Analysis

  • max time kernel
    141s
  • max time network
    130s
  • platform
    android-9_x86
  • resource
    android-x86-arm-20240910-en
  • resource tags

    arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
  • submitted
    17/10/2024, 17:55

General

  • Target

    com.mobile.indiapp.apk

  • Size

    2.0MB

  • MD5

    35b57713d34ed96d3e0d916582cf0353

  • SHA1

    e1830cba66de430bae779e839df280c857e2626f

  • SHA256

    1b7106549255a7e1dbcf8421533aa62e7ee9800219f9afa958dc4e55814e5284

  • SHA512

    97e97725940985d0ae811426ce52f5ed7310e85735375da3edf50e2af44bc0c5416ebcd4a235277c5a427a1bc10b1dd60ea8408ba8246b63ec78ac454b3b3e54

  • SSDEEP

    49152:PS2EbYw7aYCgBhOtwdbjmKg3CNgRllcjfyuR2tOMqH:PS2EbF7lCGhzbqKQC6lKjaxOMs

Malware Config

Signatures

Processes

  • com.mobile.indiapp
    1⤵
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4265
    • sh
      2⤵
        PID:4378
        • chmod 777 /data/user/0/com.mobile.indiapp/files/daemon
          3⤵
            PID:4397

      Network

            MITRE ATT&CK Mobile v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.mobile.indiapp/app_stat_log/1729187758641

              Filesize

              365B

              MD5

              3503653bec0f6aa0d8acda08b129f437

              SHA1

              2026248e050de5b9319ec049a18ef34239de057f

              SHA256

              28fec5b080c7ab8b96e94a48460fe6e4f7a07ec1195974e72b48f215b8bebee6

              SHA512

              db3dcc2502d2ee2c3aa24b02ffb8ecdd84b21c90a5be1fc0c29b92ae3c7e90b5edfbd06bae2896f35a0effcb0c127fbe39a677d5bca69eda571addddf16950dc

            • /data/data/com.mobile.indiapp/cache/httpCache/journal.tmp

              Filesize

              36B

              MD5

              37e8e716e0e2f4a0b05cd9571d95b84d

              SHA1

              f8d068f6931707bddb8cd69f706f2224ad1fea3c

              SHA256

              7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

              SHA512

              e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

            • /data/data/com.mobile.indiapp/crashsdk/tags/PPAIDNI0ELIBOM0MOC.meminfo

              Filesize

              184B

              MD5

              7a34f3ea66e9c469025c5adc1b3acfcf

              SHA1

              4cf90ebf871334134777f682d8525a8dad89ee6b

              SHA256

              e5836e10973f602401818f377217a2b98a2133959afd4697b3120351a21ca9e2

              SHA512

              457dccc0a4e3c37076e6919363810f709c61abf1d993d1c30db6150d3f91b327af25a78bba1bfa98b62bd5978b72769043b0a7e1e690d7aa7efa4a80801a48bd

            • /data/data/com.mobile.indiapp/crashsdk/tags/PPAIDNI0ELIBOM0MOC.pid

              Filesize

              4B

              MD5

              53c5b2affa12eed84dfec9bfd83550b1

              SHA1

              232aa8fdec7dba8e16449e85cfc5077b48349e19

              SHA256

              5243263d41cab9e1cbdcf5a638902b4ca036661f51cc76c33d466852cdec166b

              SHA512

              cda3c3e725c791b0ec7f32f4b9e4157b58b4c432d07e6482978732cafd7c322bca5da1c2b570eb7a634013f5be8fa8cf9299c98c0043e02f3ebf646dc3775cf6

            • /data/data/com.mobile.indiapp/crashsdk/tags/PPAIDNI0ELIBOM0MOC.start

              Filesize

              10B

              MD5

              c833a61783ee6edde8ecb644f8660a1d

              SHA1

              f7ffdcedf8a2acb9824ae0a35256be814486fa0c

              SHA256

              05f6469c0d4e874bdb51eabf3022fb82a9537b42cced22f3615f893cce26b823

              SHA512

              0b0f0ece1dae8c6cc6a508bf21954cac24b49b72b52923d81c38787305d4fc1d3cf9484f9a66c6a876fffae1cfd6cfa47edbadac4c2a94f36cfdb9d442f9928e

            • /data/data/com.mobile.indiapp/crashsdk/tags/PPAIDNI0ELIBOM0MOC.time

              Filesize

              14B

              MD5

              be1d7cc3cfb9fd6ee6d7a085c86d9fa1

              SHA1

              5516ffc7b81729b71ea8a33ecbf7acd1890ca940

              SHA256

              51f02eb7bb5db78c10b7d0264e82b023e1e50497607585fdee5bc4fede3677aa

              SHA512

              516edba447e89522c0df5a991ee6faecb468faf022f00ac03eeca336eb0a6ac1b1e233ec78933e041899d6d8b33f88cbacb267c2d9c2f9626c4db557355f5935

            • /data/data/com.mobile.indiapp/crashsdk/tags/unique

              Filesize

              36B

              MD5

              3574e09805d5fda6f8231530ec108e59

              SHA1

              b8fc6844dc387176f4ac735299870c3bf84971f1

              SHA256

              272dcd75b9b81932ded88cbb03bd95c11c508329cf8a932ad383726e7703dfe8

              SHA512

              014f8bb562527adfeb99ca447f6f5f73aba6df9cf3b781c1fee0e7b0dc24476edcce2f0ea928cc6f6a4d78ab38594975b9ddfbbe4338cda66e785796e792e2b9

            • /data/data/com.mobile.indiapp/databases/WaSession.db

              Filesize

              4KB

              MD5

              f2b4b0190b9f384ca885f0c8c9b14700

              SHA1

              934ff2646757b5b6e7f20f6a0aa76c7f995d9361

              SHA256

              0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

              SHA512

              ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

            • /data/data/com.mobile.indiapp/databases/WaSession.db-journal

              Filesize

              512B

              MD5

              0fc9de4b8ea177258c42870362f96869

              SHA1

              5bb452955059a45f085288ba7916c206b0bd5a4b

              SHA256

              c8f4829f718ea1699696a27aa5b0217ad37142c97a0165986a0860abcd377e86

              SHA512

              2d3f53037bd81ea879e1c538247f5fcba0f47ecc18c3527e9ae4401f08915beba17a828d2ce164fd6448a90ae7b3eaf2717f746aeb82ff5a1254e7ad154c056d

            • /data/data/com.mobile.indiapp/databases/WaSession.db-shm

              Filesize

              32KB

              MD5

              bb7df04e1b0a2570657527a7e108ae23

              SHA1

              5188431849b4613152fd7bdba6a3ff0a4fd6424b

              SHA256

              c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

              SHA512

              768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

            • /data/data/com.mobile.indiapp/databases/WaSession.db-wal

              Filesize

              36KB

              MD5

              eb5264802a79fef097097aa5fbc05bdf

              SHA1

              e73a7e73e9bc074d6cc979356a799afd6351a1c5

              SHA256

              fbcaf3569336293728305aebf4f0952decfcf51bded4280cfa36961cbf1d0b88

              SHA512

              18a6a9582deac446ee56f5a2551bf20cb47c1b13bcd2b8d8e9b3e04a945879bc6fdee66e369e34f2eee0dd904bac5344f89ebc1e38360fac55a9097b7bf4e550

            • /data/data/com.mobile.indiapp/databases/WaValue.db-journal

              Filesize

              512B

              MD5

              7281b8df7200b32dc456b9f1cec40b67

              SHA1

              d605dd8eed0bb613fbde5656ee656fb5d5d164a4

              SHA256

              291569e76fee7c2473f87095754385fdc079d1c4c943ce715fcb26c505c0f860

              SHA512

              2d33ce17648a3e5eec0505a76d3a5e36315e64b8633cf7a1bfe57536316d84149f39da370f366b560fd67c1838ae6668df11d50f58940499be0b76cd5c84aa35

            • /data/data/com.mobile.indiapp/databases/WaValue.db-wal

              Filesize

              56KB

              MD5

              1039fe9fd7255c89d58c08ffb3b20671

              SHA1

              8269e38a5dc10270e4a843b711fcc0460179dd86

              SHA256

              d1f7d8956d72fece0925e9b386e65a8eef0d8dce9e79405ac82b2c0a62ef9d3d

              SHA512

              5d0550eeaa9411f921f59d239e0780ae5c1d32ed69b1f27bb64d6aa77250d4e6691d3d71d74f7f0ba82e8c7bdb3bf4c433703541b21c1ad076514378a2610e01

            • /data/data/com.mobile.indiapp/databases/downloader-journal

              Filesize

              512B

              MD5

              f049fbadacfbf2325e0ab06a7edce048

              SHA1

              19b07d98c852808c85d9a58d307b47560cb0f58c

              SHA256

              8d7ec2b1249b18d155582c4eca29422312101ca0aaba873772fd661f2cc0f67b

              SHA512

              6b2cc23cfc8593a47f13c641d9aab9c7d92f97729f11bc4c71659f1d2aef0984facdb104b4fb9cb9f5ea8476d003abf0fd0425e7fc047177cf98c02b373ed07c

            • /data/data/com.mobile.indiapp/databases/downloader-wal

              Filesize

              36KB

              MD5

              b9aded9860b450850e437589e552cb23

              SHA1

              24dcf22fb0799b2c24ec5f11da3560fcc65e8538

              SHA256

              541a7c82caf737e600c90cc8b073c113c97bc6c95ba8740c201f414749569da7

              SHA512

              240c1ace58329f16b35381919aa8734dcf12d892e237c92687d9e2a93494e5d66da9e0adadc564fd5a0d6e92ea09d1bef69ec9d80926ba8f2bf61fe142214c80

            • /data/data/com.mobile.indiapp/databases/gpoffer-journal

              Filesize

              512B

              MD5

              4a71d012accdab2e39649169a80d444d

              SHA1

              eba96d49b1883b99255b965f947a33060350e24e

              SHA256

              f59071b645cac1780b2e35a92cc2d495468402cc0b01cd0b2308e8103701561a

              SHA512

              9192f09b6feb396f76f5e4a920272e0b391cf113a21c5888527b1b580a7be5664be58f1790de62e0809a29fc9c079efa6d2ede91662127f4fbb5712855cf5392

            • /data/data/com.mobile.indiapp/databases/gpoffer-wal

              Filesize

              32KB

              MD5

              066481066fd6dbda14909c2dd3b38db0

              SHA1

              a8dfa7823cfa51e05741ecdd6f1f2bcd5a4d2c19

              SHA256

              3cf6b5321c8f31d2a839f65918d434eae82383dce9ab326dc91f8d7777c90e41

              SHA512

              69d53c2c8a7677fb3642d1b3b2166c355caec84582dfc6c02629d3386aa05a6ee4faea2d4824f64ea90120d9ebdd497362995eee350363bb915eca1766237bd4

            • /data/data/com.mobile.indiapp/databases/pushmessage-journal

              Filesize

              512B

              MD5

              bab921292b4d31b27b63513f4fc19df7

              SHA1

              593e69654b33d328b3791265eead564d6f064d66

              SHA256

              9d0f642323869d078e58d18a508273730eab7d8735d5c74504db2ab9898baebd

              SHA512

              f77f60063c8338ad968723d59135533ebd8bdc1b6a76cf2167b30684ef9d1ea80e3c05f2d105d1a3444b32f84645a0f91f9e6617d63bbcbaa0631392a9518cc3

            • /data/data/com.mobile.indiapp/databases/pushmessage-wal

              Filesize

              28KB

              MD5

              13df862dd537f88cd6056ba8287dba92

              SHA1

              ea421d3345d7b0396132cd80281cf67790fd38e0

              SHA256

              075c85f5cc7d6729c9cd3dfb64edb2af52d3b9b9a8e0cfa471c8134b785ff5ce

              SHA512

              ca554e13dff894da24487992e1a770c2b9ffc9f6076b61f7b1d6db4c815614ea8bc14bf88f34f73213f01efa394978a72db428441e5b78403bf9739f608f1fa4

            • /data/data/com.mobile.indiapp/files/daemon

              Filesize

              13KB

              MD5

              e415dc9f7ae531ca1da4d00d5a072607

              SHA1

              2d08971ae91cad6fafae2e91d2701b97a5fe9415

              SHA256

              8fa4c27529ddd36b19323cb156d8f186974e8b85e02ea6ee6167808508198d13

              SHA512

              ad1e166987dd3c4894e95ec13bde4bdb4dab62fae88327f82af235a80d5e22f201fdb66b2171257b4d4dd003794ba682f7aa064de57867d5afeb8cca672b18e4

            • /storage/emulated/0/.DataStorage/ContextData.xml

              Filesize

              111B

              MD5

              bc761261a2e0ba74a01df643ef770ab6

              SHA1

              9a929df46bb8683969b5b536835b330261252b02

              SHA256

              0fe53d933f5cb92f11e3c42a3d949240211939620c7d188402e386997f3a458b

              SHA512

              5fda589a092a77460091992cf25254cc32d602565e38c1d9ab25cac7208b404876961bfc10c12a0779647b67526ec406acf40023104828ea584556fd81b213c2

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

              Filesize

              111B

              MD5

              c58953851a7a4e6e7de180274ef6fa62

              SHA1

              ab7a3b02de5f82fbdd02a0860bedba6880a9f21e

              SHA256

              1cc9f3cc51bf28e1ddaba52154c51f9ad4259d0ff532c02eb1afb597557229dc

              SHA512

              64d5329390cb169ec8be92d979be0aa890ceb816e3b59a24bc5b5097b59186d744a54e5517eeada60e7b68ebe59c37954ddbef2ca1ed96a5d8fdc94bf3bd0150

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

              Filesize

              167B

              MD5

              07da459ae55680572bed7af7057981c4

              SHA1

              ce8bcd401c5a531ee91b8e25fdaea28f130a7537

              SHA256

              50ac9a8a54c5fe81ac70e3004db52ff4c2680a987d714b017f7bf0a664cdc0ec

              SHA512

              411a1a7ac037f98cea267a19296db5c1d1cd5d6e04c0da1a793b2e005e9ffb33435a1794be61de66e8f897b68c3ab7dbd9d6cbec1400e16517c8150250bf72a4

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

              Filesize

              65B

              MD5

              9781ca003f10f8d0c9c1945b63fdca7f

              SHA1

              4156cf5dc8d71dbab734d25e5e1598b37a5456f4

              SHA256

              3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

              SHA512

              25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03