Analysis

  • max time kernel
    135s
  • max time network
    141s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    01-11-2024 02:50

General

  • Target

    am.apk

  • Size

    20.5MB

  • MD5

    7fd2ef1fd5f1d60a5f058a60c39ed3a2

  • SHA1

    3e70240789a5eb05fd3b0abd11d54a0cd8d7b2a8

  • SHA256

    cb638b84f41c3bdb88e14a3f11f4dad99896562149c6e4963f40e8f4ab4f088c

  • SHA512

    965a4585643af6701fc813d583f59f3bddd5ca7ced42d2429a6751576a6e65cdcec03e701dffbcda1d75d54e7d8ae6e5827b3f6f8d338176cb9b3e1496a7c536

  • SSDEEP

    393216:R2h6it5sJA35z7A79L+TmN1mbgafiubcQZTbbT9i/zVN2I+TXRxMKpPbNiRSKcsY:R2Y6SJA35z7c5fbmbBffcqTBi/zVN2Iw

Malware Config

Signatures

Processes

  • mbxaq.yntvh
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about the current Wi-Fi connection
    • Requests cell location
    • Schedules tasks to execute at a specified time
    PID:4473

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/mbxaq.yntvh/[email protected]

    Filesize

    1.2MB

    MD5

    336921950a9f279733cd787f1203d73d

    SHA1

    cefc36a7c17909054cf2a507b34f545af96c0e36

    SHA256

    c6f157d3401cf969f57b4d102e14fc097676f11cd4911a68a3e08cafaf2aa94c

    SHA512

    6fa4f733298e00a8495648b623c04a5a7912a6a5af26089749e9ad26f30e20ba8295dfb901084bbf7e6976acb65ac78d7ce7a0037b1a4044ec5ddecd29801f87

  • /data/user/0/mbxaq.yntvh/[email protected]

    Filesize

    2.6MB

    MD5

    14d119c585aa69bc93fd850ea385e139

    SHA1

    3ffe4d25d73df06b1124750ec768c8c5895dfa55

    SHA256

    264d3dbae3c9977067f877e6fbc381970059016818da052dc74567c4f2d03f7c

    SHA512

    82e653db6831a0ec86180fb61368cf8f68f50a326998ac3fc99e22070bf52692428502119fb40fab281b3b32ed35d44e454ebc481529d068032aa3f131d95699

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB

    Filesize

    124KB

    MD5

    f15335a640f24813c9b345c99da7e16d

    SHA1

    a0e7fdc85b3c1420bf342676be577f146f5dce49

    SHA256

    6baf6ee8c7c503ed9962ff49957fe3c0b707171d1913450d97c84856a6ae31b9

    SHA512

    5f51ec199de29b23e398d143c4f0faf58ba655a4f455ecafd5b6303c0ef428f3165f5db49daf4697f1dba3033da51113730ee5ad158a9ea9f8f6b9a10b044f19

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB

    Filesize

    96KB

    MD5

    d0f69295be50908cec98905acae7b14d

    SHA1

    c497011d131238398a839864030c8a7b6d529091

    SHA256

    f95066cfea4e7a87a41b48006e95bec120c1c91df3f597d92e7b587b99282133

    SHA512

    e6b553d88ab0627005e4175c7b264d95b83d6ccd2366b8a03a6179965cf65eb8e9833747ee653879d377703ee0b8e91bce6ef32d8b8ec0091fe711561cd71d9f

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB

    Filesize

    96KB

    MD5

    2d1914d5d42dc9ac672e3a7773f7690a

    SHA1

    dacd6300b859e64a924db9d25fb7bc3d01980f4d

    SHA256

    9afc0d13b2119fba27bb6dd401d8c29ac6b9e8161c663d1bee8912bccae13674

    SHA512

    dd7e7cafe7ef61a393c7f44b371ea3967198b820d2f500f05070bc40d865b90c163c837e0e4b7f44be52f58f27ef833c7c156e4fa2f162c7d54b1bef68700c7b

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB

    Filesize

    96KB

    MD5

    4a605bc38c8caae96af3943c58be9951

    SHA1

    8578392e1d0824e0ba695ba7594ff449b9fdf0d5

    SHA256

    650248d04cedb349f19ca5e3c4093224582c212f2abfb535db2447c9219d4396

    SHA512

    ec3d2bd9628032cce23b1d476d005bf01592c275ff4bedfcea80a6714cf4558e60195d050edf625b72ff4c25b6e066a920392071eb805c804bd35b8ee01230ff

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB

    Filesize

    96KB

    MD5

    e8d7e1ba1d860f6aec5fbf05b3db5fbb

    SHA1

    e5d7b1f760b607d9ba0d0d5712db0d3935a822e6

    SHA256

    27d60723eec2e3e47b7664f142a21d135d60c822546d8ff0b38117b4451314d8

    SHA512

    15980d308056026f7f9c0735b1e5831f82a052618fe690ac559779776ba8e2885f4e73f4152adbf2f432de854742bbd8692642ed997bcc1a481da555eec65e98

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB

    Filesize

    172KB

    MD5

    42f9ef74198eb548f2c9fa98c0da73ca

    SHA1

    e49323e95f9ef88b588f2c19ee37b5eda531b57c

    SHA256

    50d138f3764dbf3f5ac559929e12a5a959dcbdba407af8f9c55e763c320f7c08

    SHA512

    21c3f8981c38e4ba8c380f71ed1da0d6f508e2e9c5ed01d6828288634f4c91cd99c2102aa24c3b5f0c16802518845a92acf7eb24016eb6ff354f708ec0186108

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    2344c94f340e7ed083e405cc04a7b16c

    SHA1

    989e2af2a7322eafb0fa812ef1936041387721ff

    SHA256

    f4f19e5c677d2159aa229593c42ab0b44b693a703b245e82eb3c74d1adefd508

    SHA512

    3f87c85c54962630f8a0f3273561ec82a6798bcc4f82603d3a5f48a6f505187331dfa15f488f5e33a84406cfe7b0b0c9a3515afe9a1a8d56295d4bd20a8cbeaf

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    4d2956ad28fbcd60c506368e01abba25

    SHA1

    68d90cd03278af86bc553ade9cfc17b6efb8cb60

    SHA256

    0393507c29a9dac5175bad61fbce8f84b1a88d43db5f50379bf3d6b1ada3c331

    SHA512

    0d3e5de03af6b5ec8b62f2be3e012ceab601c1f5e3047a4edf7b53b60bbba16f686957a4b0ee0906132d5352a8e5d88a826a66d739a241b0aba6fcd9d7a8a648

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB-journal

    Filesize

    4KB

    MD5

    2dfcab391341d2a420a06f45e635cfa6

    SHA1

    a18487104d6a30b2dd330f270c472107cd9f2834

    SHA256

    9612e7986e3ecae3f8aa53febfea07f349bd84c11a8f63c1a54ae17438d71ff9

    SHA512

    5b89405b7525015a7ae83204ec70908f35b0484ae4a79b71ac5af8c3a27313b047e9d09548fef8a49598cb17332eacee80f222d5cd730c8ca3a1412616973f0b

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    d83744e1eb8bec06871bbffbfda33c94

    SHA1

    010f61c00af398072d2e06a7aeb5e632d7a221e0

    SHA256

    0c71f2796dbd470d4764cb54e474248464ccd2b5e30f1bfbd8679b905ea5547e

    SHA512

    c20f421bd55e0359cc823410551106a081fd6a8d828451c7468af3929d69b00911dfbf971fce2b1f94b9b4fbee5f2b12688ebba86082e7f47f99b3a07245487c

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB-journal

    Filesize

    12KB

    MD5

    18e85dfa776cc3c49bf8b4ac66c85207

    SHA1

    289298d772f14ebeed2056e86a07b0350160384e

    SHA256

    3618ad26032e2c68bbaaced7d937bed46a2e7c701b9938489b663f64c7e3b60b

    SHA512

    11e4d9833b8719f43b4dad93b400e9460ee9b65a3ab6e42623900e395905e72877495d48c8bb08d513fc2f62827913e1a87a4e2a403ee4396d4288f9cbc87d21

  • /data/user/0/mbxaq.yntvh/databases/SettingsDB-journal

    Filesize

    24KB

    MD5

    8ad20028da4ee8945d24c4e0fb5be8ae

    SHA1

    1fd3fc593433c0a3e258e598550b2f2f58de59de

    SHA256

    e9d7deb595859ba43937acc9ed99f19dbc5f8f113cac1fde1e6de991d987dccd

    SHA512

    27e884cb013647132b7a2c1b158ce000bbd565c68febf9092f0df8cb132346d699d4257685807265734f4bbf1b428c2ff0f4802d5c8029916ae0996809590340

  • /storage/emulated/0/.am/dm/md/main.md

    Filesize

    2.6MB

    MD5

    4e82cf256563b75bdc46b358b34d9c5e

    SHA1

    f648e881385bf8eb5898001191c338df3f0c6719

    SHA256

    2b65fbbe30242b1c4f99ebd3206a1f067455c75e065ca2a498779a1b39ddffc6

    SHA512

    3f5171707433cff82e55a867300d4017e0bfce89fa454b3fd4aaa0ab0afb4a9578f235d6538635520017b1fe45aa80f0c5dd55f0aed71fee5371782d2a664bc9

  • /storage/emulated/0/.am/dm/md/main_tools.md

    Filesize

    1.2MB

    MD5

    51112e0a7f7962a8e02bc885025414ef

    SHA1

    40622959af4fe349d8881c885b9b30441de8804c

    SHA256

    2b089f76930214706716aceba0bc6cefe6e132d14dd7d0a7c59eaa4f90f126f0

    SHA512

    f02971a0f493fb72539381c3d1503d8573e8bc67f147014f443df8c01e71bb28437f832c5702d25a8bef2c34c64fb1f46d0000523eed04ea7981186ada22e402

  • /storage/emulated/0/.am/log.txt

    Filesize

    172B

    MD5

    ec86a99beb11d86c91950ab0fb5a7ef6

    SHA1

    e6a4a9766080f2bf7cfd9e1dfe6ad56c9210fb54

    SHA256

    dcee850725b878084fa360e5f8d9156f352dec0b5eb539898b969462c0bae8b6

    SHA512

    8b0d359f54f0017da1ebefda60b01c6bfffd9e579f86d322f20beb77ac55e1c15352c5d76c933c5e612a84a21c2acaa859fdbd509797fba61c4de50ad7af427f

  • /storage/emulated/0/.am/log.txt

    Filesize

    151B

    MD5

    52a690daa8dad532f3e8455b6e48bba5

    SHA1

    9f2a7e747521a64107bea10b75e99afeb3fbec5c

    SHA256

    60a2b901bd9ab895d52dca9fe22baade7b3871c9ae7a308671bb5e102139c5ca

    SHA512

    a69479790adc1054a4488168c80b936ce673cfd9691ea97788d9f1dcc7d5f4ef79707019eee420ea3db9db7be2d30843eea762037515b20e936aa0fc24580b58

  • /storage/emulated/0/.am/log.txt

    Filesize

    4KB

    MD5

    92513e9516670381867eb8e721838b8c

    SHA1

    ff1ca24d3fd12ef56906eae32937f3466aef89bd

    SHA256

    96b84d4a5c5d4f7bc54efface32cbd8fb832012e2eb6f3f4c160834a5a410d05

    SHA512

    f4b304198c03881a14bdb04ab0ae818c7d2225f5883c88ef7d03ceb2d2a5fd72e3870f598360f73c97deab63cac35db01cb16b87be9c356a780722ff648be9c6

  • /storage/emulated/0/.am/log.txt

    Filesize

    63B

    MD5

    0df0dcb29c79f7ed329337757f6e6f1a

    SHA1

    183a860d91a3c61d677cf2cb509b474df8d133cd

    SHA256

    2a491510fa37cc94bf84f93964e1076195cf166a4a69de0bc715badf207c901b

    SHA512

    7eb1c5d378f1948935208fa30f7a6b55b9908a42c5c22f2fbbf2ce8b8bee0277c8766f26dcb660b626cd6ab54345281b4769b7414804ce02d722f87a1e2a0e58

  • /storage/emulated/0/.am/log.txt

    Filesize

    71B

    MD5

    cbe0ca744f77bfdf8e2b00c054e90d6e

    SHA1

    d518c0e14e4aea1709de37f4a0e0c679b7b12e5a

    SHA256

    f92025de968f650bfa08a103de8799b9f591e40fbf9279c1285a66816e646e25

    SHA512

    ff344ba6bd7c9334d4bb7e109d82a7dd23c6af52bed53eec7b66faff940052822362135e5fab1f75e3a3ec827a3da06e7af1e3cacfc146d4589298a833d3873b

  • /storage/emulated/0/.am/log.txt

    Filesize

    180B

    MD5

    9a5885ebcdd96de54a4435daab11a511

    SHA1

    d645bed9f10572a84b7932595bb5b4e2f72a1eeb

    SHA256

    3c6cbd6cb26621e3ed464e7fc785bc2c482100d7ac965ffa2657d93b12706f59

    SHA512

    38a0273fc940b36d2f1e0ed3f0b4066a73211533c4030853ab58bdb440432a2693618c9701534b4d135ebe77e9dfed6599d80ba5b537464675580b6731e37184

  • /storage/emulated/0/.am/log.txt

    Filesize

    127B

    MD5

    041cb1a1a08324be49aa14f4b48a3385

    SHA1

    171987aa074921c8809e5dc73e9172025f52306f

    SHA256

    287f4c2f7ebcfedb7bf83a2ff364a4d11f95496368771b64c2ca5e0ff7176e63

    SHA512

    271b01003aa6a5720d7e92066f4fb28817777a4d8a4e1bffc79fe627f6bec516811e6803adce4d3447075e88faeeb727ffd1fce9df8b6c85e953c2b3f95d1e33

  • /storage/emulated/0/.am/log_.txt

    Filesize

    25KB

    MD5

    b46b158c4a5d2157e78274208bbc46b3

    SHA1

    24b3cd74c058a6367bb66edb493ac79d77eaeb74

    SHA256

    a8dee3aeaeab5ff14da701beb154778dbff98a9e2a593b766afe398de276daac

    SHA512

    14006de6bbfde8b8330d9958e8107cfb4418ac6d18b9f8426a0d95dfa1bfe35cdc8f994f1fccf907aae554f5e848c4c09e6999ad79d7ad3d659e3c12ba73f908

  • /storage/emulated/0/.am/log_.txt.zip

    Filesize

    6KB

    MD5

    35a5a1fd9fc302842b95e536ae41bc92

    SHA1

    d0f9d0b07bb1e45ec7ea03239d027ff6cc560006

    SHA256

    004d1990846fec5a7566ddf82c76c25b22f29134a8934640b51864fa8f751c37

    SHA512

    874220557a7641f6f3f782f24945c9153d8a26b343412eb5b73981f7c6e9809263bdbe128c2617006c2210cbfce4464a866325c2b3517b9e71542c1cab1ade12

  • /storage/emulated/0/.am/log_1730429426138.txt.zip

    Filesize

    219B

    MD5

    41ec67a572fa35993398be74039b18ba

    SHA1

    b2c9aef3dcf46f4c709186ca4fc4358f4b3d388a

    SHA256

    5f3739ffb513d73ced7a4e55836edfc16c2f3d6deb99e15940a4081578294a4e

    SHA512

    cde7e11558ccdcff2ff2c6d29f611d2d6a3d0170802e876cd74d2f54cdcb72ba1d22d993373d31b413f29b8da15fb154b4226c8f8f674c3dfefb2fbd70b9405a

  • /storage/emulated/0/.am/prog_class.name

    Filesize

    66B

    MD5

    e7df819943fe4bc4d546430c0566f5bf

    SHA1

    ecb8cf618d4ba22a34cfaf542785f10bb6f260cb

    SHA256

    81c7b46a0cdc3ef14658e0dd57b54446119ebde9462bae1375deb6091ff8dc63

    SHA512

    5247c592ec6c4da81747db406dfaced508d020f0d744f3b22ee1741fb314296be71a27e8688dc195000f88d822c5a0371ef352669f626ae4b4559fd29229991c