ef926767c896a54a03b7bd23dbb102aa1b053e8ff10eb65e83be48c3ba630c45

Analysis

max time kernel
98s
max time network
150s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
07/09/2024, 15:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

7723box_pjz.apk
Size

2.0MB
MD5

3862a974eef6f3c01fc58b85dec4e6ea
SHA1

8a482f68e74c8b406b5dc87f7f6e46f348e1a673
SHA256

912d30f69f69a2e36a4cb0a13a25832c4ce4deb31470275273104f778ffb9bb1
SHA512

1701259d85b6b8a5841d6761ce54f4ff432fe8cf7d7f51b16212a06b58cbdcf48414fecdd10ab5347e6b59e879fbf896bc1f3c1b9c602444868b94f23e4ba7e8
SSDEEP

24576:hjzi7dLe3+Z14UtlvSF1RKzYz65o2pgZebQOS4w/PHMZSoOiLdkikNeuV42oh56K:NH+ZbSJH+5o2pi74+vMMoOiL9kjCZHL

Score

6^/10

discovery impact

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.upgadata.up7723

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.upgadata.up7723

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.upgadata.up7723

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.upgadata.up7723

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.upgadata.up7723

com.upgadata.up7723
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4317

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.upgadata.up7723/databases/history

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.upgadata.up7723/databases/history-journal

Filesize
512B

MD5
23a70c8703eac04bd53355e41bfa6f30

SHA1
78a4908473f8062bbd766e66f703437eccc5ce94

SHA256
645bec4d086cf9d6ec256e08cdc827b3e3a7605e628b1025df1e12686a2c37a7

SHA512
e64153a1c8935a3db045e2c2d5c8d8675ba47bf60fa0739c92ab68ae8ee4cf0a3c0e77f7bbc433cc39c22245df338e1e736f6ae8d73867333bc1d9dc79b9a4f3

Download Submit
/data/data/com.upgadata.up7723/databases/history-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.upgadata.up7723/databases/history-wal

Filesize
20KB

MD5
7be1e0a57e48edb137ee687233f8112a

SHA1
1897eac7a0b25f0b71bf204db1e01e2dc81559b9

SHA256
68f8264288c67d5596c57cc737710ecd49809832df667114f2e316f2567e7e8a

SHA512
a0f960dd11c1a7bd895586f897596d12c2bb52cbc8000ecfe8451693267fa6640eb7d0514d0e6c90da76a1d5bc965ebf393d62b9528b64831889346c7f51f0d9

Download Submit
/data/data/com.upgadata.up7723/databases/xUtils.db-journal

Filesize
512B

MD5
09381359a7c82247e7aabfcf1ea788a5

SHA1
c829f1fe6babccc15dd5dd1e1f96ef6e85777850

SHA256
859de873d7f5563a530e58f5f0c3afd16f4a5ee39f0a48e743662af336e80bf7

SHA512
433a90ddc7a06c15b66be5bfd82c1b44d78c8901aa355bfb55d349ec4b8616f82f95c03cc84be3579ca568e88b7f5a3ced94bfb376b0ff524426f6017435741a

Download Submit
/data/data/com.upgadata.up7723/databases/xUtils.db-wal

Filesize
20KB

MD5
9127cdc7cc4d1270ba6aea531f5ee119

SHA1
92ba6bae93bb6a7ea6fc91dccb6dbbc68ef7e2a0

SHA256
eba8151ed5b4ecc00d58496af345983ceaeb77250b7edce75bd4a29d55273423

SHA512
8296dc987f63b6dbf7c6971bbf5f7cf0ab28bcb601f87d0b4404ee7de885e98d946cc9c4c39af5ff60ae9ba57f0a56a03cb56ec209cf38c2062de6a81ae60832

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
19e027537fdcf7c438e690082382123b

SHA1
f8e15bb715ba5088976e876499ba143243e35684

SHA256
0c50ff4a02f222066513b473a5405b1169dc3d8708acd27f7d38c84d502df142

SHA512
933295d3b9f5fe5fd1bb2881f945e856aa79d44e25d3771a7e180370955cee04912f8fd91d3bf9f87e78b05c43b5bdadad80234d5e6aafc881a489491261b7e6

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
d6871129ffd81b09b33e92dd200cefad

SHA1
396c9fd22508002757f39a23f5593e1bdd6a8ef4

SHA256
ec714992908059b86738da9523037ae251c3e810dd671c1f1f1c55bf6c913bc3

SHA512
8632615e0ae993c57e3fd3aa82c14803e00321c8f92d371cdbc716df943787d5c8b8bd400fa631045761a74bf8ef4d27e60118fa1ff3f90e3ad71480f19fa2c8

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
381B

MD5
35c0683998e86205dc5900d65d87de04

SHA1
78f316055c9d08842ac4d9790f32392c6f642b4e

SHA256
203f24456170850b918cb2e93e9b4c4120c8a1338062557bc7d9c681362b266e

SHA512
d2a668f21940325d1c21f22bf7ad3aa44b923f663e2d1b90edeae90b3d19345207fa3a968e18ecc13e53d3ca7b36a86ec3aa8f509ef013eb8a38260f83e41af1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads