Analysis

  • max time kernel
    141s
  • max time network
    148s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    01-10-2024 02:33

General

  • Target

    am.apk

  • Size

    20.5MB

  • MD5

    adcdbe1e25a3e03ae1e454363012432e

  • SHA1

    83381d32b8a6ce9854e8e7213a6c90ac3e17f011

  • SHA256

    ec1106a9735034ef21a1126717ac337d825844a1b60ab8bcf32e0c835fde60df

  • SHA512

    597546c877c4ac04c910f123c3bfbe236a342e61ff7a94ddcf1639401da76b04df858da2bbf145c8d10cdfe299f2b946d7ebe75554afd6f749acc8f4d387f9d6

  • SSDEEP

    393216:3OsJA35z7A79L+r2d1mbgafiubcnZbb3T9i/zVN2I+TXadaKpPbNiRSKcsjJY:3RJA35z7c5zrmbBffcZb1i/zVN2IkKk4

Malware Config

Signatures

Processes

  • xuzjgkd.sstlojddh
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about the current Wi-Fi connection
    • Requests cell location
    • Schedules tasks to execute at a specified time
    PID:4518

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/xuzjgkd.sstlojddh/[email protected]

    Filesize

    2.6MB

    MD5

    c804156b95a21c4bf0b1e2c8a133894a

    SHA1

    dab8c525d3c86618f2f70a8de71979df529e959f

    SHA256

    395c690bb3c3ec85b3c36ae8498ebbb895b71e745acf9e7f120578a9033d9a68

    SHA512

    52110dadace88fb28be4d9289d797346d5b4e4dc753279769101be18e7d2fa90c2b315e9cff2f89e694c2e0a64f943002116e46c4807ead7d852adc2cf54e7e4

  • /data/user/0/xuzjgkd.sstlojddh/[email protected]

    Filesize

    1.2MB

    MD5

    336921950a9f279733cd787f1203d73d

    SHA1

    cefc36a7c17909054cf2a507b34f545af96c0e36

    SHA256

    c6f157d3401cf969f57b4d102e14fc097676f11cd4911a68a3e08cafaf2aa94c

    SHA512

    6fa4f733298e00a8495648b623c04a5a7912a6a5af26089749e9ad26f30e20ba8295dfb901084bbf7e6976acb65ac78d7ce7a0037b1a4044ec5ddecd29801f87

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    124KB

    MD5

    f15335a640f24813c9b345c99da7e16d

    SHA1

    a0e7fdc85b3c1420bf342676be577f146f5dce49

    SHA256

    6baf6ee8c7c503ed9962ff49957fe3c0b707171d1913450d97c84856a6ae31b9

    SHA512

    5f51ec199de29b23e398d143c4f0faf58ba655a4f455ecafd5b6303c0ef428f3165f5db49daf4697f1dba3033da51113730ee5ad158a9ea9f8f6b9a10b044f19

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    6155bf477e1390f039c48e12dd061303

    SHA1

    427c95e49d866cb70bba1fae51b36d2a832a4ee8

    SHA256

    ef36dfb5dfd452a182ea394352dc5640879e66233a888f4b74cfed5c44ff72f5

    SHA512

    666437dcf8ece4acbb311a9e5c01de874f1914bd0611116f9104bba50c90fb91299f3eb64d681bb7331e7c79a8f40cd837957e3426d52ae0889d1c25f5deece2

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    e38a74f66cdfc487d5000508ecb0c6e4

    SHA1

    7f44104163ef6f250eb3fc4b1c235f5a5f100c33

    SHA256

    ad875f41b6667aabd9d2fa7ebb3ddc59ded78dec2c352e5d216f35554e169cef

    SHA512

    d1a369aa8e61a66981f04b35ebb787bb144ed78be811cf8bce1df524d1ac08454178a647a87edf29aa623338081469b64980612138c42c042edd9564e2d5ec80

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    0bb6ecd10aaa20a053749f880340d807

    SHA1

    1def09e3f1db07d937d60e2cf7154e981c38686c

    SHA256

    22306a2bef38a14f768927218f4cd162e4a44a7c2dfa9dabac2b33ef380a54a3

    SHA512

    751e1bb5c1b82a21845c1184f8b5c80a84222db331c87e6dfb5b33dfe01f79d735062b4c7b8bdbfc05dca6fa0093cf41238d9fb83668487e48b86b1a92148e6e

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    97e2c834844e630233d162e42aec4d9a

    SHA1

    4057343b04dbd8885a8b06a35cf023a0d84d88c2

    SHA256

    0c89f4c8777d80a3cd34f2127bc9344297d53cb18c26bee16875113de571005c

    SHA512

    3266a5e43fadae0881f2dbec5acf21190e34ddfc952781df02a4c5db6456802a29a8893a762d9d44906441b0fde2c3d4e129c806d7b79be31b599f564a1124f4

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    172KB

    MD5

    ec1a3dd7f73dc2cc6ed0b9579b1beac9

    SHA1

    27010e8e0bf076c95ea78174571844fb3ea5c9e2

    SHA256

    bcf96e629794fe1bf8cb9ca6be10f922cd85a780b47dffe13e98f3be274eed7e

    SHA512

    a1ff0a079e96a8404ec04ebd09807102e8a55c98552554018568a2924aafc1f2870725fb2d55a94b0fb0e8297c6747d7f74ed46b709538a9646b46b4eb320064

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    cee7ffbfd67657510a03bf6a37963802

    SHA1

    3fb745dad66b6a5c1da1101da3056213b2f9bf43

    SHA256

    c9dba4e5c171ebd6523c3512602037d97fe6b61f5a7cf1616be915034fc229bc

    SHA512

    d2b3e1403c392a476ab6f77337b5207ab6af918dcbd7ab2c26562bbbc7bf25175e077d230da6175d269ddae7a2f8abd4c5dcb730a2b214ce6419e39065653e39

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    c40c7b6a853ac31ee3ac26e82bcaa69b

    SHA1

    53c55c38091912486c43f45b1fa362e84a25d9dd

    SHA256

    b4a26c7067452eb85905df76d5ed63befaa94c2b3e8799f17be8de9f03654703

    SHA512

    fd7576fa705bf127cfbdf7630f04f1d0fc65d02a0afe0e36072432560848d7f15c40ff3040d8157240cb33ba1a77523c3915e6db4f08e493bc1b7c90d3bcddb8

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    4KB

    MD5

    83d902081394888936057ebbd4b6a375

    SHA1

    89f252678d3bd28a58ea7988a11242e036d37358

    SHA256

    eb1a5fe324bea0d56b743c57fe14ec94feb7a38fd2e22eb64f317875fd9d7fae

    SHA512

    01d7817b2bc84515825324e3ad4a0ffe27ee770e29544cc414878a009e6b222584e341063da9c762fd71c27e2bf732d7ab387dc9d5be8cfb74c19b8de4fe9621

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    8b6e636f0a371587c6189f00bd202cfb

    SHA1

    b2076b8ae3865dd66be726dd80a36ec9df63b334

    SHA256

    0cfb2ba5bd59ca013ad8f999ac8646a4e626cd2b4fdb108d81e00c28a9e47d31

    SHA512

    3a1b37b1eacbc8f7e3f196f087ecb98ca90e5d444548b4876108d5c842d674a35177bc4958cce32da2f2cf197d84ccc0b556cd6f149d09b1ba8e9102a058fda6

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    12KB

    MD5

    24b0b282fe845bbb20e564060164e085

    SHA1

    b1858466c9628a1bd1da5f9f07d5be0a3fdd2b94

    SHA256

    2900d8d6f42855d3d6f08564ad0d6176166f95f3bd711fd1f525aa917cbea954

    SHA512

    b115f0ca9bdd45d0f0ca1c2760b2a190fb3e7210c26db1cf5c6d57cc2a7525ac2119edb99094b940984a2102e3244f617c68e4ced19a39781b6caa282118b89b

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    24KB

    MD5

    b125463f31fcce95ff8abf6872382e6a

    SHA1

    f0f95bba2cb5cec0bc88b7c4ea30375bbfeeaf3a

    SHA256

    37d930e8f3a0b80ed9d93fbf906ab1ab4aac9a6eb86a10fea78680a16051fd9b

    SHA512

    4b9ed0e610270a5aac8bfc7418fb94987da1a790ccca296685d2e667e6fb50b277cf7194871d7c379013c013ea5628a0dc182833bb46d4e5235351ae9436c889

  • /storage/emulated/0/.am/dm/md/main.md

    Filesize

    2.6MB

    MD5

    ebec0623df12f3d7e493604884e808dd

    SHA1

    74fa9c2749e8af6bf4f00bc232089e4ba8876ba7

    SHA256

    546b24036b300cfb4b6f17e5df3a0b14015d2eb4d654faee2283526f337e1d2c

    SHA512

    d404aca340c2461c5611b0e4822d552ddae48771ab059e1b13edd3493031e9f0b0d95fa82b6584f6b75bfdc5bb54b76526cc4790cda994b6405a275a48ea8ea2

  • /storage/emulated/0/.am/dm/md/main_tools.md

    Filesize

    1.2MB

    MD5

    51112e0a7f7962a8e02bc885025414ef

    SHA1

    40622959af4fe349d8881c885b9b30441de8804c

    SHA256

    2b089f76930214706716aceba0bc6cefe6e132d14dd7d0a7c59eaa4f90f126f0

    SHA512

    f02971a0f493fb72539381c3d1503d8573e8bc67f147014f443df8c01e71bb28437f832c5702d25a8bef2c34c64fb1f46d0000523eed04ea7981186ada22e402

  • /storage/emulated/0/.am/log.txt

    Filesize

    173B

    MD5

    98780a17aa3679c8c24ed5557cc66a61

    SHA1

    0dadaa9c9b74079fe38811e6de5b9492b66d56e1

    SHA256

    b8c1c176317817b2a92e86e07b02ddae4ef43e5577f74c97f54a7c0463ed0558

    SHA512

    1dfed4d9b814baf291a3be6f13defe674b16fd25c1bd0d9277a40dbbb57b1569f5baa2bd1217f1c9adcf346c380f1407f20a727089dc1adcfe1e37eaaca1dbb7

  • /storage/emulated/0/.am/log.txt

    Filesize

    152B

    MD5

    27b6287e3650ef3337abf864dd4b52d5

    SHA1

    664da7efe19607e854a3f5f9e761468f9e3561db

    SHA256

    5fb8facb5b14b95ccdcfc837d72e9e6b54179c06096eff242d7d3b21135e6e00

    SHA512

    5f9016fc5b528b73710935dc76da9fa95088ec1c9653f0d8d7a196dc4b9ea396c13c645e18ff5cb8a954944c04538cadc37cd985305e44df1dbf0beb8deb09ff

  • /storage/emulated/0/.am/log.txt

    Filesize

    4KB

    MD5

    53c916dd11167d7f001d9400665136c6

    SHA1

    be576b68e763c0daea703c1afe13fe6a7d2748ca

    SHA256

    17699429e0d2c5314b4c86537968e8a8355e4619f2b83aa0fdc508dd352da92f

    SHA512

    3a82c4e0fd041f0faae352926984f806162483b4c7c0a458f83bd8613fce8678e9f77052c6568199f2ba080878466b1afb80fdb1f845bfda7cbc92f5f7e1edde

  • /storage/emulated/0/.am/log.txt

    Filesize

    64B

    MD5

    eec05a1f2e683e8de3eb4af145b102a7

    SHA1

    1c3fdcf34cf93acc6506e94d3226d307f59ecfdc

    SHA256

    5fdab0a963aae87e9d147da5a02310554d5378c5a27a9b3f1baa31e2ef6ba82c

    SHA512

    46d125f14c67d2a0cd06379294b9d9d77a5c4d1ade7f25f22ba3d4a5f999959ae0187ab4e920f63eb91bb47a8538cab1ae0a1f96cc628f36f8d2d3d423f6de69

  • /storage/emulated/0/.am/log.txt

    Filesize

    72B

    MD5

    9f9c02776e58ff52284016217bd575ed

    SHA1

    36b38c42bd54e7478f19ee411ff359f2f2f8f1e3

    SHA256

    3892d297003dd362200ecb15bd0c20b70f2faf7da2284df3f5adcd052467b446

    SHA512

    6de438b723f8ed9d37500c4b4cff2ae880a063ce815a287781fcc9e4401e3d80a9e3da26f7fbad29b9e8c5d8502a1344b8174a931059906a53962f2725b06931

  • /storage/emulated/0/.am/log.txt

    Filesize

    193B

    MD5

    720a4efdcb5a081039e1ecef022e7c34

    SHA1

    e9643217e00ffc13656c23dbd43c4527713b61c2

    SHA256

    7a91d922992aa48ffe9130aaaf9b61711da71a6e410b3b40a4c74f5ee567e3e6

    SHA512

    88f793eda272fbac1f3e470f37784036b64b97d83a351fa2325de0ad0d575922a66789f5ddc75adeb31c745d90c712df047f4cdddea091b2be261c882b566972

  • /storage/emulated/0/.am/log.txt

    Filesize

    134B

    MD5

    ece2ead8d77af893e55549d88c659b34

    SHA1

    c7bda83afb74f45b0dc9ecf8e56f8c9df6ae2010

    SHA256

    b96e551be55fba8665ab1414ae670377c9e794c212a700ca1915c97078391e98

    SHA512

    abaf90e03a353bf1cf8af2aab094c76dd94292cc21f21a1c2b6ebdd78bc735b7668b6ea4bff6e353167668caa0b078388f06409772aaa1b0bbb999e34a0343f9

  • /storage/emulated/0/.am/log_.txt

    Filesize

    26KB

    MD5

    e1a74deb397dd65e1f56a223d3e12057

    SHA1

    093cb11b6081ce359c958b8435e5f8606f035876

    SHA256

    4ea9aef029a2ae3d7beb102d2ebd0a393c7bafd14b38257d8b0d1f7514b4a9e8

    SHA512

    bee80659bd2682ab2c175e491157b99916beeefae39fc4db9d493aed40a2a625d8131fbec99057dec918aad3792958472559b08cc1ffa560b7687989010e672b

  • /storage/emulated/0/.am/log_.txt.zip

    Filesize

    6KB

    MD5

    bd9654c2126f4c576f4fc565ec7bd0f7

    SHA1

    459af69b3251359c87216df85073b00724cec525

    SHA256

    cb0554fd8f64f4194757fae8a7911a91aa11ea17e9a683518ded410dfa7bc30f

    SHA512

    827e15f55f4719732477942177613d1cd97875aad9efa618af1de1c6434b889d6cbad614559dc9668d1f8c3535906c6d583d9e78c1bdfc95d988ef40eb467cfb

  • /storage/emulated/0/.am/log_1727750007779.txt.zip

    Filesize

    219B

    MD5

    af8b7a55a80e7875e7d3c8f9fd64632e

    SHA1

    9955121d208490d29b4a9b3544c625a2210d6bcd

    SHA256

    2d0fb123ddd94ce5825c2df56859e18cb7ef6442c1621657dc4e521e17d5ad4f

    SHA512

    324e07be3c78b618b6f8d80920451edb107b7da0c73f68cb08973aef11d2b003921b637cf0970b63ab2474178e5cceaeb95f649995bcb1647d558893dcc7668d

  • /storage/emulated/0/.am/prog_class.name

    Filesize

    73B

    MD5

    647e6c66ab347eab81c9d3ea0462cbb8

    SHA1

    18fc7323e638dd74eb14290c550b6af4d9957ab9

    SHA256

    4a5fbe96836d0122c584507966ecacafb22e8542a80922cc7198b59fc1287a54

    SHA512

    721e0b6fa92636dc0b310f16b4d9aa2f0c34c0544d5df4cda47a07fc2f2a1a7a5029bc175a2d24d751d0cb1664475f3642631c4a92a462b3cc8b7f4b65aac2dc