c1a3932fcfab6a27b4da47f54ded6039cc1d258b32be8b3d13b94b4f8331469c

Analysis

max time kernel
25s
max time network
159s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
02-09-2024 09:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0e30948b3327a093bd7b35a10f65bc1f03a9b8d1d3e242dd6b5726e9136aaff0.apk
Size

16.0MB
MD5

be5e2f074432526ef36156e82bb219cf
SHA1

6cf0b782485e77218710fa024f1c11f122d84f60
SHA256

0e30948b3327a093bd7b35a10f65bc1f03a9b8d1d3e242dd6b5726e9136aaff0
SHA512

84633c70391513b388cdaf77634e0c6a60d270be121bfef6d94cbcc5f88e34a929659d13d2f05348e83f56c356be3eb9dc9fc44fbeca8cf6637cc19cba8af845
SSDEEP

393216:yf0YUtNuYwbvbaSafQ0Wejue+95sweOsjIYPaP:y9GNujbDaS4WeaeI5sqC8

Score

8^/10

discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

Processes:

com.apkpure.aegon

ioc	Process
/system/app/Superuser.apk	com.apkpure.aegon
/system/xbin/su	com.apkpure.aegon

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

evasion

System Checks

T1633.001

Processes:

com.apkpure.aegon

ioc	Process
/dev/socket/qemud	com.apkpure.aegon
/dev/qemu_pipe	com.apkpure.aegon

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

Processes:

com.apkpure.aegon

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.apkpure.aegon

Acquires the wake lock 1 IoCs

Processes:

com.apkpure.aegon

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.apkpure.aegon

Queries information about active data network 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.apkpure.aegon:accessibilitycom.apkpure.aegon

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.apkpure.aegon:accessibility
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.apkpure.aegon

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

Processes:

com.apkpure.aegon

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.apkpure.aegon

Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

com.apkpure.aegoncom.apkpure.aegon:accessibility

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.apkpure.aegon
Framework service call	android.app.IActivityManager.registerReceiver	com.apkpure.aegon:accessibility

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.apkpure.aegon

description	ioc	Process
File opened for read	/proc/cpuinfo	com.apkpure.aegon

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.apkpure.aegon

description	ioc	Process
File opened for read	/proc/meminfo	com.apkpure.aegon

com.apkpure.aegon
1⤵
- Checks if the Android device is rooted.
- Checks known Qemu pipes.
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4260

com.apkpure.aegon:accessibility
1⤵
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4454

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.apkpure.aegon/databases/StartApp-d6864f2502af7851

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.apkpure.aegon/databases/StartApp-d6864f2502af7851-journal

Filesize
512B

MD5
28ce5abd358852e053006df552de7031

SHA1
6d8b856161fc2e1f73ea621d209e8e36180d4c25

SHA256
9c5713b537c35a863b5d8cf94ade45be6e43bdbd38d183f7287149b116c0b3f6

SHA512
ce96aa251b8c24157c31f1f5ac862e4c2a70ee3dd6babe1723d64cf1a3b6407a01d75fb401205a66466ad0d2582325f63b1c9ddbaea3603feee9d12fa9017fb4

Download Submit
/data/data/com.apkpure.aegon/databases/StartApp-d6864f2502af7851-wal

Filesize
28KB

MD5
0caba84df1186e3ab2616bbdbdd174bc

SHA1
2c52cec74f63188924787590eca8d9b9a9a77d38

SHA256
873c3f1c0f046c5b3a0f9926494330d530e7901bc9740ded1d48fd93b63fcc40

SHA512
7d0dc73084df4e2a566a86f147a46255b94e5b3c2a0b3a43f6934a057ccc79ad98646fb4673d40883b83561a36ed2fe50722a7591efc4d1361e4ae9fec2e6930

Download Submit
/data/data/com.apkpure.aegon/databases/com.google.android.datatransport.events

Filesize
140KB

MD5
cb5b88cea3e1f9f8dc05c3935976b1d8

SHA1
159a897a9d18cb1ab651de94c7624b0b4da1de42

SHA256
aa51494b8de8cd426c93d3e37624551ee3985b843655028075c36e9c3d1f890a

SHA512
bbbad6f270e780466b87c0b9f9331546d29503b34f7c5be6fc4ec458f43ea24668dfdddd1da4e233ea632cd62440629ca314a39a9b7bbe60d32d972a0d825111

Download Submit
/data/data/com.apkpure.aegon/databases/com.google.android.datatransport.events-journal

Filesize
32KB

MD5
6900c85d637c048ebadc35beee25e32a

SHA1
e918e47cca33194aa41d322677806506eed79010

SHA256
0cb49c3c96463c274349047ba8efa1b90dfd7b2ee138f69fd940394f6a9dd00b

SHA512
9d456213ca21cba37ec5d019b20392994a5c12d4b7ece63a1e5017fd175b1efab6961d7dcc8e801f1f3adc8670a25034ad9b45aad82a6d02bb6b962f7b5f7bbe

Download Submit
/data/data/com.apkpure.aegon/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.apkpure.aegon/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
08f2460941ad9b611a6764b33c9ea275

SHA1
9500b83da07abca44f0307a390cc4d0b5b9c41d2

SHA256
fac946bafafa2ecc4e2023c595f9763fa3585280e4b24b90d0843a48d21799f8

SHA512
2baf4e8ec84bb32591a6881863f203da23eb66e31b7e2c1fb867b1407b81d85889e027e8d58ebfaecec17e6c307fb9cebe3dc0d6fea5bbe7280ea409cf6513e9

Download Submit
/data/data/com.apkpure.aegon/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
0f12db198c366bbcf8b6ae36968b76f4

SHA1
08c3a540a03e8f0113c2ab4754909dd40709d550

SHA256
29595c544184831b6994231bfd1ab1d23e4539ae5986bfe0ae0cc19b6bce4bc5

SHA512
85cead8bfe47853d7ebe14edb60372f5b7ff073c5d3ccfff76bfffdffa651d31cb193f8f021f4b02a34052ed11df0777d11be68e312707a6076818676f8b422b

Download Submit
/data/data/com.apkpure.aegon/databases/google_app_measurement_local.db

Filesize
16KB

MD5
894f4071d090fcff0f8eb755ddb6971a

SHA1
a119cbf026293e99631e0536c62e7c98bef47701

SHA256
1d08d7c5fe99bc31053c99e4e29d119729cfe7b8eaba423180b030c1d91b8318

SHA512
184b014bad613955d11d5b20562fd7c3516928d8c0e80cc560f4586099954fad8fca79258cb9048236844e07390950005bf14c9de030c45729b5aa6305fe780f

Download Submit
/data/data/com.apkpure.aegon/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.apkpure.aegon/databases/google_app_measurement_local.db

Filesize
16KB

MD5
afac8650faa04824014c18f682f5c76e

SHA1
ef3872ad14cfef155d89a6d91f25f5dfb4f14562

SHA256
854ad029e783504e1e2204e7c518ca5f3feb157c59320512c8cc817e89b53147

SHA512
36e6870e3be10ef974a57ba21e79b3d0c17ec16beb76089b1fa17d8d827a9b8986f695329241df229d3199894936c13bbb6713ad484017ba67d67fb6b86326f2

Download Submit
/data/data/com.apkpure.aegon/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
a86fdc693ed01ebc2018caf4ccd7ea01

SHA1
e5ac167057bcb81ec0c7f8b5fdc203a957c77e30

SHA256
bcdf1d18e2dd75792ff0e185f38992cd0f70fa1c413e41f702f69dac5e479ce8

SHA512
e34fac45941e635f55cc19d64769216e14775a5b23217b862cb58b3953ddc2b1c7390c7cf40a2975909cce0fd7602d4e9fe8973a5e5043fa747d29412d714485

Download Submit
/data/data/com.apkpure.aegon/databases/google_app_measurement_local.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.apkpure.aegon/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d06f6b90284647f534507237f71944fc

SHA1
56a94b162cbdcd570cca959634baa4428163e6c2

SHA256
f5748888353ba94e824960e0812fc814801fd48b204c5f360ee22d4a9dc32d3e

SHA512
592abe238fd8a9b698c99a07d70652f99bcb4a10eb8fa10d52b9b0a892e0a663bd4ed4d5f44a510c5460c8e9f12011a127b13217fbfe0ca95a22ad16b193c081

Download Submit
/data/data/com.apkpure.aegon/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
d1d650d13bc2b647d7e01d30fc5580d5

SHA1
bc9e96eb4b11b9a40a8a646e76b263e74e112a94

SHA256
a1ab06bf4ea50a7be3e3838e678772a9033c302c841a56aad1762aa349d0880c

SHA512
cce8633e0eab269fd1c9fcdb39ea3715e0e05a92c723736f1f682478fef324b0c82aab142211f2cdc516945826d5f9fcdcdb9922eaa79ccacf11e303216923da

Download Submit
/data/data/com.apkpure.aegon/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8dbedb0a11b701a58ce187a3380f0336

SHA1
72622a4747b7b4afbeb1b6a3277da3234b70851e

SHA256
92986086562010b00b68768e73fc294ef5b5e524338b7fa97078b498b4757d68

SHA512
e033e3cc02154bd157903bfedd2661389602221fba35840e9104d5ea593bc30bac9f5fed08646a5d3fcd4f2698dd1f3d9ae95a606bc86c87acaed41d0a8ebdb9

Download Submit
/data/data/com.apkpure.aegon/files/.com.google.firebase.crashlytics/66D58C8F02E7-0001-10A4-AC6B773867AFBeginSession.cls_temp

Filesize
16KB

MD5
f7a7e996d7411dc96c816dccc4988fbb

SHA1
60fe10f0aa016b0e5dbeedeffe359c9e8a772b95

SHA256
668b385ecb0c152c93cf2b6a04ed0ab999a86f728899aa571aae19bb7d735bdd

SHA512
438c1ca68a4c5856b380fe06e8adc71b0f08f1729d6126684fa69d9d47b3d1f63f79365d5069b81d626a7c84b4c6b1ed446abe95cd3a0ba408afc2fd53ed902a

Download Submit
/data/data/com.apkpure.aegon/files/.com.google.firebase.crashlytics/66D58C8F02E7-0001-10A4-AC6B773867AFSessionApp.cls_temp

Filesize
8KB

MD5
f415b25353d3abe95482987851922f75

SHA1
bf3c9b03beb0b5dc3ae9ac454d9d8b24e27d6190

SHA256
d0fed076c01b1e2091d54713bd07f7da295f87ca059f1d8a73719ab96b53f5be

SHA512
83518e15b1dcdc659f20dd36025a38ac6b67be7a23790290627eeaedf6600620d87300c456d68243bd3c00062ffa30423b87eaccdcf0acdf5785354f8a3ee5e1

Download Submit
/data/data/com.apkpure.aegon/files/.com.google.firebase.crashlytics/66D58C8F02E7-0001-10A4-AC6B773867AFSessionDevice.cls_temp

Filesize
48B

MD5
1259ecf4689f83376bf373856c23d57c

SHA1
19507a1426d938dd77930f194bd65779565f5982

SHA256
2861892e8f098662c173abcaf15b2480496b48dc1e96eb777cd6a3124dd63e17

SHA512
0ab328ff2fdbb8b4778315c9ad769b3205a29c39771162529bd5598a5e370468e75edb05b89cf0d6f3e18d226fa2bd19fb70e68fb59023a80fe49f8e3185b230

Download Submit
/data/data/com.apkpure.aegon/files/.com.google.firebase.crashlytics/66D58C8F02E7-0001-10A4-AC6B773867AFSessionOS.cls_temp

Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/com.apkpure.aegon/files/.com.google.firebase.crashlytics/report-persistence/sessions/66D58C8F02E7000110A4AC6B773867AF/report

Filesize
748B

MD5
f0826df59b85e65904bd2cb80a21d8d4

SHA1
d20d16ba6dd567595ba7bd36b9196a52b631ba1f

SHA256
5f4526a9d43ade4b84f3980021a674666a5fd2330459548b722629e44649eb9b

SHA512
e6789e21028f7cd0d4d3d9d4737fc119ebf0fa22e0ef843a220838f1afcbc26726c135d4ece7bcc2eb806d74d749e58263f4fb3c97d9294653c94fc1e9f0a27e

Download Submit
/data/data/com.apkpure.aegon/files/PersistedInstallation5512442447791944862tmp

Filesize
562B

MD5
b35682fb3f523e17c9aca449fcb715a2

SHA1
70b16f885407f4cdc2ff114a4f66d94770e7c644

SHA256
4db0623a3f7b84c982a7a1ee9d6151255b887b081ec43232a0aa27036d7a94d5

SHA512
4e9864ab29778a0507be4e69c368c0bbb0e33a61c4be06e69bc69ccffeacad6d77d808131575a9a573b6f15198e97c2d95ae318491a4309a49160d66a51cf020

Download Submit
/data/data/com.apkpure.aegon/files/PersistedInstallation896884828831513514tmp

Filesize
512B

MD5
a2b6f65f03d15406455adadfbc5c27bd

SHA1
1f50a11b1a77c6512ad02d9422d0c5cb4be67981

SHA256
800b4341b662800202ffe07a307b55f6141ddeafda76bfd65fe12f3bc5e27e2e

SHA512
c8999f5209023739550328aa88c7f3607e7704c6f68b6cb2e5ef97d14f9cc134b900590a6858bb9d015fffedf8523eeae98bf6390b58f6b7e12f5c62f21fda21

Download Submit
/data/data/com.apkpure.aegon/files/com.apkpure.aegon_c/commainw2c6c7m5i6an9.

Filesize
34KB

MD5
ab0c9232673a6b403333b9614be1a470

SHA1
8b1326f79e1df81388308f29bc96ad2f3ded2305

SHA256
11e8accb6253db7477766fd9dc5a36db812cf9df6976fdf61bac38545387f4d2

SHA512
b36dbc1aa9f99ceeb2edfa86f94614af7f58919efe6928db36fe826418a2001530e40192514b8c0cfbb4255cfb983a9fe6db7502ba6223a447e43a04791362f8

Download Submit