df21b141bc179b05333ade542520eacbc4d901c8299764d8a3d4680bed1707ef

Analysis

max time kernel
138s
max time network
151s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
12-09-2024 05:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

FiveNightsAtFreddys2.apk
Size

29.9MB
MD5

d221ed79de677791cbce46503254e864
SHA1

a0e603ee7649bba70b8dba0044e26b23ef7540a6
SHA256

df21b141bc179b05333ade542520eacbc4d901c8299764d8a3d4680bed1707ef
SHA512

025e1e718f12ed759e744c338412af92a9c58617374f0deddc00f6925416f5683dae3506be853237e0d3879a5c851f88937287bd76bf5b587f2af84816f4e089
SSDEEP

786432:fIpjX6QKFJ375OZdq/Ymdfe+6MkmhCepPHkjq2kLb/:0jX6LJ375OvzmF6M9hRhHh2Kb/

Score

8^/10

discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.elite.obey

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.elite.obey

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.elite.obey

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.elite.obey

com.elite.obey
1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4208
- /system/bin/getprop debug.mapview.logs
  2⤵
  PID:4269
- /system/bin/getprop debug.mapview.renderer
  2⤵
  PID:4317
- /system/bin/getprop debug.mapview.gmmserver
  2⤵
  PID:4341
- /system/bin/getprop debug.mapview.renderer.label
  2⤵
  PID:4363

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.elite.obey/files/DATA_disk_creation_time_its

Filesize
8B

MD5
6c18afcede9571a08f9f09ad90cc0a87

SHA1
96b87d1e1871097b7f3da3a9c56aafc7a035599e

SHA256
2af41c815fb5d758aebb6d672cbc7e608d009a14ede7eae0dd856fd539dcfbee

SHA512
9b52ce638963286a24576a648614dcde8ba83bab101753689f8604b1ff113eb3ae6dbca6a679fac1645f8a6472a68e21d67ce04d92016ecf6a34ffe7953a7b7b

Download Submit
/data/data/com.elite.obey/files/DATA_disk_creation_time_its

Filesize
8B

MD5
c50573c7a2e65291e9722ca8d6202e05

SHA1
3522c3057121dd3e26d4b142737461b36d5c8a27

SHA256
796c3faf5ca540fcf8d0e8389e01e94e8a83924a93b860f229d1876cd435a0f7

SHA512
15b06b469e6e6c5879efaf3ca25267006d454a8efa7942f614318727d63393128cc77387370b2939dca1a30bcd38416658a99ec94a1f2398677bd205fc27317d

Download Submit
/data/data/com.elite.obey/files/DATA_disk_creation_time_its_ter

Filesize
8B

MD5
37cf83a562008663b4dfd8781d93a66b

SHA1
5323f421c8274789edd7e19f3d7c50defed41929

SHA256
13babad2ccfa7db95a3d08dce6c658967936677f60ab107ad091fbfe4cf674ab

SHA512
19409cbb50b5003cd734d8102a2d887f0eed3ffbed4e9d303516c416ad8240455cf08bc281f5dd3effd34324aad1ab39c7be4cb9e3cbbc456e58a0ec768891b4

Download Submit
/data/data/com.elite.obey/files/DATA_disk_creation_time_its_ter

Filesize
8B

MD5
3cc0d264b50f3efae1acc52c6a717cb9

SHA1
88b41979bbf62e06ce4010c2d463672ccc0bf94e

SHA256
6d750862257bac2f3f92a45faf49e24240169dc4e6034d031a3402fd62061bea

SHA512
0604ac9714c93d071dd5020a5ff4da1d17547edea7fd85dba86d76c981f8e1b1ed9cfc3e5264d7983d555eccd0f22e64ca5cb6008236436f0e16092c42452331

Download Submit
/data/data/com.elite.obey/files/DATA_disk_creation_time_vts_com.elite.obey_default

Filesize
8B

MD5
c21c880f2665545e1951b391431e1b43

SHA1
bd2e0638fde7d52a4ba5a6a1660e0bafc0d01a8f

SHA256
7dfd33b8f9c5bf4327aeabc93a9f47c61dd28e15e4d59aff3192aeb960aa207d

SHA512
e0c37174e6a7a9e340334292d5e4144f77dae932081bad1e754b85db9cf7511c09b5f8bfadb850a1d84d03fd436cb496869b172a306f670b0e2a50ac9a9f8682

Download Submit
/data/data/com.elite.obey/files/DATA_disk_creation_time_vts_com.elite.obey_default

Filesize
8B

MD5
4c8c593b2661c8b82642312109576894

SHA1
43511546ebc18dca614ee8a0d56c0c597fee573c

SHA256
aa3f7f8b7a3175b95616684cb93ab54759a86c1b24d2d277eb341434db054148

SHA512
4203e4b76e4276f2ac2de45edb1fef651e5ea5177ee624e5d99652ce02eb91dcf68d8ea3aae256d0373430b11ad5ba7f28ee8aa763210d6ec640c0377a103d32

Download Submit
/data/data/com.elite.obey/files/DATA_disk_creation_time_vts_inaka_com.elite.obey_default

Filesize
8B

MD5
42f9894d68ffca1aa8535c9e4028f6d8

SHA1
19d1e04fc9b9431dfeb8be2698af1f36216bf85a

SHA256
0840fdc9ad81605bcbec9596b7f4a0fa817571bdf4da5832dfda4259943a07f8

SHA512
537fb1f9c0cdfdeee47e7f98a08c3af0aa1ee201a3141688205aecafffc92c6a40227c6ee42f55d24054ba35a2632b3c1510bc1b48ed5e73c49c42708f3a341b

Download Submit
/data/data/com.elite.obey/files/DATA_disk_creation_time_vts_inaka_com.elite.obey_default

Filesize
8B

MD5
5775279a3695496e8b43262db5607750

SHA1
b6c1cb70dfee8846ebd16ca86da0a97a07101b35

SHA256
8fe0913f86ab59925b4f369ec0fca658cdc2f98cdf3af354c5661905072ddf5a

SHA512
5964285f5e40c2103ea129fa259b75b5b4d459c6420b625e85aaaa430585261f2e73a02526f39c536a60c5b77cc5f724d79cee5f5cd506ba07b513fa0daadb8f

Download Submit
/data/data/com.elite.obey/files/DATA_disk_creation_time_vts_labl_com.elite.obey_default

Filesize
8B

MD5
05e3fa8037403de332c4df6474ab484f

SHA1
19c39420fe90eb9b439a16854a9962d5370b8af8

SHA256
3097d7ebbbcf24622b3012acdad55bb2c079b795b695ebd4631f60b4e30d47ec

SHA512
d22bcc9f6f602537a72407d4f25e649bcd8b2a331c2b0ecd8a26adacf550b69984552f16c8b7661aa49b4a7af7cbc23892548672ea70bd9c8f7af4ec2bf453d5

Download Submit
/data/data/com.elite.obey/files/DATA_disk_creation_time_vts_labl_com.elite.obey_default

Filesize
8B

MD5
143b078ebb43626d6182757e258af2d4

SHA1
660dde6f973d95f615a1f26bd4a32e251022d718

SHA256
6cb149456acc9aaa08ad7721d69a1b5c7c0eb9e460457f004deaf126f041ceb9

SHA512
9a03dd66406f2f3116f0c14b3b00cf449a0c050e6b4f5fbe01c3f7a01337d40ed4ce1bae776faf30beaa50b3f71c34a3ab25ea23a6826863c47017c84e2c5cce

Download Submit
/data/data/com.elite.obey/files/DATA_disk_creation_time_vts_no_pois_com.elite.obey_default

Filesize
8B

MD5
f2ee657c185b1a07e150edc40003c817

SHA1
a1cc420fb7434f3a770741ae9bb2cd4b5fac6f8c

SHA256
a31e40ad65525109448810b7ac39a2225838f3ce9681c61b998181afc0b8f382

SHA512
59ae42de9e58cde20f2b1293b2900c90388bd8aeff315ff8cf168c3204fba0ca93690c4f11aa5ca0edaf599fcdfc2105b97365dcb1e2ee016dc1c7aaa9bd1a22

Download Submit
/data/data/com.elite.obey/files/DATA_disk_creation_time_vts_no_pois_com.elite.obey_default

Filesize
8B

MD5
e321d5bc4a4963b876029445872ea44e

SHA1
dad618a2b71e89d7568a9fb0a3a2b22d8fe9c4e9

SHA256
c5782dc3b5511431e729ae334a20a817e00f8c81c6781d8c1cfc280834f78a16

SHA512
0d79c30ea23c8ad2a94f301ed861429569bed4e21b0ec769c08496e1dfce03fb86e0df2a290eb6adf8a03bce5777f63d28d0ac71752212e9c1c11040dc106860

Download Submit
/data/data/com.elite.obey/files/com.google.android.gms.maps._m_u

Filesize
4B

MD5
c9f17e0904973e18d885fceaf9d08c37

SHA1
e85b3d9d46537350c400081c45510c62d705b862

SHA256
e300f9826b86d940f2907962161c378e3862ec6b3495d3cdcf79b37ef7975be7

SHA512
d0ec89895544310c2e176550d4c5cedb611a359116580895e658870c226aea947413ac97655a34515429fc716bf83c0e456935f2b1f24c0bfc43c23e0d05f1ed

Download Submit
/data/data/com.elite.obey/files/mmf-res-2131361792

Filesize
14.9MB

MD5
efc643109a41a6b0ea8d80037e98c997

SHA1
8a61830baec02d7e7f61cf611ce8f52fe5050e6d

SHA256
deb7305a950a07fda13a4e35f40ae4d01a9fb99113a178d4a3156407f096cc34

SHA512
22e3c7d1b8538174415310f04fc3273f516c93bcb171b9d9afdb85a0a19eb0d80e4d45ae0ddd6791162e78f31f5d24523ebd59ccbfa7c344127e9277bb66e919

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_bd.m

Filesize
26KB

MD5
daa75389b5195ce71aa7c23c20ce6993

SHA1
6d73699e62eb414e33cfdb5dba423b02cce90e1f

SHA256
216658f3862c9185114c13ab5f6a87f3e48bac3eca3656266d8986f61b66b149

SHA512
7bfb5833df47aca4a115e415acafc0f0972351dda92538025acff243b6699ccb102e1a5a3e121d596df520b8d5673dcf0a6b6d8a6f0f2faadd6d65ee2c37d235

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_bd.m

Filesize
26KB

MD5
2a65281326f630aa96a439de7aadc683

SHA1
0daa99f99ca203f42ed26eb61d8f4ca602562de7

SHA256
fb722ff45d25ee44f234c3cd15b6b5edd7d5bf5e180836e5fc05020210d26eb2

SHA512
03330f2f69cf45574e64ff5309a3a1315d09f9665b95097b63d41de3a04b9c94109640909606078e56c4125ddfde50f2516a4708056143d2edc4de3fe2293c7b

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_its.m

Filesize
22KB

MD5
510dec297061b22b54ed21c0f6a73a33

SHA1
eb10e7cd156fd53d834c8918b9890e882c987007

SHA256
609a7f4419c2708891f2a0e0ebf5837a78241161a23dbe87cad04fa15492bd9e

SHA512
48cf5938ab07486167129b4b3bf490d6406a1a9cfe338ffce324adb148a924250fae907b9f840705d6b5ac9c7d71b0ae9c3e6afe7f59229d68a895bb03897cec

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_its.m

Filesize
22KB

MD5
23382306fda745691a79468267a0ce72

SHA1
9382a0bdc9d893a4d0b1bc427e0ee64df6ee128b

SHA256
eb4e7cf91bd141ca8117488765ce0db34ae3e83349ff41259697ba7a9700dcba

SHA512
4a77404cdb727f124b8603249aba81217390baf9e02aa9dd64a1a9e90ea540c1a6e2a585226dfabc77f8e1767647218b095ff2cd8b024dd0a05840a328e3969f

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_its_ter.m

Filesize
22KB

MD5
0185b1170f230f491e27ded038e3af9f

SHA1
466ba2e263e7f52b8d7b6dfc122e594c709624cf

SHA256
1ab140cbececd548d37f5210cd1e310ef58ed7695766c5772c7721f6a08f9d58

SHA512
7637c84a99eaca1fa66ea8dc51b398c4a84277a53e0a5d6bef4a94e98a5a98fd11426db5bb7b8ae516a38c1af84b9f5dc394152acf16f919b5cbfb29c98e207f

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_its_ter.m

Filesize
22KB

MD5
bd0c6290e19e5d68bb3143cc2d52ecaf

SHA1
260b4d3deaba08b9f08a4733f06f97e00c45b2ad

SHA256
353603bb5a431d903e88b389dee29d5ede2a332d4d2fc2d3aaedf420a5d5d44e

SHA512
aaf6a0ca1c51d939116f321b1cd7e75cd665a2864cffcc07b415b9be3d867159ada44e1b0a19db37937353d37625115219f1cc1dbda6ce918d907bd558a6840b

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_r.m

Filesize
20KB

MD5
600fff7cba9a545b93d966a16e8ac1f8

SHA1
305f3a54c7e83d69782e19d6d308f24aac3296dc

SHA256
5996e2dd57dd712a0e3f61b5b665900f8787e7f4314bb8fcb15b0177cc85eebc

SHA512
b054c8af4206e30d696a2e4618960361b12b38d5975b150724bcd9b8d88fefef650fd50192fc382357df68ae14773f63df9f01cf10baf5e4ece7036124dad867

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_vts_com.elite.obey_default.m

Filesize
27KB

MD5
994617bebc8cf928c5c653453f1e7094

SHA1
b92c262ce3624a1c6a57a1853cddb32e354516c7

SHA256
35de60070a80987e68a43e18b9f2c1edcfb607c1d51f639545e969ae110e3b66

SHA512
400fb37fa0b10c85a5b54796e05f3a45819e86e87dc14eba23c221b04e70572fe5b2d46c7936f26d3e8b0a5371fbc1f7aab79e442f044634158d980d9623b1dc

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_vts_com.elite.obey_default.m

Filesize
27KB

MD5
c0a3ae4b4031e1f5b764bafdc7e992ca

SHA1
10e882c219a0679e2aafbe6a483f53de38d2f278

SHA256
69de15aeec4886aaf279070f8b2c51992fa7d33dc5f819caf5e4e23a1adb727c

SHA512
2850cfa8f5ab22003681b72cd82f38685c92eac6f4adb243e65f2641520d334d7fbc7bc71fea73679708a474fdb405206a687dd57c2a2d69c7f1a0648a737d53

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_vts_inaka_com.elite.obey_default.m

Filesize
27KB

MD5
679f23e51707ffe94816491665699b6f

SHA1
90bc8fefb20347e98b5e5b441e1314b3ff3a1352

SHA256
702eb905b6dc30227bbec6f5ec8f7d20d673d2b3d9b4a2d06ed3e88a8dca4dbd

SHA512
fbdf97413f5afc004ceb15c690098d513792c589427c5b04dd1c38f0be95d55653e13d3d0b8a7fb486b2da8f6ad15e0de45f9f63ae0324a5a596290f08d3eb90

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_vts_inaka_com.elite.obey_default.m

Filesize
27KB

MD5
a8e13b4460a539af6d5ca0c04a8406aa

SHA1
2a8cc200dbfde3f33f3dd77f05b1b957a9425728

SHA256
39710f9fe5bef629ebea743a57afb3d22ede4976945e10c25212892716f83fde

SHA512
3e9551a4c4827be45fa4f1f08dab1e3f3eaf3f2e89b1fb4818605462d336647a344d4ff981857bf3aa02dab739e4a89a3ac2a00287e04add1c51017602cef1b9

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_vts_labl_com.elite.obey_default.m

Filesize
27KB

MD5
d863b5b28be62fc239aa6b97e16c7e2b

SHA1
d812a0001addb073de48bd3fb86cdd80cb568867

SHA256
f2cfadb7786da50879024564e1992471e388361ffd265682d44a412ced3ef080

SHA512
f38f8bbdde9a93fc5adfb4b383354245173ef66f55f7c9ef7bb5f21f98381cd39c4817a8e873648acf3ffda4f18898ec268101a9888d6047f512a22f8227b382

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_vts_labl_com.elite.obey_default.m

Filesize
27KB

MD5
1f58e672b39fe1999f993eef5b31bf06

SHA1
be98e55e300d3386b08b4d143f8de894cb0ba14a

SHA256
a7d36bcdd3aff370b6c9ccaa049a63f2b2a102b26fdfe1d33c2bc17c386ceca7

SHA512
0bc83e44143d342d95bcbd8aed3659a9f8b4174894c6bf13e6f84041748244d3da7af501edd4f4606e8644818324ea5998deda205f7f4cdd9fc86f3b4a2ab0b2

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_vts_no_pois_com.elite.obey_default.m

Filesize
27KB

MD5
f36ce413f8105bf2b1c065f56877ff27

SHA1
98c0f87c9cf6915d8e93ef2a936fd39afdc24846

SHA256
1ecbeee81b7659accecb0800278c550dd4d5d9a756f5f93954fb014d3db77690

SHA512
2878fc85c2e980b08de9f682e7d6316deb46988a15f95e0fc831cdda5cf4746830070193e16dbe0adefa0208be443e2e5aac4f19bcc81cb2d16e99251de4dbff

Download Submit
/storage/emulated/0/Android/data/com.elite.obey/cache/cache_vts_no_pois_com.elite.obey_default.m

Filesize
27KB

MD5
db551bc2f90f28492aaab8d64548bec8

SHA1
a2cdc6f3cff1553e788610def17a1117dbfb9b1b

SHA256
df59ad47edc4c77d0e6144505399745a86d2b6867d2c3a838ae294fed91eb155

SHA512
dab580d8bfc039afba0d7e298f1de54b426e93c9bc9d6b8e06c885e8256b8e8c2fbb285f402669a6a9bb1b2400097a588cc9fb3077ff29908b2bc5c902c4be0f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads