Analysis

  • max time kernel
    17s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    22-09-2024 02:39

General

  • Target

    5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb.apk

  • Size

    3.6MB

  • MD5

    d836feab9d4bf3c6cf086bdc14724c8b

  • SHA1

    c837cf7b181679a0081165e5fe4aa0eb94f748f8

  • SHA256

    5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb

  • SHA512

    8c7801c5f1d8dfda39e0c65bdbea83feb8f217b41b69a245d01dd9e983a6a357c8b0b2be79123bed07e638655fc66ef3a093cc01be68c696ecfea5ab6c692dad

  • SSDEEP

    98304:5s13ZL3Vf6JqeomaMDmQZ75ub8GoRJ6Odp/9hBbW+te6lXhAyHzwI:eTLVf6JumaMiQVWovl9jS+oS4I

Malware Config

Signatures

Processes

  • com.systemservice
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4251

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    9a7f82fcaa38e0ce860f66a6fd2b1b44

    SHA1

    bfc0320fe2acf3953eeb4613183658573bfbfe36

    SHA256

    937437b16236cebf836883a3900c2bea1a33f95a107464227411bdb5f968a922

    SHA512

    c8a3ce852a23c54df54354f327b4cdc800d943f513a5c67743c4865c19b00a4c3fddd16dc45e9aa98cd1689d93320fb47b929140ccbce2c1c784377681b04a4a

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

    Filesize

    68KB

    MD5

    47a1b41bee600e1d34c8491f64380c86

    SHA1

    12f4af74859947d1a65ff5e25479ec93d7ebc9fc

    SHA256

    5ce3a1e38170eada4578d321ec794640ff4fdc623651d679cd15418b5a9c195a

    SHA512

    e56c177d9067077d33e1b0a84dd9448a1879cd28e3f0f591bb2fefdeb78af64367da17af2f344e4a7f45c52a141edba31f832c1117851fa4db4fd71469b86b20

  • /data/data/com.systemservice/databases/core.db

    Filesize

    36KB

    MD5

    045489a0639eee27bca52f48828cd93d

    SHA1

    436e7966e7c019273c44faa4d8c5709b816dfda3

    SHA256

    0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

    SHA512

    c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    7237409e0640cfab7bdbd429bf821a3b

    SHA1

    4c3da934842f8d4835dfe2a9c275a300e5123309

    SHA256

    5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

    SHA512

    c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    fdcf597a46235ce3ec6bc017ad81e0aa

    SHA1

    b72c46088a65fb5603adc5f0804845a2c3712981

    SHA256

    657dcf4689db0ac22dfd32712698ded9d6d1d105875bdbffc84591265709dbb8

    SHA512

    c96c2643ff005cfb1404bf8446e063d9376d3d47c4f885754c639b56e0371e94ecad394e1819706a3723aa1996763d82a629c277c907037b6e82a5233dc6efac

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    086f57a21d1d1c63e750ef5f1bb1fc57

    SHA1

    9a1c31f5b1b2c705df3ffb5125e033e1e73f21ec

    SHA256

    3722c4952cd0cd61294f824df1b3cb3714e296d4924cc60c26119593ba7e57f3

    SHA512

    ca1038dea618b645fe69e2ff2cda7d2316d60ccaa1e52d2569e03d6b0bfad375a5fc399d079c963fcfbe71ea0605712af44a4bb5efb2a69b5b2240b0d804d961

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    984264c547fce6453fdc9bcb8f14b3b4

    SHA1

    8c3f6fce274bb3aa5caca432d339f241e6cb4858

    SHA256

    2fc32ae0f88b080769927a43a4bc747b1268e93d201e44e9c16418bfe21e0548

    SHA512

    3c16fe71ee240dde9622ab40a3118cdc6c2988e524261a6e44ca56d2d7ef73366da6fe005f264236f7a84a7bd682cbf3a53dbe2094f15ce9395eacb33abdc86b

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    5f4f5ccfbb756da2e939d97fb3b3068b

    SHA1

    cffbbc218cd73271c4c7dd306a6a9fd177370d7a

    SHA256

    3a6e267a2242c303d67a401e8f3a4b5430217c76d0e27b2d60feb519a78ffcc6

    SHA512

    c887035545c5c54eeaa00db0202d8428ca61ae997fc5693e7783a553813e42b9e2437d002416d1c33509b7d30a138d2b706c78d67ad1b587d1225ad10a1af7c4

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    835cfc7decf507cdc5e54f602e3f9699

    SHA1

    4a55d424cb32e766554672cb2d0b3804fc47552f

    SHA256

    29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

    SHA512

    2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    5527efac14436af0fc90d3144515a8ee

    SHA1

    e7e8e44ade9cbc760422d55395df42c66af6a8ba

    SHA256

    35a98dce33f7a5eed203223d863c4e29a907f1d9bb75a3465e2ec109d6d778f3

    SHA512

    bd02d8327f850091c8db94b059a3d1cb8f029f1200d5a8c76ad9206de61700ded44f85d9893b41097a983d2376043ded999fcc6522c0d88cd9ae6017ad3a066f

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-wal

    Filesize

    36KB

    MD5

    5868438e3b1593796cee325156ead8ec

    SHA1

    ffb8bcd1ea927db759e1600b42dea924e93ad6f4

    SHA256

    4e0b76f1c99c5059e737254c50a725e46379ecda455c1488750e39a5ba1d989b

    SHA512

    8f1aa621485dcc72e92a8ca0e0c0ee14c4d44d04616d57d2a2a0f5dae9ef675cd95f25b0c3a66935ecc782f276d778a3196a9217bc42a2d94f1fbaef98172066

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    eb8e1de3936a2cc396423fb291aca225

    SHA1

    715a07b0f64fb8c5902d8996373d53448045a503

    SHA256

    e87c939b9c57c03906fc3750d858f6d03f0cdcfad984b4f20a60ac1afb974aad

    SHA512

    11e222dcecb94f07bd259328e14e58ea9af174e871d68dbb17c4617e15c85d9f801eb5f1691d4ae95e80cdc100072c11bc70fbece3777bf353afbdfe8c61fb3a

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    7dc6a562288ecbd23bfd8512a4e8f725

    SHA1

    49e9648a7f082b40c7e215e036280e65b0106792

    SHA256

    74c02198f0807327ca6d019990c7df003565d9b39d08b96019c4ad140f2e4108

    SHA512

    f4eee8f6737d068af7b96a7c06a34404b6d60c0783dbf7764096a69fb0e4ad10cd05e77c8248c19eb3068ca2a36850a0f06b72bc9614f0b3cf30d84bbabaced9

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    4fb605558a79d00e8de21a74959230bf

    SHA1

    ad4633450980d5586ac07612d4b77e5f0c9053a6

    SHA256

    c9ffd6cb96d4a4ce93d296e49d4c9c714d37a865d8fc3ca695425a82e3527560

    SHA512

    17506cce0f882242c9e4ef4bd6d5338c122dc07af2002a0b92883612af306a26219dc79841ebd5ce2669ad5d2b8b24cae7b4af2cc55998d494aa7d025ca11721

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    b6f067a7ae07dfa126cd73b31ed30d52

    SHA1

    67d14d9cc4468a63b31d2b59bf6b9912fc5ccc99

    SHA256

    4c4c39240c6965c0ed1447a21928d98de57394b689d17f94ca678e56f5790e68

    SHA512

    a2123eeb617e8fe48827ab7aef04b1b4a8d46f0275f1076ec16cad261712f8d1bad02db153cadde2decbf5eca796ab8803db09d82ebef0eda7fbfedebc04ffc6

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    892f0b71f8a58d5fae03f9513f74c926

    SHA1

    5f800b5df487e75900c28c3dd84164c87168baff

    SHA256

    2fc8e1c0078558a0daead69a7299511aa77ad4e23d9ecbfb1562d8190fe18b2c

    SHA512

    5ab2f86fd67b952bc206d5c795f18b921fae71cde035f8f59ddab9ee8cbcb91671ff348742b97fd9aa3c2c0bc91c1fdcea5d95ec9024f4520efebd58e2db9ffe

  • /data/data/com.systemservice/files/PersistedInstallation6863709810273125220tmp

    Filesize

    90B

    MD5

    06665a5fca12c62671d4246e73e63d8d

    SHA1

    cbace5a93a45546f06816977e21023c6e9ba56ab

    SHA256

    93467dad036ff037fea21a0d3a94d4926cac53b58d7b4b11da05ca5a391eb39a

    SHA512

    b2eb8a862ad215b44ada601ff28d9ce91e6ed458b0f7d080aed9f2354a6f400ebded1ea072ee179b11ae64d77ffbd6b9278ec1798e60ab8eaa15fdb636cfb93f

  • /data/data/com.systemservice/files/PersistedInstallation6902460470980926053tmp

    Filesize

    556B

    MD5

    d4efce915ad2cec23660fb4313bd88ce

    SHA1

    ea513f4f0af84b66a03e86b0c21a242d4908ea73

    SHA256

    5d63c8920272aac6d14ad9202db3d9623b41d9aeb38b5bf2d4770b792df58145

    SHA512

    d7397bad2516c11c99a2debaf2a6afeac4b8b342d15ad7251dbb785523d2d8b1728da6e45be76c4f37e018f6e577a3c0e27472c4de8f0ac1a94e979aad76fcd2

  • /data/data/com.systemservice/log/log4j.txt

    Filesize

    3KB

    MD5

    fb90dd1b83d24a6d6bcd7e1ea6bdf04a

    SHA1

    a0e8f88b30ee29defe28da3d13cc32f7334d27bb

    SHA256

    63d3a81fb49db36872e20eea4546100094d2fd3ba3c649e9e4cfbb7883a95659

    SHA512

    383d964af4a0b5f3d8743dd38c403e7ad2d83b8010a5ae2a32553c266f1bc0a95b9c11c4aea891887c0f440e560d672641c33f7b0aaae8e6d40ad6c76a10dbde