Analysis

  • max time kernel
    54s
  • max time network
    153s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    03-09-2024 02:00

General

  • Target

    7b9ce40a5db59d489387d2f0cf3ef0a058b5a7cccb1dfeca54e4d1f30e46dd1c.apk

  • Size

    20.5MB

  • MD5

    f95cf2c20d492d6647885e8428d808cc

  • SHA1

    3ac3b2f7b6ef2adf78e3a35463d38c94bc0615fa

  • SHA256

    7b9ce40a5db59d489387d2f0cf3ef0a058b5a7cccb1dfeca54e4d1f30e46dd1c

  • SHA512

    3d5033bfa909468d92aad54eb5a308ffea9684471cc15810974a43e5c39e81558173774599b79d1d37fd7478516f8ba922d76035694764adb0f0a053636917c5

  • SSDEEP

    393216:Hq0sJA35z7A79L+BCZ1mbgafiubcYZzb/T9i/zVN2I+TX5RUKpPbNiRSKcsIJ6:HqbJA35z7c5JPmbBffcSzti/zVN2IkpQ

Malware Config

Signatures

Processes

  • fka.ugsonrqogw
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about the current Wi-Fi connection
    • Requests cell location
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    PID:4931

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    124KB

    MD5

    9cf7e03179a00e0097bb8292c310a7f8

    SHA1

    8046f1a0d32003f672b2da8ba6c7eb8f54ffcd17

    SHA256

    b428664066ed6496119d7ef35afee74fe8f5eb834939f9cacbf55804aa592438

    SHA512

    1d046cd7d5a96b0b4f0c5d218f97ebc850ea4a3385658ea4a9d36dc05363659d1dc53660f94d4d7d87794cfd60b94593f304e9011421d35f3f17296d28c28cb6

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    17f63c37caada1ab28321d8fd87c9192

    SHA1

    b8db806a61d7f1d1a8f540ef846c99f97a465504

    SHA256

    68fe7e9b45aa68a873f713ab0dc18f3f70e2499d251329b3bf61283f3e8177cf

    SHA512

    f1dd36b811190c9e55aa511e93cca280981e95f4561081ea20757867335ff7f6dc14f1bf60f8708afbff7fc9143d0730bcf32b844dbaeea1bbde2ddef7c4126f

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    c1c28a7c1f9903d6eb1e48ec8062c491

    SHA1

    b08cf0c7ebed81bc2bafa76c9fb12594d17c76b0

    SHA256

    cdd0ec55286574e25e7e0e4eaae7cdc9fd39b61a1af74491e043f32451db27c3

    SHA512

    9314fc1bece08f62ae1b97055f588c30a9e7773458c83a6037d1859716d5594374fcf30ba14dbb6d11da36c3023f84f3050bd8456a41c42eebcba46a58e05a70

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    c7df8b12ae08918473391ec9963a82ac

    SHA1

    a8d88701230102bd0657d582d2f83faade3c6462

    SHA256

    b1a5909a9e9b827d8c2440425b4a0d181db704ee5346e3475a9592da93cfdcd4

    SHA512

    05163ee4880420c26b29e7f161fb21dbd91ce17fb101319199a53c41d646afa4c7be3129e5b2220428f9b0468c10230ff95c3c24fa6a7678e690ec3a07b8af6c

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    5a89e59c8c08d5ff41762245e1180eb4

    SHA1

    830ae9909dcc89ccdfaab70e96e18304e0a1cc1a

    SHA256

    ee63158511acbcd24db231f0c7f0365be8d6edcd3d70455c63bf02c157ade363

    SHA512

    90609f1418af247c2db74dc6cee18b2c8fb11e7fa0e9d2d3542abcbcd632a9ed8a82fd288675fae782a182c71d1563379a5b79dc373740965d4e76f5fbf3452a

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    160KB

    MD5

    8cdcd14c72e86eb88f975c085ff24d79

    SHA1

    4be623c06ec4b8d4450fdd2a0c930aa048053cf5

    SHA256

    598bb73fa0f335dc4b34133d3d7cfe680b20ebff2534bf6e3aebbc0bd746a33c

    SHA512

    c9f237f72fe3b74934b275f852b1fd289585310023cc3be56b6f5685990c0c0e62ecb60ac250e9383bb3f8ad9724bf095b59846cecf78dba2c5afe53686ba5ef

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    d6c6a8806fd78a952f52aadd583421ff

    SHA1

    6eb5a371715b7503a7227d704d775256ed672f46

    SHA256

    4e5fe487e25b44a734bd29812d9bb0783d5d44c367fdab03b1672b692273556e

    SHA512

    a8389ad59897df6b9d8995444ada8cc4eec644ac2606d10d5300391a19df98e21879b16d4741056303ac0e11c6d7c798ed9c3cc72754ace4039b63e00f7fee50

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    c129bec333ffbda50fe30b4d4bea3577

    SHA1

    405f84908f26eae7c3399972ddffde2b06abe7cb

    SHA256

    627cbe45c3fb1727294d87f0de7a950eae62d0892262c2b0fcc79c0499cfd8f8

    SHA512

    adf1d63ec1a23e61f1d218b18f3ba522674b45d4d7b1599d40ae2eca7e2119163ee4694a131f0cb738ffaea65e9c342ecdb385ddbf6e20d02800de8c04fdde0b

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    4KB

    MD5

    f7b02dae6a01d73f65c6910c7cdea9e3

    SHA1

    3165c963d0fd4c752a04a8d1d5dd73adf1b56ac6

    SHA256

    0d7a6c7a1dbeb9eedf27ccb2144d3caf1ace954f6eded4cb05510b00be3d9520

    SHA512

    a6b9a1f82d8bcf318d00a6076469353f2cd274ec7a031647b7092bca9cbcf7b969fca29749e8e5812e453cc68be308a048df2e750597c60b4698e7d049d715b9

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    2c18d9b616def06257aba2847764a344

    SHA1

    e2995c32c437d9c71552ddcf2ae20239d1cf8cd0

    SHA256

    2409290e54bb8f1c9d3de60403b3a33ab905943028c6c8912e5911a5a4a33d90

    SHA512

    fddc919676a881782ab56c57839b434a6c31b819a2c6e02f3ee530370b6630e6987a4db35f6cc241c05948ba4c50c35debd0cebf531a5d40fedbda9b5a3825c8

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    12KB

    MD5

    9c1a272f8674115ee85f8f6215ecfd90

    SHA1

    57a38a1044d1d15f2d5d6d45db6e423d09e8459c

    SHA256

    9149989d28569fb91fd9342c59b90343968d333f96c4c8cf697445ff17c04ed0

    SHA512

    844ff6af7806a81f8e5d285c57bd60f9ef1076a4d08188ba2ec9447fd8c64928caab79b1acfdb291a55158465c46bd2f1429ae811f7bbb123ba5a1a617e34f67

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    20KB

    MD5

    b83c2510db41d61840626ca3bc91e60a

    SHA1

    672cd5823836c2f74bf4ef2bc8f1e030e733ae8b

    SHA256

    6f2f66f4dddc59e1dc2349e7e3da9d0de2dd38d6b67c4f56557a5b5d396c92f2

    SHA512

    e85f559f4b20d641e6ca552967351428787bd07267662b4dcda58f28cae9d2cdcddb8ac4bbca9899995ba9df7963361a1f1c6561d4af3cddda621fd5199f0ec7

  • /data/user/0/fka.ugsonrqogw/[email protected]

    Filesize

    1.2MB

    MD5

    336921950a9f279733cd787f1203d73d

    SHA1

    cefc36a7c17909054cf2a507b34f545af96c0e36

    SHA256

    c6f157d3401cf969f57b4d102e14fc097676f11cd4911a68a3e08cafaf2aa94c

    SHA512

    6fa4f733298e00a8495648b623c04a5a7912a6a5af26089749e9ad26f30e20ba8295dfb901084bbf7e6976acb65ac78d7ce7a0037b1a4044ec5ddecd29801f87

  • /data/user/0/fka.ugsonrqogw/[email protected]

    Filesize

    2.6MB

    MD5

    850905bb253b202528d72a6724d68904

    SHA1

    ab3ad068ac55cff5a8b4f80f4cab5507968d0ce8

    SHA256

    abdd3b7a2034ffeba98a4b5192ee6878e5d05e822f8ded07c7cb413e13c944bc

    SHA512

    a15fb152539326a73ee427fc74760c0e4999708a40b81b5b464a6bba8dc841efbeff2a573418e0754e8d14bd750da7e335f680067a6abc4f7807b6f8a59007a2

  • /storage/emulated/0/.am/dm/md/main.md

    Filesize

    2.6MB

    MD5

    470586b3a055aed7c22156273f38f69f

    SHA1

    39866ece4bc4bcdf2613bd67851ee7ba22df85ab

    SHA256

    65daf0c170cda7fde64c441438cf9875248bd33af61af060d943b48bfb405f8d

    SHA512

    95ab906e2be05248360a5d2a3a4edd61a128e1d71dedc35245384799ae68b686d37ba9063bb2e86a891d96acfec47c897bfca290ee6251afcb07f140aca9c540

  • /storage/emulated/0/.am/dm/md/main_tools.md

    Filesize

    1.2MB

    MD5

    51112e0a7f7962a8e02bc885025414ef

    SHA1

    40622959af4fe349d8881c885b9b30441de8804c

    SHA256

    2b089f76930214706716aceba0bc6cefe6e132d14dd7d0a7c59eaa4f90f126f0

    SHA512

    f02971a0f493fb72539381c3d1503d8573e8bc67f147014f443df8c01e71bb28437f832c5702d25a8bef2c34c64fb1f46d0000523eed04ea7981186ada22e402

  • /storage/emulated/0/.am/log.txt

    Filesize

    172B

    MD5

    96e00de5723f6a316c15095a6a7b730f

    SHA1

    3ac37ad06dd3a6f3d96592b3ef72141b318dac4c

    SHA256

    1263a3a2978a46664e28d379fa2400f33489e6682aa29c4aefff6dee3c4ccb5b

    SHA512

    896737caea1816a309e0161c17b7f2cec6996508fdf8bf603a6a42346f8fc345145113a3efba1377aec8500fc27f24da26e9442c296076dd5467a2c8180401bc

  • /storage/emulated/0/.am/log.txt

    Filesize

    151B

    MD5

    c2d4f2390cd0b7d948626dcca7a51d31

    SHA1

    8c513ffed38f35655b3a22c4d8adcebaa2526eea

    SHA256

    200fdfb87ea810df0880ee498be5c3d2088ab6039df966ca6996d2aabc1c84d6

    SHA512

    326f0179b16e48933f97a9029384975143e2a53f92a381c5f1179f8df8191329eafd3522ae2f589dc94e549b3b47f0e83b719226245a14b5f936ed4139f5fc23

  • /storage/emulated/0/.am/log.txt

    Filesize

    4KB

    MD5

    36a7e89d7d650f370e4af30a525994a6

    SHA1

    cd01b2ecb5490de2ee4506955868ae254f2d5c65

    SHA256

    6edfefad7113511cb59a68169376ed2e8842d2aba922450a7bf82301eac02228

    SHA512

    6c0968fed301cf7813d056ad8fcfb1365d6ea722f4b3e7ca2b3b6d6a1c179afd2ac456e4be595a547abbe20b0c57daf63415d574ebcbcfc088d60a720b6bd439

  • /storage/emulated/0/.am/log.txt

    Filesize

    63B

    MD5

    b19726128836b3897160f8f9e560a01f

    SHA1

    aaf4b341bb10de7cff634f33167a82bcf69fa15e

    SHA256

    96c926f0289cea9a324500825b244cb7fb188fb365779355d79749e138254c60

    SHA512

    f5a9704c23d980793fa68e4a7573b5db712caf9101230084069f96a9d3f3d5da889df207e82f6932d54c4281fc06217a308fe34e77fe17ba71d6bd00cab83c3c

  • /storage/emulated/0/.am/log.txt

    Filesize

    71B

    MD5

    e5f009aed5da8e204c4ec425202c4d76

    SHA1

    94d3baadfa21b18082d3a5381ce131be42f51ba2

    SHA256

    85497b7a6bd32340a60baedefe39ae33c4470331c7d7a752d932f61728d98999

    SHA512

    02caead8ed691d9e7042c7fc7e23b8afa9f140cad1844182575fc28d9278a7b8b1ed1e2a5942502a889baa54c88f4f643aa24c81ff55853793ad0cce2a060db8

  • /storage/emulated/0/.am/log.txt

    Filesize

    159B

    MD5

    4fd0cb732c7978a6ad5bbf142d727ad5

    SHA1

    8fad9bf728911b169aac5713b1f50c59125c0b72

    SHA256

    a94fbd7fe27646b8d233dda1d2bdda30a877e7efd8a99d1877d2a4bf7bf8f708

    SHA512

    d1747c7330f027ec42d45fd1ef4b80d25dd968c42751ab03d7c7d349a32bd8433fce3224d904b51a72136ccb88267361bede6802502e1cca22c982cb435483c9

  • /storage/emulated/0/.am/log.txt

    Filesize

    130B

    MD5

    366c4ea72e16b78369c90581ee219d6e

    SHA1

    353479ae20ef23dace7fabeb2acd07a23738b56e

    SHA256

    ae75ab5b6976c300a257fef3bbf4606ecbcb7ac7b2adf4bdaa969ee4cf786c39

    SHA512

    f324f9d7a959b591330954734b6eab3498bd8ada72b3e391569f8612797c8d8086be5efe072434588f32a7d63c63c4eb71114f86ea4b7ccf5ee76e10ca8a583e

  • /storage/emulated/0/.am/log_.txt

    Filesize

    25KB

    MD5

    7bc809b318888306586eb94c911f4e1e

    SHA1

    3d429ec3ee3c124a6535264188e8df19cc3bf8de

    SHA256

    fe2f6bb8eabba2b716cdfb010373adbcfeaaa6a41a637a9168dced28dcb1f4c8

    SHA512

    9087af9ea91ebf160bf2bdb88126de870ebfefbc107ba2f6ee023fb2eb6cd8d65a93a2c701141cdea4210c893ab572767b215c3661629ca8a761c011aed3c664

  • /storage/emulated/0/.am/log_.txt.zip

    Filesize

    6KB

    MD5

    e9afeb11aa9e4cfce20740d51c2ee887

    SHA1

    479088a8f3f198f9205d56e4ed12a62a7abe5ac9

    SHA256

    c268b7f9c523c3666d902eeef7bd72ad020af55c584cb77ec7c92dc4a5fc1868

    SHA512

    efd69ee2d83e66ce7d390631ba3f783ffcfa7b7d109387275d2595bea48b894cde1a9f3a1c942564a95809f29faeae2df984e772bc4641ed7d759055d5bca1ef

  • /storage/emulated/0/.am/log_1725328870092.txt.zip

    Filesize

    219B

    MD5

    1ece6ca0e0d2fc15e369dc946ee64a64

    SHA1

    36ffc2657cc0770b9976e43fef2db974972997ca

    SHA256

    71f1f7d0f1dcf2f0581be7b7abc5f746063befe61bd6d934c056de40a808acdb

    SHA512

    d8af88440050a6ea0b05b4061c3e7990c0318a4168ce7e0d71e3a2ae55d61d78545e7ddcaf8a194c343727bd15dcdfecf54c0e126ee1b74142ed376af90842b0

  • /storage/emulated/0/.am/prog_class.name

    Filesize

    67B

    MD5

    d8ad6773b632b7d8066ed57c6c482c6b

    SHA1

    c07e66a0e8e58e190392896d7b178b7079741967

    SHA256

    50eb09209f1670f34baec877f8bc19fd1ce7419e10da063b46fa4025558dc4ae

    SHA512

    4bba534c373aa27100f1c5eec84c0a9d77c0dc447dd33de3757c4d656a7c8bb7d602fb214102005e355fb9a22687dff6e141063d086ec4275a9b01c8c8c90fa2