hxxps://gopeed[.]com/api/download?tpl=Gopeed-$version-android[.]apk

Analysis

max time kernel
74s
max time network
647s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
12/10/2024, 16:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://gopeed.com/api/download?tpl=Gopeed-$version-android.apk

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 6 IoCs

Web Service

T1102

flow	ioc
70	raw.githubusercontent.com
72	raw.githubusercontent.com
74	raw.githubusercontent.com
75	raw.githubusercontent.com
76	raw.githubusercontent.com
78	raw.githubusercontent.com

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an application to read image files from external storage.	android.permission.READ_MEDIA_IMAGES
Allows an application to read audio files from external storage.	android.permission.READ_MEDIA_AUDIO
Allows an application to read video files from external storage.	android.permission.READ_MEDIA_VIDEO
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to request installing packages.	android.permission.REQUEST_INSTALL_PACKAGES
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.android.chrome

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.android.chrome

com.android.chrome
1⤵
- Checks CPU information
- Checks memory information
PID:4274

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

files/dom-0.html

Filesize
56B

MD5
cecb649cb1fb79c3736936fcbef3bbf2

SHA1
2c95183d7d2b0cd68d15b3c4115189351fc08720

SHA256
09bda72e7c32a69e3268e0ebd8caa33684cbc954dd00c7d93a38830e348ef324

SHA512
b8aca3cf0ea838093bd29b70ead608597260b0e35886d491d17c304878f99510fd885d96a191080acb5b706a642253bd9cbe5065ff234472b048fcce282061de

Download Submit
/storage/emulated/0/Download/.pending-1729355155-Gopeed-v1.6.0-android.apk

Filesize
62.0MB

MD5
a18dbc3582ffdb1e2d3bad3add0f7b4c

SHA1
780343384287e353b0646349c6ec3ae71e883051

SHA256
a68ccae941dafd8c4fb2995191a4fa2231331dfede78acc27ddc2e4e185409b7

SHA512
8279a2faa5e441b62ae74dfd3105ebf69dbca94502d62d43a71365a39a55cbd50be4b45b20cf76f8df7382cf9d57cece56d63a490fa30364dd7d20822e900214

Download Submit
/storage/emulated/0/Download/.pending-1729355155-Gopeed-v1.6.0-android.apk (deleted)

Filesize
806KB

MD5
5ab4fb95b42f7f50c7a16f218a3cfb6e

SHA1
23ffc27a996276b5a3554c52b652223ca6529675

SHA256
b3b8b97e8571467951ac6e56a2b6d95c166add6560bb21ec47b3888291e3dfe1

SHA512
dcc2d297be493529bcec6668f73aecf2bbf9b9a7400ee99b34f1f9807f2a17b66d45f2fc72053225f3772f65f711c37319d862a46805fdf36165d8644ba79807

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads