34e56b190de7eb129d5f1425af6061c26c98cc71eca3ab0372f3a550a690ff50

Analysis

max time kernel
47s
max time network
132s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
02-10-2024 10:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1DM_-v17.2.apk
Size

21.8MB
MD5

1dfe2dae098420941a4a7e87a7f221ae
SHA1

6e806eb5da4a471b007ff2cd9b0dc3fbfddc719e
SHA256

34e56b190de7eb129d5f1425af6061c26c98cc71eca3ab0372f3a550a690ff50
SHA512

512376cab4837c9013860fb569690edb230bcd0e423298e8a73b59b3eb3dacb357c86c92f31529765e2758f20f49105e36804c5b8c1aac620d59df7e00877f41
SSDEEP

393216:FBC5Mv56oLpPN2PAczR1hgt0chyRNaPBqYAoPMJq/h8tVV5RNNVDjbTsg8wmFS4G:KSlP2xhaMRN8jAoPkqIVX3bTx7mFS4i3

Score

6^/10

discovery evasion persistence

Malware Config

Signatures

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	idm.internet.download.manager.plus:DownloadService

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	idm.internet.download.manager.plus

idm.internet.download.manager.plus
1⤵
- Queries information about active data network
PID:4368

idm.internet.download.manager.plus:DownloadService
1⤵
- Makes use of the framework's foreground persistence service
PID:4587

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/idm.internet.download.manager.plus/databases/download.db

Filesize
176KB

MD5
bb07131e21d75496a8ce2d3fdae3ab2d

SHA1
fa8a6f116b24cd8e0ac1bd0f9b6a67ce146ed749

SHA256
fc0fa2aaad51ccb0969683b8c6f1ba37896b0f30313c3c4579aa7ad2a42106b7

SHA512
292e1fa3f24fcced8d0fb4bea71ff0ee446336d542d31c6b01d771b8ae8b0299f19c0c78cd4c073efd24bdc40f79676491583b0d79601458bfa1ed290e152d6d

Download Submit
/data/data/idm.internet.download.manager.plus/databases/download.db-journal

Filesize
512B

MD5
aa148b387d66c7d719435ec1bd8d1111

SHA1
573251bd1773de2c10f4286f730f7260b4c5e0e3

SHA256
118ea9c112977b245ca96bf804b717e431e72cd9eca420865211a83753309cc9

SHA512
5fcb82ea1658f921a2924014fbfa47d4d6b7442304f343cc44e9926a13c791af9cbd678ffc815f66d09f2abbe9905c964876e7c407128c399197d83615570257

Download Submit
/data/data/idm.internet.download.manager.plus/databases/download.db-journal

Filesize
8KB

MD5
82c748ee339dfb48575f6412d004b87e

SHA1
25073d34457dd71c4a28adaa687a15099d2a1457

SHA256
15a67d0d212e1037f854c66071d7cc6f543fdd5bfbe82e7ea075bb866ca319bd

SHA512
502d535689606adba16b0c8bddc51711bb565315e6ab542bc8210e51756b00474f4ffb77ff1aa90b4a08f8b172275ed6de819991500dbc6aa623fcdd85f860f7

Download Submit
/data/data/idm.internet.download.manager.plus/databases/download.db-journal

Filesize
8KB

MD5
3e495e42458b09bd55727843e4c60b79

SHA1
715e37382addb0482e1c927ce2dbbea8d49fcbbd

SHA256
dba0e66e7faf988c976b769029664cc74d2243ea1f03e141e95a52701960ef01

SHA512
c19cbaf7899fca59433cc017069249bab79de445d091369c9c3467a47904f4b4ad36c56957005ca72d7f270e22fb632286d3471f68efea23304f1353035a3493

Download Submit
/data/data/idm.internet.download.manager.plus/databases/historyManager

Filesize
16KB

MD5
ef17bf518fddfde8f89431408566bb58

SHA1
ba41d6967cd41421b8a04f1779e7bf537ea71551

SHA256
c1ee959b688ba47f25512ec86a6f24bc5ae37952568b743cf6f6e386a2d90189

SHA512
d84852109ea738c1779d4225d8b0c553114a062c3f775f7fa8a878bb4bdc47016cec851be020da5e1ca6a77ff7784947240d41f735e456bf99865fb543850b0a

Download Submit
/data/data/idm.internet.download.manager.plus/databases/historyManager-journal

Filesize
512B

MD5
211d8dd9890f52b50cceb1dc3adf7ba3

SHA1
5fe7c6d1d2ccd8d0a5fc4a1a95aaa44ddac79b9a

SHA256
ded233650606d92fd0f3457907e7d57fa6cea060a43a6eeb989ec64e15707778

SHA512
077b7ba732f5c1085cb7e088850630ba113931ef632073c508485e4f5c7d73d7229904674181ca75937fa46e94f91f06b65f7e1bedef385a64cb8c894d15272c

Download Submit
/data/data/idm.internet.download.manager.plus/databases/historyManager-journal

Filesize
8KB

MD5
b3b2108df14b64009212e0de5f2b662a

SHA1
314a06d705809d899361c8a7c0df2b95bc635b25

SHA256
0f3d886f024c6d5ebcd713b14916edc685793ce0a056a92e0b8c44cc24b1f50b

SHA512
6e4c9128178424db2dcff50b0473d5934e95cfb7a51f58b6d8933b97a77e4837ac8b27f02e7355b7a1faad8354201adcc02a30ff7b485a197bdcbbd77e4c12a6

Download Submit
/data/data/idm.internet.download.manager.plus/databases/historyManager-journal

Filesize
8KB

MD5
a69f779ed46869ce547c202c30d87050

SHA1
5949fefb3a09eda4e741e2f65e2d713e457ac8c0

SHA256
1842d6298e831f0364ad60821e1694f1a58bbf6b7617760ea4b13cf2bcacddef

SHA512
74d702e5f2c2d7bb9a8eb69fb942af8cd1c0962b3affcc7aa0fca960a1f4dfccfce8b9d71eb30d7b4f7256bb151e9b7006fb473da8a1a00526046371449cb587

Download Submit
/data/data/idm.internet.download.manager.plus/databases/tray.db

Filesize
28KB

MD5
8982a4f7a211dcb303ffacb261ac6769

SHA1
8983702a585daeca821bd33ff59e89b5d1e425ae

SHA256
aa272cb36ba2c7028107b1d4db003129d78cdc45c29bf8cf3667b2a9445aa350

SHA512
97b7d2087cfb2d243e9e824a24b2f0b4e490edb4eb9c08da8d360b0311a8fec62ad964a1789fb0ae2632175de6b1b07de256ea712cffcd855844364d18cca90e

Download Submit
/data/data/idm.internet.download.manager.plus/databases/tray.db-journal

Filesize
12KB

MD5
00cf22a0deabf284745bb6028e983503

SHA1
ac4490cde576a3c6468e184917d39b0920541875

SHA256
9ff2b2b7a72fed7294806ddf5ec3a24839a1381b3ac32084127268224907acb2

SHA512
df0596983b1b13f8a17c1a76c589b58c3fa726398035c7d14f6b07cc9fc19acd23fec10663636bd355c86ed4d26dd1057b4cdbaf1d8d6c505e718269f7bbfbea

Download Submit
/data/data/idm.internet.download.manager.plus/databases/tray.db-journal

Filesize
12KB

MD5
2c1f9eeddf6bb01450f079d15d90ac1b

SHA1
adfb510a6d42e0ea2fd0f5c80d994e30dd987ece

SHA256
0d89a9e4eb05a01c59dba60dc882dc441151753a6f498ea186a569ea9d4b409b

SHA512
dc720c76b3039523b562e4a19b1fdc96a4d76ac55382852f92b69706296fe8d8f56cd40460f5db0f820e62c9efd1d45c2fd0d737f320a118cc7357be7505238e

Download Submit
/data/data/idm.internet.download.manager.plus/databases/tray.db-journal

Filesize
512B

MD5
4dd7bdc7bb3f5bd7dfb1ebbb05454e59

SHA1
c6be2cbb5becd3172daff2885c19be1320e9ee54

SHA256
aee75a0577fadbb2304ae20bbb366ea2f39d0f10d63bf040b9cb482175b93a7e

SHA512
ecc9be70b6744f9f1784757451f55f835a34b59bc69704466a8fbe9464cd06c132199b85054e51f200b2d02c3a43fcb3e89ea0ee0d102407a4e194b58b86880e

Download Submit
/data/data/idm.internet.download.manager.plus/databases/tray.db-journal

Filesize
8KB

MD5
85217fc63a22d1c99dda5b05b4c450fa

SHA1
30a945f0bc8e002dc6e20aec262eca8fffeeff10

SHA256
1e9addc1820804da443d629f11fc60da49a6f7ef3fffd8e49a8f9780a7cd6e51

SHA512
708021ba01575c57406aa0c43204c5959811f9de65fd78567945d5db374325b9a2b8da3f815062d531c427e2c486259fe027484ba51f0b16e03c22885506a4ab

Download Submit
/data/data/idm.internet.download.manager.plus/databases/tray.db-journal

Filesize
8KB

MD5
5eb623a821821fbdd2e0e71671035ebb

SHA1
ceb517b5b4e6566e5436c95b0178dcba5499501b

SHA256
69258d1321c1d746743776abe72ad46e875aa3441d161fa11c10f9b25de7e91f

SHA512
c64ac87f3716b47f556d3dc9429b7e3cd5f573b202bd634a9a817bca1e6b3617299661989670a6c2e2d3c6e4f6bbfef5eae298ff9dd7073b659a9999bc3b1a6b

Download Submit
/data/data/idm.internet.download.manager.plus/databases/tray.db-journal

Filesize
12KB

MD5
bd8537e30841e2d01336bd806a67b097

SHA1
d13791a60fd1e5ebfea58b19bea41a2fd7b85679

SHA256
357e29cf2e953bc391ab5b318e0388d43d73435ac3d49a0bc58254e978f69367

SHA512
ecf398b19c00583fc8a961d62c6808650d75aab255a7db9a5bd3fe4b3a5663199f4a202b34888fb66668231f45652b37522a02022aa0c8d5a103661acbea75c6

Download Submit
/data/data/idm.internet.download.manager.plus/files/profileInstalled

Filesize
24B

MD5
e47bc31743d80b1dd6183b0cb76a4694

SHA1
bda2cb3a2ba79397948fcddaf0ef4e92041558fc

SHA256
753c254220a3e7e8559e54b0866715531bc8c12cf9323da4c136eb2bea83675f

SHA512
fa31706e0e7ca7097992bb700a072682a722ce145e93f2b39bc46369e37f7194e288c0f17f6ecf981adab113618ed4ac9c038fb8707d4f5ac65c1226642c5160

Download Submit
/data/data/idm.internet.download.manager.plus/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
0ea3fbc0d73fe8bd801e07ebeb0332ac

SHA1
e99e26a211d79fb962c56701c90d34b64b71d4ed

SHA256
809b7f87f08a48c5d397e48232020b18e89499fd4d2e7efca6c44146476f4f14

SHA512
daa6b5e3f546c8928715d30a7a8f26f25e64b5e89567c135d55c1601e9a05648fa26cd561e35f67cd53617abaa59b47fef3b98b52f7d17abe0d923d159b0f879

Download Submit
/data/misc/profiles/cur/0/idm.internet.download.manager.plus/primary.prof

Filesize
3KB

MD5
60a91e7e021ef5ebb7eaa44d443a62c8

SHA1
29b5a77dd7eb732f45fa436149b19980c549ebb7

SHA256
be20733984767f36293b8420d1cd5e3e0deae2f04e9c57fed9d5726648377483

SHA512
5bd82cabe85d471c4f71c678a25680523dd223739d0133d38b59c84e60ea5c0ab1077d38b078860d80da32b377dd61cdca4886e2cf0137cb5da1ed70a69e6ea0

Download Submit
/data/misc/profiles/cur/0/idm.internet.download.manager.plus/primary.prof

Filesize
4KB

MD5
f6a139992b03a99fca7e7307a935f1fe

SHA1
5890dde10dbcaa96fc15bc2540d38ed228c823ca

SHA256
9f0b01ed54b67b0adfea0cf8950cd4483d817aea0cfa3bdb00e2279cf15b4ee1

SHA512
bbfacc42d28dbb40eb19659d7b1a453f7ef1bea0a82657b1b33817b6ab7ac88bd0a7c627cce5bb5deb26e995f1854790f35c67abed937d712fb7765118cac77e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads