785bb9cb02ee53f6fa3cafa24a6f88d93fd7022d2380507682f6d4e79bbb257b

Analysis

max time kernel
143s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
15-09-2024 05:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bp.apk
Size

517KB
MD5

c0ee5c1fe9b230c13d87f815cd345af3
SHA1

588f43ece609b5b766932ec5c8b1ad2c94d0bbd8
SHA256

b4c4b0350ed1bf520ef1bfb3520cb0ffd0ebc36f8e82ce2eff63d7a5bb58a395
SHA512

0944c720cc66983a126d2f870fe63529e88e308458bb47ccdc26be4dd87b73f4845a629fadba4f3e5aa61c52c5a45c3029260cdec121d079e7ce647048cac6c6
SSDEEP

12288:ysb20Z/JhJYmW6eLUwf8zHI2GV45+a5hL/s8BocGJVp7:vpZ/Jkf87I2u+7hocUz7

Score

7^/10

evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/com.bmob.app.sport/zwr_bef/m.dex	4478	com.bmob.app.sport
/data/data/com.bmob.app.sport/zwr_bef/m.dex	4478	com.bmob.app.sport
/data/user/0/com.bmob.app.sport/app_zwr_dd/m.dex	4478	com.bmob.app.sport
/data/user/0/com.bmob.app.sport/app_zwr_dd/m.dex	4478	com.bmob.app.sport

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.bmob.app.sport

com.bmob.app.sport
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4478

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact