54c659dbd42344256bdc393e7c9124d9a20ad0b883af35313607e48ca600c712

Analysis

max time kernel
149s
max time network
153s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
04-10-2024 22:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

54c659dbd42344256bdc393e7c9124d9a20ad0b883af35313607e48ca600c712.apk
Size

4.0MB
MD5

adc98ebee2e24793c911ebd12086b984
SHA1

df27bd4ed20082ef365e0ac68f358a7f6f494261
SHA256

54c659dbd42344256bdc393e7c9124d9a20ad0b883af35313607e48ca600c712
SHA512

6bb77d00147a152529a1b19c9c3fd083dc79b61109966a096f08072fddd041f0ac64492e30618f080b07137138f7f3f3c5613f14210ca12a27bd3c91fcf959e3
SSDEEP

98304:2CmIosMaN1gbgShUxedQQNPk5jSoKKOlpgvZx4MgA17NGjr5nQFd+I:2hsMq1g8ShBxya3ghKA17NEM+I

Score

6^/10

discovery evasion

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mezzl.jniqe.jp

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mezzl.jniqe.jp

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	mezzl.jniqe.jp

mezzl.jniqe.jp
1⤵
- Acquires the wake lock
- Queries information about active data network
- Requests disabling of battery optimizations (often used to enable hiding in the background).
PID:4219

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

User Evasion

T1628.002

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mezzl.jniqe.jp/cache/image_manager_disk_cache/88bfcb6bce24319bc05d6aa5fe4b75a5e42802c10bdd3167fc1c87916054b13a.0.tmp

Filesize
166KB

MD5
f75aaa920b08fa0e17bc524bcddc3747

SHA1
08b960b03fc9c3373940da5ed8ba8955f367c8de

SHA256
00af88628626e15db3ddf56bfba14e390b40b299d714998594d26e0714fef657

SHA512
c1811b5eaddd24f114b9b37644006f4751adcfa7b859912fb013fdf44d4866f726d3375fd931781b5070bfb3d92c3dcb053f43b6216648dcfaa71592f273a371

Download Submit
/data/data/mezzl.jniqe.jp/cache/image_manager_disk_cache/journal

Filesize
180B

MD5
16a32559ff60385966e73769320fc47a

SHA1
99dc629f36569817bcef80abdea8d21ff876d14b

SHA256
4e2f0a2e3b5baa917d879a17acc900ae1b17d325f2dbab11312daac6ba588e96

SHA512
1b7394581056f3270c09d8e852114608f03d3b135d675b136e686a822fa1c523f3e010c3cfc4348e5c4a68447c65c16e37c44157d2e8572054d56a39f21b64aa

Download Submit
/data/data/mezzl.jniqe.jp/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/mezzl.jniqe.jp/files/PersistedInstallation16304633301853737tmp

Filesize
570B

MD5
ea576e3adf621fd12902e471ec3c7a34

SHA1
036984a13b4221475acf062f6412372876d3aab1

SHA256
9bc8d2705f1eec4053e4b09c10dc35f82ae73b78b4e9cd18d36ed6b5e62a0e9a

SHA512
72e16758fb3c17b0788277cfdff869f4195ead79ea40a49a4df17b45d2a02bb43ea86d17ad322460a26de6c617835229000aa8a41935440fb0316f251e88f7b9

Download Submit
/data/data/mezzl.jniqe.jp/files/PersistedInstallation8136895427322165488tmp

Filesize
90B

MD5
61c9e31cd5a575ea60b8b2deedbf4f1b

SHA1
3d54c6dd88cecbaaebcb121573db40fe8482b614

SHA256
eed5638b7d1794e927c769dd7772c13ef3ffb58f57100b8d948d076db28a1650

SHA512
de3c9e9ae92b476870531d3d261dfb82485878e325f036b36d5743ff29f970b61705415828c0272c8b0b5d7fb2dde74b6088c41700264a97ea6fdd320948a671

Download Submit
/data/data/mezzl.jniqe.jp/files/mmkv/mmkv.default

Filesize
4KB

MD5
620f0b67a91f7f74151bc5be745b7110

SHA1
1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

SHA256
ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

SHA512
2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

Download Submit
/data/data/mezzl.jniqe.jp/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/mezzl.jniqe.jp/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
4c90419367a606b6249f572a7376453f

SHA1
371c1334dac7c70417b5438e576aa793dae4804d

SHA256
0e0474eda3464d2a4a57180a13dd9e8ab9b52f178d95497f8bad0a366244482c

SHA512
38ed1a7a9e39eedb0954af2ac703fcedc203e10cc23252e7d90b930cd1a0f1d4869e35737998608981c92edea41bd5fd69484c5b33ed71895d48b81ca404aa29

Download Submit
/data/data/mezzl.jniqe.jp/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/mezzl.jniqe.jp/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
2165b1dd3d37157e774aec717105a4f0

SHA1
d6d3798a809e38344fbf2e8c75afd73cb124d119

SHA256
f98c899d03f653b5cbbb71b08b60d6856b1be53439b3bbae474758fbae8cdbba

SHA512
835c40016fe310f638526623678588f4748abb037819e6cd5031510401004bc13f2427a74471a145b5b26d8d8a9742aa7a5dc34b53a0a1fdde96de604688dab8

Download Submit
/data/data/mezzl.jniqe.jp/no_backup/androidx.work.workdb-wal

Filesize
120KB

MD5
3af59a39d75545a00952aecfea3602df

SHA1
29891b8bb09c7c49b8fd4195e54ddd3f385c2c93

SHA256
10acddf7a7a96c0b0c9898399ef866d99be089933f82165f0c3090862ad264a6

SHA512
a39472dc4462a15b4f24b084811f052b4389433c73687a4f1b23d52d1c99d122f164655cce63ca31f750bf181dbdbbb4f41aa56975a9d3b9982b2409589b5063

Download Submit
/data/data/mezzl.jniqe.jp/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
32f21f9289b1544418c946b1bb0bc217

SHA1
3ab43ccfb3fd72dd53975672721cb05d42f4521f

SHA256
b35d63936303159948b3466203cbd6fbc098fc569fc34b4c246bb8af546a0cb5

SHA512
4b9785198b03c249fb656354d6fcb5478395041544eaa532fe1b8aa6af5ce60c70849b53f370144e8b656476b02ac502b246fb09c86fe83210dd21e28acb6785

Download Submit