20dfb6c66a2859f3774a0649f15977d8348ebc5fff8f7b3305073fd9afb0f2af

Analysis

max time kernel
6s
max time network
150s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
01/10/2024, 22:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

20dfb6c66a2859f3774a0649f15977d8348ebc5fff8f7b3305073fd9afb0f2af.apk
Size

2.2MB
MD5

e41ed01927e048e253f4b8edf53b728b
SHA1

9b8bcef150982712e7ab686bc57b89a1db12657f
SHA256

20dfb6c66a2859f3774a0649f15977d8348ebc5fff8f7b3305073fd9afb0f2af
SHA512

fe342706e4b8c5560b5986862ce01cf49e8df7b04a91ec09599eac0f6ce9f5d229f8c3c9f608191030d64acba1ff24497d2178e8e6803f62a2628945c86de00c
SSDEEP

24576:1ZYxRxT9XdS36yHCmIxTrQv8p5rF/w21mE1q7ic3MDUlU1:rIT1zyHEnQv8p5pB1S7ic3MoU1

Score

4^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.monospace.battery

com.monospace.battery
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4274

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.monospace.battery/files/profileInstalled

Filesize
24B

MD5
d2e138c08c412255fea0c9fc04ea9afe

SHA1
b9d09a94936efc92af0b79ee85790c54842c9a68

SHA256
32e683b5ce00917a63dcbecaa533db088c9af48692f168a61fc7d85f749eb1d7

SHA512
661ddc6d6626f9371bfad4975e9ba1f459a5bc6fe36f1e31299e4388fd5c702b3678f433d09c57fef5012524bf787358d3b1572f6c5481f1088844cc523cc23c

Download Submit
/data/data/com.monospace.battery/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
b98c8cb0695186e902c5cfed112313d5

SHA1
cf702e909ee83d07f1800a74ab232488ca03c67b

SHA256
1d39e1f2de9512b5a101d8034c51c8714e8861ce8cce715cba351167cd181b88

SHA512
b523cdf79e29108eef3fcc236837edafeacb55999fdb9ed22ce50007ad9056a5f5ed6c7870885390883acb1968d1cb69d72412a64ea645aa77c6261df8cb85bc

Download Submit
/data/misc/profiles/cur/0/com.monospace.battery/primary.prof

Filesize
1KB

MD5
5f6452f8047d853ab7969dab5ab6834e

SHA1
6062bf796cd1600070e878f42a3defb0676c5d64

SHA256
672c792d63414148eccf8720c214e1a602ea67b8501d5ab48fce3da4738e5b00

SHA512
192bdf1bbafc0a42ca86f4926300cd320741488d41b676d498ed804017b34b6b111a001864eb7e48d4677772883db6eb7e1613f3adf5192797b93c896a490c3a

Download Submit