hxxps://play[.]google[.]com/store/apps/details?id=com[.]usablenet[.]mobile[.]walgreen&hl=en&ban=mobileapplandingpage_googleplay

Resubmissions

03-09-2024 15:47

240903-s77ads1hmg 6

Analysis

max time kernel
847s
max time network
966s
platform
android_x64
resource
android-33-x64-arm64-20240624-de
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-delocale:de-deos:android-13-x64system
submitted
03-09-2024 15:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://play.google.com/store/apps/details?id=com.usablenet.mobile.walgreen&hl=en&ban=mobileapplandingpage_googleplay

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by NFC services to bind with the system. Allows apps to interact with NFC hardware.	android.permission.BIND_NFC_SERVICE

Requests dangerous framework permissions 11 IoCs

description	ioc
Allows applications to use exact alarm APIs.	android.permission.SCHEDULE_EXACT_ALARM
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to access any geographic locations persisted in the user's shared collection.	android.permission.ACCESS_MEDIA_LOCATION
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read image files from external storage.	android.permission.READ_MEDIA_IMAGES
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an application to record audio.	android.permission.RECORD_AUDIO

Checks CPU information 2 TTPs 2 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.android.chrome
File opened for read	/proc/cpuinfo	com.android.chrome

Checks memory information 2 TTPs 2 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.android.chrome
File opened for read	/proc/meminfo	com.android.chrome

com.android.chrome
1⤵
- Checks CPU information
- Checks memory information
PID:4335

com.android.chrome
1⤵
- Checks CPU information
- Checks memory information
PID:4922

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Download/.pending-1725983798-walgreens-79-1.apk

Filesize
24.3MB

MD5
212e4b63bb64812a05a9cdd71dcfa1ce

SHA1
bf253b91b862a15767155ce1668ccc34ac3c3d56

SHA256
b253c7e6d76f694a48e345dbe04b348c904a008f271b501368ad7cc424d70435

SHA512
a509a7d6850e5145024800375ec7170f95ea28979b154904091b3ef57bb5a47b45a086fc4a1215270c783a62fc0d8075a50494611949ca896b0ded7b3b96f688

Download Submit
/storage/emulated/0/Download/.pending-1725983798-walgreens-79-1.apk

Filesize
175.0MB

MD5
e62efeec50e98a80e06534f09f8ad275

SHA1
1562a83eed8e9013ebae135c4e3aac83659b07e3

SHA256
31f7ec47d0f5d804899c520d7ee3f9c78d85eb94f274a010de22ec8cd46b0fd9

SHA512
1b3432cef17baa74431eb507a573d68bee780ccbc898eda076214a82b5eb73da2985b07b0739bc312d2c6e250b95fd82d8d6d3bbcd557a2da88fe1eb6059248e

Download Submit
/storage/emulated/0/Download/.pending-1725983798-walgreens-79-1.apk (deleted)

Filesize
4.3MB

MD5
8e836c23f40fc767022ae2fd0da982ba

SHA1
2ef8d9e20bdcfcd5873c5832ebcaaa79ba1705da

SHA256
49dfa37f1bbf8312a8e70f08709481d9b7aaff15b1fbd6fa19a017118e0213bb

SHA512
9582a81b7174a836c6c6463cda872485a92cbca7a6e189a25ff8b79f319d82a8f617264d42cf53d252ac951f5c5138a1a076363e21ccc434f7fcefa3017de29a

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads