48bba46a14873a60c87c0782d52c75105a97b964d76aebd655f3017d038536e4

Analysis

max time kernel
7s
max time network
157s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
10-10-2024 01:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

48bba46a14873a60c87c0782d52c75105a97b964d76aebd655f3017d038536e4.apk
Size

10.2MB
MD5

94860856a9e5d083297c38df70b2e788
SHA1

502617ccf44d8becd07e0d847f628d2ce68affcd
SHA256

48bba46a14873a60c87c0782d52c75105a97b964d76aebd655f3017d038536e4
SHA512

4c7f9004c95c45d19177fa4affafb19dd7b0d31832fa199de7ccb7b1dc3273e35eb16ea486de5eb283b158cca5eaf4a0aeb3ab1185b9270e805af433a740284b
SSDEEP

196608:kniN3TP0uiSUWAuBAJjmsURMvLUFIi+XtE9J+as6sQnr+SurRCBCM/L:kS9iSUKBomsJU/l5s+rEcH/L

Score

7^/10

evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.kjfofcrlb.gvqjheqpe/app_app_dex/rnwvegn.lvh	4923	com.kjfofcrlb.gvqjheqpe
/data/user/0/com.kjfofcrlb.gvqjheqpe/app_app_dex/rnwvegn.lvh	4923	com.kjfofcrlb.gvqjheqpe

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.kjfofcrlb.gvqjheqpe

com.kjfofcrlb.gvqjheqpe
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4923

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact