2ea2d2540242d7ed1d61f448901a880b300bb1b6c52f4331161d82bc361c9f84

Analysis

max time kernel
138s
max time network
152s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
07/09/2024, 22:04

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

2ea2d2540242d7ed1d61f448901a880b300bb1b6c52f4331161d82bc361c9f84.apk
Size

2.2MB
MD5

d45b5f279b325558a118f154237fdb24
SHA1

1e59e36e5b0d48a0e087339d6a18f598a895a991
SHA256

2ea2d2540242d7ed1d61f448901a880b300bb1b6c52f4331161d82bc361c9f84
SHA512

78db730b66fc92f4c3959217cf1bbd60440b05ef126ee735192deba3ae8338640e6fa1da875152997f1c69cfb89b87491265e8a0772827bfa9b3b35bca1c95ac
SSDEEP

49152:yNHzifzjoz4nsBy5IbcGfwC3Pih6LmzUkeNoxf3lriCT4:yNHzQnc4niwQF3Pih6LmzUkioxf3lrjU

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/system_ext/framework/androidx.window.extensions.jar	4485	com.forcleintservice.thatau
/system_ext/framework/androidx.window.extensions.jar	4485	com.forcleintservice.thatau
/system_ext/framework/androidx.window.sidecar.jar	4485	com.forcleintservice.thatau
/system_ext/framework/androidx.window.sidecar.jar	4485	com.forcleintservice.thatau

com.forcleintservice.thatau
1⤵
- Loads dropped Dex/Jar
PID:4485

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.forcleintservice.thatau/databases/firestore.%5BDEFAULT%5D.thatau-796cf.%28default%29

Filesize
156KB

MD5
e47fbd3252381b5ba5fb777dcbf6d1e8

SHA1
d4ff7b478b2197173f6f73b82d4bec6460749ee9

SHA256
c786540bda7e932fa43e2044dafd9f389387baf9900d0b187f83049e3a7b07b4

SHA512
839a3ac5d3c8edb7ddd44be501fb53dae37d5b1d0139d88cbb53a3b4c5b3e4f03e63ab7a2f936f4eada5d9bf930640a62b0b9c8b70ba067fa3901964396e0b1a

Download Submit
/data/data/com.forcleintservice.thatau/databases/firestore.%5BDEFAULT%5D.thatau-796cf.%28default%29-journal

Filesize
512B

MD5
d9f3e933f16fd96c8a003cbc7f94028c

SHA1
af1437ce7001a8cfb2e7557354cca490e5bdf57b

SHA256
c933e3b76cd52d728bbe8e7404ae720846b26e04de57db7444892a819716b24f

SHA512
78b4e4ec8c6a72c7d9c541a3616ad07723092dc5cdf916dac20c90b4943afd082b384f3727df759e7aec743abd2c7b319982f2b48590fec38ac2aeee5dc97145

Download Submit
/data/data/com.forcleintservice.thatau/databases/firestore.%5BDEFAULT%5D.thatau-796cf.%28default%29-journal

Filesize
8KB

MD5
56c5ff43be12c1f38d1ae58b7c09a6b7

SHA1
38ebbb9fd63383633a751394a35171bcbf3205d9

SHA256
78c5ad5b77465466fdac02bb867c538185353eadc5398468211a73cac6389c53

SHA512
17422d705b7d86f5ed3e47eb50edba4c78ec4f96cd87ddec52b206f449d5e7b53c4cbe0d18686c5c3300c3d9a18073f74cb6a45e1fa475136275431092a992ed

Download Submit
/data/data/com.forcleintservice.thatau/databases/firestore.%5BDEFAULT%5D.thatau-796cf.%28default%29-journal

Filesize
32KB

MD5
3b8d15c6ce5c99f631bea104e0e831be

SHA1
3c981f779f475e9f60a91e907e54ee6c41cd726e

SHA256
6781b5cd266eb900909b8f82561518aa513b5ee82e9b3f2c42e3eb031759401b

SHA512
3e92d6b01559c0293f309d629c29c5c6301a9cbb55b9978cb506ca543d4e42141d90d82c1f0b124d8bb64ac27ed4e52ff37dc3e33ac056cea06536bdf38e0df6

Download Submit
/data/data/com.forcleintservice.thatau/files/profileInstalled

Filesize
24B

MD5
52ea2e8ab0a2c13503b78a911904d9ce

SHA1
de4eb22d527f7393b47aa8d7d8d54a5f5f41d2a0

SHA256
1710c8fb51b36d191436383fffd53524399dd76e3ca881926965ee03810e528f

SHA512
8ea6558d6e66bc515a3700f8572637dac606ec2b761d800dcbb00aba4f1b7edcad647ef8e9f0c610827a49337c5aad27e7f7c7a8ef07a0bb5f8fecef31e5d1ca

Download Submit
/data/data/com.forcleintservice.thatau/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
f7d88eca788a68e9108c62b17c75f5af

SHA1
4cd0ac2350567421654dcfa4e8ecadaf9fe7d3ef

SHA256
7f361a753c2a252ac2bf578abb44ad72f77db4a55982fb49b830193f853ffff4

SHA512
32b9b0549626fcfbe47889497a0decc53d3a9cb9386fd164e5d5316f33271a3b635041c8e2661956d63638124b70a6ac7ba82121bf8577b9c668ff8029aafbcc

Download Submit
/data/misc/profiles/cur/0/com.forcleintservice.thatau/primary.prof

Filesize
4KB

MD5
52e934459a1e066dcb86168ab9443fb0

SHA1
dcd50397980a88f9fb11df8de39d307966d6c3b4

SHA256
34f97bed991ace0b2acaa755688afb7f4f21deb263321bc8bde2cc6bf5ea85d6

SHA512
eb1dc2f0772c0c940c44bc6e876b0a6b1619fdf67558b262c2a58aab8e771f0f33f2a0cc04a0ffe4ff1b80bb8016c74cc6dbfb0c5d530b4f4a3de4a8c7ac702c

Download Submit
/system_ext/framework/androidx.window.extensions.jar

Filesize
123KB

MD5
3056e1bdb7d4e19789d0319eff484bd0

SHA1
6791ae47aa9466fe0bca27ad6643f846853bbee4

SHA256
8e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0

SHA512
c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
25KB

MD5
29469324e59dfcc052f24b5af4e7b2c4

SHA1
10c1e17ac6f598037bb51baa07945663645de4eb

SHA256
9195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a

SHA512
5e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2

Download Submit