bca0ebc0afabb9d6c75d1d4d2594678e4d108ab038b07be47567ca10951428db

Analysis

max time kernel
8s
max time network
152s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
06-09-2024 12:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app-arm64-v8a-release.apk
Size

10.1MB
MD5

6509444bed1ca89533e64ba4b9dda544
SHA1

584288122ec1f92f12d373ca181cbd6277bf47f4
SHA256

bca0ebc0afabb9d6c75d1d4d2594678e4d108ab038b07be47567ca10951428db
SHA512

3afdee9d15489d26fa93f996e45dfde275c3060a02b0bdac64d8206206317ecff9a5cb9d592b473225248e155a3345ad09d738637d2451c6d38168df1883652f
SSDEEP

196608:VGR6QsQ56ykltUk6Dn+novlty0LmM2A86Iq23BQi4s:VcJ6HUk6inodsA1KT

Score

7^/10

discovery evasion execution persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/system_ext/framework/androidx.window.sidecar.jar	4773	com.github.libretube
/system_ext/framework/androidx.window.sidecar.jar	4773	com.github.libretube

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.github.libretube

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.github.libretube

com.github.libretube
1⤵
- Loads dropped Dex/Jar
- Queries information about active data network
- Schedules tasks to execute at a specified time
PID:4773

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.github.libretube/databases/LibreTubeDatabase-journal

Filesize
512B

MD5
e7d1c83a170ba1631aa6bb138b509feb

SHA1
f97a447daed42ffa4bf10af9e0a0269ccc42ac4a

SHA256
dc94ef5b1c79c89bd0996d049ae973ec2e6ec509c747379ab50fd1a7f41cc568

SHA512
065077e8a11cc546e8bb9c35a3b5bfa21802dde12d27e5fd8335c3cf4124fd9e83929c6d1e500abaf42f61eb3414650a76c2f58b26125363233a92774a384ad4

Download Submit
/data/data/com.github.libretube/databases/LibreTubeDatabase-wal

Filesize
16KB

MD5
268ae0e5c804f3b74d7e4b15fddf4b16

SHA1
29289f53b7767af0f4212de88464a57b2b06c7f7

SHA256
dc3c574d8ae63a8af95520f48a0e032aeea12f1db289925f1ba624d7945b534a

SHA512
51699249f28d475d77efdf67623aa5b92bc9454a37e48cb82002b2b41dce552adaa6763498fbc78148e027ef5886ef4679cf813fdef31f6c1065da5ec13ab6e5

Download Submit
/data/data/com.github.libretube/databases/LibreTubeDatabase-wal

Filesize
116KB

MD5
f587acdc3ee8e7e59e90ef9e1475a1ec

SHA1
3209906ce884af08ec4cee23350b43c47031f359

SHA256
684e392cf9bf1e1b5c81f98b3a1421275b10cbe1985c8269f06e1b822e18f2e3

SHA512
78ac5ac50c9e0956ee93793829f30597ff1a936075481abbea17369c397fcb56148b176fb494ada4df02935b231ff67bfd9273e583c63554872adb5bdd28e04b

Download Submit
/data/data/com.github.libretube/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
557a91ad380ca09ba2148955d1ee7fa1

SHA1
492fb79a230d7b51e316ae7132f2113d7a16f4f3

SHA256
13c8ee84572d661dbd063fbcd06b76739255ed99dc8a9b442da458058ea741f3

SHA512
cb4becca540454a296a921119b1a0de6965ed0bb320a292efabff9dc7e3d6e55084b0ff7ad7622a096f7cf4753ba92423dc293cac40cfe8583bb717b953b0c22

Download Submit
/data/data/com.github.libretube/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.github.libretube/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
de8e5a2374ad58836fcd0f31e04ce47b

SHA1
02fa7ad2f9160250b83821406850dcb95db1d505

SHA256
01aaa6e7b7ab02c5de2231c812585065e6030a67bf52e12bfb3ac42263c541b6

SHA512
f69a68bc1f863058cc42037beac7d65755c3be2bbda531b261453cb82cc660b62c2de206b6cf2d9f7e05dbfe3ca94df3a7d03bec72d3b96ca6ceae78e95d2b1d

Download Submit
/data/data/com.github.libretube/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.github.libretube/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
34d64d93b39c9f8f28d8b6a23282cd7e

SHA1
973f019b72a3e83206c9c3c061864901695fd5a8

SHA256
4b11f5f67b0add60da73fd61b338b12258677f603ab8eaf97f75b5eb84530147

SHA512
f6a3eae942c024f142784b233164e9096efc0e66c56d904f884e5f3e8433d712aa2301ebf8ea5e5934fb1e2f51eb2625aa29e2dcb1ebac764b2e783ddc1ac1b7

Download Submit
/data/data/com.github.libretube/no_backup/androidx.work.workdb-wal

Filesize
116KB

MD5
bf5e82469d98dce19bb40b4febe0bbbb

SHA1
724136c6f0aced92d9df2311f25e9606713c7409

SHA256
996be9e9d6b68523c836a0dc88345753a8b911c511f50ceb14d91d0ec519e91d

SHA512
f3bbccf2d690d3f8c1925fcc3a9d4d0ab60c192197fa3075c8ad5a4afe2b767c01beaaad1f79c6e73aba48a9891356b46c160c673959d96ba844125e266e3e67

Download Submit
/data/data/com.github.libretube/no_backup/androidx.work.workdb-wal

Filesize
205KB

MD5
68f8bf4508ef9529d580728bae5b3696

SHA1
613944eb8f791c0d3c09d2af98ce8f7cff73fcf5

SHA256
1bd3c5d615368b2a7b65efd8fa11f8e62032d1047fc5c59c8d89f4c8dbda76a9

SHA512
69bc3a3f002a9f4bfb0136e22b6403c15b53ac10f9ed0fc43e1eb350c8bd51212601895d4abf122b48aa5d20a8e266ecbd6aa7b9a209914d54f3c20368accff5

Download Submit
/data/misc/profiles/cur/0/com.github.libretube/primary.prof

Filesize
10KB

MD5
4772ef439d156f2438a54ce9c76dc100

SHA1
c3c262d9cec922f4d2ff74bf99b106dcd031224c

SHA256
1e3eea202bdf8e7c0cad9dcc342cb68b004911ff4ce7505adc725c676d3a743f

SHA512
7ef735c4b70e7313bb4f17200085ba7782fefb31b0eccf2962b3589c4a75142859329ec294bb640360aa8692c983257272b9a3c6f81a7dd67ccf89a586b2306f

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
12KB

MD5
bdf3529e80318eb14e53a5bf3720c10d

SHA1
25c9ace4b1af6e80ebb2572345972c56505969ba

SHA256
bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b

SHA512
48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads