f76f32fbadcddaa3cc6d0f8940fdd896a441e7d9df963871cc210a24483aeb86

Analysis

max time kernel
149s
max time network
135s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
12/10/2024, 19:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PEVZ Hybrid_✅SIN VIRUS.apk
Size

70.4MB
MD5

0cac891f91abe66c228e95962b24ad7a
SHA1

a0fe6b557640650feaf0db5d1ad4e5952a0a6327
SHA256

f76f32fbadcddaa3cc6d0f8940fdd896a441e7d9df963871cc210a24483aeb86
SHA512

16f6e37a921cc24cef14bce13baec9c662ad5bb8089c1ac108c4d4d135615e58f1c5f0608513e80e29dda8081eb270dc567acefbdabfab7d6661cc90c5bd591b
SSDEEP

1572864:8ANXDSYR8iYJ+4a2wacixnRs9QMEM/eu8i5Q:8ANOYRb6+47w0xRsP3eSQ

Score

7^/10

evasion persistence

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 TTPs 1 IoCs

evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.hardware	com.xwg.pvzzjb

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.xwg.pvzzjb

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.xwg.pvzzjb

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.xwg.pvzzjb

com.xwg.pvzzjb
1⤵
- Checks Android system properties for emulator presence.
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4256

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/data/com.xwg.pvzzjb/files/il2cpp/Metadata/global-metadata.dat

Filesize
4.5MB

MD5
7536e23a3d334ab58b4cb0c47f3154ac

SHA1
27e1643238720713a2a5657a842ffcda564c0ec9

SHA256
41daeeaeabf34131e21193b883ba609f31e09859ed2ac30caa4d85c761ae15fc

SHA512
adf2fe42c28ebdb274ef41a7eee82ad0cb720d638bd2289f56df7d15af3e062ae04a021f525a4d024bf72bdfeff47d362ed3dad19aca9ff26798ce5ef87b0e35

Download Submit
/storage/emulated/0/Android/data/com.xwg.pvzzjb/files/il2cpp/Resources/mscorlib.dll-resources.dat

Filesize
329KB

MD5
21d06dbc8af6432b2b49536ed30609af

SHA1
11a1c0e2ab2f8c06fe4507535ed47e0dd279a60d

SHA256
c5baa176a5b72cd545266340e42102d393a5e43d38c95796bc828918bb95277f

SHA512
2971f54eaa14c3ce6e2352e5a1aea5b044f0894bf4eac92de8cd92515b6473b5ca56ebfcad4369a9d4935cbefea2540a83f332fd4d832c37768310e8776ceb5e

Download Submit
/storage/emulated/0/Android/data/com.xwg.pvzzjb/files/il2cpp/unity.ver

Filesize
36B

MD5
c48bab19c0507e232d2719a6a90f2c15

SHA1
db68fda765feeb310c2290d1f79a612e2a9182a9

SHA256
58e86384af85ca98b71283dc9461edf4da1d281ff10d05656c57cf689f3ad6b6

SHA512
fc04ef55b627975c82b23a9a9e95538678021b6d4d41fad7f05300bb9be1328e1b857b0bc53432f3f1d343e91f23a4ba871ce31cef2acacc1cca80efbfe448d4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads