Analysis

  • max time kernel
    17s
  • max time network
    157s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    25-09-2024 02:28

General

  • Target

    2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc.apk

  • Size

    3.6MB

  • MD5

    39fa2c58237de702fc3458251f358cab

  • SHA1

    16e4e5003046f5d07a0fb1eff0dad56d9ce53be3

  • SHA256

    2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc

  • SHA512

    023b77900582d0b6629d587f7411ce5153124cd3870b9533cf9afc5304b874e4353d8dabb7adf8a199768992123e707bc6a87ee682463c3bdccecc8a060e7126

  • SSDEEP

    98304:kyHTjmHgJcyw+WoeX89z6Odp/9hBbW+te6lXhAyHmz:k+jmKcyPsXMl9jS+oSc

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Processes

  • com.systemservice
    1⤵
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4930

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events

    Filesize

    56KB

    MD5

    8a662bca3d7c51ab39a69bfe7b67be48

    SHA1

    3dd3808038ccceca9010a79d93e6eebc2b3868be

    SHA256

    4528069bf44e54f57520580a53773d1a701115a3e4c170a5f24ab25c85c0e7af

    SHA512

    f21b0e0712620d10448e396abc4fd56693abda2ce0457a223e2018561fcb9052a0bb30e2ede8613c800beae5f60f611b007ed3c507e6dbfa46192cbaa3b9efc4

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    4fcf912e260be250f3d83b70cc169d1a

    SHA1

    a0aedfe2d08a3cd7e38da38fba12955521259d52

    SHA256

    c92a2e9d5897930aca65fe878336b52b662b1520f6061ebe6f3a656abbca8ce6

    SHA512

    b8e9e77e919050496a5aa159852112b4b055010be43ed1bc2446ce6d0b0d55da6bdaf0a2e0c20b1d4a707dfc1f1f201c25b171543e9766de41a74a9dedd9a912

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    0beb73767d2711c9a0ea523542801b3d

    SHA1

    59e8d0a698ed2b1a28805058086666c846a0c3dd

    SHA256

    44a831f36528e7c0aa5f39e4f281cc54ab5f2ddc7067aa7a0db7f534df798cad

    SHA512

    5fe2bab2601ac9715f2365ecccb798fe4bb1c6fbe8c3188053d329f94e36a582413a90f47ec00551d7435fcaebde4103a92843c5be327c9fc113759dec1e1705

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    11be2c62bb635778874f8e8b8437e6b2

    SHA1

    51d8ebe6a849e5c1d3faa1260d8118a3e28e3443

    SHA256

    c7d202da8dae6c1c1303e0e834373dc29f198e624492dbc955b2a40d0a494c93

    SHA512

    bc86342547c6af04226b673a886444c3cff6ca55b01a445014e4a563b181559ee367714887f162ef49c6d0adfdb476204b4ab824c7f4a36ea66fc507c6c732e0

  • /data/data/com.systemservice/databases/core.db

    Filesize

    36KB

    MD5

    045489a0639eee27bca52f48828cd93d

    SHA1

    436e7966e7c019273c44faa4d8c5709b816dfda3

    SHA256

    0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

    SHA512

    c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    eb52a90bb70b76e946b62f50b6f7fb85

    SHA1

    42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

    SHA256

    48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

    SHA512

    b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    53514eedc43191b2d44dc9aef42cb1cb

    SHA1

    8bcc1a074c1a318eb229a6eaef31911f3d8ff007

    SHA256

    16ac4f12acdf2de0a73d95cfa8e3d5f15796e6143c8095411ae50e75be7ce02a

    SHA512

    436651bbb8a1717b01d26c09bb9a41c623c8f6a5f600c69704ee99cdae978aa195033aeee9a13fc3d5f3df88042b505adf34e1df94c99d0148bae05364a42fdd

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    d09be48260ba74b721c618faec916825

    SHA1

    434c1c7e443eeadd4d322a3adfbbfa4bcf1b5c29

    SHA256

    3d2f176b287c51ec2708f00622b10afafe163ffeef168deee28663f31e499f0b

    SHA512

    9a33cb3f11f335f3f532f0d7095b3d9048dedec19f06dd64ac08bb8329e5c3cd5ae33bd3c02e6190bdf8b78481a375132d3fe1cbbd5e3992154be621bf14076a

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    47e62f20d5d500ef2be99228614ffad5

    SHA1

    cefa0e2f8941202dc9f98d6bb7c120da726bc975

    SHA256

    bf587d6d576205ea08378095b45afb796df5eb6e60b20526e1b63703cd6b31c9

    SHA512

    3fc3eb362253f20d5cacc4f7c0c963883f7fab187c8540ebb56b61db5bd59c1c5d8a67214a9d83c77a0616005176ee4c92d3e9a13bfa0ddeea5dbf517113a3de

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    0aaa76e9dcadf82acbe42593e753aa71

    SHA1

    51ce5126517d2d6369b2226fe80a16927bc1c948

    SHA256

    8c522b2743aa29a385aa3c2947a39e40123a9a2a1238859b18d1382f2bf1c2af

    SHA512

    5bed27a27b888300e52b80985bc263a2cde28a6804f58147339993fdf7ccae2d7efcd4cf5737dc46dd41dc526f016630f0e16c7a878c8143122c6612a7ae6784

  • /data/data/com.systemservice/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    f871ff700510a56a54fdd56bc41b7541

    SHA1

    481548c8bc3254a00f497140278597b915460c48

    SHA256

    ab18f3bb605f3cbedaffc75b2d5a03fe21ab82179d268331ea907bdcd32c23fa

    SHA512

    12e3d348199566e137f02b63e4c8b4c722aa086128c0f1cea883d512075b8573d40d889d2b4452d9e3d9c02f523716da9775d93750c242a1a2d9e62f50f60fc5

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    d6fc7740484e056b401bd64a96adea56

    SHA1

    351219bc8571ca2456171d7dceab1cc133f1e378

    SHA256

    9bf0e8f2db118b05786b2ec2fc2ddaa883c9768318b21d213a70d0eaef0bb80c

    SHA512

    76653bfafb6fad0f7a8106050cb831ac51db5d2175acc2ab4d4f9948c85d58e5de0bade3db5dccadb91cda1837a41edb24d8520fa362e64359504d9d4a2b1471

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    a15a67d66be452a8b3b6d397aad3955c

    SHA1

    fe24ac213b117774e7a40cc1efa5cc8ee90becd3

    SHA256

    61a623bb064afbf7fcf2f9a355dccc91341ec67bc745908f3dc90cee3b9fa5ac

    SHA512

    cc52b0e4556e6521daad8c8e1fc99e9b772e8bc4d555a990b0b62fb973b4cf2a5bddb4ad83de6cfee7d2bea89eac927c6543ba3d4bbb8ad916d14cf711bb558d

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    42075f770be596a1f18b4c1dee1f8707

    SHA1

    600e7042b87c1ac76aa7f3858dc496dc6c786a4f

    SHA256

    1604715f6f310413cb278c02cc47e3fb01e3f8301c3d76985edc1f1cc6ec2d05

    SHA512

    98f35fec54f6d725279ea814ffa36fd047704bc3d1aa75b9a8a7e589cbac8232b1ef79e6a1c90fbb335160cd3283a444d526e0a4abd8c6d8b1915770e2c381e2

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    fb10e03414d19f42c2a4a0b01365fdff

    SHA1

    d785c2177213b506d3370507acc07aac1e435418

    SHA256

    62bc516382c8d857cfb71203fe66f35fcf374d075f0e094e8f1bdce486ae6645

    SHA512

    b07f1199b2e564c3b005250bdc303b832da50a881bb0b3cbeecd82a933ed858735c466cb5604f57f493566682e7b1a7a5f77378c248074a9f6bea51cd1ad0f0b

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    169a064d5aae3565bfbf93b60bfd77c4

    SHA1

    a83b904f35d67a0f851bf987aa6165bc71dfb145

    SHA256

    56cc0c25547b02b4d33238b8f287bb92a3b9383dce55acfff3c4dfa4e1a9df21

    SHA512

    297e05ad6627d36e47a4b6e0863cb33642b9f44b3eb31eb81d10b175e1df7230eab84ec5c216d0069a9c7dd33e256140bc690ef113e28f66dd1dc1047d5e8780

  • /data/data/com.systemservice/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    967e1669cefeccec3b6af0fbf42d4f94

    SHA1

    8e95924f08cf4e759a9cfe2f59f816744a83e703

    SHA256

    0e051653d1e26ca4342e512f17be1c3082be5b66fee752f185d96cfd2a2d6f9d

    SHA512

    6c9e5052fdf6fcc09274e7836081429f328f70cd02942fa592bd44ca979f1ab5ec9bde3ea1ae7e7c04855bda3501def95adc73641e79be91a23750a32c984dae

  • /data/data/com.systemservice/files/PersistedInstallation1571092158864774722tmp

    Filesize

    556B

    MD5

    9e70ac4c857b29c1121afda95a5c3ad1

    SHA1

    1d7d28545b62246aea9be75cbead0766db1f4b4b

    SHA256

    3ec33ecd81b21a4c1ba6c76e27c5679ff327d2b7c2a74f1a988f2eefff4c58cc

    SHA512

    e27a84981068810354febc14f1944334adeed3d3c600e0bb8301342ce6f6cb9c57df01e688b1cd38d0ec5c90149220b9a6da0d0ac1a55daa30ace552c0714083

  • /data/data/com.systemservice/files/PersistedInstallation3614916393476094826tmp

    Filesize

    90B

    MD5

    d15339e8090cf2e7ad3295465275c1a7

    SHA1

    d0601621474d347e63b9d6bf649e196b75ac5a3d

    SHA256

    be631b6e06156fefeea97ba10449c2fb1973d5961fac0a00624bbe0cbde8aa2e

    SHA512

    6307db1d0f9b55d3396fa08a12973182208c93e2d8d2f828bc9ac74d8e77b81d091f406be33ebce978d61a45dcee845f181712155da3f346775847a7a1838330

  • /data/data/com.systemservice/log/log4j.txt

    Filesize

    6KB

    MD5

    f3765845922c7089b03d1390d56e7ad9

    SHA1

    cd450d9ec88519f33ad9b228eb0bdb7e9fe7d519

    SHA256

    57a2eb960f0b0f01946de1a0fb204af61552d7c93b4fef113e38f21f9c07aa1c

    SHA512

    ae8526396543ed2f6706b10bc1f97aa8a5a95f0673c3ba749f8c58d401c6b5473e99c359f81bb26c73808c3dfd90289697add677f302644a69661d831907019c