9ec12b882b331167b8148f51352111467867fe74b84bd05f7c8e489a9b33c2f0

Analysis

max time kernel
149s
max time network
163s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
09/10/2024, 04:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3.apk
Size

2.7MB
MD5

ea1e581e75660da6659d6a605db6007b
SHA1

9e8c7eb79e629e9fd31689db36afbeb3599cc11a
SHA256

87879b28ffa6670fd95e274e5331c515ee8f19d77e4841a7d66acdcb992efcb3
SHA512

db11192e633215244625154acdcc64ae66333e9c5d66dabbbea2029d1b2655f556b70e8a34999a08a380cfb9ec728fcef9bf11f8fe357d0f4de9e78ff5c0b8d4
SSDEEP

49152:9+CSeAAAeAAAACCS40hAAAeAAAASr53JL+VW+2lNSiFGLqHm0Ot:KZ40ch9lYaGmHC

Score

7^/10

collection discovery

Malware Config

Signatures

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	com.shinhan.three

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.shinhan.three

com.shinhan.three
1⤵
- Reads the contacts stored on the device.
- Queries information about active data network
PID:4929

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Protected User Data

T1636

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.shinhan.three/databases/sms

Filesize
24KB

MD5
c4468b2c22c8b9a227d7413f9e7b9b89

SHA1
efc9d5ebb4ce59b736a816f66a15a3362e80eddf

SHA256
52b47940d141400bf3dd9625feb38108c90a18e8ae08b120035b8ddfb1318cf0

SHA512
c3ccb6d0a34b625cabc99ba4c668804fb936f363f3dff43116013befe57e08be5e1a3713fb473e18f3e2e49f3a4845e228e479dea63a3c7bc8fdb73f10e3162c

Download Submit
/data/data/com.shinhan.three/databases/sms-journal

Filesize
512B

MD5
ffd78597746726bacb7e16af8a5dd5c9

SHA1
c4cbc5e3acb978618876f936ceaf2baf3ac42689

SHA256
cdc77a12c6a14ba10208aec5201e8a507b84adde104c3b2fb258ddb6717ad8f2

SHA512
e9734f0124861cc16f0880335768ba99dd6a70e5504cd5e64be8f463f45fdf8641f1104ef5bc16e7c36d9c74a118815085c74bf9fa624d7f9bd687e2aaff7f1e

Download Submit
/data/data/com.shinhan.three/databases/sms-journal

Filesize
8KB

MD5
fd76f59c218c44bef25f9d96fc7f3331

SHA1
ed695833066256ba2331cccfd333b35e9eb5f621

SHA256
fe1fb8778c2b1ec1658e627fdca8b769ccdd99dad560b1509717f9a11731468b

SHA512
1adc2108628a58c351d1c70de22117ffd69a182c5a071bf5c60b76ec4e236e94526e2dc74a62d8459cd911c845a1f39833104a287242ec6753739dcf035f7ff3

Download Submit
/data/data/com.shinhan.three/databases/sms-journal

Filesize
8KB

MD5
dc2450b934115c0bea6774ae40033f15

SHA1
d5d26125784d5ba54ee16ec0e2d0369a18fcdc39

SHA256
ca2ed2ab888c56fab59dffe43e9ccef3165930ffca08742843f35d44c23b9754

SHA512
93e65196d5dd129d5c80a3adfa978324ae4ec25119c265917e7bc32ec25ec8a1888a075716e35634a282b603f2c5543416a0f066f05302002add6460073d8ea3

Download Submit
/data/data/com.shinhan.three/databases/sms-journal

Filesize
12KB

MD5
ea1ad020960873499c1befc8ebb63bf3

SHA1
b54f763f2c88c8ffff53bd54561b2d8ed84651d5

SHA256
549dbae5d6382f49a3cbb1389e2962f9db0b8b2ac56e02e7c60e1e850afc5db0

SHA512
7dfd5ee0bee35ab0dcb6ac8b074df16376585deb0c120ba70d87a9ee2791b063c634d470fa44c78b7c0a159f451f79c55721e5aa7b1a362ae2f219df03ec2600

Download Submit