Overview

overview

8

Static

static

6

legion_anime_66.apk

android-9-x86

8

legion_anime_66.apk

android-13-x64

8

Analysis

  • max time kernel
    11s
  • max time network
    132s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    25-09-2024 16:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    legion_anime_66.apk

  • Size

    26.9MB

  • MD5

    f2f58be6ce3a0788f0df6d9072d0d750

  • SHA1

    6e796d654ea41bc6df55a693187cbd496d1a4d73

  • SHA256

    10781f708b988be37cc796901d19cddf1422fccbff49917d41d9a3d6226e67ce

  • SHA512

    93eb47d4f76f5f121c39e9c50cbcdf21829aeae2807a16af32331bcd4612a973e56f38cd59998e0b2d9bbced73de4d83556fb159d7c963bef9f61573d57aaf41

  • SSDEEP

    786432:JLZtr61ip3afTgiJviOgMXPSv5sd7095Pchtd:vN6SKfJKOg4PShGNtd

Score
8/10
discoveryevasionexecutionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Acquires the wake lock 1 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • aplicaciones.paleta.legionanimefull
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:4256

Network

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/aplicaciones.paleta.legionanimefull/databases/OneSignal.db-journal
    Filesize

    512B

    MD5

    2f6fc6c68cab348d60625c31b2411513

    SHA1

    f4e47c7690db79ddae00af5fc797fd8dcd417e25

    SHA256

    6b75c0b26c9c44380b9457a41e58c4bc359a27edea255e3b4a80b1e0b696348d

    SHA512

    9eaea6949189a7b9bdcd6d4db81c5e479fd438cab8d1f00bd2359c7b4c02da1596fc0ce6f4ba144542d06463afac4e7c8e9c2f1efa16c09820b3733acf5eeba0

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/OneSignal.db-wal
    Filesize

    64KB

    MD5

    8ebf861a2e2d810377e0e9d7ae835f91

    SHA1

    6f1ff29f3c1a2c7d7b5a58fe522d3d0b50836bbd

    SHA256

    8d43aa8a58ba2d4ade29a2e4b568da9f4ab1585e8955ebd03dcadad8d932067b

    SHA512

    8d96b921dc7840be639518cab2c0495891b40573158390e55e89ca645f767fbb57c0a00da87d3e15f75171237dfe3e4bbeaa32b48f3e092e120eeb64f555406e

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/com.google.android.datatransport.events
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    5171959500655436f973cc5fb55c04cb

    SHA1

    3fa1115e128f7306fdd06d474996ede96d9f49e0

    SHA256

    3438ec019e7de99b60f6eaf390bb5261ed7d543a67b55ed39556837f86f8c91e

    SHA512

    763440fcf61b4bfa5e00e4e3ab3edff8e31998ae4fbc0251e0e7f320d088bbcdaab6895b66cce812be30eef6c607a4a16532ad2f9308c9ca3d491a9a81fb9209

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/com.google.android.datatransport.events-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/com.google.android.datatransport.events-wal
    Filesize

    68KB

    MD5

    605fb8b79b9da36ff6229d912e4ebe53

    SHA1

    ccb756bb98fc6e82aa6e5b3275f1e873cdc25562

    SHA256

    c533e417a9490ab46ff57a8a14cd83b5a9238d56c4e9ce55e10b7abf6f7cd643

    SHA512

    d5b6e56d7707f8af156d7bee71715a9547d6b3dc79cbd8a6dbdfa2ae6a3d9fb3e50404f6cbee654d0e5ce8aacbf3445acddd2fef56573ab5dc960ecabadef797

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/files/PersistedInstallation2754759999979491656tmp
    Filesize

    90B

    MD5

    e4b309854134e2e3710093189fe36c85

    SHA1

    77df51efa50b55d3d51ac773c854760399821e74

    SHA256

    9ba4ddddfcaaee47ac509f9cef941e6ffbdc5f047b835ffe324eb1cb9e4f6550

    SHA512

    682091ff6eaf15d734b99bcab4ea90715dcc1f74b132fe2a349685b22861bb3a2545c81f02b7f7fe8b2d2f4aa4c00eb3d611150708f7060343c34a8ad6cf9fc3

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/files/PersistedInstallation3454892223655002966tmp
    Filesize

    569B

    MD5

    b0537ffecc5310c1e5fa37e86def948c

    SHA1

    8ab56e902aa6f92abef2cdfd0fcba566f1768263

    SHA256

    ac2001d00233012c988082e144765b311ee478a8fa1cd9047e4501a2f5ca39c0

    SHA512

    7ed833c1022ccd3e681738442dc08ea9311d66aa4a29fafbea8d9200a37c14e67900be5aa7407a573cea34573b83d69ea855ca0b0c7286ac8d3daa0cf4fef0eb

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/files/PersistedInstallation6807961968786847473tmp
    Filesize

    90B

    MD5

    c19e1be3a885561377a387101cd76b9f

    SHA1

    798a3a5d5f159387c103dc793f1fb4309304ffe6

    SHA256

    010a53362c93335790bed611e46956a04274b0c6de53575f0223e26ce38a7b12

    SHA512

    7433782cf9341080246c719c071077c787041b8403f37cd941f2abb5f880f6028bb1a4d0113d0eebdc0a08a04c72edf342d1c1abdfbdfd78dd4ab3681ea2786f

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/files/PersistedInstallation8121352087272390593tmp
    Filesize

    569B

    MD5

    31683ebb0836d536eedd32018b76d1b2

    SHA1

    835827223f966aa5bbf63d3c85bbe78fc51c0518

    SHA256

    013728b6d18b8f01bdf8c9f775784790b370c70a43403fabb6a9f73309b78878

    SHA512

    b777d655b2ccde2b9483fa859c4dafc421d1e8b60b24056154245ef309c831f0b113026796c341ef4af3d8a5fb9072205d6b8a2022c059aafc1dce177c148e36

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/files/audience_network.dex
    Filesize

    1.6MB

    MD5

    989768b21c4fce32c599ea373ee202f9

    SHA1

    1d2f815e783ca87982dd10a9331c54524017b653

    SHA256

    bfb3181b522c02f4eaa901d0e3d5d86f739a38b4642ac9258d1037eeecec1b23

    SHA512

    1d49e052ee3456b7e7ef9efd788861c7e4fce669b433cb3ab13c0499aebed548eebf248871992c606f0626a5061a0da3735fac1384d881ad40ab8d126f7f5a25

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/files/legion.realm
    Filesize

    24B

    MD5

    a6574431b943e0bf47642c666f3fbbe7

    SHA1

    79191cabd86accd903f27c523c95ef19933c64d1

    SHA256

    60692d3a39b5fa2c7ea60c7be7014c2069f7c0a3fedafa269addd8143ec15f6d

    SHA512

    c438e1cda3bce0de04a34e3f53f17f7cdd235e80c656c31e43a21b37e77dfd90de14c17a5c6719b84a14899ff41107a75790b35306c7ecb1674d6f60de9bbbef

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    5cd4b2161ac43661202ffd7a862c12aa

    SHA1

    f91e64eb3e908f7494c94163aeccf8e44c7fe942

    SHA256

    7ee26cb12262313f89065b0ba3d787330807f9b5f5ce27b166d286dd4bdb3475

    SHA512

    683d55602b05cb1978a7807f76c89b0bbd79c10aa8481e6d74fe4f1205c8ab4a057a41e7837d0cb6ed915f8fec5b31ea2b4dd9b3e4a224cc37e86e20eff2b6f0

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/no_backup/androidx.work.workdb-wal
    Filesize

    108KB

    MD5

    482f635f29af9c05d0947b4bdd20b0e4

    SHA1

    e3bf423dda730a3acf75f708357bff7a020fc3b3

    SHA256

    8529449277434ccfc22dac19b6e06b952c153bf0fed6066dff1723421724f75d

    SHA512

    ef89826bd706ce3b781998e6cb9fcf8f0fbb97b0faac3c1c1afe8a80c84e818aa94168f2e72b1428ffde69dc12f0e6ad608593a273533978041ed5cab4c9ecde

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/no_backup/androidx.work.workdb-wal
    Filesize

    177KB

    MD5

    c9d3d1a8609698c83b9e41768a97a543

    SHA1

    39f0d561d2cabe0adf893e6f128468a88cdc1314

    SHA256

    adc1b53cecd88f2f1a4e07db01b99788a9956ce50ff05cf0c46cbf59a0dc64e1

    SHA512

    70d960fa682436a605afb81b16d081fdf159def91372419952f84b98c84a16611d2828dd19ea647e9f1e9da39f2061ef813a40c1013f7000cda60d4d910b34fd

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    1b99982562972912467f692e9da6bd4c

    SHA1

    30852f7dc4525648d579241f1b11182d8a4fce06

    SHA256

    e44048d46d698d95b4e1bffaa3fcff54516289fcfd61a1d4075f512950db4680

    SHA512

    6dc42d2ace0ee86066f7918de62727a563ca734a43b54dd235cf1e8d98775489d15a1a67f1160e87e9a4a964ec098b2569e2189a641ae32f0aba901ce042483a

    Download Submit