Analysis
-
max time kernel
21s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
16/10/2024, 22:31
Static task
static1
Behavioral task
behavioral1
Sample
d042bbd220d0edd3723d18b0cf55dcfbf39a39ec95929809dffad9167e8901e8.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
d042bbd220d0edd3723d18b0cf55dcfbf39a39ec95929809dffad9167e8901e8.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
d042bbd220d0edd3723d18b0cf55dcfbf39a39ec95929809dffad9167e8901e8.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
d042bbd220d0edd3723d18b0cf55dcfbf39a39ec95929809dffad9167e8901e8.apk
-
Size
4.5MB
-
MD5
97647c47e4fd5076356912b81d46d3ab
-
SHA1
7e6dade1567ba1385228739ff5e45bf3206dcd46
-
SHA256
d042bbd220d0edd3723d18b0cf55dcfbf39a39ec95929809dffad9167e8901e8
-
SHA512
19eaa8da9cd02810241e89e67104c75d68e438cfc08580e502159fea92e8091cca97216f5710071716aab99d6ec9484226cede68eb29a6c3c8db4b3bfe5f88d6
-
SSDEEP
98304:7/991NO8WDoOPxEstvef3iKO89m+S126ldhc4WfrS9:7/NNO7DHhefl9m+U2odKbro
Malware Config
Signatures
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.rhmsoft.codeund9013 -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.rhmsoft.codeund9013 -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.rhmsoft.codeund9013 -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.rhmsoft.codeund9013
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
33KB
MD5475fcd4b7466c768f8c70ae38c5d2775
SHA16a90fc7cd87281f0e260385890a403ee601dafa0
SHA2565b82ea4e963448c6b09cc571d29ef7384631d0420c6545bc2b010c02f6f216b8
SHA512d41c5c6ad22ab50aed64de67133287a2b06a890298db9c0bfa187dd35c4ab38784fd615a7c78b7c0b2edee202fa8e5d1b84e3d615a42016277a748924028047f
-
Filesize
60KB
MD5e92dc383e30ba13e3cb9aaf68dc1011d
SHA1f8428eb317512836ac84710ce9cb7c0db159e19f
SHA256ea9abbaca5b9703dd7b624f37fb8c330128164f3f61779a1437ca570910638b4
SHA51234cec72f58c4a590802fedf9cbf417a53a418654e750472044419bbfb7fed4f9643b701349fb29f2056022e01a06893638a5475a3f59588e4ef92da40ce33e6e
-
Filesize
20KB
MD5faf3dd102df1c807fa68733cccb4eeff
SHA18ae3311d8514668d1ea1623c9225271dde1103b0
SHA2560844623efacf5f0237f9259c0412bd44de33973a072bd787c4648657b917eb81
SHA5129063fafb4435ac02d3214c01bad96903bf11c6e31e92c0440cff99c30d526d038ef9faa1a133913b0c8fb2861359a445b9d9f7a0188a6538c21f95969770988c
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD52ea9618a3df843195eae3425f215dad6
SHA1ea136f5d6616783820db217f7a2747678ad7a3fe
SHA2563a164527a1d66bf039638174246d5a63512a66712569d3ee8dd5cbf298e5de86
SHA512f2817cf692f79248bfce5daf04edfc1f73f6cb27ff084a373d12d0e7df1375e7759b44fb769610b7070ddad5ab319f042030b2f0ac0c4714a634a3a45764b8ac
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD57fa361fca9a48d7746b6badb6a6c41cf
SHA1af563b88c80a752a37a3765d02faf2bb6c90e195
SHA25617040c1fbf79ed85f7bf4651e3df20ab9cd94fb87f170c1d7d41d16e471ddc11
SHA512a7deb0229e329e0c4fbfed4299ab7665ca0c800402ea2028280e0bf976d501ba60af2ac4377a1aebe7cae7fa8e4e6a7a6abd412f4a37b4bbf5261b4774c22111
-
Filesize
108KB
MD54c982e3eec83574068d8776f95e17a67
SHA163b2321cd5b5051ea0ef89c81f128bec6e3a0924
SHA256318ce5f21cb4de199e5c4f151ca4d1784ecb80453608e1a93b256f410e84cd80
SHA512f239a1242412ef79d04203d73f4158f25b09ebc3658769714da5ce70b6a52f3b50fb68505f041eb135ce8e440149792ceb63503ec8d03926a3b8f1a0fb2cf1d7