ec2654fcdaa602671c65fcd7df97643ddc73732e6291b08c5d2db03f667d6a9e

Analysis

max time kernel
47s
max time network
37s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
13/09/2024, 14:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e640eb702de37deb80c0a763eb67dea6.apk
Size

254KB
MD5

e640eb702de37deb80c0a763eb67dea6
SHA1

3e58d4ecce983b4489d5f2f73fbb536283f707f6
SHA256

ec2654fcdaa602671c65fcd7df97643ddc73732e6291b08c5d2db03f667d6a9e
SHA512

a9fd31a8b39c845f8ffba5c882f626ac805df3675f75c9a03dfce498b9c07e695858eea75c096d5d2c838ec1fa2219d5fc43d786028bfc35ae3c23e171f04f6c
SSDEEP

6144:Hyr+4R4H6/f5QEgmz0GxRYuQUt9jsJ1zgbyN4V9itG:SFRuqf5/gmzRzMAQzgbU46G

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	net.droidjack.server

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.droidjack.server

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.droidjack.server

net.droidjack.server
1⤵
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4253

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
f553d76d0e3fd64242b0834f349ef2fe

SHA1
26ebf0fbe2ee1bc0e6ee3b3f3381a2bf4b90144d

SHA256
2e41ce5542acec52b8e568ffb9bbce1dbc00ef5c3d2acddf2a316072fca59985

SHA512
af168732def9efd1c5323cb8b8fb869ef90f5718bced01f04c9bf86d581f06880d5ffb4d89c26092f3c250aeb81ac3dc6c60a445e6bbc7215160da2d30088f58

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
0d41e0b5617c42f8e693f51dc7970bde

SHA1
52bf2b951600d333456620865b67c8c13e6b28bf

SHA256
f52f10dba92a2edac4c8363ca5c296cb41df47557bd325989b773ad5f3a8b29e

SHA512
fc4ee04db8449c3f4f304d52716163cf378cca18bddd9555dcec0aecca44befe38f01eac353c635fa522186f1d4efaf73070ea9602552db856ab3a5552106332

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
f46039eed4484cbdce3124b483293f94

SHA1
603fd6b025cc75c9286b07599543d1902e5a0c90

SHA256
1563ff8533afa3d38598e2c094ac3d53d513a23fe1df99089c2aaff06fe7b2f4

SHA512
3e564bf1194210ba47c562212b15b6b402801dba0dcdbc2e565a1da3a93affec2f43870eb4e70dd9ace1b4564775fb635e9a2f694e9a09c82421f0dadfe2425d

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
512B

MD5
3de3d85a9d3758f63c6a9bc53e3181e7

SHA1
b24defcae0d11424e5fa1715febb40c7ff9fc84b

SHA256
62c03b1662ef39afe7675409bc79b3beaa758e4e96ba9db3ddde92ed849c5f54

SHA512
a4d9a891c0a7c41033955940074427dae805dfc9bbfc8a632feac8ef7ce7c12192c5d21359f9241cee10587ebf38a1114e0e038ecf8d02e49ace39e0de29cd3f

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-wal

Filesize
28KB

MD5
4f7f73dc48961867b7ef9c716624ee96

SHA1
dd7e2835e0fb015dec89bff196b7d9d3dda1621b

SHA256
bb34f14361091d0b24d2725bf2dfedc0fb9dfdfded17fa6a0f65d9c21b7096ec

SHA512
df8389985b2958d546968c570ec4d767a65cb588dc629e09688a5d502115959716f796105d50486b513f3d6fe7a95007142d094558cc8b3963710b799d1d90c6

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-wal

Filesize
4KB

MD5
40e54e5405dc055c3f588d8877e071c8

SHA1
ca1a030f2996d67e0fda9ae393a31fa977924b97

SHA256
2c82250e3ced77a5d080b905b5b9bb76f5ed7fc20ad0b04f0bb67a89de4f4358

SHA512
b317515a53ed778c87cd74e8ea4b984de7daec8d0661b7a6b3cb50961b8efc78674c47f4c06bcf17d55e41b060ec5cd412dd1b66a38ddbf821a50b357b3a25e2

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-wal

Filesize
4KB

MD5
ca28d7152264cec97a338cec3605f2e8

SHA1
0d984b0ff42ac2ca5e50065c5f1a73f4d3c6a0e3

SHA256
1000fd5b80b9660a6f758bf699e06c1cf4858bab1580d0ad9ecc68e1fd7c9077

SHA512
93fc01a556b797753b1a07cf6e05240ed4e650bddfb3bdd76486adebfb636d816b16dae01f681004dfc5adba54dc0130cceaf3866118d6cd16ec56fcdac6a351

Download Submit