Analysis

  • max time kernel
    123s
  • max time network
    157s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    10-09-2024 20:50

General

  • Target

    B8U76_.ver.1.0.build.1.apk

  • Size

    2.6MB

  • MD5

    55b1be60416ac9bce81425afe1e235a6

  • SHA1

    38c6d769f098f056d425b7b4bf4b5f722049a976

  • SHA256

    585a58a92e4cd71abbb7aedd297f263c934439f903759b00d546a9cc2d460ce1

  • SHA512

    dbca326eb90a340da6c6436b0ce60bc8aad25aa82cbf954e9e8fdc03d7745cd2cdc3a174b53152a6d3ef71697bfc615583d719ef8035addf003962d972c775c5

  • SSDEEP

    49152:b3NJLWUfhWPB6NMAKQKNiJhLbNRdZ3jZ9V8jaffHTY0r:jNJLWsoPB6EH8JXhV8+XTn

Malware Config

Signatures

Processes

  • com.nabat
    1⤵
    • Checks if the Android device is rooted.
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Queries information about active data network
    • Checks memory information
    PID:4450

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    838462e010f327e0bbb3c74129f75a06

    SHA1

    d3101c14d00e5d3ff5a162cc0c388b63e6f13e57

    SHA256

    cfb3d8a9dc22d8c18e7092ac52bbf5d6ec3a36ef0faf8a5622b8c09e59da4562

    SHA512

    a18e62a8a80fd02b286c8a7f625bc8eeb35d571fa4fa1e459230380f1d02910343bf4b36630d12ca57113486f598035e919067e340b59f576f95ece56fd27fdb

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    146c921ce487e9bf2e12edb80ee1958e

    SHA1

    18820c5439a41661b2b56ab7df718e7100815236

    SHA256

    71e5641d3ed18318da2aa413381684cb58418b2aa6f7c201c508216d124dc822

    SHA512

    6dca5f3c53371b53e70ff3feaa5ed6c58ba8e390aef2630debae6e7de54f7d42690d53e091916c8cbbed1ec2b9237f4c076f700038533d5f09e3497bf2cb3673

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    1490152778e97c533fdc28fcc2f746b1

    SHA1

    95288d7a3168f3c726d7cdbf59ce14fce9525836

    SHA256

    1ee903c77e4c10ebd196ab5b00036049ce0bc6426f3b5c70743cdfb9d3641d33

    SHA512

    735668ca1969803d99f904ef60130a4f5a9c707616cc7f41a82a37efec7ac5bfa3630d0e42405d4586d1d13bd760d771011dbd8d840dee8adc7164ae9f0c6f8a

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    5659ab4d39f649d52ae090e6f8ae7f6c

    SHA1

    d9f7d9bcd4c8aaa8915956a80efa8fe02662e740

    SHA256

    cda95febf67a19b725bef7950758bf1a71dc760c73a3987f8ee575f07e6c227d

    SHA512

    8fdd0497d0d87374afa260408a79d05d2aa7a58f1b400d8b4b0c90db698f1294341c35c3494b2b20d00ea0a749e31ba566589a764833d770836a85f1d7e12a15

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    de82e2c94d2718988804b035a46d17b1

    SHA1

    705f5ff19093ad209f2a666085d6ccaed3bf58a4

    SHA256

    29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

    SHA512

    68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

  • /data/data/com.nabat/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    d9cf75fdd1c2292d986f6c3d5d60f2c8

    SHA1

    07ecb1d3a26d952ae5fecf54f36699ab498510b1

    SHA256

    2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

    SHA512

    442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

  • /data/data/com.nabat/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    7867211506a16530e4d0e4704d3fefeb

    SHA1

    741aef5ba9ad92b26efd95a00a40c084f2f1caa4

    SHA256

    13fec50d29d36508c14e1e01eda285718d59ab8cd5407c3d068cd0210754c57e

    SHA512

    d37e70c74f78504b6bee436459ff0d18ff80394d5745b16ddd88e5ae7ea8003669c1fa19487db5c6610418e5a49ed14b86e876602a04f62c67f1a33be7c7cf67

  • /data/data/com.nabat/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    139f21bc78d272ba5eb6b8de619f51c9

    SHA1

    d745f683db992afdf006f546fb05be43b6b670b2

    SHA256

    3a23d4c49a4890cbb6c76bfde9ee12b2b775b8d3e4b00485715b3366264a39c2

    SHA512

    49e33e9ae54ab9e9abe35f157cd71067c5cf147ada41c63a3b63781adbf91c5f2fb5bbabc86290e07276256d6291141d064932a665d07bc636d274027727d6ce

  • /data/data/com.nabat/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    297eccd596626a65bb8cd50455fe683c

    SHA1

    edea217d8fdc3dc475ea7c65dc7877ebae165c3d

    SHA256

    bba08ceb7fdb356eeae49506d6cfec53810b0e508736928db6f1c0751a4e6260

    SHA512

    afe02654adf37743af94591e5c8d51f80d3cef637b295cf4a9f42120a09444bb9dc6fe3b793f161112d17fc2ccbcc580149fbd88b99743d011c4e6dbd70c3f23

  • /data/data/com.nabat/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    7e9e1980f0d9efd77e7874687a43d989

    SHA1

    bf66eaa74f45401354bacdf9cb57bfafe48e06c1

    SHA256

    569f8cfc4d2960e247f58ed26094c40def68a80fdb7449eb090d487d6f500211

    SHA512

    0c1c11e36561ef9668479267ad3cdc1d7cc17cd2739e1993d0ccfbd8ae6fb2ca8ae9815c255aa66bc4b135b769dd99836e2a1e95a3e2489d845a51286e81ab84

  • /data/data/com.nabat/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    651d2923852e8e7013fa36984895f5cb

    SHA1

    3a6000a19925b7957efc23c90397f38a92c85f02

    SHA256

    5159ed26f80327fdde89a82a6f6be6b1c870c8a4576a1cabb58fb13468c02ed7

    SHA512

    0ae72f0676961cdef8d27a3549efa02dc0678adc6406c80141ee0ab418c173dd431a12c73ee22b5db08fb3a1f3328da35ad9cf2856c9b8e5e9af2b34159193f6

  • /data/data/com.nabat/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    b2013a814048a6036ea731873ef96f5f

    SHA1

    6708e578eb4ee83809a08a3b312d932b58f3f1d5

    SHA256

    0d6de1cc080a8848a17507c0f490fc218a6b05d18bbb971217b4a2968c8bca94

    SHA512

    d457486ac858164ad9e231b8c36d6d391561b069caf4e81d2ca1dcad3c904a652ed8ca692567f23c341176f63579506cd3aa08f239cbf76c947ef5867de85bb7

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B12501D6-0001-1162-3A3841866131BeginSession.cls_temp

    Filesize

    77B

    MD5

    bc8ba9578bb99ffc9f63ab64382e0b2d

    SHA1

    22b4b28899d9c8527d0b2aa8df3965364255e55b

    SHA256

    5f8f6b5b9cb7f66b61d1f8df2b240dbe2a18b752ea85bc9117f4944326b2bdd6

    SHA512

    98692bae3812106b9f556abfdce2902311588fbb2cf8e09f52f6398382d81c11d9c7627b8114a7966b5c5cb24ae5faae49b0b6fb938f15ac5106f78bd425223d

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B12501D6-0001-1162-3A3841866131BeginSession.json

    Filesize

    132B

    MD5

    097a8b16992e850f59961f80eb293a12

    SHA1

    7870ffdb7f3d38525a057b9eb9ea6bb785012778

    SHA256

    f0c3accdefb244d2805d659ee9af4e3a0c5e85bf5b3544a8f089d2e7c6000f10

    SHA512

    0fa69096c08d6597c274f1e8b3a8cddf40b2858485b42288363d98ea058409cee621c175af99f3dda92e325206c5a26e0ce850021dd2a819faeb314e119fdf81

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B12501D6-0001-1162-3A3841866131SessionApp.cls_temp

    Filesize

    101B

    MD5

    128e1e7979b38407f5929bb40d68714e

    SHA1

    6414579f7d5f755785618974e8e037c05311096a

    SHA256

    aa25955e883a03b803d1ed0626f7c96ac0b5076fece2680d77583afcfb09141e

    SHA512

    c957b118461bfd742d551239a71f90431c5f81b5833be7bb782730ac2c3406c85ec8a77356383fb46a051e26bf6eb216d0c0557d5d090f1dcccdffc3e6f3c5cb

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B12501D6-0001-1162-3A3841866131SessionApp.json

    Filesize

    215B

    MD5

    7ba25f5410326512d45413b3acc52b6e

    SHA1

    db79d870f78229e6cbb553052f0c819784a36b59

    SHA256

    b66100a8475ef5c4844f320a544a32d6de9e1b6a262ad246efe85b184de1fce0

    SHA512

    ee8a978582c6b178e8a7818ba2e6c9cb0a7ac92b8bba03243c015f089f57fc835ec7514936c1a7656b4d24911c4f8c8da69e6e2ab906af7f0b0d66a4b50f612d

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B12501D6-0001-1162-3A3841866131SessionDevice.cls_temp

    Filesize

    48B

    MD5

    fd6372364a5c5c9cf8945ac3ea7a5d94

    SHA1

    3c798cab71f6ae7a81e71e58712368231230588a

    SHA256

    7400bf714ca32b64dd89440c9d5ace4e0115ddce44d169839e465df0e1638641

    SHA512

    a18b18d061dfd979bce1e0b769009668c322300e7174f51d2532e86dc6018769194507a106dd30b97317f8c1a7539d13a7baeab2900c1e00da7c74e899dab276

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B12501D6-0001-1162-3A3841866131SessionDevice.json

    Filesize

    202B

    MD5

    eeeb942571fa704cf8ae49731fbe9789

    SHA1

    b5989c4cb932ffc779ee25bb3f7bfb79cf720427

    SHA256

    78809f7ae96de01e3922b6d3a134c3f7e9a0cbdacef313f70e8d9345bf5fbd71

    SHA512

    71e55c16f9f8fc936f8607448916bbfa1ba233b7120b8676fe11552916ac4dd3e3a7b0f9c31e14048933c8bb9c9d6d630ab7d28389f31749640cc965b2636565

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B12501D6-0001-1162-3A3841866131SessionOS.cls_temp

    Filesize

    15B

    MD5

    b3d9541cc92a9153d14e5160f8d8c008

    SHA1

    2e1ac80eb381dd82a03795b682f92020348c0113

    SHA256

    1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

    SHA512

    78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66E0B12501D6-0001-1162-3A3841866131SessionOS.json

    Filesize

    55B

    MD5

    fc1dcee4e422d77e7fab7c08c8a41344

    SHA1

    d5340127e9d5f735b9d33b9dc61c772fb0e2dc15

    SHA256

    b843f05ed78cd137c272ba7f0ce8ede3aa853098a856863e51d5c223b58f21c7

    SHA512

    3ec07617e3e1008572f6f2528de9d4b827050cc5a7cf19a1604c961f9ec370ede6f5fd83bfcc252c0ee286fe244ee6734046ef1aa638dcfc689cd4407a6a8f61

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

    Filesize

    391B

    MD5

    a9ba5be4cee30e5bf7fbd647625ad5a1

    SHA1

    3ec0cd092494752b8142cee0c50fbc5337bf902f

    SHA256

    765c9bc361043f8ebeabb8d82337e2f2f9ea6980a7a48009f705ae6306b4e015

    SHA512

    102113dc324c1ff3ecdc8af3342fae6cccd665af190e9b572d77a5cf5dc969f6efa3e10a6d52e81455067dd1c0fe7d6b5811fd061e53ad29f0ef9fd3551e56e4

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

    Filesize

    759B

    MD5

    c4655096af9888bd626e29abe1346737

    SHA1

    e54f79bde6cd5bb304be2ec3c0e95ab11dc26bb2

    SHA256

    f1e2676502188b434a641c7485027679849143c2c2d4ebb18765c15344aefa72

    SHA512

    9c79d6561dd15611765ee39d5a004d2805ce6132ea80aa2b3cd9367d907a73056a178f77cbe1e42c165d7e29c977a707be7d609867964599ebb26050f7942171

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

  • /data/data/com.nabat/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_ab6481ef-49f3-4349-b23d-0944e531bc75_1726001447914.tap

    Filesize

    321B

    MD5

    8a408614ec3841b6127b11bf506ba0af

    SHA1

    0981c36c902d9c37d6fa7ab1a85d2026ddbfa7e3

    SHA256

    90ef30dd854a57ee069a01944049422500f6bf358fa426f8de1977caee9f2696

    SHA512

    7e3199da5e61b57ade196109c585d0c50cecaed66c93072f09ca5925a9f0a1a7fc9d0cfd5af8e7612e93702044db68f624c967066041ec50186fa7cf4ab023e0

  • /data/data/com.nabat/files/PersistedInstallation8219998042112335746tmp

    Filesize

    562B

    MD5

    be1b0dc5206e2d9c4c45dd510e88cb12

    SHA1

    500d33d6c9f421212b4d76eefe8bab4fda575c19

    SHA256

    4dacc1f1cf29071d0a89bce0f959f3a9bd4ac6d59a84bb1873a8973e7b3bef3b

    SHA512

    2b9fcd18946b0025b174b4e3d02ea49e0252ba2b843c829059d45e363f78f6c1ccd7089637ffec98e6204f7bbcc23ff56f8c1f5221fa02d3582a7a05e028f13f

  • /data/data/com.nabat/files/PersistedInstallation8637285368799370251tmp

    Filesize

    90B

    MD5

    74586316e8213d91f383acecbe42d73b

    SHA1

    a20c55ed6c0715feb6a9c8d5f7f315455243ff03

    SHA256

    839ba61dfa0c4d77b69af66112ce42b4cd8097411163616bce3f2d66f725fe7d

    SHA512

    e2c7ee666da576f7d04c5620471a92d909b7167a42fdd5998fd375f415e06d9c25b8557656b2abdafe019d22f53e985ce93e4be754a91ebcf633360ad4b91b95

  • /data/data/com.nabat/files/devicetoken.txt

    Filesize

    163B

    MD5

    c59834367949f1ab96579070da0487c7

    SHA1

    43a95e45ea751d62ca30f80ca0b21fdf8668854a

    SHA256

    32161e01366b8e90ebac63f979b28de754d85095f20f7a519cba3cb4f574a614

    SHA512

    ed6761935c0bf927bafbc05ed7a52489d347fa2f44829400c03ad8d225041c648c9e951ac8199855cc42d7a852d6379899c13a3402608a6616073de6502fac51

  • /data/data/com.nabat/files/starter.txt

    Filesize

    4B

    MD5

    b326b5062b2f0e69046810717534cb09

    SHA1

    5ffe533b830f08a0326348a9160afafc8ada44db

    SHA256

    b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

    SHA512

    9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de