c7a9b0cc0bd18ea5c4b7ad861f3e666117e1189e942220aeb78f4b8cd51d90d2

Analysis

max time kernel
1s
max time network
150s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
04-11-2024 22:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c7a9b0cc0bd18ea5c4b7ad861f3e666117e1189e942220aeb78f4b8cd51d90d2.apk
Size

3.7MB
MD5

3c2fec1610ce340cff4e617bff092482
SHA1

67bc41330d5fdbf80f8550183b8b4685be0f131d
SHA256

c7a9b0cc0bd18ea5c4b7ad861f3e666117e1189e942220aeb78f4b8cd51d90d2
SHA512

a9e16688a74115b5c5f086f59b4a72256d260cc2b20009ef2ec2e91ad917ab66deb664d21aa88f4db11958040a3d4c51c1a35c30167bf296e39e2da404dbb1ac
SSDEEP

98304:vWikM2RBN2MXr9SeM0oQmamUYY2nspho1PW/E5koS/1xfY:vzORv2Or9SeTohamUYY901e/wkF/HfY

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.windpowerlw/app_dex/classes.dex	5097	com.windpowerlw
/data/user/0/com.windpowerlw/app_dex/classes.dex	5097	com.windpowerlw

com.windpowerlw
1⤵
- Loads dropped Dex/Jar
PID:5097

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.windpowerlw/app_dex/classes.dex

Filesize
3KB

MD5
98d02837aa6bdb8bb645d310f604e951

SHA1
2e143af157e223e7f64ec8998a9bb0c09853950d

SHA256
840c2d23a61b52ab28157d89b8beed80749611a5ef421301cc7e76c6a3bf1f9d

SHA512
ef31b15f5ac3f6aa740b071d07f2ff9fd7b731b72706d5d904307911ba85bebee4d8803d978a29b4d5d425a41930d4f5f0fca54c10f1c73b48245db22d0179de

Download Submit
/data/data/com.windpowerlw/cache/classes.dex

Filesize
1KB

MD5
6f3c937b33d0840584225884a2b03270

SHA1
959e14964d3085d43fab119d5f5ff2cca020062c

SHA256
aeb3375564c2d9df98d81436687e4b068e39ddbdba7343293dd2bc7a0e92859a

SHA512
578f26303fd7a3d4961eed8cc51616f2fde809f4ae7df112981d61a1ba694fc669e35e26ea48721fea090e2b15773d0691dd87480be988bd8fada7ecbcf5aa20

Download Submit
/data/data/com.windpowerlw/cache/classes.zip

Filesize
1KB

MD5
20d29d10863ccf104c23aba9596156d0

SHA1
07d3bf5c6f353ed56773d6527fdc4690ea5f5237

SHA256
1c408ed5b849eb55213c1cb31bedb685b51160b121d0f2cbed407c77b85d11f2

SHA512
71c7fa8d4ace35c0a3c15674e3aba1bf5c2eec4e5c2f037d99f217a25b20eb18577c2fbe44485e917db3d7fb7a9669de4f80efb9916cf318352a608b2da892a4

Download Submit