Resubmissions

30-09-2024 12:11

240930-pc4dgayeqe 10

02-09-2024 01:09

240902-bhr1qsxckp 10

Analysis

  • max time kernel
    144s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    30-09-2024 12:11

General

  • Target

    7b9ce40a5db59d489387d2f0cf3ef0a058b5a7cccb1dfeca54e4d1f30e46dd1c.apk

  • Size

    20.5MB

  • MD5

    f95cf2c20d492d6647885e8428d808cc

  • SHA1

    3ac3b2f7b6ef2adf78e3a35463d38c94bc0615fa

  • SHA256

    7b9ce40a5db59d489387d2f0cf3ef0a058b5a7cccb1dfeca54e4d1f30e46dd1c

  • SHA512

    3d5033bfa909468d92aad54eb5a308ffea9684471cc15810974a43e5c39e81558173774599b79d1d37fd7478516f8ba922d76035694764adb0f0a053636917c5

  • SSDEEP

    393216:Hq0sJA35z7A79L+BCZ1mbgafiubcYZzb/T9i/zVN2I+TX5RUKpPbNiRSKcsIJ6:HqbJA35z7c5JPmbBffcSzti/zVN2IkpQ

Malware Config

Signatures

Processes

  • fka.ugsonrqogw
    1⤵
    • Checks if the Android device is rooted.
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Makes use of the framework's foreground persistence service
    • Requests cell location
    • Schedules tasks to execute at a specified time
    PID:4372

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/fka.ugsonrqogw/[email protected]

    Filesize

    1.2MB

    MD5

    336921950a9f279733cd787f1203d73d

    SHA1

    cefc36a7c17909054cf2a507b34f545af96c0e36

    SHA256

    c6f157d3401cf969f57b4d102e14fc097676f11cd4911a68a3e08cafaf2aa94c

    SHA512

    6fa4f733298e00a8495648b623c04a5a7912a6a5af26089749e9ad26f30e20ba8295dfb901084bbf7e6976acb65ac78d7ce7a0037b1a4044ec5ddecd29801f87

  • /data/user/0/fka.ugsonrqogw/[email protected]

    Filesize

    2.6MB

    MD5

    850905bb253b202528d72a6724d68904

    SHA1

    ab3ad068ac55cff5a8b4f80f4cab5507968d0ce8

    SHA256

    abdd3b7a2034ffeba98a4b5192ee6878e5d05e822f8ded07c7cb413e13c944bc

    SHA512

    a15fb152539326a73ee427fc74760c0e4999708a40b81b5b464a6bba8dc841efbeff2a573418e0754e8d14bd750da7e335f680067a6abc4f7807b6f8a59007a2

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    124KB

    MD5

    011cd6a11afb071cc79ef5019e0548e2

    SHA1

    06456658c8ad8e29492347ea80b83b0cd1dd20f0

    SHA256

    9b72e53428efa4d1b97f3e59a765390e5116af3b6be16c645a61a8f96c040c97

    SHA512

    ad7ef191f6be037bdad532e90c4e48c152b6665e720a640f4bd7ba35801d91b5730f131201da223443b0a964b8bb815c719ca7b6344d8d1ae5655aac4ce16d30

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    9426d45b94f219191ffd9b29a7213c44

    SHA1

    3751c3973df1de138c661e4d48f8315c5c991222

    SHA256

    0193861c7feb8480b1ef3d9e876b7fde1317ba04bc6be3b4526518e4e6fa7e82

    SHA512

    53ff08ae790fe3d84713970266876fa891ca60e0139e4bdd4422d756930cdb8d381d96a6dfef133a61c615a76245f033a5f32634ecb22f60c15761eb0222640e

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    650a3fe77dbb102e4e5356406985a540

    SHA1

    ae240a89c865148a6dc02763fdea5b6109a940cd

    SHA256

    12c3db965880b662312f812d3ba87fd8b6fd3f8720d3138439a40b9f82c1d3c8

    SHA512

    5f2f544cf469f76f76f38d7f22d330953be1699ecfab07a5ae72381cc3954b48964d0a10c7be17118c4c0f127dd92a8c18d8bc7f5b3081a96c5baccb2e1ff87c

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    bbfb48c6e58be25225de3b63ae774fa5

    SHA1

    046ecafccacd06803ccff3aa11a6f9f70e1530d3

    SHA256

    0d216ec5621da711d5e03b2c2b796001703c4ca5605c5080a6f546366f57fdbf

    SHA512

    343143e12f99e9ffdad81a38f0e9edf56ef487eda7b237742bd8368ff60ddfdea27e847efa5acd3347da85b4eec4c90439bee3e9845b74e183ba9553331ac514

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    76cec304ed0e5dd0125622ea5d655941

    SHA1

    ede8d75f0bafe8f52b814ba8f5140675c1a43bc3

    SHA256

    5271be7fb93abed6b1c46e60e42308097b76523c53d270bcc2d32b6762aec22d

    SHA512

    e0a7c29b2127813e69d298a76f1d02a0a787ede47f6ef147be319caeea1960bb529632d4c7737a2978b4dbd0d66a15e7831dc90f433a19075c61b376bc8800bf

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB

    Filesize

    96KB

    MD5

    a78d4abcab1d62666ca60a2e04569c1c

    SHA1

    e687ba6aea1032ba20082fe2071392ecb314aa11

    SHA256

    8cf80b1825029feb0b4848ce68bf7ffe91a226cd85f93896ac751c012616d1ee

    SHA512

    c78e75f3b8981843c15f2b86e97abf13b1cc1a39e5dcfc804f9c4d4e4d20724b53a26d9d97b284e4e99d671911ee98dff409c0a5a0b4626e9b5d29f2c55d1e81

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    7974217a538adb916aae6c633b8b367a

    SHA1

    f81f1542236dcdda41b06ee7bf16f9da5090231d

    SHA256

    3caa841319290d5cab69b2af0d50f022f5d8cc3ec6bdadbf557afd69d049411b

    SHA512

    20c4fc9d36a157c2e07d54d965371a765a097d24d96aa7231ab621b35d3669d82d0278da69b9990511a9aac9904532e2d67be794ec458bd8e0fa870ce45b6a19

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    173c552979d3807bd3c7c155feb304dc

    SHA1

    9193be34b41fbe7995398fde31acc5a249dc3de9

    SHA256

    d81b730fc5c9d5456073cce48341e05c95e9cf1d372667ec08db1fcc4d9504d3

    SHA512

    095e440a713de1616c974e90c4d2423011fe5b683fd16206384959c2a2c48f118ef353e020ef1fda480d8c11569efb181fae3246607d6b94e2711fa4bb1be474

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    4KB

    MD5

    b2723c5873fe4165d3b9b30704c77a43

    SHA1

    55d510175ed8a6e6c0438f4152f553df43ef2600

    SHA256

    e05e82b6031b12714c881b1326034263b74202e129d5a4bee7ee184da99cf2b0

    SHA512

    6d479b9115abce3eb29fe9930c4fcbead4ee33d9d843d6d6121bfb4b6df81cb8efcff03d68bc2390a871c00cc75f9543bc2aa992c2479421359577f604f72ff8

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    dded66882c6044e7e90b34c08ca4c623

    SHA1

    2574009f4365905ea3924c8a29071601648772eb

    SHA256

    d156cd0fa5cef271832ca6ba4719aac1382d7dcbb8a53840671e390b187e0464

    SHA512

    bf4e0d221d5f39bb5d78c5ce0e85bcfcb266f771000a7ab86430da5dcb45b72b05045db3bce990335171b107ded8315867e7d44878345659d522a530846b9385

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    12KB

    MD5

    09efd11365695a690114b8996b51ebb7

    SHA1

    48ee898f0d3aa36bf91fdd69e94f5e683f5473c8

    SHA256

    96031f273206495795d07b4dc5bc93465186233fdefd29cadb4a3b3f7b1939f6

    SHA512

    15ee6f3c3ca1443ad5098a7458622f3cc267314fe9c4ac549c374a0392be11c4b6f24b737ab4e46d2af32ca86dde65e6f7325a1db57a1cfbd3e83e92d2f35eca

  • /data/user/0/fka.ugsonrqogw/databases/SettingsDB-journal

    Filesize

    20KB

    MD5

    efdbf1f13f18a21f67a128eccbcb0f5b

    SHA1

    484be96ae0d408ec76f53730e9ffb9248ba3f231

    SHA256

    57d81248758b845995a4db838ee0a13e761e7824011d6137223c84b442b7dcbb

    SHA512

    478e7cb136856619cdb40712767a7c64943882777b64091f391338e71bf16962c0322db34303bcda6060f0c6c0cdb5599abba15e630052021ed8157a84344757

  • /storage/emulated/0/.am/dm/md/main.md

    Filesize

    2.6MB

    MD5

    470586b3a055aed7c22156273f38f69f

    SHA1

    39866ece4bc4bcdf2613bd67851ee7ba22df85ab

    SHA256

    65daf0c170cda7fde64c441438cf9875248bd33af61af060d943b48bfb405f8d

    SHA512

    95ab906e2be05248360a5d2a3a4edd61a128e1d71dedc35245384799ae68b686d37ba9063bb2e86a891d96acfec47c897bfca290ee6251afcb07f140aca9c540

  • /storage/emulated/0/.am/dm/md/main_tools.md

    Filesize

    1.2MB

    MD5

    51112e0a7f7962a8e02bc885025414ef

    SHA1

    40622959af4fe349d8881c885b9b30441de8804c

    SHA256

    2b089f76930214706716aceba0bc6cefe6e132d14dd7d0a7c59eaa4f90f126f0

    SHA512

    f02971a0f493fb72539381c3d1503d8573e8bc67f147014f443df8c01e71bb28437f832c5702d25a8bef2c34c64fb1f46d0000523eed04ea7981186ada22e402

  • /storage/emulated/0/.am/log.txt

    Filesize

    173B

    MD5

    85a2a0df7b854e1477c6c3d6fdae5152

    SHA1

    432c07802458f090ad5cc835d0725eeb4ffdcaaf

    SHA256

    95e97b47c077d4ba8c3c65b760d40b539b7b8e5a175378ae6b6102de5d19a89c

    SHA512

    f23df38fca7a033314eb59f0e563421a4755babf38cda4bd8ad4fb26101a28d818a16f2fc97b2152eb5f5a1cef19b304bd0344812058fe3b3d3b2cc8011aedbd

  • /storage/emulated/0/.am/log.txt

    Filesize

    152B

    MD5

    772f75af7cbdb69522e6a984ed3cc1c7

    SHA1

    f8afecbd2dba6a7de1db555a1eb0545d5ae43a6b

    SHA256

    4177947488e0c5862c2fa65b0b6490e91fd01695df3c07385cfb51627ec28a35

    SHA512

    a8d7633c66d8b2cdaa8d8225fecf50ee9a1e5ce3b5335e0e7641e386bb549af5dc7cb41df44ad45a2c52c5a63e07dc205984d0528c6b5f8c2c8c03a15273ad57

  • /storage/emulated/0/.am/log.txt

    Filesize

    4KB

    MD5

    5eb439bb187fa51d9368a90770f7a7b2

    SHA1

    2d7316ee07bda2e29c6613ee45655d2731402e8f

    SHA256

    8f43a5e70c5f875fd3e571bd79277070ddf21cc53e496cbf910ad1c0c1b0318b

    SHA512

    57d4c9f6f83093e173fdca75eab9f88d48eff65e1700adeaebb78ca9d6fc6d7be37a1523dda07862f02dc98702c546f6274916e12b1d1f82a8a0a672ff2403d5

  • /storage/emulated/0/.am/log.txt

    Filesize

    64B

    MD5

    467695acdd9e23c50b2f2eb02d4aa3fd

    SHA1

    6ebcf13d4ce6c294553bfbd88af4cb3514cdebbd

    SHA256

    7503308a42daffcdcc8d3d0f18d02c96774996f24088dcef8ce9a6fe1efb14e9

    SHA512

    b448f7a7a6c2e9a32bd5b1cccd04a0ddd7b4ace3f431a65397ce0fa2d7315d5e7a2ca09824b9188514d018f2f40fba8f43b4435faff5393f67b23156866fafd2

  • /storage/emulated/0/.am/log.txt

    Filesize

    72B

    MD5

    f91dc12489ad0b40b430ddbbc6df9678

    SHA1

    bc37d3733be48fc53c0b86aaa74fc366b3e1beeb

    SHA256

    ac60db17352052f46d593383391e9b4b9989cb08477a6ef8c37eda9a6023fb73

    SHA512

    610b8f7d3536c1936ed04fef3460753564b1031166d6a1d39a4dd013d4989898ea5cef9401e40884b16d35f2d5a0c13ed844dae85abc4f3519956aadba6a847f

  • /storage/emulated/0/.am/log.txt

    Filesize

    187B

    MD5

    40c8108beee0444a7a4fa7fd1ed1e470

    SHA1

    7bf51315f0b28e34f686db3dffd175d4eb4dc7c2

    SHA256

    3339bee47a9b4b20099f6036350cea8446b5af438343dd0fb323e0f23319b8f6

    SHA512

    2abb5a0ca00b5ef13b206be1fc38816de1882202ed080de4c95e06c2b0b3e258f8707679063c895152be8c8674a545b6c0a0c24c225f1593ee633f373d57592b

  • /storage/emulated/0/.am/log.txt

    Filesize

    131B

    MD5

    8fa193f831a1d1ea67274c1064d2e5bb

    SHA1

    f984c423d8f60eeb1d115ee1a8ad4f6bc4c03f29

    SHA256

    83b43de618ab848f65dc40159521bfa3d9da38243d65284597fca0b00124b13b

    SHA512

    73aa38d7d0962330695e233bf7fc83c0e95cb3d68c65e6fb4edee77928777578b160c8b386743aa3a3e54bbcc4af0e77880ed1ba0e37caeceea8e5b8b645fbea

  • /storage/emulated/0/.am/log_.txt

    Filesize

    22KB

    MD5

    758ffb45d9500ce0e039e1f85d90ca06

    SHA1

    6607ce662c8489462bbeef6247e0356bd97b350d

    SHA256

    8c935c61203332ae95e7b3e3ce6ab4ece9039b457d79a1dc4e8dd3e5ae96abd1

    SHA512

    11d47abf21e72687ed1d441943700e667219b4ed827cad95eca1b213d6aa5d665cbfca8698d71ea6d54183a64f7de9baa6d699e5682a13774fdd933a39e6d677

  • /storage/emulated/0/.am/log_.txt.zip

    Filesize

    6KB

    MD5

    7c9d775efd0823b54caf4d08b74da5b3

    SHA1

    2924f8991777444197ac4f19ef3a9124f1301fe7

    SHA256

    b4c805fa0e2ebe8cc91806b55590fc7afb2b9001cb60ad02109c18f86f435ce6

    SHA512

    5471bb84234c4db6742e4b1d71b01d8869496c4061bf8142578a1dad79306a81a40b5776c3672ae5919294eec1a268cb369552bd4784f75cbffc83101879fed7

  • /storage/emulated/0/.am/log_1727699160778.txt.zip

    Filesize

    220B

    MD5

    1ed53ed5693cf731a81b7ba399f9f9fb

    SHA1

    a0b9f60746fd94042587b7fe4e57051d0ee6cf06

    SHA256

    9bae00e6b49d189124aed1cbd5a4cad427aebda159e3b72940754f606da9ffa1

    SHA512

    f5be9d001a2b289928a61f5bf2d1fe0b6d7699dd25a99bfbb5750bbd00137450323974bd5286e7045cff5f62121190172ec3fbec034e6c90022ad3ae4d0e293b