c05adedf0d74d

SHA512
1afa128fc8d35eacdcf0b9ee24458dde82c1ea4a12e4e6999ca4fd2278dfc230e863783b92de1708eb8725b45276e15390e824a6a8b6fafc2a1275943ae8c60c

Download Submit