aef6833f387c0f692b5299479f8926b16fc44b81485c98703db9663c1f1c5b45

Analysis

max time kernel
123s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
31-10-2024 13:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

3.1MB
MD5

5a51b3bb0de6a69ee0f6afa3d87acf3d
SHA1

81a211db666782fbf04312c510c439e6b4c2d333
SHA256

aef6833f387c0f692b5299479f8926b16fc44b81485c98703db9663c1f1c5b45
SHA512

f5b37d7c3e34202eeda34c7c5158f1adb2b0224758adcf2596d6b7fe50678cf1f2b22fe89f5656cbd6f572382b884d669dc688d0a503ec612cfe2a41c4d8f686
SSDEEP

49152:4/71YJslBMJFRO6MdkbQ0fiYy2DsuqATeHjs+GotMHqRqQs4PG95PiuhttZ:muIaJjOFWDx7qqdUmgqBf6ub

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.Mad.api

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.Mad.api

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.Mad.api

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.Mad.api

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.Mad.api

com.Mad.api
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4256

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.Mad.api/cache/2

Filesize
23B

MD5
140a24ecf018a2aa563ec06556cc2ce3

SHA1
1a4b595ea0bbe861a3152071d73cf324f6502aa8

SHA256
dc7266db6d411cbf91eda77d216cb0cc850df4ebd2038cd6f8c8e213ec0792b4

SHA512
551e3db39a2dfc5e687e06aede2f7b6f17347e9a58e3d19e0908140ec317e0ba43b49ca49f8479c7624a3b6aa3ff20a6e1989fc31936b5c07088cebb02ed8c43

Download Submit
/data/data/com.Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
84ff830a4054ab5b013da8cc9308b2a3

SHA1
055110de001582f757caed8deb0ba030f9b0480c

SHA256
2616c9c6c122439a632f84fe21e219c35f765e775fc2691f7b1b15d98c77908c

SHA512
d0184af5ce372e93d5cafedeb6327addd336e07e0e463749ef7946905924e2404678440e344a0345200c56cacecaf59ce1481bba145a9df13bd920f5d98e157a

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4053faa649bfaf416d3eab5fa2cdc82e

SHA1
1df82b121d411717558d66fb5c4c6fab9d74ef12

SHA256
58ac1cb0d1a4a93c63b6128f2dc2a72ed3bf8094f237e5057a98e70a97911451

SHA512
2a99bd6a667cff779922afb8be24e1e736487ffa6faaf161f0a2b594dc4d3e04e92192bf3351f96abf4ccc88c1340573eb02d68abc8fd7c19e49aaefa09d0357

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adbb8aeee00f252731df04a8dfcefdb8

SHA1
1f665a9d9f47b85465724913fec5e7457b12452a

SHA256
8e1b9610da74462b52d955586a1dfb770569e8bb0f5521a5bd3b0c4f11f7b30f

SHA512
5f589234fb3080a2b30f4ef460443546627d96d41ed181ec4bb721a34dcd44f0534d6b0fa6b2698dafdc4806c75b48bc29a4a838b8134f448e95e80ca2f8aa3d

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
014edf8a75e00e7b0819a49f2c6ac154

SHA1
73424cb31464edbc7929d7b49cde7a07d0b0a17b

SHA256
582ac80804562f908664fa784f6eb85036cd9020b8595b39b761a41eb61860bf

SHA512
dc8af52a5dba21a648affcb8e695bd4b552b3d78cd184217932c8f7584ab306c9ee5da7039946998ed92fd29858ebb7e9ab1452c0810df681826b0ac532dc22b

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
6904d042038645b13de8a7b727522912

SHA1
9ac38250c512c0e8cd81ad433a2d40b568991a47

SHA256
75637d7a4e608e1856e97865b22fd78c467d60806cba2a3b09d450da85357055

SHA512
4ce49c2a0040df5c8315056a702ebf4d14b68e73e3fa797cf7ff5941d03e1d17f9dcbcdd862a9257680d81f757dde496444d4e01ebb75f4636f38c3119ad82d3

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
80613c061ae51e02eb4ea1c04b77975a

SHA1
6295e79ef41ca18950ea9cbf4c2e334c41aee5da

SHA256
9e6a4412a5197332c715def75171b972c0bf133cee8488a6738dd8107d434b0d

SHA512
41e93e393d786e10378551540cfefb42be0c653daef6399bde816bad5c09ffed13fd25662687488b5612ba80101e3189bed6e0ffcc9147123c55a5c8e393c09e

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1b45d747c26615a060b548a9a1899b13

SHA1
3c350df7eb6e11a5aa4a3a31e99e192575ead07e

SHA256
145e6970ddeaf53882e9b020315403a7772c4d551114230d5d82f28c375ef62c

SHA512
0db2dad019f9bc329da1bacf4954d798e82c9bd355717735c8607d641f198677990076cb09606c85d60a78e4c73550510c5849c2920ac80dccc352f9bc20de44

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
831e96eed3ed32c7feb7fed4b529ed29

SHA1
702d67169105d20477c0b0b5e6bb6810bfcbe86d

SHA256
29d82cbd70058b0aa127362b65b0a69c4cc939c542e4433a52ca478bd2c3f217

SHA512
ca9e3f50e49b9da2d00c7b5bd50fcbd76c4798f1b2bc409e0b48bb00c26a45792768468384e233621b5b29059509680035e2d91082caa4f06e374aab998bb018

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
dec8636f6f8199dd0c6d06202cb395c0

SHA1
1143e301b524446d565122a60dada25808e9a71b

SHA256
3c2dbd47b40fd627e4f1c0ac7ffe36d8d2b5689507ec90a812d935927a74506f

SHA512
67fe04f1f17beecf52aa9fcfd220a0279fdd0cbc7fa36a93218999c65625295e2c7eaca04cef81e85d819fd7b370e18b04816b71ec39263a4ee5edcd193c55c8

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f5902b9700dd28bc9d1f3f36fb424b4d

SHA1
6e2b45246a4bec65e342f810a8322b5ad0cdf5d6

SHA256
1646ce6cbebfe14e885395d0fb523ebe43c2fad5af98163197376e22a357be35

SHA512
99d06667d6790a5f994ac4cb3d0b3805e8dec70b85909ac45557f73f061b48937a29226a55d54ee18b9a4e2d4abb353dc364dadbbc68d58f5bbeea1dc14c584a

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
44edac14f0ce0d4c42b4a0ed46eddea6

SHA1
7adfb23edec29a8d404c2b1e7eec1f97324bdca9

SHA256
44c3ff5fb5bdec149a33624323b68fe79eb144ad4c94b7896233f1d4ca5a4144

SHA512
c08b8d15d00e9b4f48d79e1673c8d1c86b3b25c5365b29ab164a4783631f86ec07552600fb493ef29d5bffe133ff6fa3e56c655e6d5e0f686a5f3b1ed673bfa6

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation3397901386272123631tmp

Filesize
570B

MD5
0efe5db6d6e8513445fa160ac2ae57ac

SHA1
40606b9ec403dc9bd2a3cf5a657651a4f56b856c

SHA256
160474fd24ccd0691c3885293e61e76eb214896879f9e1db278baa76f272cfc9

SHA512
179d0798cfa2484be0c72f75a3bb0a1cfada789d5abb6a24b383e9358cdce7cf3c2232ef31b1c7a13c851e917a366fc22cca3fe79ed737f9e199b0bba431a5b6

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation643572764685335846tmp

Filesize
90B

MD5
5101ceb097b24267784faa0b56a507ea

SHA1
985b42fe1e5c0885a2d3ea3ef1af54523b69b7af

SHA256
33970adb1802259e14df1c5b739aac340e9162a102d2e6660348beb7f54ed5a8

SHA512
c48de6636d9a4552adebafa708a8b47f539169c719bbefa09962d2340ea0889d959e8accd20e04338b6208eeb995adc8a804fd16c4b8b7b422173668f8b0e880

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads