Analysis

  • max time kernel
    4s
  • max time network
    146s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    29-09-2024 02:41

General

  • Target

    2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc.apk

  • Size

    3.6MB

  • MD5

    39fa2c58237de702fc3458251f358cab

  • SHA1

    16e4e5003046f5d07a0fb1eff0dad56d9ce53be3

  • SHA256

    2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc

  • SHA512

    023b77900582d0b6629d587f7411ce5153124cd3870b9533cf9afc5304b874e4353d8dabb7adf8a199768992123e707bc6a87ee682463c3bdccecc8a060e7126

  • SSDEEP

    98304:kyHTjmHgJcyw+WoeX89z6Odp/9hBbW+te6lXhAyHmz:k+jmKcyPsXMl9jS+oSc

Score
7/10

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs

Processes

  • com.systemservice
    1⤵
    • Acquires the wake lock
    • Queries information about active data network
    PID:4974

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events

    Filesize

    12KB

    MD5

    ea628e04765adaf4238a5dcdff4bbd51

    SHA1

    a801947619ea8c368efe9c006a324dc6339ac60b

    SHA256

    885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

    SHA512

    c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    76ba82127b9bed18afbf2fcf0ca0512f

    SHA1

    7324f1d6818d0b1f38717759d9ea1381aa15c930

    SHA256

    239b18adbb6101080eeed5f1d7b475d05b226f83ec22dc3dc7ea059e94f21dbf

    SHA512

    4992a0ace9513c27422026d43ca60f496d6cc7adf341815bb55e88ea9d5ffba23bb7b7fdb020ef00a13061dc7b4254da80f421af925d21cf244e0c7f7992a900

  • /data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    b9039021578361741a2e44897f3cd77c

    SHA1

    6b772fd76cda4d3e1d14a2ed7ab525c03b8b50b3

    SHA256

    499ba35ccdb191b0891b2e2e4a303bd3a2c867d31632a9f4b111b3af49be110e

    SHA512

    0480661b6df322ca828f105669078b024c0867aafe007ee30f9320ae0923acb4ff6e22d7b9e7c2149b28bd145fa24a102bb8b4d77a36e5ea0b80f70b95da46b0

  • /data/data/com.systemservice/databases/core.db

    Filesize

    36KB

    MD5

    045489a0639eee27bca52f48828cd93d

    SHA1

    436e7966e7c019273c44faa4d8c5709b816dfda3

    SHA256

    0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

    SHA512

    c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e