ec2654fcdaa602671c65fcd7df97643ddc73732e6291b08c5d2db03f667d6a9e

Analysis

max time kernel
47s
max time network
57s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
13/09/2024, 14:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e640eb702de37deb80c0a763eb67dea6.apk
Size

254KB
MD5

e640eb702de37deb80c0a763eb67dea6
SHA1

3e58d4ecce983b4489d5f2f73fbb536283f707f6
SHA256

ec2654fcdaa602671c65fcd7df97643ddc73732e6291b08c5d2db03f667d6a9e
SHA512

a9fd31a8b39c845f8ffba5c882f626ac805df3675f75c9a03dfce498b9c07e695858eea75c096d5d2c838ec1fa2219d5fc43d786028bfc35ae3c23e171f04f6c
SSDEEP

6144:Hyr+4R4H6/f5QEgmz0GxRYuQUt9jsJ1zgbyN4V9itG:SFRuqf5/gmzRzMAQzgbU46G

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	net.droidjack.server

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.droidjack.server

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.droidjack.server

net.droidjack.server
1⤵
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4959

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
ab9b76032f3671e636504f620ed4d205

SHA1
21e1e3ef5f95af48acdd224ef1f40ff12467521d

SHA256
4da0f7c511a540be366bd92014b6279194cf5da3c47ddb8acb48526f1ad967ab

SHA512
9e133dfb122855076eec7967f0e73fef6f8cdd655b32f9ee5d8cc7de1114212d10764839359b38b63e73772517910662109d87336a8507a99ca1085758841725

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
ba4ce7d301e236d7d2cce120476dda47

SHA1
92d1ca2724f9e9b56d0e307f48389e0b7b3329b1

SHA256
33842533915a2fde7e8b4e6e9739a21e5cec034b9957206471a6ba3e29bfb726

SHA512
56bb1af96f619dbc83f0eea35d5be487d0f3f277f9b8c250258b020a00ddaa82b59064d1526f2691e22891a62a1b88da08d7149ea7a17efd549f0026066738e2

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
905dfa1ddfcdf365a4e1683c582ea50b

SHA1
bf398d31d5305b04074108816c7090e6813dc83c

SHA256
b63f0e7320d81ea5efdc591410a16c9bfab454987161225b0d7430653bd12faf

SHA512
0bcbfd4f0a11983344966bc0a2f7e855dc28c6e746503a6196c9677bf953ebf8734d9a646241abc800d449b6e66da1f61f187cd5c9fcea05d6650ba730e096ff

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
512B

MD5
4c056f645e2bbb4851836eaabed83909

SHA1
1c19c20eaf1d6c18400f2ac8ba04e3c90ed96f76

SHA256
5b921f71af97a5e9f15b0aadaa0357c0d787fd6f006b80de1f03800a06f699e9

SHA512
f1a043d17c2f33756715b3d79d16ce4ddb09ccc89f796894b05a7922a4d47f3a25f60c80d3c877ac4152ff6a759869c9b2e9c5ceda3822b64219cd8c8eda0888

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
1cc5b9b44a7593b1998488b980077075

SHA1
06d4f4e0d5c42dd07a81392265f0aee8617239ea

SHA256
5581508ef356025fab11c34dffb33ee797d97aea20a2466340ea3fe2aa5243a5

SHA512
ff255a1cc749cb683d819a5003fe14208f168784a4d3fb4c79dde0370262fe9a406d525c99f1f50a12cf1933c66dc96acbd2e64225b3a4e9efa499b36c463473

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
3090a94e49cbd130e4874f283280bfe2

SHA1
0681eff3da78ca3e7006402f10089e5af6758486

SHA256
77adfe6cef9bf87060c9395311b3e79ac9e4b598d578bcd4ad61cbc27ae5df60

SHA512
b1ddb0ec926c1f6c99bb0749737109bbc05cea60c9ca391f56c306ed554dfa003f60601b82d5723e2d6482d90021fb47a6d1d8710ddb91235760a917a7ad3b50

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
0a62cfc05520a4be3c16130225178295

SHA1
607460bcfeacc6cfdd5b2098ae92a2ff70a56cb0

SHA256
f98831e8a7a39d75264fa85e7c0c69acda19fa5c1233fce6638bc59f47b69002

SHA512
16292f1a68476db7bc6a717b37b7c824ce40c69fea4151696494b7f58da9e2c7cfad58d33e1af7fe64e23e8861c49d8bb94f9aee881e9dc22027be77e3fd25f4

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
82f6d71b93a2a09a60d03f751252625d

SHA1
8d8339289b709b0c8249ead9a89fcadabbe3e8c0

SHA256
7fcfea174154ab525583a90c6a96d758b1f0bd75ec9b6f3e6e529a50daf3b677

SHA512
70b4b323b2423f2fb05c12dea127ca04a1e30e6b746dcb6154873cbbe83c73e38f9e96153d5a96134b67f05d3a7a4658ddf4541b79b92e571435fb83d76c79a1

Download Submit