Analysis
-
max time kernel
5s -
max time network
140s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
02-11-2024 21:51
Behavioral task
behavioral1
Sample
ae502f67782e9cc2a6e33b868f14467f3dabf126e868a8e10a68aa2ddd4092e1.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
ae502f67782e9cc2a6e33b868f14467f3dabf126e868a8e10a68aa2ddd4092e1.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
ae502f67782e9cc2a6e33b868f14467f3dabf126e868a8e10a68aa2ddd4092e1.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
ae502f67782e9cc2a6e33b868f14467f3dabf126e868a8e10a68aa2ddd4092e1.apk
-
Size
1.4MB
-
MD5
ad778bfe6c0181150b911cae0e337c34
-
SHA1
7dc13c6dcdefd66b409136bf5f80b408350005cd
-
SHA256
ae502f67782e9cc2a6e33b868f14467f3dabf126e868a8e10a68aa2ddd4092e1
-
SHA512
ea554d438fda2732b78fa1f0ff40a45065f6eba32947a49ce64f18f32b05e98905983c95c969859f285edbf516eb37dd1a86f128844f55177c21b53b7fa6f852
-
SSDEEP
24576:dy4aWm817mELfPR5NuKGdpmVfgZFrNqxD01o+oPTyEZcfPR1mjGTgp9XN/4zgdi4:naWlfjNuPGxgZFpqxDSBycX6GTgp9dzN
Malware Config
Signatures
-
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.rekezapayojekubu.kebi -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground com.rekezapayojekubu.kebi -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.rekezapayojekubu.kebi -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.rekezapayojekubu.kebi -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule com.rekezapayojekubu.kebi
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5389c53668d01151bb782f32a73e3f4e8
SHA10852e8b9c24d006ef43336827cd752bc3658460c
SHA2567a098667b5844ae20e051ff6e9a0aa5d74fd3931f68c7267bb7436fb6631252a
SHA512d8c6f71cfd020d7fb928df56c29654e3d5e6824c5decba5ea3a48f145e0971b7919a1d0d995d6182177cbccca8ec6e04f4ac5d580a2975216b54b8c172e0c5e3
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD5db249c3edd6928f763f53bab6b5e4253
SHA10ce25c1d12493282aced32c5b8393ce361e9f8fe
SHA2565fb37cb2e306197c157023cade8adc951db8621694e4c027731d86c59a8973e9
SHA5128d79955e3dad9df299b943f03453cc183f3d9598750e881b7c570681bac5e9115308b6b38045e1ba6eebf1ab44174e6a63133cd7f53cc382ddedd628dadc0da5
-
Filesize
112KB
MD5a7c3b784218cbe2ec6a4405013a327d0
SHA14fa458d121abafc84735d6c120f378e64705bd05
SHA2560eecc5761c2f99bfcc97e03cfc8195147322a9d9ef0d78f8db6bc56d77beb88a
SHA512c3bbde1d004644754c6c748fc064e011d28cc2cabb08089a8d8c37ab6406eb2984404467d1004cde2728610beff95666e0c0935d6adf81a2bbc471f96b1bda1e
-
Filesize
185KB
MD57c3e66af805797b678fd570b98ef259d
SHA17fc9f4af3e442307104638e2d7fda6f18e0a6eda
SHA2569c99ef91f02de21d36f6be49cc28cecf1d487357c54fb8bc70348751de7a124e
SHA512a26e563ec13d287b32895d048cb536394c17cd9a6a46e0583cc6b1c6486341635f2d2aa9e5dbaed0cef53ff13138b16038e1fa0bf386253cde9b01e433e5ca95