Analysis

  • max time kernel
    17s
  • max time network
    157s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    22-09-2024 02:39

General

  • Target

    5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb.apk

  • Size

    3.6MB

  • MD5

    d836feab9d4bf3c6cf086bdc14724c8b

  • SHA1

    c837cf7b181679a0081165e5fe4aa0eb94f748f8

  • SHA256

    5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb

  • SHA512

    8c7801c5f1d8dfda39e0c65bdbea83feb8f217b41b69a245d01dd9e983a6a357c8b0b2be79123bed07e638655fc66ef3a093cc01be68c696ecfea5ab6c692dad

  • SSDEEP

    98304:5s13ZL3Vf6JqeomaMDmQZ75ub8GoRJ6Odp/9hBbW+te6lXhAyHzwI:eTLVf6JumaMiQVWovl9jS+oS4I

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Processes

  • com.systemservice
    1⤵
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:5048

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events

    Filesize

    56KB

    MD5

    3c2496895449f4889d36366b369bc5d0

    SHA1

    37343955b14ced14e275100c644e282b64e71585

    SHA256

    8d8a26185d127c2f4c167637df7e43cde3689330a2599edec9c305c8f4d73584

    SHA512

    c1d73c6f55fbd58d8ccb333a15c3d1317595a8d5fd608182c8d2d970cb1e67c2babb6d2cd9dba92c18ba2c886f430bb11b5bee58210a3d23478c9df172335c6f

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    c432a59850bb044d33f56f5466f130fa

    SHA1

    c38195bfbac4395f341ad4f5a4e95a249aadc034

    SHA256

    a5b4fac52cbdee92ca649a60c4ce76265d65bb057f358b02c01150189b3957e8

    SHA512

    736a80289995110b36c67086675e3fb81b17f8854b2ed5e61a6b74142aa3105889e5ae78dba00269bd72c3999843af958c61aa57b359ccad219df22009d4c2c4

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    d85987e2227bcb22c302611ef4bd27dd

    SHA1

    ca4eabaaa7e35779a8211122972178693eb510af

    SHA256

    9bc4015b3658a644b1140d553e8bee98e7f7c603ea539712a16ecb6635e88cf0

    SHA512

    190ec2c1c00f71d5a360413ba04d2ba5cb517656e7d236235513a7cd01e6464d22de5a4bbc1f852e5f5a490573cbeef9e10db0de4f1d2540fe5b73d905a1329d

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    de68dfaf3fcd4aed8c0ff60b4af4f785

    SHA1

    ea7684b32b04a23f87087399e7e2e583e8af8ba0

    SHA256

    f8ec26d5c449a9e694befcc66115036a2396e1eee68ce7db0e6fba36e3967b71

    SHA512

    882c8b80152969097781bd670b1b3474c5567f4abcbca844b80cf8ece39bb79dc52cd65ae8c40c7c4cc7908919b7992454c93d4d180efe156325a75fd5218db7

  • /data/data/com.systemservice/databases/core.db

    Filesize

    36KB

    MD5

    045489a0639eee27bca52f48828cd93d

    SHA1

    436e7966e7c019273c44faa4d8c5709b816dfda3

    SHA256

    0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

    SHA512

    c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    eb52a90bb70b76e946b62f50b6f7fb85

    SHA1

    42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

    SHA256

    48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

    SHA512

    b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    c43c3d04d642980a523fd6d84a4b03f8

    SHA1

    b64a22535c06cb779ddf1e228c4071ffb63eccce

    SHA256

    ca5cb12689afa7909f88398d38721f30710a968f4a0a51dac8d10e75211709fc

    SHA512

    ab41ab5617be899aa4720e3d67896b385338447c0c6d24c040f62240fabdda457008441aad1110ec387a17f68465ac7ea213743b295776ad7e8b79ff68cc7027

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    4d42877b98433730ac10a72ff856d882

    SHA1

    681f78cd6d704de587779b0daa5eacca2099fbd3

    SHA256

    9b5bf9ed76c9dce404bcbca6326617e053915a4b253fee8d7285758fa63e2f99

    SHA512

    8b4a7eb32ffdbc8cff29ed44127abc251aa92caed61adb7db6d320e7ba0924fae3784cb8de92cb058313ab0ed30b6d5b23d90333832afe6fdae0d8e7112ce06b

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    b7dfcd4eb8bc94203feb4549f6484c19

    SHA1

    0dd7eb8549bb3b95f00284c2c9fc7ad1c85dc5ab

    SHA256

    843966014ba98428a2dfb7ec1b947331547a2d1f0f6a31f56ce625981d1f7c90

    SHA512

    4cb9cc3f4cdbb2663369a38e8a476d0cd1b165a6fefd4ae104779568af73005961111731371a6d87aa5f87c3b4ab3633df135e9693fe756936a09acfb99a03fc

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    7b2733f47a4818a55ba3fa393bc089ce

    SHA1

    3d35c2cd9632aba20a659a0b78d8d92335d57cb7

    SHA256

    5c659e2932c2e9f4cf9a8c58e22aaa065c1fdcd6d0ec1511e3869e3794abec9b

    SHA512

    480f3b3f6de76b7c8012d230ad890cb202b20b46cdc75d6cbfdcc062988cf95ef2b557f9fad08e518bd07b801f0a5715e98d6d581bda4509adac32335cc05ee2

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    f871ff700510a56a54fdd56bc41b7541

    SHA1

    481548c8bc3254a00f497140278597b915460c48

    SHA256

    ab18f3bb605f3cbedaffc75b2d5a03fe21ab82179d268331ea907bdcd32c23fa

    SHA512

    12e3d348199566e137f02b63e4c8b4c722aa086128c0f1cea883d512075b8573d40d889d2b4452d9e3d9c02f523716da9775d93750c242a1a2d9e62f50f60fc5

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    cf752c39c123553b8195fa24106cc31b

    SHA1

    671b05e5ef827512b3a1ffdf19bacf21d2a68e40

    SHA256

    b80cbcaea98b5f84d552bb975c12b38d758da25b95f958016eb9eaca95258e41

    SHA512

    bc11d5efc9068e6b24c341d64f9511a7a0a408540da92adae0c099ca3e5996e9bde4323b267d32bfe156f3829cc22e80f51d8fb117bdc8db8529e155160737da

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    ba591ed5c6b4c5d989e76d57da626167

    SHA1

    e1491ee38475ff52024432267f18a2b88ff8b085

    SHA256

    21b71fe6c532e02f6c9d5a25afcf699661328b5d55afd41381534a6da31b4acf

    SHA512

    d65cef41ab6d81500bdda32197c89a0863d1c21b67fb9ccef28c57ed25f280c18a5e95e9749cff9f3e3181aae8b73b6a370e2fcffe46599bc3896c1ba217e5f4

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    8a7ee5041f79a683b6f2d3cfb15bc08e

    SHA1

    2bac3d930986b9a85d605dcbf56b568e58334d77

    SHA256

    375501c53934dfea05a8e925d7412ae9ab79506bdfe39131424a02a971465dbd

    SHA512

    e0da671b5c368168505edc34ae52b495a9bcf1ae26fee0015cd8b2d0cce8c4b7e57c7515190cccbe4ac0e06e904ac1aefc522bb3aa0e8457f918cbeec24ad3cc

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    2672d8dfe2a10699e47fd62e0bac5cae

    SHA1

    008a51c653f98cc97f1037515ed152be232a24cd

    SHA256

    8c837178e501dc4feb9114b6775522847efafe2d19f19865afbfb45b4f3a7fa5

    SHA512

    40e075c17e61dd0ab4b457b82730a24319a943e6f11b433411328764d587ab401086cc4587c4bd92ce305007382e828b9e55e81c0346436f9086a4f2bec04896

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    dbf27421ab899148187997b1377c0c1d

    SHA1

    60c581e27dc9984436fcb063601fc57d60b68e7b

    SHA256

    a727440a89d2ae80d8fbb4299604895ab8f95b9bdaf2afba62d8eed46ac2ebb0

    SHA512

    5168cfa3994d12258a5151105ce55d36e383c2c30154c74c7ac93140593499acda10b6837dedb2cc2a56091ebb9dc04c80f40662bfc4df74e85f602accd7bf94

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    fd771bcad0ae415c649de81d9657f839

    SHA1

    9d88472b9ced550259b0405244567107a0476b48

    SHA256

    2137f8ba77e1ebc148fd75911e53eda39bc881da4786d8de98ff33270ff404d7

    SHA512

    bcfbf363ef43254dce6addd7b66e4e0a5013cda5a953de84a6a3b305901c52e8de04bcaf523e8c81ac1cfadc1a8b18adb1b13bb53ad4e69cb7c3ffbfd2368e77

  • /data/data/com.systemservice/files/PersistedInstallation2303488180233772123tmp

    Filesize

    553B

    MD5

    a56958c7faa19771429d043395e70bb7

    SHA1

    d33e9c1797f4dd98bf8278f296dd212a3a0a0279

    SHA256

    aa5b7a4d4badeb56e2c1fa2f9b26e6262f1a655c3df9ddc00e79a0295e3e56ef

    SHA512

    99a435efd677be9ae72a8da77ec37e6116b5313c9571045bd42de0cef482d846fc50b24aaa9b17ace35f00d897cd00d5a92e89ae68b465313d5cf49b5f73dd08

  • /data/data/com.systemservice/files/PersistedInstallation6098609741645957553tmp

    Filesize

    90B

    MD5

    dccd4629df976be6ca2a079f4c312eb5

    SHA1

    ba8a65b003dbebca27fbd4c55cd107a0c4f8fb08

    SHA256

    9120bd9a15045111cfb3e023d2e8a986b5f03644d9379e552ed04f3a0593af40

    SHA512

    e7819f3781bc03915fe7debd87ca22062569e7b96d186edbc4bb34f76a03ddf6e940a8456c4c25c1dfacc0a65c51882133c43b33eae27a06bf37ec94fc89b6ec

  • /data/data/com.systemservice/log/log4j.txt

    Filesize

    6KB

    MD5

    473c50c0641bc9e5d5b1148d7ad2c7bd

    SHA1

    0d1a141f09bf9b3519b1b6dfa19eca9dab178fd8

    SHA256

    c12bf3964d807afde6c37d72bfb9576d85576233cb23f060f79cd258511c0e01

    SHA512

    a50b8674a897f88763f8c4aa816c110b177f0bc45d9102bf886dc63a41566451620c1bdce3956db0c92adf1f4da4269fffe3f3ac4016d7fbe4284e42ab4ed87a