4e6dcfd43f37fde88b39f1f97c5079fcdce94cc75a5612f389454fb5fdd9868a

Analysis

max time kernel
141s
max time network
149s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
12-09-2024 07:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.8MB
MD5

312f62cb1d160b5fa58c811a0cc1d99b
SHA1

5aa873bad2b9be6b350db47e67ef5dbf3379dd49
SHA256

4e6dcfd43f37fde88b39f1f97c5079fcdce94cc75a5612f389454fb5fdd9868a
SHA512

f4f4c3f1c6c509f734e5588c519cd9ce680acadc62d90038431a06106158759ca9d1be1a7606654ac54e6c11f2643ede468a223b83bf7ebfe9fe80d7336003f8
SSDEEP

49152:vKu2GSlhq+gpveu9LJOwtQMCY9Guk/Bkoa3lNf0viCsjRCOQEbTbbDj:SGSl0veuDCMk/GoajySjRCyLj

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	x.akuma.x

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	x.akuma.x

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	x.akuma.x

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	x.akuma.x

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	x.akuma.x

x.akuma.x
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4250

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/x.akuma.x/databases/google_app_measurement_local.db

Filesize
16KB

MD5
472ff398f35688417e6ae30e3296e647

SHA1
5c5fac9a63fe8786d7c8d971dcddad54e46c084e

SHA256
ae78104a18f755b70d2c0b442484fa68dbb6237376931a10e49d79f63aaf573f

SHA512
8498c299fd45bd21990619904329c840a914e521b1f145574cb1347702aa7c5ac8d29880024d63f3118d854fc012b96c28ae6308f07398e681707d0d12e8e8ab

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ec1b551887c89a1d47c3028d8a3c9112

SHA1
f53a51741d63c988ad9d78b98cf898b8f2a60cd6

SHA256
a69007fbd2b88fbac643c466e8b013b621fd9fa53040c097b8b5317d7381257e

SHA512
ab91b1a01a8e68623d04966d6ce75838e0318e973074fcd8f42c2cdb560449f6ac0d41d59028d472ef1c2d18fb95a7785ebfc17f099b06addb0f0a024ced606a

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c2adaf25de92cca1fdb76aaebf4a8e13

SHA1
db3d4041f5a559cf1cb10a8354a1e3ceb1d82356

SHA256
364f76f390133be278e9a77a0af50b909d680549218344f2c6f7f636a1ea5c34

SHA512
7d9ae174aa9be938c3b6997aaec486b4d31631fce632b5e0c90ade933ad6d5f4e8179861fef4453077a6ddaa4856c382f6911cc9cc0f77d23ddee9e98dd2907c

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a7cefbf2adec819a8353e605d869937f

SHA1
8edf55923ac1a725f254a4dd498b081ed8bc62b9

SHA256
2f01b44308ce1dd0b08158a0bd905579c042b6d5116dec93cd6d4ff9a76691ab

SHA512
802fedcaf09485e5380aee47215bd2c9ee31b4ac4135ad423fbc43885a69397ba7da1a3e196e6853ead104d27c034cbb6f86d54d20c21a3483d0a4705ed0caea

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
f5a450772feb3886168c688476985e0d

SHA1
f592f0a78d137f95bbf8625a8d839cf11f56d1e4

SHA256
142ad6908e5afbc4ee58db33521d866a65b4f06fe951a95636a6d090a8be4557

SHA512
8930e2c2da7b4869e9e9e07c788d78e839fad6df411ec3b9b504ff582aba811eb05177d7b676227927cadd26805e70ecf799dcbe57e3d0ad9906991c9713b364

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
dec008b1b82a0e8fd0d3bdf34d3893ff

SHA1
8e64097197470004978a6cee6107bdf5d2d2e54f

SHA256
9a03e65af06846dc6f6e88a9b2a7a2b940fbede721f5016133b711a9ac7727a8

SHA512
eeccbe5a160e65574e20455ba04195c0b0bcce6d81c1e4124987b7f22b153ed304d15fc593e90b15a16e7f8df4c6395399827e0a95176016af8fa01b91795b2a

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4090f4b09fa7fd087408b75d510f6f20

SHA1
fdc1b427bf556ef177fc800fd1e9cdca6b4db66c

SHA256
a35bbd766bb7c6c781c60765fc3df3d28b593e2502078c3180bca5f6dadda626

SHA512
c94b048aad5146b72fd705de064dabc656b500bd31081e1a3a34918b3ec9fa65b6974602a4d6a064e11238e09b7297eaff632bbd4b3b0cc4460c0debecde92b6

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
9717b517771f5b5a615d31e3c49f165c

SHA1
59cee50a8154907750b33e4cca4b7b859e14117a

SHA256
f76cf06ebb13ddd4f46a002cefa03270ddd2ec31a6cc897ec2805f7f6a18acf2

SHA512
96769efb38cce2f259f0c91ea0a82094746122a262f143a46c6d0cc3579255ab8f5a5ce14b3a94686f2c14f2bf13ed22d07d9531775cbf897753ad9ccf3d238d

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
26db49bfd27edac7c5edf5f3a7e462b2

SHA1
a525f3b9d4760d9359fdac834b70212a9b50d6d2

SHA256
a494b5c2eb42ba32247986b76938af97a8d3a6ece44bdddeefedda1cbbfeef18

SHA512
3b32eeb06391fd54587ab0e94cb8933487eac7bc1adcce8453b47f462d4909f2238ae8829e00de1ece5ad3cf2ba70f4a48a2cf4e73e98a869f398e39294ab3d3

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
de52e7ce8de861a3328ef5234beff7c6

SHA1
e4259dfc1d407912a57bab58b553ddee65592c58

SHA256
eef2a8fe8c82d3e7a67194f5f15df40403d4a04dcc417bb3123fea419a03143d

SHA512
13d2b4b0ad718db2f2d65366f190fdc0ad4a234159d60a4a71b5ddfed5eeddbef045abcf72288fd531579a791841c4d0943d93eadfa5a06c5b154ec88ae7dd09

Download Submit
/data/data/x.akuma.x/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
3c527d5b8fac0e1dd85606decc2adc98

SHA1
b77c94b726b40e2fa6abf2eea96878d6d9520bfd

SHA256
7c9835ca95c0620b4940109989be5453f296ad4b3f14710a8bdfeb29bd04371c

SHA512
2568d8324b59334008e92a46b1607f87b229f42a033383cc7f5fc68fcbb0376625a57112717539efce37ba147b0f443486be59bd42ff433e0a35d7f45631268f

Download Submit
/data/data/x.akuma.x/files/PersistedInstallation7090916226758690010tmp

Filesize
568B

MD5
2b7a4977f45a8881dcf9df4b349506e7

SHA1
d868b634ecfb4c4e248a4e951a25402792f35644

SHA256
5c9b88597aab8ac17cca3e044d8aa6b93a3ae6003fe4883c8106c910ad09aaa3

SHA512
50f214989ae8628833d886e4d0e1ff445b39d806bf9c009b098269c0c10cdef5b9cbdb5e856ba03cfec50610daf5fddfc333b714d3ef67e216a79ede220cb2ac

Download Submit
/data/data/x.akuma.x/files/PersistedInstallation7588963561025904174tmp

Filesize
90B

MD5
b82b77589534605a1f9b9a9321416260

SHA1
b2b7c299635589fce3c77992e0faf1c19b9e46c1

SHA256
96b73c917e26d1d604862520d314b259970ce957e14a1b6adc71e651ba5cc6eb

SHA512
a179dbb450a71b72eddd8d89f2c95dd219689ef7b9c7528795eeeaa4632e54c0c8d00d024a049734cb54aaf6db82c560aec72a3e60216f37f9315cd1ff705a24

Download Submit