85665550b90032ebc2923ce620112a5728d2fd33c555faf14e64376bdc0dd4a4

Analysis

max time kernel
127s
max time network
143s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
01-11-2024 15:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

IPTV-Smart-Player.apk
Size

29.0MB
MD5

d65e74e98dacf4ea14fd31112c0d5074
SHA1

a5c303990563e6ee9c5314bc60df7249294677c4
SHA256

85665550b90032ebc2923ce620112a5728d2fd33c555faf14e64376bdc0dd4a4
SHA512

8880d7ebeb603a1ef75fb6ca47e12a93e1a8694e69a11fc852dc7f64a37a1a0fa86a8aeaeda31c60a30346ce1b3f74bf29d83d7ed88b355e4323cc263ac8d9ee
SSDEEP

786432:xXmMJ2zjP4DA+Z5QeKk3rXyCmgEq4G3w5IOO9fYFn18:MdzjADN5Qt9G3oIOO9wJK

Score

8^/10

collection credential_access discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs
evasion

System Information Discovery
T1426

Processes:

com.iptv.smart.player

ioc process

/system/app/Superuser.apk com.iptv.smart.player
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

Download New Code at Runtime
T1407

Processes:

com.iptv.smart.player

ioc pid process

/data/user/0/com.iptv.smart.player/cache/1689111357674.jar 4521 com.iptv.smart.player
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

com.iptv.smart.player

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.iptv.smart.player
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.iptv.smart.player

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.iptv.smart.player
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.iptv.smart.player

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.iptv.smart.player
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

Scheduled Task/Job
T1603

Processes:

com.iptv.smart.player

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.iptv.smart.player
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.iptv.smart.player

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.iptv.smart.player
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.iptv.smart.player

description ioc process

File opened for read /proc/cpuinfo com.iptv.smart.player
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.iptv.smart.player

description ioc process

File opened for read /proc/meminfo com.iptv.smart.player

ioc	process
/system/app/Superuser.apk	com.iptv.smart.player

ioc	pid	process
/data/user/0/com.iptv.smart.player/cache/1689111357674.jar	4521	com.iptv.smart.player

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.iptv.smart.player

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.iptv.smart.player

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.iptv.smart.player

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.iptv.smart.player

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.iptv.smart.player

description	ioc	process
File opened for read	/proc/cpuinfo	com.iptv.smart.player

description	ioc	process
File opened for read	/proc/meminfo	com.iptv.smart.player

com.iptv.smart.player
1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about active data network
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4521

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.iptv.smart.player/cache/1689111357674.jar

Filesize
10KB

MD5
189d24556179c74f72678b58e01308c1

SHA1
d4ed4dc1b0fb6741c6c9434348b159dbea92e0b4

SHA256
236eb17c5c14261b62630ebdc5830f4a97d3cf0dbc7bd1de98dfd17d55474353

SHA512
27dc7bd75c982173c58d3a02e793616dd6364bbc3d593d1453c5c1cb5dc0ef560b5931a7736ae12c69486fb170ee723bf124747d1b2727a4026281dccbdae9e2

Download Submit
/data/data/com.iptv.smart.player/cache/oat/1689111357674.jar.cur.prof

Filesize
85B

MD5
3a00f4b3f70eef095de53ee7d2082042

SHA1
b97947d615e4b6b8fdce603d8b63531011dca70d

SHA256
c01dd8cb97499b2cb16361256fa20969327f6beb0882c214f3d29c0e3a0c5fa8

SHA512
94936942161d63631ad30307a880b43dbad4841089a393b87e234e4d106115d6f593e18d4bbf9569e73884d9d89745d4bc35c6fb73ebdebb3c0864ddbb39bd20

Download Submit
/data/data/com.iptv.smart.player/cache/volley/-139605349995085421

Filesize
81KB

MD5
876c05fc362c1ae8bdfab11b6dca03fc

SHA1
651777e23f41d529e0b12e9a1a23f690919a2de6

SHA256
3249a682deb93d8e8abff941cb23dd706a198794a74065800958e0635e1ad308

SHA512
8c8f1311c7991881d3f240373848227b8e688f8ecef741df1be8994f88babc22adbbcfdfdfbf4e6dc0941c040a3c3cc47bcecef4dd5c76defe8caa6013fee3aa

Download Submit
/data/data/com.iptv.smart.player/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
db705410b41e7390ba6e7c15a0e7b26f

SHA1
3734cad41305e8f5361708f4553ccf9a171614ce

SHA256
71f7627a0717711983ef2598ca917150a4ff5016f443b429e1da758422d92999

SHA512
a9a749cdfb37a339665ef4cc9ba8930a9853ca07e448514f39d372385e67fb0197abbd9895830db2802b4f9017fbb6f256a66fc724fb0729dc03c03293194465

Download Submit
/data/data/com.iptv.smart.player/databases/com.google.android.datatransport.events-journal

Filesize
24KB

MD5
bbda9d73070e02da4c3ed3093eb36829

SHA1
d563f54c48d67be7a64c8bab24341ea6b9ea4f55

SHA256
4c8ba2fd70833e41e655d162490249727d251da1e8540a6538ba7e1310ad0d6f

SHA512
00afc0a6df8cef6fef92253e1e1e2d786a2dd3ec22833566960905c11db2738d8a972a0271676b0dee7471c407ec01fbe1fd9dcf961e6f95e5b62de19a4a4ad1

Download Submit
/data/data/com.iptv.smart.player/databases/com.google.android.datatransport.events-journal

Filesize
16KB

MD5
3d8fdadb1bf2c4cd1fc776f0cfa64b1d

SHA1
e4188acefad0b87f0c9b8fa1be6653d3aaa0dc26

SHA256
faa44b8ebfed3d634ec0c32c28880fe2594922defdbf5cadad2196c37d09cf09

SHA512
2d1ec3b138e9f08852261adc936446a7c5e5a8ef55996626cacc249e56f5700814151ca0640eeed9f3787d4e27309907c1b1fceef21d1a68da5f93fb756b1208

Download Submit
/data/data/com.iptv.smart.player/databases/com.google.android.datatransport.events-journal

Filesize
20KB

MD5
0aaa7fbf7c3c2fbdc857bb1916a244cb

SHA1
d1dd912510cc409684965d3403bffe850de7f9f1

SHA256
386b9638899fa9695d01819dc660036f2db9720f0e6a3e9a5024008b540e68f9

SHA512
1587a4c31b746cbb903cb9205f0971a89db0d44e7fe467a76ace5bcfa867cddcbd9379d77b8afde22373332cf96f8c223eb86c05b9df05de0b42ed810e528476

Download Submit
/data/data/com.iptv.smart.player/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
d4b25bb1e260f074345cd709fa85575b

SHA1
5e77466d2d53dd3f6f3e9dc663bd1a12ec8d5eea

SHA256
e1717689ca2250467ffd8e777c88a00e9723ed85be358a349b35c61252ab80d2

SHA512
c58c95e74af038bc07c8db0eeedb7f5a23b1d29f68d421e56d99c67fb9d36af9e6da103b04d4dc0da4cc2778a9547c973fcc7e06222a7bf215892a3e887c1286

Download Submit
/data/data/com.iptv.smart.player/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
7126bf90c48a887c30c1456c887d938b

SHA1
92aebde816111602e3691d8012e2c275cf287c93

SHA256
4837c8eaa69512d21a70bcdf8a31ad22b678448364c31e8bed7a38bf10ffa0b0

SHA512
6e42fd9f729c081a5f55a9def1cf81760b35ed29ef02a7d59351887e23456455b411e4c75a1ccf926656412a50c2eabb04e1461e6dcc0b792e4906499abe61c2

Download Submit
/data/data/com.iptv.smart.player/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
c7ec92b23cc80645e64e275e7474ca5f

SHA1
94d9aae74139468883caa95b23a5f3028cf24412

SHA256
2a2726b224a3ba9fb7e4a2700e9a90fd924aa351f23d2df99a768266308713f6

SHA512
00a1e13c332204088c24106608cac706c0a4b4b49815c8d8c5ec769f5a089919d9192a543b308ec8f1dc291fab10c42b8f0b756dd8b485a3cf76bb6cdd0fe68d

Download Submit
/data/data/com.iptv.smart.player/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
d3998b8984ab48e432677fd6a545cae6

SHA1
594694022bac5e15c61f28794cc58e585c268b58

SHA256
be129f2846dcf49ca1ce1eca18ea9a1452204f39c6d5d7d0aaa008f27ad137f4

SHA512
d584220afe5bb25dffc5f808e430ff7d60222a806d2428260daca4fae4be325a2baf680383ec1bb976f91a2ff1150512f99775ebb46663c5fbb25ecdc742160e

Download Submit
/data/data/com.iptv.smart.player/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.iptv.smart.player/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
917d2aa5d3e0fee826667d8cb5195fea

SHA1
403722b3b5c681603d691c5c7c1b807573527e33

SHA256
f01e0ba3991aafa71dc8e589386fcecf0bd7da10eff820a36dd4fb5c804a26cb

SHA512
65bf2694acfc906f8d7cc2239e9a42b7380da99a92ae3d01b27bc2b3aaded143a221ffc4fc69525aeff83dff5541f52a56898b9aed28dae39eadd77047efc01a

Download Submit
/data/data/com.iptv.smart.player/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.iptv.smart.player/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
bcdeae6f5275fd41492aab4ccdbfeb52

SHA1
735a7551a14d4be8a41a7f030026d477064767bf

SHA256
350dad8b0a06bee0d80900dc0332071a02d400c4e0766ef718ac2ac2cbf36496

SHA512
89fb5182b3e4010830b2725a2cb7803a3f2c0c743da74ce80d3c94589a7d975fa2c4565d914705c5f6fdd0e1ef762150cc8f6fa32c306dd83dfae16c95ebfa3f

Download Submit
/data/data/com.iptv.smart.player/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
2aded1ed4db7d5ba137214d3062e9b1f

SHA1
17e04beea9b623243351e32b99bb539c3faff8ec

SHA256
5093db34ae7a93ebbe34adacb94297513b30e9aa9a136cd97aec8aa4d514d179

SHA512
42413fd05f08e525f2161bacbff9ec1c8ddeeff0a292a5b2604225af02e3d88e51a630e7076c91bbb3cc981dd546c57a8dc34aa86d7a8f4f91d5e9dacf854242

Download Submit
/data/misc/profiles/cur/0/com.iptv.smart.player/primary.prof

Filesize
3KB

MD5
f4811f5e5b937fe852ade21221e72a3d

SHA1
f247a37c85a78380a072449df169677552e60a3a

SHA256
e567a6681dbe6b771800f65260ca19bf126829a8620517d0196aeb39640e234f

SHA512
036186f97472b59fa112860451b37ebcdcff0b2813ea691f8f28f483e2ed82059a5f7f2e79c29cc79d863ad63590fedd1f60930f2c9ecd6d6d2567ae6119c256

Download Submit
/data/misc/profiles/cur/0/com.iptv.smart.player/primary.prof

Filesize
25B

MD5
b9d9e0f8902d129e1aeebff0ae7b725b

SHA1
cb0d2b4c9dd60a5c1fc6261fb581bcd3416fe781

SHA256
25a822139d06016af8be1296c0242b60e35074f94c713e03323636be1162ce91

SHA512
f158a9dc753e0cb41f71a98714ff02198c576bacdd792a6153fdaf6f9a7b52d8cfb6d09099a269d0c1b0d31e2ea5a307ea1db85115bdc6797887a6de36d597f6

Download Submit
/data/misc/profiles/cur/0/com.iptv.smart.player/primary.prof

Filesize
4KB

MD5
661133c8f498a507c4e81a7e7e65dc8d

SHA1
bf4990b775d150e69901db32f33360193ce30378

SHA256
3879ff1347e50afb0507f6ab12299c355acb7b7e35176aa4198d68b25c90e6f1

SHA512
768791ea9ed051212bae916286b6d91377bf8d462fd43be79525b81390688ebdd782d7bdb5513436573fa65f0945c53b1ce9a70c52a00016118337a6fef6f48f

Download Submit
/data/misc/profiles/cur/0/com.iptv.smart.player/primary.prof

Filesize
4KB

MD5
96b8d4b8ced64e16d3d8d05bd4f6e11d

SHA1
d08ce78b35869f39b0defc584ecb86fc3b49f026

SHA256
0a5fe3d2b5560e5921ef68cb23f0b610d2a9464914c6a78a950300522f9b2cfe

SHA512
66bf2511a9bf2558134f0407b45af569bdcc386ed8ed85ed7d88213aa832f5ae1440da5c52650dcbd3ee7c414903c5bd5b81c58a799658e58a6ace32da5d8932

Download Submit
/data/user/0/com.iptv.smart.player/cache/1689111357674.jar

Filesize
22KB

MD5
2800ad09ca14a7a986a6e8becbbbb158

SHA1
cff8d824d09296149af1f7f7ad12ebb701f4b8c5

SHA256
5b3ace2783fb2b21f30cd4e20a8645e6bd6d59347c44cbfd11141b0d9afcb33e

SHA512
c315532db47e93c406308f997b1f81876dc4394838b64f93b3afce0748f1cd1c5b5e490856e5c7be0fc7aef063c0f4dcef73de0cc1a712eebc4f80a443cea7d3

Download Submit