Resubmissions

30-09-2024 12:11

240930-pc4dgayeqe 10

02-09-2024 01:09

240902-bhr1qsxckp 10

Analysis

  • max time kernel
    140s
  • max time network
    150s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    30-09-2024 12:11

General

  • Target

    7b9ce40a5db59d489387d2f0cf3ef0a058b5a7cccb1dfeca54e4d1f30e46dd1c.apk

  • Size

    20.5MB

  • MD5

    f95cf2c20d492d6647885e8428d808cc

  • SHA1

    3ac3b2f7b6ef2adf78e3a35463d38c94bc0615fa

  • SHA256

    7b9ce40a5db59d489387d2f0cf3ef0a058b5a7cccb1dfeca54e4d1f30e46dd1c

  • SHA512

    3d5033bfa909468d92aad54eb5a308ffea9684471cc15810974a43e5c39e81558173774599b79d1d37fd7478516f8ba922d76035694764adb0f0a053636917c5

  • SSDEEP

    393216:Hq0sJA35z7A79L+BCZ1mbgafiubcYZzb/T9i/zVN2I+TX5RUKpPbNiRSKcsIJ6:HqbJA35z7c5JPmbBffcSzti/zVN2IkpQ

Malware Config

Signatures

Processes

  • fka.ugsonrqogw
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about the current Wi-Fi connection
    • Requests cell location
    • Schedules tasks to execute at a specified time
    PID:4631

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/fka.ugsonrqogw/[email protected]

    Filesize

    1.2MB

    MD5

    336921950a9f279733cd787f1203d73d

    SHA1

    cefc36a7c17909054cf2a507b34f545af96c0e36

    SHA256

    c6f157d3401cf969f57b4d102e14fc097676f11cd4911a68a3e08cafaf2aa94c

    SHA512

    6fa4f733298e00a8495648b623c04a5a7912a6a5af26089749e9ad26f30e20ba8295dfb901084bbf7e6976acb65ac78d7ce7a0037b1a4044ec5ddecd29801f87

  • /data/user/0/fka.ugsonrqogw/[email protected]

    Filesize

    2.6MB

    MD5

    850905bb253b202528d72a6724d68904

    SHA1

    ab3ad068ac55cff5a8b4f80f4cab5507968d0ce8

    SHA256

    abdd3b7a2034ffeba98a4b5192ee6878e5d05e822f8ded07c7cb413e13c944bc

    SHA512

    a15fb152539326a73ee427fc74760c0e4999708a40b81b5b464a6bba8dc841efbeff2a573418e0754e8d14bd750da7e335f680067a6abc4f7807b6f8a59007a2

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    124KB

    MD5

    f15335a640f24813c9b345c99da7e16d

    SHA1

    a0e7fdc85b3c1420bf342676be577f146f5dce49

    SHA256

    6baf6ee8c7c503ed9962ff49957fe3c0b707171d1913450d97c84856a6ae31b9

    SHA512

    5f51ec199de29b23e398d143c4f0faf58ba655a4f455ecafd5b6303c0ef428f3165f5db49daf4697f1dba3033da51113730ee5ad158a9ea9f8f6b9a10b044f19

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    0610fb0a3566b8489a10cd7c3e714f36

    SHA1

    5300a6110e67be9ea2e97104ed4d6dd0ea04974c

    SHA256

    c530b27f365a3bdc6820bc85098a9aa3a84ad6092916cc04aeca536a881c949f

    SHA512

    30e735ed00c2808fb9eaf4a62d1d993252c1c2d8d45d949bc7faa34a461a387051869e7917e0fe164a3c95fb3225ac544f6df27ae54204448cdebfebcaf509e0

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    bad23bf0c7687cced984e0bde1240351

    SHA1

    b64faef06ba0142f0e857df5463fac5eea34c704

    SHA256

    97c7d55333368461c9d5317ad6919e4424477e5781227e091edc79fefc86de69

    SHA512

    bdc37524061f1a8be0e1b4b38f7656adc84fdc01b81692215b3c8c0ef60e24c10ac1acb0847d9112f1c4555591452130623de891f5c98e6bcc0aa96390b2ee9f

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    a48bbdfb8c75c472009b632895ccb72e

    SHA1

    891dbc1066f8d3cca65e6c8ae995539975228811

    SHA256

    0ae32c057c4c6bf367c098482fed134a1f8e08157e3a3538321976d76c8a220f

    SHA512

    9f185c3ab6d991a439a8c1de8914f43694dd77f64fcd953043a1236fa2adb4a0393bdfd1fb2b12cdcbaf81c6db96cf3ab7461d347bad483482f59156661a20fe

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    5b37a9c89eee7da76a4874e86da9e96d

    SHA1

    dc9ef77f42399756d9ab4e6a516b6f1f0657f0a1

    SHA256

    ea66d7013d8440aff48c938942bd309d56d049547a492392916af91b8a70f698

    SHA512

    50a77b575e1c3b66eefc14f06e96da2e6b0fb0f87eac877aa801e281b7461ee29e81b191ce638a5fdf37a9a686cae750cfcaadcbe993871775c3b531de9346e4

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    172KB

    MD5

    57edc2f3f7bcec312b366bfaac434517

    SHA1

    42da6cd70ca15aefb5f8c6e980546024129ad455

    SHA256

    c344c9f6398a3afdd1275796fd29aa0dc4892eced959bfb3f2c228484cae8b67

    SHA512

    e6cd1eefc697b3ba4c8e653093c5a07aeeacbe0d82095617ece01f215f5e57a93e3663ee0a4ca660b7edd4ab80217287a81fcdca725e03f077722395b7e96777

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    ac55cb5758d376734c9054af508bdd26

    SHA1

    4ea3012021670eb3682174d14e375f0d78a5d8f2

    SHA256

    02ac1d16ed75531cafad945879ee2a1ffbbdada3bc2b404bdf069047f1f2740b

    SHA512

    d52ffeb94672c714de86143c7cf49b43f9e9604e4e0c17e869f3118629d82e04d2c81d70f4298f1258b0bf17e0465cee1c8b161609247a204bbc3b9b99eebbe8

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    e53eb0b61ad69038a0c4f2455f900c05

    SHA1

    b224713136580b5ba7b00287ece812a1577d0ba7

    SHA256

    fe9273ded5bdcabbafccddfa23dfeba0527b63dfd38d9bb0cc166ecfe9407b60

    SHA512

    793f37d6293338ded6f01ca64ded40ffadc60de7c1426edf555a8629934f2d2e22d2c31b7089042844182367f664a8e00168cbf7a8860ca315bece015ab521ac

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    4KB

    MD5

    0ed4b8b988fccadba1e45f077a05cdc4

    SHA1

    f69ca74f98f1a690efd142a36b45d6a2771d6541

    SHA256

    6211e0d25394d1543443d97c62326d7a3656373280f8954ac62aab6ebc144e8b

    SHA512

    ac42a0d599465241614343c0b8c1b972d440befe72859895b2db63a0aad4ff79ae113b91d25a25a2d1835dddbb86484a3693978972897b5a1c1fe82a360d6590

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    ede0a66abf8071081f7ec836d51b3ba1

    SHA1

    20244d176ce0adbd09685382bc19dbd4db0650e9

    SHA256

    af09ad39e24fe933d8e5aeb932bfe87ece53b9d80662dfe2ac6ffdf794c54b10

    SHA512

    00fab6b9a1503135b433a10fdf24e511045fba01a492912e030b1ed142b7252045a5ab959d5fa82baf3ff61ef65316b7e7b40a0e05a735628fda59798495ee51

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    12KB

    MD5

    03f0cae84bc4588ba404753b91fd978c

    SHA1

    94f37f38fb9fe13d18b1158465d550fabf9b0146

    SHA256

    5192bd12a11e29c8951def7cd160bf9b232288a780dd7a13a25cfb652afda7a0

    SHA512

    7690e2c14e5cef4d2e5fdb5f39d0a53e0cdd5a552cd4e4302a5375245c8c91bc158369642c4bc77d6c3b2ecfdce298250ea6f6117c11b618a5d083b2ceba07bb

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    24KB

    MD5

    c1668836d337cba869fe60ad5090cf45

    SHA1

    5605868553d3e8569b0f762c8e637154f2875550

    SHA256

    b45449aea55866121ac19ce66954148a2fb402507f8f3cfa944849c9a8b81395

    SHA512

    0ac3e62739595978f80dac81924a5a59ba2233e7608f4be2033a29d082a6780fcb1b5b1a63dde56ab0fda4775a5d9dd5905fae91efe559acf437e5def3f16313

  • /storage/emulated/0/.am/dm/md/main.md

    Filesize

    2.6MB

    MD5

    470586b3a055aed7c22156273f38f69f

    SHA1

    39866ece4bc4bcdf2613bd67851ee7ba22df85ab

    SHA256

    65daf0c170cda7fde64c441438cf9875248bd33af61af060d943b48bfb405f8d

    SHA512

    95ab906e2be05248360a5d2a3a4edd61a128e1d71dedc35245384799ae68b686d37ba9063bb2e86a891d96acfec47c897bfca290ee6251afcb07f140aca9c540

  • /storage/emulated/0/.am/dm/md/main_tools.md

    Filesize

    1.2MB

    MD5

    51112e0a7f7962a8e02bc885025414ef

    SHA1

    40622959af4fe349d8881c885b9b30441de8804c

    SHA256

    2b089f76930214706716aceba0bc6cefe6e132d14dd7d0a7c59eaa4f90f126f0

    SHA512

    f02971a0f493fb72539381c3d1503d8573e8bc67f147014f443df8c01e71bb28437f832c5702d25a8bef2c34c64fb1f46d0000523eed04ea7981186ada22e402

  • /storage/emulated/0/.am/log.txt

    Filesize

    173B

    MD5

    d2235cc3bc30acb783fd53c4c2a74856

    SHA1

    6b0149065f6c304ab7bfde68e27ca35d84598668

    SHA256

    7949eed8b7c56ce185b94358f7d1670162047e0c15146b2e139415f32c4c475e

    SHA512

    a746588b74439cc66066620336f5e42d8d3216b248219bab0b56c25ab59e4f2a602cd80baa93cc328471f253eea73da472e0d3c0f63ba97bf5c74f70194e3716

  • /storage/emulated/0/.am/log.txt

    Filesize

    152B

    MD5

    ac01f8b61d0a2068f43ae90841d43b33

    SHA1

    01fbc5c532ac4931e17e3079aac24d89f4900195

    SHA256

    baec8e002e7b4728fd188d184aa19e6dc2bdfb93517bdaebcd98604c09e34c46

    SHA512

    aa49d60f8af8236fcfd4a7822c069e3c16ade6edf91135ba41e99f4d7172d69fb2e16c0f88a4a7722478aa15b39e37b77ead37c3cc78f939a171176c8ce931b0

  • /storage/emulated/0/.am/log.txt

    Filesize

    4KB

    MD5

    2b6a618d7fd6ede0329232146a4f91f5

    SHA1

    891a4c589a90f6ad41abaa4839a06aa888c3b115

    SHA256

    e52a3371d4bc808859f7171484ce1f86e5d3638329f27cb7a26289f8ee203353

    SHA512

    f79f2310f29608d789ddb53d14b6b5159db22444c128d697b72f982f8e81f1043246b76c98b1e6ca77ecd36c4866f2601878b107f3dcc31eaf7657524590d732

  • /storage/emulated/0/.am/log.txt

    Filesize

    64B

    MD5

    cd873bb1b8450c210f0589039ed3a424

    SHA1

    496293c82835033f55758e57c8177a5a2de148e7

    SHA256

    10750ed5bde69015424855217e4d7dfabf3b5f0dd47b8a1c1f1cd33392e18cbb

    SHA512

    ab777a4bfa5152a3dd20d7f18ce689ae58b31fb93b80ee50ac26808cda2b468c27c5f005167b02e8595ef2f80b8703285ce142caf8bad4ea259ecd787ea86d41

  • /storage/emulated/0/.am/log.txt

    Filesize

    72B

    MD5

    fb2a856fa56a841dda0c9a83386bb41e

    SHA1

    ade6d4568dbf0977f0f676cdd393044530041a5a

    SHA256

    9eb298fb6b1239ba53a307ec30575af9e7c7e64c9903df353d89ceb17ac1949a

    SHA512

    29e329583cd9fb583414ce207a28e58f90ad3fae09b9a15babea880216f2ca343c536ce80b105e2e5557c642577ed852b6124d7c954ee0cd4240ef65cabb11ea

  • /storage/emulated/0/.am/log.txt

    Filesize

    187B

    MD5

    c7ea600ff2583c367e00cc552a3845ae

    SHA1

    3c88362caaa0737da00bf40db66c3b73d71a4a6d

    SHA256

    1ac729cf96a15816fd2d272419c1a19f492d7ad91dbda12dc889cffabe93b9e5

    SHA512

    0a2a703e26f99796a35f52cf062305c41553e959382cf34429908cdc2b365edb87734b150f704167ab6ddb80702f50f60878672e9f3e2e6c5daef11adcf6585c

  • /storage/emulated/0/.am/log.txt

    Filesize

    131B

    MD5

    41aa2b7e3b60f91d2cd32bee11c2ab17

    SHA1

    d9fcde22fddfb899d80b5ca661e8233e70bde54e

    SHA256

    09a0d3ee0bbc30576222ea955ccb7d9b0e920bad0a315a34b5bda1a053643259

    SHA512

    344edd474a1d46eb99a0c71325895718da8e1d7d6282eeab01c2e893c2582fc33e1acf4b5bbd8541e341da2769c466e62f8ad98717359b6027430858799f3c29

  • /storage/emulated/0/.am/log_.txt

    Filesize

    26KB

    MD5

    7641e84e0d2dc7ffcda7b364155bd7eb

    SHA1

    8a975edd441b8ada94ba33308a9ee82cd9727e80

    SHA256

    9daa769d87f5c7f1eb6c7ce8c7ee5249cf1bb10987c40deb6a00a232370f12f5

    SHA512

    914198e902d354630b661f37c7ec3c9c5ab0c4d861859eadc2b40000651f187601f6b13a4a2f3d0e64139e514b4d0fab3fb8e4752b78a3f835801f20585d5c81

  • /storage/emulated/0/.am/log_.txt.zip

    Filesize

    6KB

    MD5

    78e536de6b268033a5ebfc7de74f3538

    SHA1

    f4e13e6711c1f32454243caa32bf8a9f26c43938

    SHA256

    a9a2aeb7f4928685f8eee903c021b013a8cda67d308e0ba16feec67f43167078

    SHA512

    6b7493df338ef26d1777e3d4c86f19b7efa27b43eb6ae7db4410d476d1ac3adca0c098f51b039a3db1df4593e8abb9fa78ee2a90e159f5886a33b9e411ce53c3

  • /storage/emulated/0/.am/log_1727698352697.txt.zip

    Filesize

    219B

    MD5

    4177b8bdce1a7d850c9afb9f0c0fe6eb

    SHA1

    6e385cdd0dc8c24bc7f2692939ae9fd2595df1d2

    SHA256

    5120d94763d0b694844efcd2d834ba20e1d47e4bfe7bd9976ae708f03192efc5

    SHA512

    7102b7f63eb8403b91645ce792db7813b8f3771011b1838738267c4d6971ee6a16cbade3f5682ccf03af08f4d77bf63d9b7f3b35d3ac51f6cccfaf97e500b698

  • /storage/emulated/0/.am/prog_class.name

    Filesize

    67B

    MD5

    d8ad6773b632b7d8066ed57c6c482c6b

    SHA1

    c07e66a0e8e58e190392896d7b178b7079741967

    SHA256

    50eb09209f1670f34baec877f8bc19fd1ce7419e10da063b46fa4025558dc4ae

    SHA512

    4bba534c373aa27100f1c5eec84c0a9d77c0dc447dd33de3757c4d656a7c8bb7d602fb214102005e355fb9a22687dff6e141063d086ec4275a9b01c8c8c90fa2