Analysis

  • max time kernel
    143s
  • max time network
    150s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    10-09-2024 20:50

General

  • Target

    B8U76_.ver.1.0.build.1.apk

  • Size

    2.6MB

  • MD5

    55b1be60416ac9bce81425afe1e235a6

  • SHA1

    38c6d769f098f056d425b7b4bf4b5f722049a976

  • SHA256

    585a58a92e4cd71abbb7aedd297f263c934439f903759b00d546a9cc2d460ce1

  • SHA512

    dbca326eb90a340da6c6436b0ce60bc8aad25aa82cbf954e9e8fdc03d7745cd2cdc3a174b53152a6d3ef71697bfc615583d719ef8035addf003962d972c775c5

  • SSDEEP

    49152:b3NJLWUfhWPB6NMAKQKNiJhLbNRdZ3jZ9V8jaffHTY0r:jNJLWsoPB6EH8JXhV8+XTn

Malware Config

Signatures

Processes

  • com.nabat
    1⤵
    • Checks if the Android device is rooted.
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4261

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    ee3adc968e45019b0168ac213718b5c5

    SHA1

    940ac4c43da4d38a96f5e453777dd7afc5f577ea

    SHA256

    d3fbbfba9d40306894c93941c1fbe395163ee9e2482a65d701fcb4a5478b4ee0

    SHA512

    9bcc5a63ea0bd2d2dbcaae3605eaa782d7243d585dda47019797f2e0bcf9aa344be5adb406c0ba2fa40a4faef1dd558eca56f03223e085749c20069d08826f19

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    1b8ce2fe0f9d9de557410ea7b13ed797

    SHA1

    899b7589a002b1f75bd48f408abe68223535b882

    SHA256

    409e8238465a2ac0163429a02ed6094769e53126656d53e58d1b8e89ef820ba0

    SHA512

    d4377af018ff5fba36f0f08f680a0057a0fffcab498174d545eb9c0c8fcb6bde572ccac3e14bbd0af809c461623cd099dd0351e025c2c1d6496901a925e30a7e

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    5679c6bb8654196b883021bda19b8f29

    SHA1

    f15eae50c353fff5fbe6e53c15352cf359289916

    SHA256

    4a92c720976d187d9fd29c4e1c0a9352a6a4435b2ea40a42d442c7745eefd89e

    SHA512

    ed2411f50ba7a040e43dbe42960b347597f692d9ad4fb7c04fef031dd73eeae599c8a92c9e9d9ff3866cc8c824138efa2ebdd1113250eec10367b643f11a3b7c

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    cf20d3b7be66c79c62e4f6e4dfc24a09

    SHA1

    0e67e254c305eee90d0452dc239f1eae66390578

    SHA256

    00f22e16994d50132c6c25c306e90eb066cf9eaff26d2cff3bbf89f83be4ea35

    SHA512

    586c897831e500d538bb55eed588cbd87450986aa6fc9b92647886b2d6e5c5556ba5df554daad799437eb26ad2cd10cb0a88c3f0a262a6e155ef0dce39a299d6

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    3e881d9a01ca707bed38018ac69f4518

    SHA1

    5820f9351d7cc8082de6e5686eb9f8fedf6fb830

    SHA256

    4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

    SHA512

    8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    7237409e0640cfab7bdbd429bf821a3b

    SHA1

    4c3da934842f8d4835dfe2a9c275a300e5123309

    SHA256

    5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

    SHA512

    c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

  • /data/data/com.nabat/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    848a4ec05a874cd15d72070de2c31474

    SHA1

    fea2aaa2a4d7de23ed64ca096f4635a8f99f98e3

    SHA256

    0070b2baca668cf780553a2faf37bd3a67d55fec2443a5fe7f2facede805ab37

    SHA512

    8de73cb94c69d919f6e9b3b1af015f3addf02bd3c7b9dff33f192982df6689b4929085ce9e1c05d774009bdfde395ee23ef5fede57822795b581f06bcfca5656

  • /data/data/com.nabat/databases/google_app_measurement_local.db-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.nabat/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    5c6a34028eb3c313321daa0530bb6551

    SHA1

    9e0e80edf03b70f7de6b6a4c5d94ec18c55adcd2

    SHA256

    73a6306c8e2244d8516121ce8bbe5a2e7b8c641af8c0d645826310fbbea45867

    SHA512

    1ecf130afa3d7dea692dd9b61670e9bf4124e31963c1f7872f44eb96881dee65cf8098530b7fc9cf6e7736506cd21b79f3dfa74554a8b56e44ce934ffd0b776a

  • /data/data/com.nabat/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    b62309fa1259bbcb92eef1d1f0ebf560

    SHA1

    a656f91a0f3b8a07756686354e1868216c2821ee

    SHA256

    ebcc0943d7c14e7b250073f3dc2c03c3be09ddeb5f700d70856e8c7354314f34

    SHA512

    af01433da3571695bb17118df867d01d05cc9bccaaad407c729dc5086ed6f057a3abaad8c20aee41ede5a17fc9213a4ba9a9392c208c8298000f3d459fd2a176

  • /data/data/com.nabat/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    c723970ddbe62c3e66d9de0eafcafc1b

    SHA1

    b4ad065afdcc81f4a9441ad65957c28b4d05e548

    SHA256

    b7170f208f3c83359366ff147bc5c5fb78f991bfa78ae7cf7ffaea3fe60ad611

    SHA512

    98825a5a5bb9c51e318c875f3fa280284e7c8e977f2405a35dc7b2bbd5573597d85d794e28d5019cd27c4fdd9955b54536eb8dd0aa09ac726f76f066905896af

  • /data/data/com.nabat/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    97f567e0837478bf5416541ac1f7ccc1

    SHA1

    30fa0d0a1773cfe32dba91c608b10739bbb6e809

    SHA256

    ca7591c43212afaa38d7be4b5e00fff169929211809cd5a3167d6f586d338eed

    SHA512

    ea5c285c9d4fa52c7c3489b5884289c46b9ec94599d443891e6029c599604a91d67edee7d2f9de84154273d08522fbcba94afac7597f25b173de5425e967c677

  • /data/data/com.nabat/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    38c99804404b13462bd6143eb51a8c0c

    SHA1

    b80da3367f43b08ca810d34cdf07b58d186c42e9

    SHA256

    6b32ab6ceab45d41d4df718c335b037851e5f8455a06a02588e1cb630c0a952f

    SHA512

    435f1fa3a0ff7699c60aadbcc077ec769639a6141ce479372ba48971a7e5fb0b8856e3c862bfc9f43c76bbbf666c698a2901a97ffd9711489dd97e0aac97b411

  • /data/data/com.nabat/databases/google_app_measurement_local.db-wal

    Filesize

    36KB

    MD5

    9b926e50711fee047a4492709a8a6827

    SHA1

    af953ca5ce98d597f0e540b2495a533d06693ca0

    SHA256

    bd59458c5f763d94bb36546b44dbde4bfa4950745136e4a01aae793202364ad8

    SHA512

    b01f51841f7daae6fe73e8300dfbfb38f5c0b5376ded51789a641dc4c04b82f23920581e4ad82788e40881084167191fcbc4531fdeea967773837e0a9e204401

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B122037F-0001-10A5-99C872BC018FBeginSession.cls_temp

    Filesize

    77B

    MD5

    683f74ad2c5d95e2cd9c87efba65d7c8

    SHA1

    08ff21d05a88da2a2089425f750f9cc4bfcd38fc

    SHA256

    e9d564e3c4eb89fadac0f47b407478bf44e274c200207125261c79816c1e7305

    SHA512

    d5d910c24eea6e132f1d75c594780a8ae21e5ab24ee176062ffcb3d8b835862c8c0a28db5624efcce503535efe05f6ac5970f0af19840f7cffbf2910cc7a64b2

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B122037F-0001-10A5-99C872BC018FBeginSession.json

    Filesize

    132B

    MD5

    d22f2b28bbdc70bcd8296be1ded64bef

    SHA1

    15c1b9956f49bee3639867db3d7e915ed7797558

    SHA256

    d9e0a0c81df5a2bab70e4f79506610a28bfda81b8ac4c0b63ca1c8651ec9b0b4

    SHA512

    0bd4fcdd6ef370e7dc5b58dddc121bf2ed15dafdffd26e9c862634f4a115ac576c47d88c32d86829678016f854061cdf3e5e3e3a5baefb7b82af553f4994c855

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B122037F-0001-10A5-99C872BC018FSessionApp.cls_temp

    Filesize

    101B

    MD5

    2f8cef55aa3fbf005e4e6d1335a6baf2

    SHA1

    8aeb4320f010346752ba8b07437157475d1265cd

    SHA256

    a8e1d859541b68b3fb56aaba2d6772b73c8c1ff14ccce8e8feba64f47883b688

    SHA512

    6873051b82583be2b82ab6a77e32fc0e8eb5b5cc3a3f07f19755f34a4094023f9b7a9f821045f4d29bca9c4bfe58b810d4bc9a1b7df690e53edec86070c6a768

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B122037F-0001-10A5-99C872BC018FSessionApp.json

    Filesize

    215B

    MD5

    dbb2512d62366c48ab524159c7a15264

    SHA1

    ec5214e5cc1485e80e4fd603df4d8898be7ac46c

    SHA256

    8e3c44d91a569511d2c2f71e5b9f09cb26392648478e0092f728b299d9729fda

    SHA512

    46894a90e080e0ae8d6d5fd6da776113f9e46cf74f1e6344e2a3298246169b381f98284ec7e7905003831b0d7dedafdbd3b03a47178f6a885c93c69eb80679d9

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B122037F-0001-10A5-99C872BC018FSessionDevice.cls_temp

    Filesize

    48B

    MD5

    cf9cb0612d588a1f71b63084cea67316

    SHA1

    3d035bb92fd3f8997160cf8025c40239af74d3ca

    SHA256

    0d37c5a64baf86735501f9044eeb926b3d46548cdcf67c2cd1f773df36624ac9

    SHA512

    70f000233e181e3b7c6fcf07aa04fdb570f970335837f8d1c4680a9f78af9f9e17c73a0a5646770f7a8787e338899edc4a5197b023865a4da894b1aca12bf600

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B122037F-0001-10A5-99C872BC018FSessionDevice.json

    Filesize

    202B

    MD5

    75db92d50c80a89e068550028c62acec

    SHA1

    d78ea55f5dc682e4da456d26383249f608fe894f

    SHA256

    1dfc488309883b61beb3462567a9befeaf36bb475a07a7ecef2be60bedb4b5a2

    SHA512

    dbb81daa5fab357f087dc295e7861444f945eb4c3883a09926b47312ce526bc069266a8a24b2a5b4921fb13e797696c5824195f0a79317e279ccf7855ca2ee13

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B122037F-0001-10A5-99C872BC018FSessionOS.cls_temp

    Filesize

    14B

    MD5

    9b3d4522944ce6396563812bfdb92fa9

    SHA1

    6d2a6133c8f01938a48ccc77ef86ad8ca335c020

    SHA256

    d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

    SHA512

    091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B122037F-0001-10A5-99C872BC018FSessionOS.json

    Filesize

    54B

    MD5

    93023624eb8dff5c20050da136aaae0a

    SHA1

    acfd1ffed752c28fb135ba83c0c6345ddf2f6995

    SHA256

    968bcd7c4f1abed89a09cc0e6dadd238a81e8655e64196b39a86be49ceecd39c

    SHA512

    bb25dfa144d3f0e17203936c503c5fedec5f9ca710e177f99e273010ba4a682199d4bda5684151d65f3cb1549f4611b3a645ce39646d3db9a1b2c17d6b160579

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

    Filesize

    390B

    MD5

    cedbfed691e7d88ae6bf29ffd046eaf0

    SHA1

    7f3996c9bfd1e728ae2b8d9398b00cdf1b230220

    SHA256

    dba1297cb0ea5fc3287d12502a31bee0c1fa83762adcc84bc93be3cd88833eb9

    SHA512

    888786295e06b2d902fab6a7f50484e40b21f7f91b39ad8b0b28eb0ed685a761d20909fd6216dcec990f6b9bd1eb6dc7fa74e78ee9deed0d4a220396071f136a

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

    Filesize

    757B

    MD5

    25c9d63c3b8932b1460697f0740b6abc

    SHA1

    989e7a38449f940772dde265f615a7ab1056a268

    SHA256

    4fe7926b0752427275b3274cac710ee94c39d06dc518b678e1dca48fdf435cc8

    SHA512

    e7db0c577750ba25edba1b3241af6c248c774bfeb8c299c2ca4a69940cdf8bd761a761cfc2fd5b1cbdbf6b47bc094c2eb440cf6910039d44a0b61fc5b08ebd1d

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_6053fcef-7a83-4d71-9a2b-84efecde3834_1726001445192.tap

    Filesize

    323B

    MD5

    46ce198d71fd44e084e155296ece9ca0

    SHA1

    b251a1d5df0c74fea4131e1633a899723a3f5317

    SHA256

    ff4632955786d74fdbd1f0fea38947e2be08a2f41965ea07c5441e8c161e4bce

    SHA512

    bce4fefce45c8737ac018b5fb9c084617ccf5e53e118a1142bebfeab36471c777ce47c48ae16250fec8ee09a943f7648874b5ed2f8ba2c44dc41a4ed8df92042

  • /data/data/com.nabat/files/PersistedInstallation1680315859731222395tmp

    Filesize

    561B

    MD5

    09d7ad110d9cebb034585598c28bdc92

    SHA1

    adcdbdb54e4c927ca545a9ac579327daeb66deb7

    SHA256

    987584940d5b26f5716fd006ff736489cc4c259cf800d233690d7a986a5cc25e

    SHA512

    061381bcb8736b22e6cdd6b0341cccb3437d1cc362477cd5ad7752a6fd13f7518ab0e7edcf4a08e5610aa754c9f902e5e5b16dea5d4576f0473e56c868ccbde7

  • /data/data/com.nabat/files/PersistedInstallation7110952426654026578tmp

    Filesize

    90B

    MD5

    b5d10e3b6ebb84e1db74528259eaabb1

    SHA1

    872a080d44bef51ca5c361529f00d99f3e0f1351

    SHA256

    d9be892ceddb419a635dd3ce343318692c222bc11588448cfd4f77de50c57267

    SHA512

    dd5f5d6ce1ffa463f5a151dd21bb459dadd505a21ffd860adf327cd38c138c27444d879ba4f267438c64a2eda1f4ba24ec1fa04bae77843de9484884836092de

  • /data/data/com.nabat/files/devicetoken.txt

    Filesize

    163B

    MD5

    6cb3fe598198c20c017e875b95da274f

    SHA1

    7f1e888ceedb20376cbc5bdcf288aee988381913

    SHA256

    3c35e9c9665cc3cfe295726dcfb05c55fef396eae1e9e2851a636e7e730b76cb

    SHA512

    d4438ac04775b9a1df53a992ad2da4976eaa79533ea9a60b1884051200217d96a513b0e3f616b9bd13b71c42d88f907077e89a303faeeda61189c097c4e231cb

  • /data/data/com.nabat/files/starter.txt

    Filesize

    4B

    MD5

    b326b5062b2f0e69046810717534cb09

    SHA1

    5ffe533b830f08a0326348a9160afafc8ada44db

    SHA256

    b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

    SHA512

    9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de