Overview

overview

10

Static

static

10

NIVYLC.apk

android-9-x86

8

NIVYLC.apk

android-10-x64

6

NIVYLC.apk

android-11-x64

6

Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    28-09-2024 18:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NIVYLC.apk

  • Size

    2.0MB

  • MD5

    efb8b49c23f6554d9fd3def1c25c9618

  • SHA1

    38fa5bb17a6e3ec8c50ab5d436836d940b1b6705

  • SHA256

    659cf2b4d32c29779af3e36b1fdc335acf9290e5b427250aabbec3119f762e18

  • SHA512

    dd1eabe0936b73c603787481d64842281e9cc1d82ba6e9aeb3ddff04b35e1d0d0cbf60bda525b8f2c7390bbc34a3ed3b9b8478e8b68e12bc2e8dd645552bac0e

  • SSDEEP

    49152:Wb/iutLmCd1162ZXNJ/K4ln8aFbE25Tply:0/iut11fXXK4lRFbE2y

Score
6/10
discoveryevasionpersistence

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery

Processes

  • com.example.dat.a8andoserverx
    1⤵
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    PID:4920

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads