fe9f351cdfc63e22263e05af489538ced6b0891afdf8d778128849275344c6a5

Resubmissions

14/09/2024, 16:34

240914-t3a7tstcml 6

14/09/2024, 16:33

240914-t2ylqstgph 7

14/09/2024, 16:32

240914-t2ehvstbrp 6

14/09/2024, 16:32

240914-t128jatgmd 7

Analysis

max time kernel
8s
max time network
300s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
14/09/2024, 16:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

kanade-armeabi-v7a-v0.5.0.apk
Size

9.9MB
MD5

1c139a009f71675a9fe4cf8b5b54a5c2
SHA1

8deb9f4739597aa8554e919a8364cecdb7183390
SHA256

fe9f351cdfc63e22263e05af489538ced6b0891afdf8d778128849275344c6a5
SHA512

8c9d40e95c752a553e5d3252c016e7fbe4a1705d40dbb5ad2760b5c357a25fa14697f3d43685535d757519e914d9804ab058aa4733866044e4a49311a6c1d0bb
SSDEEP

196608:puEnHcv9OBK/f8CDG6LGPqqIZV5sRdzpjE8cTKxk0hbQ444F9rR/NzeiREF+R:pu2cv9OBK38CCWn5Ap7c2o44CxRRa+R

Score

7^/10

banker discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	io.alexrintt.kanade

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	io.alexrintt.kanade

io.alexrintt.kanade
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
PID:4256

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/io.alexrintt.kanade/code_cache/flutter_engine/1837b5be5f0f1376a1ccf383950e83a80177fb4e/skia/7e1844439eaa3eb24d00c6314ddc81ca532fdd1b/16db3dbc6e0931d5b29149581808cb6401ad41a9.temp

Filesize
1KB

MD5
704f742c3e6db5127ec323b68e95ea55

SHA1
1e042de526ee5fa18efb6d79924931da2b76f9a4

SHA256
c45f6f3207784ced1f3e448b16f8984d9c0f4737b4c0047bedaa0f67221cb93a

SHA512
c5d6655338a1b01db9193f6f285d314759ad88a1e8de21a2d15da11e1bfb06101327bdf730bbc3592b5a3eaf6a5265d230578d25de31f28ee0b38ca778a3b79e

Download Submit
/data/data/io.alexrintt.kanade/code_cache/flutter_engine/1837b5be5f0f1376a1ccf383950e83a80177fb4e/skia/7e1844439eaa3eb24d00c6314ddc81ca532fdd1b/6bcf4d7176583e7cc7f5416698f19d8ab4b9d5e4.temp

Filesize
1KB

MD5
cef8d770bd4d64a0f742312ea02c66a6

SHA1
9d649fee03d248255bae4de2f8c87e306fba8cbf

SHA256
8cc1ae5d15eed1103fab3c46a3fef00b314b81b93b5bb0e8437a9a4f26a0b13a

SHA512
64a025ae641390a98fc31ce00598303dc909ecfc62a3c89f0be6a9083583916db66d0696b299b0e72e44c5682ab9bbfe5ee055714a1f9cfc6db1f52d50973cd0

Download Submit
/data/data/io.alexrintt.kanade/code_cache/flutter_engine/1837b5be5f0f1376a1ccf383950e83a80177fb4e/skia/7e1844439eaa3eb24d00c6314ddc81ca532fdd1b/705add3ecd0197f2b88943a82db10f640105cfb2.temp

Filesize
956B

MD5
8db2543a353af510cbd8dfbd3275bbd5

SHA1
154a10cc23be473c5e725ae8c22945f9431a9561

SHA256
e6bcbeb142dce6713a3cfdf1360098589e58d65eab6a17ab7567be7d57d8ff42

SHA512
ab3210b37ab2d365320c62794b796570ea9776e05506d15e99476f51c50ddc517956455ad3fbc6a71dbd0bec6faac12bba090d376dda073736468301814c3740

Download Submit
/data/data/io.alexrintt.kanade/code_cache/flutter_engine/1837b5be5f0f1376a1ccf383950e83a80177fb4e/skia/7e1844439eaa3eb24d00c6314ddc81ca532fdd1b/7b39a766bda0d5dc51d4f5bec77beb90a6675b8b.temp

Filesize
796B

MD5
71082b8d075200706442813f4a5e002e

SHA1
8ae2fb6e3604546a8dd01b3da653971e79ee3f23

SHA256
5802d4219d059041ab4b47665243827acc065e5cc624b3667422807a9d9c16f9

SHA512
822295b60ffcc31ed014e15b37e6e8cd6fda04682f3704650ae9310fd40cebd74229f32bfe72d43e8704f74ffb7dbc3e4defea2d7f10db322766c4271e6b57b4

Download Submit
/data/data/io.alexrintt.kanade/code_cache/flutter_engine/1837b5be5f0f1376a1ccf383950e83a80177fb4e/skia/7e1844439eaa3eb24d00c6314ddc81ca532fdd1b/806b206985b35f35fd3e28969de1b64805c9d031.temp

Filesize
1KB

MD5
cd06f535581fea635854adf51e6ffe0b

SHA1
6cded8dd4960e2429acaf67b1f2f884ef6707b45

SHA256
65d636465821b2a98e1d81d39b83d7c0790b7fbd24088680df650b244d376d2e

SHA512
0c501ffb86184c8377a19a762f180e298fbe7e3a626bd5b2759dd5f10ec299a4fbc103350847493c23f9f8ff4f07aff3499f374593d06370d2dc73d36a103095

Download Submit
/data/data/io.alexrintt.kanade/code_cache/flutter_engine/1837b5be5f0f1376a1ccf383950e83a80177fb4e/skia/7e1844439eaa3eb24d00c6314ddc81ca532fdd1b/8e1a156646b423dee0d89216b3a358b901c32c72.temp

Filesize
1KB

MD5
c3dd8be5bbd13e37cfdc03301db7c249

SHA1
03c4076b55beb97b8cd3b25ba9ed4b75a81ba263

SHA256
bd86cc46d5aa3742f9c6985f7acd0a7e76ea52c3ff27c45ba39b309d6603f758

SHA512
717c26ba8b9b768e4fe06fdeda10ee37126e821f026a63256941393d5fcb1661df0c7acf48356599567a05127bcf5068fdfbf4b2199065354066e81a794b2d0c

Download Submit
/data/data/io.alexrintt.kanade/code_cache/flutter_engine/1837b5be5f0f1376a1ccf383950e83a80177fb4e/skia/7e1844439eaa3eb24d00c6314ddc81ca532fdd1b/9914cdac01b83908cf184d3f2637a496bd19fe37.temp

Filesize
1KB

MD5
c8c41b21e91f5323176efcc45692e644

SHA1
e1185e9d6e8daa8f8af01399518c9f21726eaf9a

SHA256
c83fa53add863a676e29ad96586c4513301aab6fa6c9b3e9404b26d5620a6d9e

SHA512
3317b74c41d8afa29f5bac61a231fa57428b60e2c045d10c55eb943f384e0b183a7ba6c3fc4220f68bedfdd3f88b7edd89abaebc7ea22c554b425028e79f3da4

Download Submit
/data/data/io.alexrintt.kanade/code_cache/flutter_engine/1837b5be5f0f1376a1ccf383950e83a80177fb4e/skia/7e1844439eaa3eb24d00c6314ddc81ca532fdd1b/a34b99d0fea7226c46aef76bd20757e826c064d0.temp

Filesize
1KB

MD5
4fc9fd81321a9c8a838ee50bde332cd4

SHA1
2197118613ef9286680ef5c40719c215177cf05d

SHA256
7fd892167ae5c43595b9274cc31220a5e73656cb2ebf87a841451e82d39b64a0

SHA512
9bc29933c04a169e4a3327ee71ec42e7304cc9cdbe24f8acd2e08a54879bbcc191612bfb2c4131b360035a40aa6764eda88e7a502bdf89c871333f51e1cf6b9f

Download Submit
/data/data/io.alexrintt.kanade/code_cache/flutter_engine/1837b5be5f0f1376a1ccf383950e83a80177fb4e/skia/7e1844439eaa3eb24d00c6314ddc81ca532fdd1b/c10b1cbfe6a95e031c414d21f75092880bdeccba.temp

Filesize
948B

MD5
955f539f428ded82f1317ff8f81d5e39

SHA1
60ed47c15047b14ad1de6113ab74ade69eaf7d0d

SHA256
fbc83650079ab57ebb00dea87146104b892ab929986c0950badfc193aedbdad1

SHA512
9583b7dc2015f37499cf01c01d4d2b317d48fe03ddaff31ebd523473f3c2e0992c8bf3a02334c085871ec9b63fd181c63b6931a658e164c26cf9f1ee93d65cf1

Download Submit
/data/data/io.alexrintt.kanade/code_cache/flutter_engine/1837b5be5f0f1376a1ccf383950e83a80177fb4e/skia/7e1844439eaa3eb24d00c6314ddc81ca532fdd1b/ceca73ae461180265254e94a260758b596d08a5a.temp

Filesize
784B

MD5
2d21d74cd99ba89ca01a2ec9d8c7bad4

SHA1
b0ed7f73f38261e09c9fb9f0fd943aa4497d9456

SHA256
fe2e085f629a8167192b71f013ff11bcefdc7a9084dca2080b0517a3945a4250

SHA512
e26163bd2e7cfe4e00851e206e83670302e20d4496e76fb3975ddcd6389fa2ab2f7bfc2ad743412559fd415385d4836abc3914c29ea6747adf021c1bbf3a0757

Download Submit
/data/data/io.alexrintt.kanade/code_cache/flutter_engine/1837b5be5f0f1376a1ccf383950e83a80177fb4e/skia/7e1844439eaa3eb24d00c6314ddc81ca532fdd1b/da8aaa6c9547109d8ac50b209fb62944f7f2f5b6.temp

Filesize
2KB

MD5
b63da9d1a20651cc231fd2bc484135e7

SHA1
c216cd5c18cb2ea7ea4bc1f62397cf9828b42847

SHA256
10a91af6362998e556fc818901999bce7d7f12074ffc94859636aa4ec278a995

SHA512
ca1f13f13502e20fb21e55a3c08eed58f8c2167ef18df19bf5bbf30db5f9c6169c52d631f5be15a36ef5b4e605614aa54141f41491623817094c3ce04d65b615

Download Submit
/data/data/io.alexrintt.kanade/code_cache/queuedtasks.temp

Filesize
12B

MD5
d5da244213f35f5314aab9b74f722ec7

SHA1
bd8849fbadfb8fb846ccb890265f0408d503f569

SHA256
b8cce95f94bb3842447a35cad31d68789df636e11353ab4a75179d86761d804c

SHA512
6ade0025868187b89bc3bdee64011d166b77010b4a09bfff96f4d830c596ebaa09e09e77ea591c944c0c4faa6d173313fe4ea6ec6f92973297bda2768fb8dda1

Download Submit