Analysis

  • max time kernel
    16s
  • max time network
    151s
  • platform
    android-10_x64
  • resource
    android-x64-20240910-en
  • resource tags

    arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
  • submitted
    19-09-2024 02:17

General

  • Target

    .apk

  • Size

    3.6MB

  • MD5

    39fa2c58237de702fc3458251f358cab

  • SHA1

    16e4e5003046f5d07a0fb1eff0dad56d9ce53be3

  • SHA256

    2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc

  • SHA512

    023b77900582d0b6629d587f7411ce5153124cd3870b9533cf9afc5304b874e4353d8dabb7adf8a199768992123e707bc6a87ee682463c3bdccecc8a060e7126

  • SSDEEP

    98304:kyHTjmHgJcyw+WoeX89z6Odp/9hBbW+te6lXhAyHmz:k+jmKcyPsXMl9jS+oSc

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Processes

  • com.systemservice
    1⤵
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:5231

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events

    Filesize

    56KB

    MD5

    17eb20814f1f1e13ed4cea95881fa120

    SHA1

    60f379cf47afc5fd98a7573bf32e70b6cc5b41d9

    SHA256

    668394c5c411db5f64dd27a6ffe521acccf132d9d121686033c4f1001c12dc37

    SHA512

    7c26be5896100ab183246105b52c8f0cde77a57798efa6a56fc19e60f4226d8e0202465f0ae56b1d6751f66a3fbc0e388e38035182fe96725c0c74d67846c133

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    234185dd71a24c7ddf7b058f0ad5648b

    SHA1

    0e44b584d73e57afac263b9d585a0ec29ea66459

    SHA256

    f6e8c2676adcf1ddede3e240a40088d29842835d34d15fc3eb6f34839099c18c

    SHA512

    4c3961458b2ecc0c2f82b77ec988957e060f3ffb5be92fde03ba0f60f77cb8c0c6caef87e9df21ab7c9bc73c699a440657d9a4c59fe7c11cd493222db884fcc5

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    5a2cb2017755fcb666f89655b8ceceb8

    SHA1

    27375bbc0c5d181b11d2e53914aa38298327cda0

    SHA256

    d91a2ebdf6369f58d152e19c2e29f25beb7de1d65f2d56f0588e0d4714d4ac85

    SHA512

    a71c48dfcd4a9bbdb5955c5e5f5182eaa53f067b36d7890298ef7b9d0b9ae3870b3da49ff12c669ba3ecb945abe28641b14fc60fb886017fff88dbaaa018d202

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    5969a760666a1d92796bb2d1e8dd0868

    SHA1

    ce3eebbfc11a328efc0113c87cc3b085979d595a

    SHA256

    2c67dd752a788e7ec2f15e41b7c9ae6cef9a368c5c9ca500820fc0a7d3963832

    SHA512

    fca32cc964d1475a268d084f72c75b51600c40d0be07c956311773aea76bf6ecdec48e776cb2355bcc04e46f2eee1d30b2cbd7f019299a2726be293e21d6c24c

  • /data/data/com.systemservice/databases/core.db

    Filesize

    36KB

    MD5

    045489a0639eee27bca52f48828cd93d

    SHA1

    436e7966e7c019273c44faa4d8c5709b816dfda3

    SHA256

    0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

    SHA512

    c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    eb52a90bb70b76e946b62f50b6f7fb85

    SHA1

    42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

    SHA256

    48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

    SHA512

    b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    a8809f91cd8aa962d61e599f10b464ff

    SHA1

    dfd396cfd5d7865016658b4b64a01e25cf6843b3

    SHA256

    cbf9ad972d010f7183d54b94ac77eb7b146e0279d70470171c8ff1fa82945e8b

    SHA512

    3bb0d734836b341388ce1f44aa9286add4c634f070801a0505dce3b23d5640b8001880b706a68faf08b18a9238605f39dcd66508fd537e1e466bb86669442ba0

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    a565420ffb76a6fbba52e90309478201

    SHA1

    2fb2038a6dc06f6b495e4d8af70733cdce7ee20f

    SHA256

    ab6072cb48e375ea289eb03c42f6d7e3e6d7904cb84992bd5bbfdbe58d12acc1

    SHA512

    d7e5b7a6d22482d2cacce0c212afe44d465e13ad991093f402c43439c60e2fcd9b1318180182542774a614f539ce6641901393b306cd3391d4ce61b8d0fa40f3

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    8ba655696cec76e2e3db044df542045c

    SHA1

    43b849573360210c91c6fa38d39c25e7171f6441

    SHA256

    87cb9976b7ade039caf36cc8bf8bbc11fc224688c72dfd49e722be5015624c58

    SHA512

    69377849bf5e76f35fa19e57a45c7ec7690e286f27704b4cd9b858c683d042da0edefa0e994c745dce168fe3d3af085e33211e8ecccc935d486728f035858290

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    c0be880f95da03a91725a3e4863c5523

    SHA1

    39f896c4456813c1d38ca3ffd08db1c1a7b03547

    SHA256

    5c8eb163751774121d14075bb3cb887a2b72c27a4beec87165711387c48d4d48

    SHA512

    7aa9108953bf8caee5671e91acb2c337c37485a49994a5e4bbf4f8c9d0c2d57ada8ed8df7704926597da07d71e450e13e30286d77c75af2790a8e96270353a1e

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    f871ff700510a56a54fdd56bc41b7541

    SHA1

    481548c8bc3254a00f497140278597b915460c48

    SHA256

    ab18f3bb605f3cbedaffc75b2d5a03fe21ab82179d268331ea907bdcd32c23fa

    SHA512

    12e3d348199566e137f02b63e4c8b4c722aa086128c0f1cea883d512075b8573d40d889d2b4452d9e3d9c02f523716da9775d93750c242a1a2d9e62f50f60fc5

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    e197eae51ba2dd39462390103baf0d39

    SHA1

    e5833933672c29212f724a1a74d7cef6880db9c7

    SHA256

    4e8210ee76a68d70435ff7b40dbb41cc299066114d8e65d7b4880cd2bc9c1232

    SHA512

    8b02bcc65739d6ae7e81f5d162063b9ff00809ed0c42215965512aec9b9aa9b2153ebfba90d036260aed08501344c60887f22e7ff58f68a28f218c9fbf5f8f03

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    47de169e028d19ba1b3ad4bd135316d1

    SHA1

    709963ad0e1dfd742e5e1cc8c608784426bceaa4

    SHA256

    a6c8a1d47753e3313468cd07955f35c9637f67e84e961d74b5cade9c32fb2251

    SHA512

    b527edc6d0613006be216fa75ad4ffa53492dae20a89bcae290dd72b4ddcde076d6268fa2d00a6f3b7aacb8a000d6d25c6dbdb539dc8cf57b15e99df0558e7a4

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    f012dcd6189dfc60aa3ea2c8b86a1328

    SHA1

    081ce9071bf66e71d4423feb1c68e13958eee52d

    SHA256

    a5da5141dabefc2a58be77c35d527417b93be143bab90b1a79a8550917b98948

    SHA512

    6bc103c1ba4c5f7fb17dba1a42d9e9f0c6273e69b967d2800840ade9a78906d92e86f847e6521b38ff6644b90349c75dc063dedbf5bd6433a18a091dd7d236f8

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    6f0077619a1eb95c73f97aa59a767194

    SHA1

    3166029b895df33b7e39778adc893a4d8c0624fd

    SHA256

    f9ed118b82d0d0ec4041d2d7d2f015ef0cc920ff357a28b3a471eaa0ad571545

    SHA512

    84d6ab3b7f99da163abaed70d61557ab4728f515bce82d13eaa5be71a19c21bd085442b2b80e1fc51d364bda15dfbc9f9dde828004de4aea0f243d597138a12b

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    2da23cf847c2062a5ec381c085cd3a9d

    SHA1

    d8d6b9d0f8683583dd999d4dae5ecf91b452ad31

    SHA256

    93dc8d22408c4fd6a8dc7412d14c9c88017c5affbf51b1929d3dea563fd1a23b

    SHA512

    b93bf50716b3cc66a7ede36243ac5d25983649bcad316df163f7cdd59b5ad1f8614dfe094cddddfcad015823ca68d56f3a8b5d89918d508151d2056fa3315528

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    d562567b565eafbc003480004fc3ec25

    SHA1

    d2982a46e2fa59a977e4519b847dda87bf33811e

    SHA256

    36b2b6cc1aff4f233ee99eef65ebcb24d84d0a28facb2265d0db99c0059efabd

    SHA512

    f6202e7d71792e576ae0e6789b30d8ea2f5d80370ab9c7e79040d043c9a81fd262e904b68fd18301f1c68420558a0a518967215b3ff734b1ca3097b3cffc41c7

  • /data/data/com.systemservice/files/PersistedInstallation8229678666537549905tmp

    Filesize

    90B

    MD5

    5f925ef2c898f74e4fc051287289ba1f

    SHA1

    9a03b78c1bb74a836daa175419feec977f2601ee

    SHA256

    190ca547073a4f59ec431a43e11144bbac28e42d8ed7f8dc597d147f42ed0e4b

    SHA512

    4ac294cd23aa5ec76549403883fb80d3619dd1967c206dd39432f82da76353fafe4526080824bb5f8539a16d73489f54f1c7130764bde60a91b0308a2f82ee67

  • /data/data/com.systemservice/files/PersistedInstallation8245731264451955187tmp

    Filesize

    556B

    MD5

    b0c7bb805a74d7f959e15fe76b5622b0

    SHA1

    740e0e98cea8a5ce76d390cd40a5aaef97416b02

    SHA256

    0a2e940bc7e3932e3cc50604c15f827fd45c115e81e20d45b82eae4c10f67ffa

    SHA512

    4f0ee1845c443aaf8c053eb2f1a309bf024a575d54ff30d3cff942e890b7a6863266d5da776f1efd052df8a4276be543a2e3bb95cbd2814f7257cb530de02795

  • /data/data/com.systemservice/log/log4j.txt

    Filesize

    6KB

    MD5

    13f028552d633612a4cd8ba403874e4f

    SHA1

    a9571db8496258940b24adc716e5632a3a85e830

    SHA256

    b900527e6f805e08e852196543904246d280a7beb3314888210061c49973fa13

    SHA512

    7bc59e84754ac46f373b9457ae95d4307934bfd472770118f6f88128924eaecc0bc0a2d9d47b0d4bbd18d2da5747ebbd742afa948fc16aabb6e84848eef26fd6