Analysis
-
max time kernel
102s -
max time network
140s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
-
submitted
22/10/2024, 14:49
General
-
Target
M-Pajak.apk
-
Size
13.3MB
-
MD5
22589c88ea4433d63de48cee420f0022
-
SHA1
5261b6094f1a662f80eb6e844bbd9a85a9e56f2d
-
SHA256
963fac088db79aa85dd74791c78da007b5402a8b9df1e75cf919f9ae14ef3fda
-
SHA512
5e0b4066942ecfcb16fe7021d332a460f43bee6636128132ccd3b0069cb75f9fdcc21f133c3543771a72e93bed7010562c960d72d21d5ffc9c448f96d0475586
-
SSDEEP
196608:D7pN6ujPb248uFxXEuUtxwgUuKYC9yfI8iL/MffAno1WEL9loVH8MLcM3JV4teZs:XnjCKxXaxwosAWL/MfYno1GHmMdOgo
Malware Config
Signatures
-
Queries account information for other applications stored on the device 1 TTPs 4 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device 1 TTPs 5 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 2 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 5 IoCs
Processes
-
com.sextest.test:main1⤵
-
com.sextest.test1⤵
- Queries account information for other applications stored on the device
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
-
com.sextest.test:main1⤵
- Queries account information for other applications stored on the device
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
-
com.sextest.test:s11⤵
- Queries information about running processes on the device
- Uses Crypto APIs (Might try to encrypt user data)
-
com.sextest.test:s11⤵
- Queries account information for other applications stored on the device
- Queries information about running processes on the device
- Uses Crypto APIs (Might try to encrypt user data)
-
com.sextest.test:main1⤵
- Queries account information for other applications stored on the device
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
128KB
MD5e441ebdec39b2824244aa235f6bddff2
SHA1114e188d33fa98e8987e7517b3f32e954df3657a
SHA256d77a4c2699441eea3f0bdeaa04de5bcf4f713707fcfc0bf2d73aacaeb9cc56f8
SHA512aa34a1c686ed2b804de7319850b257746fc1f39e470b059eca37756682a70739346d60d54b8710962a33032d04480622ed5fe51288e226f58f1aecdf71b96f42