00207fe7b7b9f08d6db522de16d3389b5e62947849572fc7341359c879fc1c7b

Analysis

max time kernel
109s
max time network
136s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
21/09/2024, 18:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7723box_pjz.apk
Size

2.0MB
MD5

3862a974eef6f3c01fc58b85dec4e6ea
SHA1

8a482f68e74c8b406b5dc87f7f6e46f348e1a673
SHA256

912d30f69f69a2e36a4cb0a13a25832c4ce4deb31470275273104f778ffb9bb1
SHA512

1701259d85b6b8a5841d6761ce54f4ff432fe8cf7d7f51b16212a06b58cbdcf48414fecdd10ab5347e6b59e879fbf896bc1f3c1b9c602444868b94f23e4ba7e8
SSDEEP

24576:hjzi7dLe3+Z14UtlvSF1RKzYz65o2pgZebQOS4w/PHMZSoOiLdkikNeuV42oh56K:NH+ZbSJH+5o2pi74+vMMoOiL9kjCZHL

Score

6^/10

discovery impact

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.upgadata.up7723

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.upgadata.up7723

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.upgadata.up7723

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.upgadata.up7723

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.upgadata.up7723

com.upgadata.up7723
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4253

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.upgadata.up7723/databases/history

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.upgadata.up7723/databases/history-journal

Filesize
512B

MD5
49eb96ac766a84ac18289043052799e5

SHA1
084dc5f63133337b6210823e3fbbb13779a391b3

SHA256
811e955f094169bbbba338f8b5746d2f529fbbba409437ec971a9466e7f6c56b

SHA512
787a69336f4240a4faa1984e9dfd18f4ffc65a7622119dc73da774e761a7d857042128eb4f0e06cc1b9f1b953089666e7d467f0c8d50702de5deab598dc81b41

Download Submit
/data/data/com.upgadata.up7723/databases/history-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.upgadata.up7723/databases/history-wal

Filesize
20KB

MD5
9c9d02b49c87991863cf5a5da7d52a4a

SHA1
2f8757d1997c39a8ac728c8ba8055e34655661f1

SHA256
f71ffbdd1cd28b1ee6cae8ea3823c66839bb85524f1e9f5fbb2edba458267979

SHA512
8b470fbc6ba28a00f7b2fe735862e792d587687619ce3da59bc253face5f12438f12806e102f340e8bce56939b2ffa316bd68191532235b1efecead0b6cb04e2

Download Submit
/data/data/com.upgadata.up7723/databases/xUtils.db-journal

Filesize
512B

MD5
c7a39abbd62bfb9bdb95163ed1c860ea

SHA1
853c8ee0481ef88e7977e752e02a40dbfe22084e

SHA256
e02b072de8f09fa0d6fbe172fc1a184a16dd52bb400218cbcab3f99ee2e6a502

SHA512
4fe1c86beaf877a557c5577f6a9fe3f5aa5f90b06167f3f78310c4913c893e6c3899248a71457dfeb9c5e5f005fce7e86f2977d01dcf3aca7653e571f16c6f78

Download Submit
/data/data/com.upgadata.up7723/databases/xUtils.db-wal

Filesize
20KB

MD5
e6ed4924c77da31497dde9ecec65d310

SHA1
028b8724c4fbc5486946e9719c988e2553d9dda3

SHA256
242a643a82f6ad37483d4c8ee09294943c81b43ae15f1b13884ea08c447d7a16

SHA512
9a1ce317990beff3e5ef5a91a8dab1aba46662ea3ee0765ad6e6de68b152db385eb5f8078838ddfbac69e67307057a7286c563650ed381ace06f7a76492586c6

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
26d36d56ed7bb5802acfd54dc952691a

SHA1
0712c3440aa5a55088ff9ee598ea2ca85a569284

SHA256
1599653d5bb5bbb74fcee24412ba579025afbb8ab9cb1d2bf939a7d4f58cd294

SHA512
3641a490e4af5ee6982f27ffee4c5a35f3e5592e820ab9f6d8b43166994fda99771d3a28ae3c9f9474a495df0f3d833c9d54b54abae7e6d725729b5ca185c32a

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
91b2bff1b1706a16206a75e63c0910bf

SHA1
c5d1f32a979f80e199811c1b99ec6041c76bb44c

SHA256
a92ae58e7f2ad45f9e1a0ecbc3313c7f1e4b85a1d36786a3ac2b25d1e31d1534

SHA512
63c9c591624038f2b5e165f5a654ab0de642482c47fba3a797b5bd481aed5c88a9c2a22f13ecbf290b61e5438c8a32dee8638001c69c6ec1d11643804e377f96

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
381B

MD5
8a972906a9072e8f717ef0ff170eb0d7

SHA1
82693c2ed69834f4b92c7c02594f6c384833b9de

SHA256
b9a74282a4f4e72f3337a9c0d7c2bea03d19707412d1ad60bf326027f076632f

SHA512
57d0d1810d2a62da99e40c8a379aba59d952e67aa1318dfaef7cc92f116e4cd956a4808653f44064c6e72662af4c1766f250825c866b24e40a7821bf1d2c731f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads