Analysis

  • max time kernel
    22s
  • max time network
    129s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    16/10/2024, 22:30

General

  • Target

    063e271cf54cef4a7885bd214edb462f68864133d99c73ba1a0e5ecdcc3ea443.apk

  • Size

    4.5MB

  • MD5

    8850aaccf28b2a63bfdaa1d333be3c95

  • SHA1

    fbda01c51a91b3a53f7a9c888c7bb4dd436021de

  • SHA256

    063e271cf54cef4a7885bd214edb462f68864133d99c73ba1a0e5ecdcc3ea443

  • SHA512

    657685e20a79a910953d82356e4443a61a766d4a7acbb8389e52f5d93ddbf9ba06384e6dae2d8609075c56d948a31d8359c354371db9a534d6f4bb2dd5cd4bc6

  • SSDEEP

    98304:tM5Mv87MQ6NyJhq7E3iQqUjBYCvvUcxPmxKULGYqTu+cZpW34B:eO8l5X/HdvvUcxP0KUJv+k3B

Malware Config

Signatures

Processes

  • com.rhmsoft.codeund9013
    1⤵
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4244

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.rhmsoft.codeund9013/logs/20241016223109340.log

          Filesize

          20KB

          MD5

          0a1b09a4c5c0d998e2229f24444dfabd

          SHA1

          9e0fbab538e9ae222cb7f4eb5a85c90ed840a18c

          SHA256

          60f4fc8e790bffc3e9848990cb1be30ce534c442bf3ffcc68cda72be8d812f81

          SHA512

          0e34916a7a34bc894bc5c5988bcffe6a14157d28184bc99033da606f9b1f05a22f2ca904584353b4c665a2b95123a7e5f1b6d4b415c7a6ccd3826ee692515169

        • /data/data/com.rhmsoft.codeund9013/no_backup/androidx.work.workdb

          Filesize

          4KB

          MD5

          f2b4b0190b9f384ca885f0c8c9b14700

          SHA1

          934ff2646757b5b6e7f20f6a0aa76c7f995d9361

          SHA256

          0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

          SHA512

          ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        • /data/data/com.rhmsoft.codeund9013/no_backup/androidx.work.workdb-journal

          Filesize

          512B

          MD5

          59af8b305d45d7c8e4c2f1bd34611272

          SHA1

          2eab5ba928d4f4ac54aeb82b8e89ea4e99791f9d

          SHA256

          a349c5c822956ab3aef0123029b086fd71bc89bfa442bf8674fae81e03de984e

          SHA512

          7361ee075b684281015b902d5e74fddc0206fbb556d133890e357240684007c13babd76acd3160379e7d1139aa654a9c6f8cf194f2288393e55ff00e548da57b

        • /data/data/com.rhmsoft.codeund9013/no_backup/androidx.work.workdb-shm

          Filesize

          32KB

          MD5

          bb7df04e1b0a2570657527a7e108ae23

          SHA1

          5188431849b4613152fd7bdba6a3ff0a4fd6424b

          SHA256

          c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

          SHA512

          768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

        • /data/data/com.rhmsoft.codeund9013/no_backup/androidx.work.workdb-wal

          Filesize

          16KB

          MD5

          d68ebe6833640bf7128641d27fd53e27

          SHA1

          230962866746fb22527a96c9ab8a58f92342417b

          SHA256

          11153049037740c5b2f3a658b21c235415325032ab9d3710520de70c7da70880

          SHA512

          482e5e63cc4f0c565bfaa2bf2695a2caa490fa5a15346e03293b5285c913ca1a77f1b098549fda91244700d81795c9d779af092b0a34abf9a94a0785740f23fe

        • /data/data/com.rhmsoft.codeund9013/no_backup/androidx.work.workdb-wal

          Filesize

          108KB

          MD5

          4e567ec62885f6c236765c36b59ac900

          SHA1

          4e5d2f3fe6ce82425f54bc1a0478697e66009a4d

          SHA256

          031dd6de14a16f90e9317d2e0e7cab18317dbc0b5f7b5af6e271d88699567f85

          SHA512

          720b501675fb376c916b4b1fd2931520d5d2036cf66100ce931a17bab0046f31dcec88088fd06233fc1e9f532b5b19c9594c249fea8c58f32d9f1f35201c4c70