ca8dc8043b337b7e5f1ae21f2dc9a7bcedb14ea295d2b81f0c39ab77298d310c

Analysis

max time kernel
124s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
06-10-2024 11:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8c91ec587d8f8454d21ba54954f97c19330e7fe665eec988629223e71b306e5d.apk
Size

2.6MB
MD5

e1e6a2a7d00819ea1210434048e82e53
SHA1

0cc412fd03b7a9b9c2ee180de17aaeb47ca88d53
SHA256

8c91ec587d8f8454d21ba54954f97c19330e7fe665eec988629223e71b306e5d
SHA512

b3e89fb1a0b451453d860a801c57c8904f10ec487ce4accc19e6734818e874aac60a2eb1af37f50f7116f14dcfc36ddcf4f9d7debe089e21bdd6ae0c1f001ff2
SSDEEP

49152:HkJ/2jrkmNBOh8UyV0l2XO9SkpfnzU2K6HC1P0+PLV3glTzKmoq/r31:Et2cAQVhQXCSkp/42K6iN3zul/31

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	diwix.gorbah.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	diwix.gorbah.com

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	diwix.gorbah.com

diwix.gorbah.com
1⤵
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4247

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/diwix.gorbah.com/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
917e5fca37029c862463b28a3976abb5

SHA1
2c4914022fd941c987b14ed39e7c769c958d1308

SHA256
4424f8572354b4f8fd2f31dbef23850fc49e754440e711022ddc2c981614d6fe

SHA512
206e17d343da4f4d736922518ca24ea8c2164898ed925ca5787fd0863b13182feaa1acfa6d53f2dd94c6420ae0942c41a78a181ccb958e5ad299f5bada52d89b

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f284a28564140528b6e6abdc7c79acb3

SHA1
a41c7dd4133fee5a7d071d2221194ef8b33449df

SHA256
35cee0200777adf509b555591958416dd12236fb82d0b4ffc453914273b54fd1

SHA512
1ec1d223b31ea668133104b593db0323b1baa0749038651f33035620f5f3a9f0465d1f8e9d616e2c11c773a551568074ed98b34437821008fac95fb7607845fa

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
26cb65170818586b9e781232beb2cebe

SHA1
0aff8e9d5ae16741c4342d4ae68302decc1c3c33

SHA256
c4e8d16e6a113355f22457b20859fba20dbc70a01688e79cb559c9f42895c4e5

SHA512
99b3364d59e6b5500ed9ad45470bf1ac26076ec16abc132ea1f83ea4b47af52d1e963ecfa63cca3b92aca318d8bcdd4a2861248b14ef6a1ffabf8c2cbb7b918f

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2617de02bbd628952d01427d01d775b8

SHA1
3fc6fc1194bfc8d849b8d3ebb574589341605623

SHA256
93e2bf43f7ee958f9f4650756b02ab6056fc10bd27e7dbc78770614fbd7a3a47

SHA512
45f8a16404c9ea0bd957b243e2a0551689eeed469195269567cc8f02d5482993c8ac0ce006df9cd4c3168f40f64bcb7cad28370feeac1ef5fa78383bcf50ce3c

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
4e8487d7e2c747cd2140c660a494e137

SHA1
dfc55f9cfb25f6ade2662e77e61cfbd67622f199

SHA256
d995d249fdda1509ac8e621e6171df0909f6b2c74c3c65bfc17eefd8ebdf2228

SHA512
a7dac1f3723b632941696feab427fddce9730ddd010be77604f8c4ca49861cbc65f802737f74e7ed77ee5efe774c175e33bf5dcbd18aade0b58ea33f1cd37be6

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ac130d48768f0422d3a8b046dc5e41ba

SHA1
b4cf3b663bee4f6a56488b637ce1a84e8a59f91f

SHA256
161af4caa6fdf5dbe1265cc5b6fed79161a0b4ea048d55fd3583701af7e04d01

SHA512
75222327ab83ba8f052524a35fe0b1a79b79a1c858c7ad8f6599ed50df1385fba34960dceccc7146a77e8dd888be1364157410a9cc8e81dad99256953be64a06

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
550902c23e0cd4f62134080d6493273a

SHA1
066e365bd6f5c031d4717c1d310b3e7b6f6141c0

SHA256
1606d359eb03b793bec28774e6883708b2e2dc79a1d6cccb7177074f23652ff3

SHA512
914a3929af05c095eb3a2efa6bf4164fc7ec5440c8710a9dcdc21c28b24c8a5a88aa70c0fdf32e200bfbceaa651ccafbb55da3b007db5ca40bd695105ec12515

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f1477348e6c92f77149345ec3b6c8a1c

SHA1
f60c396b4cbada6c0de6cd6c35f7fd2348ca28da

SHA256
7fcfef2a9a85b354ce371d7d6931ca21ce3339a2550281c7eca91f61045e7066

SHA512
8f5e4145942f4b1bcf0c54a2affc609ef363eb2fddf4b8a20c55b1813317cf12f93a164d61adaf0cf8858cef86a8a13e778f139ef0848d69e729f30be48901cb

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8d3eb2fd9cef8a1582d281d714fca662

SHA1
bc207773746c65173c3152cfb838ea02429188d9

SHA256
7bd21df06a8521cf37916e127f3fcc91f3e0e65c4d118c93787d0a14767f0c3a

SHA512
d0bb2168cf73c2a538300efaab0ef9cd0d42a528b6cff19a121edae5e92c315e2ebffc6e0b92d81dded99203ea5d6071482635ffeec72ba40e6c75891d684b4e

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e209a726cd9f7487879f84fffb5d627a

SHA1
87c3034e86a57cd3774899c6153a8c31fa87fd86

SHA256
1fbf5acaeffc1c1f623b3d17ceccac166c3a8bef55f7557356f536303edd41f1

SHA512
2b6d581d62b0ffd0fd1d919b5b05398193c18399df1fec490aafcdee297e70afa6d2a97b9a417a12355b593be23875d95fd631cf70b4ab6442176e2b862071ef

Download Submit
/data/data/diwix.gorbah.com/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
b90844a0c20126fd971bc18f0ccd6d3d

SHA1
8f22f03b462a58650d266309caceadde3b576386

SHA256
de402eb01677d91c2f78b44efd6beb116cc1e7a4824240d261afed25269037f2

SHA512
b639b4acf63124c70f967d6727e62a281623084651f47a81a612f825c7a1ab7c1526e12638c81c6672a59fac754b569bf36a848ff7c17191be2905ec0b23cc7e

Download Submit
/data/data/diwix.gorbah.com/files/PersistedInstallation1963495642152823728tmp

Filesize
567B

MD5
194afecd35c1341ffa16865fb17358a9

SHA1
96741aa17613614a6f852b950e49258a114d23d4

SHA256
f25e2c59f531e310cbe3aaea60a56503eeee714e2e2ed3054973fd3026f6f4fa

SHA512
3c25465b98e67bc1d23747a00b5962baafab0e61d8639b2cf05b96293b5c30f0750a07548aec35efdf612ead5a1c644548036d303b77ca7f95c058be1fa15cf9

Download Submit
/data/data/diwix.gorbah.com/files/PersistedInstallation7563767981055555029tmp

Filesize
90B

MD5
cfcc737d559d1f2e6c25abed5bd199e2

SHA1
a800048a7c3f86adc1a8d55f7c90044e6ae59dc1

SHA256
f16e87fa55ff1f60a01502d9cf43b7a2d95cd7fea83e3845d0339bc07d0f5f1b

SHA512
4f3149b9c93f40fb9940dc9f49a7f195911a5c5bd20dd491cb444c4f4b6893fdc5fdcd46fa1208c969aabc294d19099de707e116094cbf8c040da2b6dbc490c6

Download Submit