Analysis
-
max time kernel
149s -
max time network
149s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
-
submitted
10-10-2024 18:18
General
-
Target
polyvideo.apk
-
Size
417KB
-
MD5
99c506d3910bc12518e6018fe87940d5
-
SHA1
f423b8797862eb17a7df018fe03c7a607947dfff
-
SHA256
f4050b9986beff80b7800ce750ce6d39051e597f024c86f4ea33e3016f61ce65
-
SHA512
05aa3cad4ab98b79fd1451a3b165cb2083956ee82c3727ac49b5d7a16759a6aac3473ac238155bc94333ab146d451ef449ba081fccd0572655ce32bfb016c916
-
SSDEEP
12288:IPP8mCGIWCWAbQLBca09eT+u9iXLP0hf9dn:IPP8nWCWrBc34T+D8hFdn
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.gaga.haha1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
401B
MD59cb7d3ecb10950d03ec4e938a064f0b0
SHA1abd362b921ca4f0c161000610830164152addcfa
SHA2561577047f83b40ea752303a39da550f46f63da7a416efef58f61391581e1d1ce0
SHA51237d9826005b7673bd36f113424e5f10167ed2ea552531be9790149f4073e3e98ebd3dac7398003caa6be24906521ea0ce2ae2ce30bfa738b32766b8b1a980abc
-
Filesize
187KB
MD58b2fab499ed1ae4e6a65b81db8843644
SHA175e1d393281ff9b62af50bd2ad51a3bb01641517
SHA25617106cb4686d5eeac9246cb1d219b202f2b1f3958eac1551b205c599924a971a
SHA512ba3d57a0df75f9fe069994e755f8057dbd5895cdf157900390a9a7e2bf51f9f77b04a4a24a68186c9afd2af278158b9733d29e966cec82db447acf4db7be432c
-
Filesize
187KB
MD5205fe9ba67b46c4c369adc1e689f05bc
SHA18a6d40ee4e6fd890d6ba79e38a2265cbe3363ef2
SHA25676bf2a99ee9ffbd6d424ce55243e06ead91725832b543778215dd1e2dcaaecd6
SHA5123c5703da2be0c9d401c118e9a6576e8cf18cd05d726f8b5087ee1aebc9f234e1bcfd12bb3453a3b4cdc9de78f6a9be476e4bc32baa9591cad9492afc80619be5
-
Filesize
398KB
MD56433e446614644586fe9259d11acb08a
SHA1a456afdd1fa81c878d0d2b69ec609baa1f29265a
SHA2567b67244da231d8d026aeb4a877dbafa0915b6afc96ee36d1d1f2da49007360f8
SHA5123362ffcc1838d7b3d282473abee63e653b6705901719cf03fba75f9e9f375d64895b7469dbc8928fd519febedf1b1a767515cbc474fdf2055c44ec63a41ff08c
-
Filesize
72KB
MD57c382f9d3d98dcc2c42b49917bf5f41f
SHA1fc8cc70424b6d8015855a81dea048e5822213232
SHA256a36c643e29948311d5699bb5489bf61215ff4426e9ec764a905dd4d5dda51919
SHA512f25f072ae0c37eea2e8f481ac82e3294b1e6ef01c6b05d26abfcdd67b92f29476e9ca5a3a1133eca743a72e4a740e58c126584d42a7db1f30557ea79ccef6307
-
Filesize
512B
MD52f8736232fe78dddd98aafc569f46c61
SHA1e41427a4ad7ed4a7926706f82dd715298ec1410f
SHA256c8486ac43fbcad34acc3c6f98b807a50790658991f410754ebdc506a4ba0ea3e
SHA512b33c5a913c8b78aa89a2cc734d2c78aadb5e63bd28221368e2db9e1deef4a8f534bf5fa02569169b79f2895653f799ca59a4348e639bcb57efe0902ee6e8a124
-
Filesize
8KB
MD5e00fd5395eb8c9580924d55e71fed728
SHA16660a09339484ca779d19575b0d3c76e6371b190
SHA25603e18903b494192809a8b2e3ad4afbcf5f91a66868584df2167548e5a5466cf0
SHA512a15357f1f311b27a0c170b200625f7ab03cc641162fce8a1cfe74e60201dcc7b669520256577c3320f7a9e56ce9f8d2fba0abadfce46fb05c4c17c920300ac5a
-
Filesize
8KB
MD52c0b58f55409ba1baac9de3970ec1253
SHA12ed6d0ba98332ae968c424f204c14e746a67f068
SHA2567e138411dc5a182de2600d0f8e256a0e31d8a71c43ed221bbc67286f7133c0b7
SHA512f864dcb3a0bd20e0b1c8166109ab631560f1b3c7ef043ee35c2447159528cedeb22b69a719aedb271e23752f24e27906eea87385ac7009d21de8b953e7163088
-
Filesize
12KB
MD59b94862ef8f5e7f8293ae61cf06e70fd
SHA17966eee52f6a73535f175afbde4d16748e970635
SHA256aefde3e5afff8f9d0a5271f604059813308651e24a0ae009de75305c8a389eab
SHA5128d17e93b374087bd7e887a88f1907c12f4ae61445a38cf1e144afc25e1c75edf407324992b3c6ad210d3d16f379a1d2b1a8a0aeb6cf1fe3797ab0d979afdadf6