Overview

overview

7

Static

static

6

3b5334c2df...18.apk

android-9-x86

1

libmvNDIy.apk

android-9-x86

7

Analysis

  • max time kernel
    3s
  • max time network
    137s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    12-10-2024 17:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    libmvNDIy.apk

  • Size

    576KB

  • MD5

    d287c0b01b8baab8a77d1d4b6f0ee8bd

  • SHA1

    e9588806d40fef1daae6715286060eaf033ed880

  • SHA256

    530626eb5d8e127872517f022118bec01f2db9e6f84aff68614c69674365d0a7

  • SHA512

    4104467f9073f8d9fa23b97c59d4ac332d014c828d4dedc68dc8dacd3867ec171192328f9535140c8c4c74439719123524e058e08f1f614cd5277f234576ae95

  • SSDEEP

    12288:66g2Tjp5hT5dqTpfrcYCPUE243mRrq0Zfit04YsiQCSEb:6aT95R5cVfwYCPaRvZqt0ZQnEb

Score
7/10
evasionimpactpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • wc.wcblgcqlhu.hcrp
    1⤵
    • Loads dropped Dex/Jar
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4219
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/com.rx.rxwgbxlgcp.cxmk/SIwj.zip --output-vdex-fd=44 --oat-fd=45 --oat-location=/storage/emulated/0/Android/data/com.rx.rxwgbxlgcp.cxmk/oat/x86/SIwj.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4276

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Android/data/com.rx.rxwgbxlgcp.cxmk/SIwj
    Filesize

    341KB

    MD5

    851f4fa403cbc71141fa804b2ebe4f3d

    SHA1

    7909e43e723969f13020c260207ee1720c6b2e00

    SHA256

    dbd46e9687a409963508e1626c911cec05d5a1c26167b2dc81156c5fff2626c3

    SHA512

    5f5182833e396aa02648fb794dbedda48f46eac508c2d23baf05034ade2cab7eaa01fb272f1f705fc6817437de7da4ea4ef5181787a3a523eb5da419802cf004

    Download Submit

  • /storage/emulated/0/Android/data/com.rx.rxwgbxlgcp.cxmk/SIwj.zip
    Filesize

    341KB

    MD5

    c5a9443c1ae47ddec07818cabf4a4848

    SHA1

    37929be721e89dbcd46ca999d205eb57463bfe72

    SHA256

    57516f7ba59b4f844d935a42ea00f41de962c7f8357b2526cacd0ccfaec648ae

    SHA512

    f3b561a6318d0f7ced1ee62584816ae294fe168369581cc5ce453e30b553b07781597a570c5f2447c33b6ee184bf139f7444850969944cf540495dc909275045

    Download Submit

  • /storage/emulated/0/Android/data/com.rx.rxwgbxlgcp.cxmk/SIwj.zip
    Filesize

    33KB

    MD5

    f0a6d3b0d0360c279832d8760428809c

    SHA1

    1d886ca5472daaae247cacab4be5ab533cd1587f

    SHA256

    0b14ebbbde22707b218ea6013d13bd1cd1456db6887517ecb78b28a92d5ab2ed

    SHA512

    0141831352d7b379340b5f0ae871bb6c39382490c8568f7f584a69f4101cb95664f19f611778c8359454f78a4020d80c7ac995c949c6d071179f91b1b26f0a79

    Download Submit

  • /storage/emulated/0/Android/data/com.rx.rxwgbxlgcp.cxmk/SIwj.zip
    Filesize

    33KB

    MD5

    784ea82e2d1fb2dc2162d1892549873a

    SHA1

    165e6e3a681fbbbfe6e0ab1fe38e8c58da7c97d0

    SHA256

    fb2d190b25a47b1d96a314b0aebae8e15d2bca64025d5b87998e26b8e668b9fd

    SHA512

    9dc6954038aac45aa0833b89a7663d37568c0c46b6679ccf258e0dacda41cbb4644a02a98ae4a59aef548a7aaff35fdfd517db7b3413b471902ef24887fd2bdf

    Download Submit