Resubmissions

30-09-2024 12:11

240930-pc4dgayeqe 10

02-09-2024 01:09

240902-bhr1qsxckp 10

Analysis

  • max time kernel
    74s
  • max time network
    158s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    30-09-2024 12:11

General

  • Target

    7b9ce40a5db59d489387d2f0cf3ef0a058b5a7cccb1dfeca54e4d1f30e46dd1c.apk

  • Size

    20.5MB

  • MD5

    f95cf2c20d492d6647885e8428d808cc

  • SHA1

    3ac3b2f7b6ef2adf78e3a35463d38c94bc0615fa

  • SHA256

    7b9ce40a5db59d489387d2f0cf3ef0a058b5a7cccb1dfeca54e4d1f30e46dd1c

  • SHA512

    3d5033bfa909468d92aad54eb5a308ffea9684471cc15810974a43e5c39e81558173774599b79d1d37fd7478516f8ba922d76035694764adb0f0a053636917c5

  • SSDEEP

    393216:Hq0sJA35z7A79L+BCZ1mbgafiubcYZzb/T9i/zVN2I+TX5RUKpPbNiRSKcsIJ6:HqbJA35z7c5JPmbBffcSzti/zVN2IkpQ

Malware Config

Signatures

Processes

  • fka.ugsonrqogw
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about the current Wi-Fi connection
    • Requests cell location
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    PID:4923

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    124KB

    MD5

    9cf7e03179a00e0097bb8292c310a7f8

    SHA1

    8046f1a0d32003f672b2da8ba6c7eb8f54ffcd17

    SHA256

    b428664066ed6496119d7ef35afee74fe8f5eb834939f9cacbf55804aa592438

    SHA512

    1d046cd7d5a96b0b4f0c5d218f97ebc850ea4a3385658ea4a9d36dc05363659d1dc53660f94d4d7d87794cfd60b94593f304e9011421d35f3f17296d28c28cb6

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    f1c5e2aa9a4c3de666d45eeaf7c2caed

    SHA1

    9a7aff98f501192e368a69d78bd01a3959fcee58

    SHA256

    82a363488c58a116a61dd3340403b4be021f74b3a43c076f493879cbd6385b3a

    SHA512

    0052e8fae716b336628cf9345c423f1aa0c18b2c54ab7ad6edba856acea16035eb43bf06ba8ab12af63ad468a9aafad5041341d88fe84a324e627196b426016c

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    d7eafa60da8ec05c719a3e0059e3552d

    SHA1

    b662318c7d304309d27fd14a64cc094ec0a3ce80

    SHA256

    8f4e849d9dd3f115d6be83e535b25edc34d046a561e1f81724c215578b9df61a

    SHA512

    a30512b750edbfebf7d358a4c390adedc41b206d6d35bdbae3bd3263c157c37fd9668ce757d5595a9fb6f6700dfa7920cfcac777ba747ac65647c370078618c4

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    84713740323b3eb8f6c6410a8b79faeb

    SHA1

    c4f669038aef67fa56285ab94fd0e4a87567e6d8

    SHA256

    7dddf1d67d8e4fd8f3575a39bb1f7e10a8c544c692f0310fd904750a17d0c1b5

    SHA512

    2656e0973b33059f233d543bdcbdad2ccfc5070a8d7ebc1210e3c2a125ed845555533f7e1ec95362d591e37f59ca778032a8faccff0bd41a5d25a7cbdf0a3981

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    b741e37b197120a08e4d86e19a5c53a5

    SHA1

    27f0ef6dbe8a79d0f954f31dba6fb193a6cbca55

    SHA256

    8accc0d8287d78ca7e4a1186d4ae2431c9789b443524b956bb4bdbee8fea0336

    SHA512

    d57ec5069bc62166949fed9622489fba26809c447aa3a958259b5080384dae5fa8bbda8c3c03532906c1b6f59388430a3977a7e973e77e991eff08a01f549f35

  • /data/data/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    160KB

    MD5

    c53dc000c439708623cc5fb4d4dcf7e8

    SHA1

    0688431101be1c8a076b312e7a94322e98a7594a

    SHA256

    c9d0523f3ecc4325abf1aff49c3530f5fbd870a8e2d1f7a184b460d939582089

    SHA512

    8e773f56ec38d260f0bcae8d72dbe94d31a9ee83f474f0ea77d805dabd6feb481421b38a8deaa7b9a0d4908f41ed38156179ebdfcb7979b2c714bcbf572ff636

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    fc01ffb11a8cd2d7fd6b6dedc9d5331f

    SHA1

    d31a2eda2e830dff5150eee0f65378d5ae1a48bf

    SHA256

    6925f9f49f4d2027ec9ae7c832f063280baaec565af5885ad73b90b0baf1ce69

    SHA512

    4dcdcfd130b40a27e92b1c348cf6d7e3f8273c540beb3b3c8e82e9f18442245ee9c3e6a0e72c840882dc2c0fe0e6bea0882ef7b320b435a8cf4c8205efdae0fe

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    4c9af7e660f4ce6d1f4d11e143c1b0b7

    SHA1

    18c2864a486d7e524c36630308a0a7c083672d3a

    SHA256

    7564c645e105ee9313e42e168a42a6fb1c8eecfb4718227b504079a54e701487

    SHA512

    a66a41f88083ac3f8e10845a2e0dd34957ea403f3e1e3f5aaf20629c7a8f16d708d4aadf904b144fad61f70fc0e9b93d4e01bc5321372ec75aa135ebb71dc838

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    4KB

    MD5

    c74d44dce7db360204b6bb60ae7742ad

    SHA1

    266bc7f376270f05be9ffdbd6ba3cb0d5e6c08d0

    SHA256

    b6a0c9df07bb276f663a10861743c42bb8de0e595176d656619b5d3ae83774e6

    SHA512

    777c6d256ba8239cf218af0b10b15b1d4b7f89de3c6e471e46cac2d0782135408903029be982df9807b038fda379f0e785e8bf1b34ea5e3cff87fdc0db1672f2

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    c3fbe9a2e5b518b7730f3e74ec63bb55

    SHA1

    19967e5a83db68c78187cc3f456dae3789738be1

    SHA256

    ce806a436feab023f64114f711b6f1e42dedb92cd35d20a77d8e966853b16228

    SHA512

    f3e6df8a4b054305f0f4e654fe24233a122d5998b1d49b406d50b5ec6dbf91aecafefac6bdf623c28a5cf1d823f78a6361da314176446663cf06154ec04f9937

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    12KB

    MD5

    1e7be1f83fdc94538d83784d8715aecd

    SHA1

    0f53dbb11d55717d20fbc9d0ee588e4b089bdeb8

    SHA256

    0b83987da66bd3f904217309622fa14ebddf8ddf42548b30e1afc6c54c59329f

    SHA512

    828cb5694821406b76ca459c7bc9d734a93f7a3cec7c18657a0197079c398244d0ba90d024658ef4e9e0c31bf288f8a9b4713d2f622a8c1b0d205921d114ea48

  • /data/data/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    20KB

    MD5

    37a42b7fa7ca707c292e7dda01ea0cb9

    SHA1

    f7a68f22fa306cbd12086aca0645b366cdc46aa1

    SHA256

    5ae6633e76598e3fb69492df70e57237ca242ed644b4928baa4ad2f2ed623214

    SHA512

    d1345c6baa301e8fbea3891adcdca6723d71e460c5911064e430d4ba093eb70127c7462159948489111b191c1f5604fda943cb2f5365baee2d9dfa029fe77c62

  • /data/user/0/fka.ugsonrqogw/[email protected]

    Filesize

    1.2MB

    MD5

    336921950a9f279733cd787f1203d73d

    SHA1

    cefc36a7c17909054cf2a507b34f545af96c0e36

    SHA256

    c6f157d3401cf969f57b4d102e14fc097676f11cd4911a68a3e08cafaf2aa94c

    SHA512

    6fa4f733298e00a8495648b623c04a5a7912a6a5af26089749e9ad26f30e20ba8295dfb901084bbf7e6976acb65ac78d7ce7a0037b1a4044ec5ddecd29801f87

  • /data/user/0/fka.ugsonrqogw/[email protected]

    Filesize

    2.6MB

    MD5

    850905bb253b202528d72a6724d68904

    SHA1

    ab3ad068ac55cff5a8b4f80f4cab5507968d0ce8

    SHA256

    abdd3b7a2034ffeba98a4b5192ee6878e5d05e822f8ded07c7cb413e13c944bc

    SHA512

    a15fb152539326a73ee427fc74760c0e4999708a40b81b5b464a6bba8dc841efbeff2a573418e0754e8d14bd750da7e335f680067a6abc4f7807b6f8a59007a2

  • /storage/emulated/0/.am/dm/md/main.md

    Filesize

    2.6MB

    MD5

    470586b3a055aed7c22156273f38f69f

    SHA1

    39866ece4bc4bcdf2613bd67851ee7ba22df85ab

    SHA256

    65daf0c170cda7fde64c441438cf9875248bd33af61af060d943b48bfb405f8d

    SHA512

    95ab906e2be05248360a5d2a3a4edd61a128e1d71dedc35245384799ae68b686d37ba9063bb2e86a891d96acfec47c897bfca290ee6251afcb07f140aca9c540

  • /storage/emulated/0/.am/dm/md/main_tools.md

    Filesize

    1.2MB

    MD5

    51112e0a7f7962a8e02bc885025414ef

    SHA1

    40622959af4fe349d8881c885b9b30441de8804c

    SHA256

    2b089f76930214706716aceba0bc6cefe6e132d14dd7d0a7c59eaa4f90f126f0

    SHA512

    f02971a0f493fb72539381c3d1503d8573e8bc67f147014f443df8c01e71bb28437f832c5702d25a8bef2c34c64fb1f46d0000523eed04ea7981186ada22e402

  • /storage/emulated/0/.am/log.txt

    Filesize

    173B

    MD5

    e70e9971239504516bf2ef53eb9d9f3a

    SHA1

    2361abc5068bfc86c9391a9d50653165db40225c

    SHA256

    cc41d2796ab8a54b19a3ed2000981c1357681d8dd1b965567a15d55afee4d6cd

    SHA512

    24a8ac324d4116cc798b113126d6cba6e9e2620ff9c48ff8aa37c951d12f7970da29960558b44c0ed55eaf21194fd40c5a3385f13ccc46026a47cee431b27845

  • /storage/emulated/0/.am/log.txt

    Filesize

    152B

    MD5

    2bc10d7dfa1ed87aa1d0e4ce0f850811

    SHA1

    dd1d36cdcdae30db61130d6db0b007431d31671d

    SHA256

    d42f1f3ffb21ba76e1abe67da009855e1e2842f49520d85f9aa5ca37ff0e5bdb

    SHA512

    80db3c47064e3b1b8db65a22edd940726963c6f82c00e9277dfe7647bd1972dd355ae3f11670bcecbe31c093c8db23ad1e0a8330241758872c58a4946a68947e

  • /storage/emulated/0/.am/log.txt

    Filesize

    4KB

    MD5

    c9bd1fffd6e337793db790d86cdd5fa4

    SHA1

    0d7fc14af793156d45bcbcb5564233d5329e74e5

    SHA256

    67ecf5862ed77c9d4fdd66ebf23b35bc73957cf666aeb008486458c9dcd4f1c0

    SHA512

    8c35a3bec7b11dfe8484b83e19a5aba7aaf6464c0b48dc10d0fe8f067816cb0c5f2893e7c0d635c71520fb46ff48438db27350e5eeae491a605fb1baddf194f7

  • /storage/emulated/0/.am/log.txt

    Filesize

    64B

    MD5

    c8da8409a3bed200152f13edf528a6c8

    SHA1

    9587ce891074e6feee136d4c8883cdd67a847e2a

    SHA256

    4ce5fa013cd9db1db50bdc92a89b621adf13f7caad4709d4d422099c3df3c429

    SHA512

    06cb5ef6b946eca03b3f7a88fa72eba0d18e8092761bcd385916677ed6b90b36a4676e2f8d608c4432aa65fb37b8dc05b15f0922e885df94048fb4ce19247db5

  • /storage/emulated/0/.am/log.txt

    Filesize

    72B

    MD5

    46aeb5c4ec30ca564c2ce7ebebf0b496

    SHA1

    8318a281580c0257f2e3e322c436f661ac4047ca

    SHA256

    4d1595b55a3a8844436b9c9e0ad166f30874a69ba9814004d6afeedb79e9abaa

    SHA512

    2cf1bb42b7613ed8e7e111b8b1f50e6f6057a9a70d82697c7b96247bcaeee8ab938103e4eeadd4c26480c7bc0c43e70d9b32291e230f95b716f20dd2f14ac91d

  • /storage/emulated/0/.am/log.txt

    Filesize

    160B

    MD5

    870ab51477a72960523271406a406fd7

    SHA1

    725df47fff18bae2f70d8e8c7b2817781b7ec853

    SHA256

    a0ecf4652c40bf4d8b4eed59d797f2dd8b0574c4d34f1cbb884f1772bbec320d

    SHA512

    1dbaf61b505d9a158f68e24b19cdd10246363a591778af6f6da82e3408bdc1d21bc30b2ec32197c1cf5081a5eb9e5b7dc90c1c2b8382da56d3a8b7edac773089

  • /storage/emulated/0/.am/log.txt

    Filesize

    131B

    MD5

    2b917bb225bb988b8b308f95772fac9f

    SHA1

    fbf7e94b8a455fa9d3bc315a35214150bbf5da95

    SHA256

    b2f1cf96fca3c2781c5d4fefaca7276668089df2b8640244d62831d52ec2bc2f

    SHA512

    16c018a4177304c2d2e1aff2508d97a2246939a4cb9b1727f3dc70ebceb9ea7ee7f873b4337e58d99bbf69381189d3d45ed91222fbb85de0fb2a926ffba95366

  • /storage/emulated/0/.am/log_.txt

    Filesize

    27KB

    MD5

    dd853adced8e852b6f5ce477f3822a15

    SHA1

    800067bf872c769d4fc83166674d33463d27d069

    SHA256

    60b269e640795b273b063b908d2d080595e94ca9d6781171d6b7d4ca094e3e75

    SHA512

    0e4ee492991ccb84ccc43c62291182d7f77d35fd5941b1200702301e3ed9e7c4bc6e467b2d834ad92da29a03bf44a40e30c105db50928cf78d3e07df01a59b58

  • /storage/emulated/0/.am/log_.txt.zip

    Filesize

    6KB

    MD5

    58f079e35964edb37246bb44565c615d

    SHA1

    c31762ba5437517c36cb358462a36df00a459ca0

    SHA256

    a4dfab1aa228d2e072ced67b45b600785a916cc3e53361d592dc6f720a7e8af0

    SHA512

    6d6063caed2c0e9927871562ee698de3e9773413892029e4d834d3e87afd667ca0db53d59e9d261f78ebb6fa1b33ebee2a8d85a7f581550a861a82e3b99ded61

  • /storage/emulated/0/.am/prog_class.name

    Filesize

    67B

    MD5

    d8ad6773b632b7d8066ed57c6c482c6b

    SHA1

    c07e66a0e8e58e190392896d7b178b7079741967

    SHA256

    50eb09209f1670f34baec877f8bc19fd1ce7419e10da063b46fa4025558dc4ae

    SHA512

    4bba534c373aa27100f1c5eec84c0a9d77c0dc447dd33de3757c4d656a7c8bb7d602fb214102005e355fb9a22687dff6e141063d086ec4275a9b01c8c8c90fa2