Analysis

  • max time kernel
    5s
  • max time network
    155s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    22-10-2024 02:01

General

  • Target

    f3ee8522c46e31269449c58c69369f93a525201559fda2a2eff1d2d205f4f778.apk

  • Size

    7.0MB

  • MD5

    d2e511a1e5836f0557c695eb23307711

  • SHA1

    7e0c6781b9b560dc958d38786419f5a09dcf3cf6

  • SHA256

    f3ee8522c46e31269449c58c69369f93a525201559fda2a2eff1d2d205f4f778

  • SHA512

    56e6f6fa644e564533f0727dfddb3b22229ddffb550a8f72db58071bc48b936c3717f61a06071976b0dddef7c5381119e2e2f9f6f44c3490fbbe33bbe96c4527

  • SSDEEP

    196608:debHCUOigkvgP45yCG8Ii8Z1v1oGKoBbq27:d8iUODHrG8jdo7ow0

Malware Config

Signatures

Processes

  • bot.avesta.uno
    1⤵
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4251

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/bot.avesta.uno/cache/~test.test

    Filesize

    4B

    MD5

    098f6bcd4621d373cade4e832627b4f6

    SHA1

    a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

    SHA256

    9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

    SHA512

    ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    1deb88b39ca284933780809ce071af13

    SHA1

    ec06627b0cd9a7d3af992a8a8e52f06c2c61fb59

    SHA256

    1c73a1b315cac6fbb15da702363f59c672251d9ab786a7622d52e2f1f3cd5801

    SHA512

    66ac0e027201740b8660c32bfd5203975858a673fb93b41dbb536bba206f174eb592209ab2db58d4f5e27094eeb03b28cfa5519ed0260d62205e143f33ca610f

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    7e86e30c65c959af2357d988f6f8f849

    SHA1

    4e03daa21e7efe1711049fc888b04add2784d8ea

    SHA256

    7201d5f28c8e8d242b17fa316ae91c3f75cff45b6d57ab16922549c37207c529

    SHA512

    450d4f7d4804f4adf9ca981b80504df4da252aeded16b0d8bb13ca8c23445b913399f9ef7e870565fb25a9cc669bccfe901db755799fbfbb0edb00beb17d7792

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    95d8199c3cd9af095f0481a529746d95

    SHA1

    5dd74d288a8b245227800d977f22348bbe4c4a91

    SHA256

    d1c87faadcced30b9de8788f925b791220ef2119499b91d5b16bd1e0f80ef01d

    SHA512

    60949d0c864e58b203c7b51d0a41f454e30288f63f73c6f20cc5d36c0ff7d737d8d26d5cd77ceaea7b8c8ae60121115a44d5bc38549c269fd3cb1fe310e1c1a0

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    88eeb1b42f5a7ff11675d8f1b9886dcb

    SHA1

    8b8a7f723c4eab0fe72489bcba060dd9c04c9d42

    SHA256

    f1e76656d23a2354129653f1f26c5afb8e4c6a3c3e1bc45dd15280d39d10ae22

    SHA512

    aa64fa0449dbb2e1d7c78eb12fc8afbba1148bf0c6025b84e2c0cf0dfb9dfdad85ec0fbd939d96d15558e9a8659b82ff1d6f817d863eab1d4e3674b8884ecc5c

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    b847d87ccbeea157df9d1f68b89098ab

    SHA1

    5b327f7f4ffba07d52b8d076dee255461be915e9

    SHA256

    cd4aaaacb39f936cbe76c93040e55c3111f8afae4b693268cd52897d2248aba5

    SHA512

    d5b87da9cb2f832a0d8c0441facb8b022f09e2b16a70b16abf9bfc1e1b539911d205fd1643112520702d3a8fc6e82c04c581d26cbebe4830435f4cf8e063ac29

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    c4c871ad30a9c8519dd6da22a0537210

    SHA1

    1a86b8591017b30c2e758810cb8f3519dc42e581

    SHA256

    3af1c130d2fc6bacff568c8019244da2d8f17a61566dcfcc4b926a9028912624

    SHA512

    a2864cb269ac69182072f73dea2ade7038eadfdd0574e4e6844f2ce443014965be4ac90089cf1820ee72f1486e63431d2a3be3af13f2dce3b28420a4e0ef3bd5

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-shm

    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    bc353af18957ff2c5bafa7b59fd5004f

    SHA1

    05dce56c1562b2a8411541105a2a1b470a641b53

    SHA256

    49ffd5c83579f0333982d545fad25a922b8d0125d75a4fbcc96eb664b0cca61c

    SHA512

    25749a5cee4b7b7b50989c87a14ac59cdcca8a6329b58e8249d14c6f9078ed43a366d0e502030a5fe2e547d867f3f8edc140b1ed6c3882774db5ba72d1f83894

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    f9d1fba06b2ba850787d9a5db10df031

    SHA1

    92daa01eeb004fb0d385a77d29e121eaf5892423

    SHA256

    f268acdc8c7e3fcfc1cc63c1f61d1d9964f6c275d8d805cf7b52e1f4e7e0fac4

    SHA512

    cfa8a45a19e5fabc5c82630f64454ed013d427d7d28ff642d9572685c3f79b92b159da9f9dbd14b1cc07285507ea7f358c8239fc3c62bb6ab0e0797467c53865

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    a7a09737b69d47ca6d38550c23c706ab

    SHA1

    28280dc2ae81e2a4bb088da801b67500b050195e

    SHA256

    e61e7390a06ca8cc404fd7a5c664c70dffd505447cd171bddaffe6160f1a88dc

    SHA512

    04f3657b760c9cab5af1ebd7e967a25705bb912131598ba39ff5992e5f1421347693b287ce2236ea1d3d079a8cb59ba24ffd2d3fd83a36910c326493e6a0f469

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    b9182b797f35c0bcfbf09d4e34ac307e

    SHA1

    30583f0705e6d0196f9e856847e99b6725d1d83c

    SHA256

    35ca0249c02f2d1c66101f42c3daa8b820abcf541403b369a6fe5e4fc3b55b42

    SHA512

    a6b583b8a8f8e78b477bb509f1ad5bfcf3835dbf61779111e257eaba40b21a85ec5a5c29c12bf5b5e38232975e0c7dec46fb1cd91c7bdd31adbe3cbf067d262e

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-wal

    Filesize

    36KB

    MD5

    c90e5fab795c762d0156faf272295618

    SHA1

    dbd85a11f7b44b7eff7b59b6ca8c4d00819cc04c

    SHA256

    d7ea51aef9c9357eeed0e8d793a2f113371f4fca8ce591cafa4fb349526f6d09

    SHA512

    8821f26aac726f8557d62126dfee06c60d582e65888e74715b9554db2bc30419be69f9fb8fda3471db770e7168e2954cc512a0e2e43345cb27d5e459acd62deb

  • /data/data/bot.avesta.uno/files/PersistedInstallation7193414036846155443tmp

    Filesize

    90B

    MD5

    1d52531118ca75ed50a18443e3bda263

    SHA1

    14f8542bc8e1265d0d3cfe5d5239e0d044fa1165

    SHA256

    3087beed0f48dfd9b9c6a62eaaee335bcc813758d2592ac5650d9659017ebe4e

    SHA512

    a26681a0b96da940fb605ada3435597a3ca7af6b7afb1594c4633db8f486e7f9b219eded603f963a13728d64f2923ff5842d6c5a1ff91e7a0d7b9e8c16b51487

  • /data/data/bot.avesta.uno/files/PersistedInstallation8152286891190680258tmp

    Filesize

    569B

    MD5

    8aa68cf2b819005cd95c36ae120ab462

    SHA1

    7dee7f32493a8100dacdafc21c8d72fa192e7b21

    SHA256

    602ab328527a8269972c75e1d0cd0d1ff61f157504b501a902252ed4c6273dfe

    SHA512

    4470c41e77acc3b66ff375b2deb4066d9106678ffa4656559502cbb2cc4d6ec28c1d07793bff5e10656cb52783f79cc31ef3104faeed154b0f1b6ed2f8fc81a6