cd918a81a7dd88e05d4af6ba65603e52d1c8d9c7ff7e261b9602a93540c83284

Analysis

max time kernel
43s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
16/09/2024, 01:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

LenovoSafeBox.apk
Size

904KB
MD5

f8766f793e9f762ffef225a92a78b2d8
SHA1

cbdff0b9d9e26cde04acd12ce3c5ee34e306acc7
SHA256

4ed2eea5a3ef19bb16dd8d5fc2da58fa2c72144b2e53036b2895bdf59f0edb8e
SHA512

adb212572e6c6822ecb46326a706d1770f1aaaee6b6cbd23a3f75b3cf4091019c39974c217630a584acc466088cc7faac0d662364503b337b8264103faaeaa6b
SSDEEP

24576:xetMiI2b4apsiko9W8C/2KgNHnHjkAsV7kDn5c2trp:RiD5pUoW8e3gNHDkPVoDCMrp

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.lenovo.safebox

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.lenovo.safebox

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.lenovo.safebox

com.lenovo.safebox
1⤵
- Queries information about running processes on the device
- Queries information about active data network
- Queries information about the current Wi-Fi connection
PID:4478

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lenovo.safebox/files/lenovo_reaper.db12

Filesize
4KB

MD5
4e7d39daa7a3ebcd023d5982fe959d6f

SHA1
3e299bf3421be9fd74ddbd19b4de930cc784bfae

SHA256
b52433523053e1e635a5122133385660029a54381f020a0c625eae003d0161ed

SHA512
d7d4bef11513c19475758ecaf21c00164f22e6746c2166b41c26680056b82d5a5d1d3fe1704586f3822b9371c6400ec7da827845f6c4385268545c1b23449708

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads