Overview

overview

10

Static

static

10

7e41cd6541...a8.apk

android-9-x86

8

7e41cd6541...a8.apk

android-10-x64

8

Analysis

  • max time kernel
    6s
  • max time network
    158s
  • platform
    android-10_x64
  • resource
    android-x64-20240910-en
  • resource tags

    arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
  • submitted
    08-09-2024 00:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7e41cd654128fdab2606a0975d132dddf036320744615d39118ace060608e6a8.apk

  • Size

    21.4MB

  • MD5

    b9670781a6220f5db33c9dbd6c25238d

  • SHA1

    d7b5125f47ffadc06b6e27ea900fa0dfa1f1cc6b

  • SHA256

    7e41cd654128fdab2606a0975d132dddf036320744615d39118ace060608e6a8

  • SHA512

    a18f1c5b326b8bab3df03a474e77c27414aea61e04f123651e4d1981bce1a39619f9954190b70ac1ac7eecffb09fbe60083c061b3bc66811890dc6582382a993

  • SSDEEP

    393216:KD51hYo9wYYoIPH9Sg/2BUozTNR4pgka1SiDded0vQ5ofh5B:KF1h3aY/IPdSg/2BUozzSicd0vQ5M5B

Score
8/10
discoveryevasionexecutionpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 8 IoCs
    evasion
  • Checks known Qemu pipes. 1 TTPs 2 IoCs

    Checks for known pipes used by the Android emulator to communicate with the host.

    evasion
  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.swiftstreamz
    1⤵
    • Checks if the Android device is rooted.
    • Checks known Qemu pipes.
    • Acquires the wake lock
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Checks CPU information
    • Checks memory information
    PID:5206

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.swiftstreamz/databases/OneSignal.db
    Filesize

    52KB

    MD5

    5715efdd2d828d4d57c1376120ba2806

    SHA1

    06f279c976087695aaaf885df323d996a2560cc1

    SHA256

    f8ebc23104952761ccaf8dcf7ea9e5341bb0f3da744550a518f8dbc8b3404904

    SHA512

    dbc9dcea4f947dc61663054585dcc175b79ce7d69aaa8335754d1fe6d02881dadd75d3846190178e677e80efd63a1e364a31d51620d51e8e6254b8864651bb30

    Download Submit

  • /data/data/com.swiftstreamz/databases/OneSignal.db-journal
    Filesize

    8KB

    MD5

    eca9f65db041c041bbdf9388657cd5ff

    SHA1

    a6fd03c6add727ed1fdaa00aed9b2155bf0cb484

    SHA256

    2d870f6401af9b5349cf7aa261e96a5d7692137f83ac39aeedbdb0510ec57c9f

    SHA512

    9346ba1204604dd982252dbe0cb69ad43935ced1d5250ce0872ab508ce5959b2885161e87a9831f449db3510e7c0b7c4c4a6247807ebe08f34da20afc794c9cf

    Download Submit

  • /data/data/com.swiftstreamz/databases/OneSignal.db-journal
    Filesize

    8KB

    MD5

    bde2921ebeb6cbde7e1a9a59523929b8

    SHA1

    6647d9c8929e14d0756e90d91879dbea6cb3dba5

    SHA256

    0b1632fa178f3278b6235690ccf5c9a8d97767199570a629e89b4fdc50fd7c2b

    SHA512

    506836017ee494c61a9eaa85b10b6681dc6290ac345a340a829ea129920db4569399c00f7e4514a81371f226284d637f3f4a6648be3be45444881a507c5115ed

    Download Submit

  • /data/data/com.swiftstreamz/databases/OneSignal.db-journal
    Filesize

    512B

    MD5

    4b16813fed8ae5e11209ce7321a9d5b0

    SHA1

    d464f437042358a7407718ba8973c898ea4834ee

    SHA256

    85928d2719ea460477644c0bce2c3d7825858c63b5296ef020899792ecd445c3

    SHA512

    0b09e495f0490057c779d99edf8b3e597c8b737440c183fe506220abdd9374e2337c69bf8c16143e3c73324af3dd23bad3547f067e3676bb835a3c41c8fc5614

    Download Submit

  • /data/data/com.swiftstreamz/databases/StartApp-d6864f2502af7851
    Filesize

    16KB

    MD5

    c781d02ea0c46951175519468fd8ba82

    SHA1

    d3a0b0ceb98b8d09bc401402d19344253c5f8dfe

    SHA256

    8499a8ff2a4e0877af02b1c425243268f60089e8157e2bbb70d0ed046a0295f7

    SHA512

    32f0b16a6fc2c94e028e864c06713f988aef679063248e6e97b9818f095a8f987f5a4a0be2ee4ac3aa36d8a868baa0724f3108f395528cf1c6f36003b309c3cd

    Download Submit

  • /data/data/com.swiftstreamz/databases/StartApp-d6864f2502af7851-journal
    Filesize

    8KB

    MD5

    51e454ecbb7f2161d27f3a4a8c8ae1b9

    SHA1

    18fe101074974eda7d82fb7f0d3568fb7f969170

    SHA256

    0771ffade6eae75c3da9a32ae156bb773e5b0679796671678800ad1e71556a7f

    SHA512

    83947dfc9750de12296576eac58d9d6a220f62fa3988779f5d3e1084a88b034bb532320b04e5a3804b89a6dbbdafb1b7d4b6b327ec76ce1866991c0281af78e0

    Download Submit

  • /data/data/com.swiftstreamz/databases/StartApp-d6864f2502af7851-journal
    Filesize

    8KB

    MD5

    8617a2ce3d8e935499c09cda6f10a1df

    SHA1

    919e530f02710fe2b73b3d15030cc9b84e41a8f0

    SHA256

    eb48615ca4785906920ba7322cb0e72f7c919aaf89e99933fa90bd0481669823

    SHA512

    e47fa345d115ede019a27fe0eda4eb59bc2964d463a3a6caab3c1ac015c61225a2453a6c80b093abd5ac0360516304150f7a9a8959810beece19a63f432fc1dc

    Download Submit

  • /data/data/com.swiftstreamz/databases/StartApp-d6864f2502af7851-journal
    Filesize

    8KB

    MD5

    27541b6b8a2c8af77da80ed61cba0f30

    SHA1

    eedd7580f0db5df8887d5fc2ec65cf502296177a

    SHA256

    eeecc392cd03c9213f151ae1043402c6863abbdd0852eec60dced6869040cac5

    SHA512

    dd134fe7f54e5d7d75394658b9d41434d515bb33acf36c1c72680e3a60929ae01014e1d5f3013c25c6ffa57c9cc42d1f50f83c415caafd15eeba061cd086d168

    Download Submit

  • /data/data/com.swiftstreamz/databases/StartApp-d6864f2502af7851-journal
    Filesize

    8KB

    MD5

    118bd46c8faaec2419b04b1e460dc539

    SHA1

    5eab67534f4e30708188c5c776f46810df36d6c9

    SHA256

    934c091afd34d2cf0d1c930d3b1d2099733df96cc4b044ac5831b8c91f62d11b

    SHA512

    f353201396b93b4765165e44cf8c7eb8933e07f76890f51233068b77ce9d4fd06f3cb0ad465124fd94cca81dc9a91c41210b520e9fdc2b29735b8fba962b6e35

    Download Submit

  • /data/data/com.swiftstreamz/databases/StartApp-d6864f2502af7851-journal
    Filesize

    512B

    MD5

    2f5674a4abce1a74cb6be9eb999d1f49

    SHA1

    6f2947873abe79b2361b5137059b65788427c7d0

    SHA256

    7ec722c99118b939926140147604e05308a2ff1304fb535255ba79a56a61ea0a

    SHA512

    d2ea792eb5572cb853407b1c7888ed1f4ac39a6dc38e8e0dcb3b0cad503786bfc017e92d1cdb96c29f2f9fe50d2175cae6e55c779b07725d671d6e7dfa6307be

    Download Submit

  • /data/data/com.swiftstreamz/files/shared_prefs_sdk_ad_prefs
    Filesize

    5B

    MD5

    9dcf2a6f12095ecff342e9fa0c5ca72f

    SHA1

    c815f34691be353caa9de93bbdb00a31f62a9ed3

    SHA256

    4e68143408826326220a32d6bff59e1cca3dd85f74b018aebd6723c5686c54e5

    SHA512

    7ba3449f5ec3363bbee33d47abe471286cf78034dd70379fa4d0de5fd59215e8c58287eddffed1b9c3c74e157f6a9ad69b0c551001a62d04790bba49df48231c

    Download Submit

  • /data/data/com.swiftstreamz/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.swiftstreamz/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    f4498dfbe43d4477eed22d912f6940fe

    SHA1

    7b71a0c12cccd8dc11467b3f0b596842a8ae2165

    SHA256

    f1e205096e02963771cff6b31e87fb0003e3290ee174c847b509cae6fe96facf

    SHA512

    683c6f79acb189bc01fb743428cc59543342330934fe1e17d6d3a5852afe9559f42c1d523d5ed099c8704c005fd325c77ef59f4eae84956de40896180f030006

    Download Submit

  • /data/data/com.swiftstreamz/no_backup/androidx.work.workdb-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.swiftstreamz/no_backup/androidx.work.workdb-wal
    Filesize

    108KB

    MD5

    b83b20fac00b548bc74dec49193e3335

    SHA1

    8a343869e5d5d091f1e7c4b14b20466eafd71cad

    SHA256

    8cc1c9ec410c39d295936d868bd7c563b29fd9a5c109ac82bc1a1f0243d4fde1

    SHA512

    f874389e412d3c676d262df07f663092ceb86fb0cec561bee1069233ef15022ec72a72dac6c223cb12f59b60bcc35e15399d7fc80b282df5211db75891909275

    Download Submit

  • /data/data/com.swiftstreamz/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    a8cc4ed739703529658236949b6c05d0

    SHA1

    bf2fc426b848277eff09f7bb3e7b45223e1f31e6

    SHA256

    70976173b58a8c065c1107e925a7f8ea5158eab9177d7e09ddc66ffac004f7e4

    SHA512

    00cbc52e314210b3f5dfa5e4e618e9508ca877295efa8375d5165431b9e426ddde7fafe98ed7d392016b35bec78cb2359206999c210f70f5a36e96578cd4cf1f

    Download Submit

  • /data/data/com.swiftstreamz/no_backup/com.google.InstanceId.properties
    Filesize

    2KB

    MD5

    9b88860156c6ecabe6519c61a1310525

    SHA1

    60e987d1ac00a625af9e5679128e567088290533

    SHA256

    425d34939a40af0845e004096ae6bdcf1f6d636234cbe3b5789b3ca646fa0e22

    SHA512

    1fe00cbef2e9afc6951e2f2d8320b696911294b71283d1869f74f6749ceb9526420f2ded0a3f6bb6297223983557ef18931392268e404b377c2c536bb9f06987

    Download Submit