707af85272a6b82812716f17210be4f0f3cdbbda5423a7b1547390df5a24a4f8

Analysis

max time kernel
47s
max time network
118s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
31-08-2024 14:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Y-TV PRO.apk
Size

8.5MB
MD5

5c898cdb727a2462fa19948e31d7b72a
SHA1

0dc9124efab4d7d54b274ee5bd6fbe6f77a0cd6a
SHA256

707af85272a6b82812716f17210be4f0f3cdbbda5423a7b1547390df5a24a4f8
SHA512

0eae47f5ac918d8dce762bf19cebb057f95c0bbe643e7e0fe9d198adf2cb8def46a43abea1d8bc4d8a5e05391c4f3577104acf134e9e25bed4bb8a3a3e90efac
SSDEEP

98304:NEpdPaLbNpb+muZlNBmfB0739zSE+DARwJXQ4TVtnQ72u5tMx6QURKHZT3W9ZymX:NYtaLPryLa0T9EDUwjKDMxo0DWAV5s

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

ver3.ycntivi.off.premium

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock ver3.ycntivi.off.premium
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

ver3.ycntivi.off.premium

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo ver3.ycntivi.off.premium
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

ver3.ycntivi.off.premium

description ioc process

Framework service call android.app.IActivityManager.registerReceiver ver3.ycntivi.off.premium

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	ver3.ycntivi.off.premium

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ver3.ycntivi.off.premium

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	ver3.ycntivi.off.premium

ver3.ycntivi.off.premium
1⤵
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4241

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ver3.ycntivi.off.premium/databases/androidx.work.workdb
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/ver3.ycntivi.off.premium/databases/androidx.work.workdb-journal
Filesize
512B

MD5
bf6c1bdd44ed762c999f2e549ccdd648

SHA1
427ee292f1cb50293430fcebe52318b86d39b060

SHA256
fba6447dd08016dbc9013f532018e156617c8dff71a3469149ab827f9bd58c98

SHA512
28062e61147eed2b2debadc4b20976b6a784a1b99987d602282c4d1cea008f1e27b0c226a11161d0377e1701528cf15beeddbfbc27ebe90d90c12370231b0ff6

Download Submit
/data/data/ver3.ycntivi.off.premium/databases/androidx.work.workdb-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/ver3.ycntivi.off.premium/databases/androidx.work.workdb-wal
Filesize
88KB

MD5
b949f993f688c3dfef468a2772093d02

SHA1
b6feefd864aaf6436bca6e91cb1c00a908853fc0

SHA256
1ea566850e9e4fe7a99d0b0a076d5fc46699fa0894ce2775af0d72090382310f

SHA512
b70290f2442ec3d0787f212354b2ad4167f3298ce4781baccee0e195da5c4c70e8cbad11cd9027b2ecd88bcebf3f9f2c112604c18d5b2eba5c66cadb07aa3c15

Download Submit
/data/data/ver3.ycntivi.off.premium/databases/androidx.work.workdb-wal
Filesize
16KB

MD5
3f543b989611f5c92b4639eab93e08ad

SHA1
bb9b9a24d43a3c0feb55d17da142499615215da7

SHA256
131fd92a1b679e5d93694864b984b4389d411ee7b12846a5d75e0ec533b83b81

SHA512
e7d230ca707ea527d9175063e61d9a0b36fb4078d9871b6e6f78d80e4f93e31ef85c2a09f22a065823430b9fc4b44c6e173217840481521a2716d330cfb45fea

Download Submit
/data/data/ver3.ycntivi.off.premium/databases/com.google.android.datatransport.events-journal
Filesize
512B

MD5
908ae0f01da2cb87e8d04222be302d91

SHA1
246a6cb94e4b4020a044360426e955daf40852d7

SHA256
2cd180f648cbf480e8b98f7fd0079313fd5fb47a8e6536beb6178360575c22a7

SHA512
f30719ac47c3c3c2dd4b60817be161211cf8e1874dbb6e7249b57048c091fedb4896cb1a06e48f5c1d91ee17d8aad2782e5052efd5850c77a7a9bd7b77956678

Download Submit
/data/data/ver3.ycntivi.off.premium/databases/com.google.android.datatransport.events-wal
Filesize
52KB

MD5
6c3c7ca316e7e501a61caa151db0681c

SHA1
904702c63cd14016ffb6833cb7acc70a639c3971

SHA256
71b1af27a6c4dcc4024a7d7a29ce99b5b62b88919a16b0e48487bd43a4755655

SHA512
de87abb6d0d02dd7a930c3f1c63b01563347fac52ae00be31323a1f8e719daa81846cdc8798ea2e3b6231ddb1086d0453cf1a96ac7a937fe1a81d2c26d111c38

Download Submit
/data/data/ver3.ycntivi.off.premium/databases/google_analytics_v4.db-journal
Filesize
512B

MD5
0eb7d67babf00770d4aaaabf41cbd654

SHA1
cd26cb5e320e98052a53378d7a088e1f953c3bd2

SHA256
266123d30cf6b1f589e623e6cc8383acb4c009c60c41ae2e415e08474f11345d

SHA512
08c5e11762e5b5b9fcddd6620be02248241bfe1999a6d19a1e10610b94e946c74fb1e04fabfca412ebbfe140f207c4ebb463cd7eb2393801f242472a13a5a50e

Download Submit
/data/data/ver3.ycntivi.off.premium/databases/google_analytics_v4.db-wal
Filesize
60KB

MD5
f512d74ef1fa6b89272f71fc70deff87

SHA1
d7e216ad085393c1544f43dd0389612ff825b39a

SHA256
c6827b541dd5cbfa8064801bd1cfee039ec161cf7f1c2fd4d635758d629668fd

SHA512
5ceec7f64df59199e5134621ef58b41253a804dc1fe328f7ec684f0f4e9657616dbe21780f12a8d7806d14db901257fd06e3dd617a1e6968bf74d909e73cc89f

Download Submit
/data/data/ver3.ycntivi.off.premium/files/PersistedInstallation1150927374899993374tmp
Filesize
569B

MD5
24252ae47b356f1dc476c1dd0f178401

SHA1
24965181ab2c1cb7cfb5b2c7b14a1369d590a8a1

SHA256
5a89a31c032107a8ec07e9207a6b27e8b183221c070eaaf85fd30903533e1b2c

SHA512
ccad299e8c0cbd4b447be3f05e00a097d42cd02686537f6fb7565f5f9fadd0fa4377201cab0a94d20f4cb84716e52f491d4bc77604047e3e08ce3b21d56f617a

Download Submit
/data/data/ver3.ycntivi.off.premium/files/PersistedInstallation4562135852657987514tmp
Filesize
90B

MD5
1676619fca513caff3e2161c5cf63795

SHA1
c91f51d3cbcd415f723025b28823b992c6ff4f7f

SHA256
a079817131269501c8bf0dd501317c5c65dbf5fe879f5814f48960d5e1216ad3

SHA512
2dcac5c99ae9ec17e5ebd28debd56015b6bb1ab6c8feb25e829f5ce86b5dc476360ed56d1e7dd7e02972ae693a0abf21949c9f9bf915a0e47cf877925c152bfe

Download Submit
/data/data/ver3.ycntivi.off.premium/files/gaClientId
Filesize
36B

MD5
350cc99d27c588c08919a6cb01f407db

SHA1
231b09647b0fa812070a6fe918898dcb6fe6aef6

SHA256
304794678b3c5d2e7261b32a1b318469a905e2d1f5e8fb63ac3c4e5f51ad2cbc

SHA512
f97a970428950ab6e10a44af73bced20c3af9132140e748ad3057fdaa3c62116ac7905eb2db3cdda12b10bb5abc7bed4f67b37ff83351e44c5fb14da3802a9d1

Download Submit