Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    android-10_x64
  • resource
    android-x64-20240910-en
  • resource tags

    arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
  • submitted
    07-11-2024 17:38

General

  • Target

    FortuneRabbit.apk

  • Size

    10.4MB

  • MD5

    ad5d1abd0b77cbca905d48ae60302fbf

  • SHA1

    5a206b1faa7b1e2faa661beeaf0f2fe4ee88f6c5

  • SHA256

    1e1d226c821b02efd9d1aea0a2c7db744c38a4be0d6602b4b4903549c45f7c1c

  • SHA512

    a53750f9c5459039b6b92c82cccd3d066429d07a5f369f2f248d789b0e2e92d1e273bc30445d7921716a772d4ef16c271a64083eea68b25fd104ddb0a16dc813

  • SSDEEP

    196608:m8aSh5QHrECCL7cyqm8aXBRtez81RnY5qq23dG:m8vF37bqm8aD4zopdG

Malware Config

Signatures

Processes

  • com.FortuneRabbit.app
    1⤵
    • Checks if the Android device is rooted.
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Checks CPU information
    • Checks memory information
    PID:5130

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.FortuneRabbit.app/databases/OneSignal.db

    Filesize

    52KB

    MD5

    e1941e84ac2269c7b1b8bb7041b14001

    SHA1

    aed569ddb068a94e893702c297683c233d841f6f

    SHA256

    ab03de5564295f5ec34e2fccba9811cff818911b07798e9e456a58309deeb3a7

    SHA512

    99124fc5347f6a7e19e0e30330c4e2f0f2d9074a0fc6a0ab7be25c5bd90d8dfdc66e8abeb1852be871dadb7a5945d7046d2e72ffb4f179c385ed7ffded33c2b7

  • /data/data/com.FortuneRabbit.app/databases/OneSignal.db-journal

    Filesize

    8KB

    MD5

    6eff7f318194b50ff4fad442b5732fa6

    SHA1

    1b8beb200096f33cc340c018b439b84c7d140387

    SHA256

    716af923457b8debd148dc48e1bc357d47d14ff28838dad035ec90fca84ce0e7

    SHA512

    8a1f8ceff450a209a5fad6301873da7eeecb8b801be60f75eadbf10e820b992a83af0039664f14df2526c9f50b9197a0660553ab191538c8bf958aba0b2cfbfc

  • /data/data/com.FortuneRabbit.app/databases/OneSignal.db-journal

    Filesize

    8KB

    MD5

    6537c02cf893440f29424033d1c1c07f

    SHA1

    062a01fc45965f624eafdcec956e41629b751a33

    SHA256

    51cfe508581b5370a3c2d332c37e346881a15f0f2417a62fc183c2ccefbf8fa6

    SHA512

    651ca3745c01979029acc1f255f24fbff965544e9d91274b481160305f211a5b4052f8ac5ce990c8016e759148d05289c63714ef2fd67b6cce2f53473136b2a4

  • /data/data/com.FortuneRabbit.app/databases/OneSignal.db-journal

    Filesize

    512B

    MD5

    f3a4bdf8e2b65d828d443b9033fe1269

    SHA1

    371b7dc9be33e98b92dbd2ce050b76f27b631c1e

    SHA256

    d837b9a1341084c97dca5115edae22ccb7db5a2db3381905ed929d327ce0f20b

    SHA512

    d1bd400e90bbb273a3cdb438ef5b50d79e5af7afdf52d84aabb5f3fe97620d692f6930b20baf40ab6b4f2f8e0e64dce235b70128d6e9eceb23bb29636015bc46

  • /data/data/com.FortuneRabbit.app/databases/com.google.android.datatransport.events

    Filesize

    56KB

    MD5

    76fd3b9655e422e4d6fea83b824605ff

    SHA1

    456a637b3498bc0a26e71fb9ec21ccafd066a29c

    SHA256

    209193d6298e38be666bf9ab16e8146a3c3646a86185c8ab634b65523f673ea5

    SHA512

    b0b3e892cd39cbf3e3119605163ece508426b4afd32c17ad2a7c3ea4355e072ba266e6fd5a60ef09cd1c7759f7385c55d3585f352cea9520ef6e0bcb1bff2ed4

  • /data/data/com.FortuneRabbit.app/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    7db735f5cc0364b33a8f230bc4a861ed

    SHA1

    3cebea9ca8ec2d9dbd4c88ab022ce543cf63e399

    SHA256

    cb985b92efe3d8ae531044d57b959da8edf06daa2e09f8ff5f8f5740203830fe

    SHA512

    c4e4a0adb0e44fbbd62c074be3abbb986420740aec28e0c30cee7f2d80ae9fc5edfec25a7133d718daef934dc9763d44507df6890aa8fac8fc64f60a4ece8682

  • /data/data/com.FortuneRabbit.app/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    45f8fe550879fcddbefd4377043bd2ba

    SHA1

    6aed99f4be60842e5406f39eed5cb613cc8a1b20

    SHA256

    55018a856cb59f5ac1d72e682e1a7bdb861010b09c9feedf8b5cd630a16f61b4

    SHA512

    547140d2c3f40c17d5717e2b1de8b01992fb41f3d2d89396dbefd36bb3a7a04200350f5c2b3508117ab78f2b28391b75a32da793498487b4e3db37ef1a69aae8

  • /data/data/com.FortuneRabbit.app/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    8d1cb144902acb6e5a5fbbeca805a52d

    SHA1

    e0d397405c62ee56d32c51ee266175b539909a3c

    SHA256

    5e6e6171368ce2fd0d33539092b4a3e6618780d1a427be9f0127785f2ea9894b

    SHA512

    ba8b7590c9f54c2e9c9f4a7d5242ef30b9d477bbc7fdf67f43831e16582c62e295b459a5471ecf2212c8f13e02edeeb4149943b301935625101d2dfd36cedd6e

  • /data/data/com.FortuneRabbit.app/files/PersistedInstallation231369749618151900tmp

    Filesize

    90B

    MD5

    b058ee07dfbca00dc56a63ee505c9012

    SHA1

    0a24af53fc2cc9134eb5e5ca0454701949ee7668

    SHA256

    ed53cfd1f92aea18417f6b00f1991cc86d2cbf28cb24d13b5e8e386a9346a4b0

    SHA512

    9fd4c5bc933b4bac0d3a8eefecdd0fdecc0c6aec8cc7059520a2e1fd94568cad96993cc2996c4598dc83aea3d8344c2c4d50b4b399c7ba7b1e3832eca3d282c4

  • /data/data/com.FortuneRabbit.app/files/PersistedInstallation9118064939458207198tmp

    Filesize

    569B

    MD5

    a7530a35021ed9bd41b7761506b51966

    SHA1

    a76dab0c0d446526d01b83f756f3e38a0497183e

    SHA256

    9df67db24e3aa7bdf09e56072c43d1d4b0d94d3bacb1238c057f3ef527ec1226

    SHA512

    b0cefba77b62d0499d581c5c16de2e04a74130987f517e9595101bee35096a0fc9b74a7a24dcc8e1f0164f1c736b6605f52344348e20243a6bc409d329bf6200

  • /data/data/com.FortuneRabbit.app/files/profileInstalled

    Filesize

    24B

    MD5

    4dba393390e1f376409fb6c190f0ef6c

    SHA1

    f3d7d11c08348f5c7c0646096c7221bbd7852554

    SHA256

    2a5097a356ec919430b5d968ce05ad9c9d5e0b8c6ccb748c11d4a581a07bef0c

    SHA512

    3639b629050a57ad7c5354adb14b602a48436fddb6c19a6bc6838b0055285b3de7b1cbe7869bfca677b128d3cbf4d1ddd0a3882fd5ee9f6a208e72904fff011b

  • /data/data/com.FortuneRabbit.app/no_backup/androidx.work.workdb

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.FortuneRabbit.app/no_backup/androidx.work.workdb-journal

    Filesize

    512B

    MD5

    9640d2355d37ad389284991d9e1fb1c0

    SHA1

    74d594606b2cd31f71802252c23c63d3486a6f5a

    SHA256

    5621fb956f3d1c4e4b94a419d350caf0b18332d5877ba6d6cc0e2fb8f0b9c5c4

    SHA512

    7fea9fd5b195e0d1b735afacb4feea53c474d4b8417ecdbf905a38f4cf45d734e7f3bb9709ce10308e1d87a3cd5104f789189eb080157ba9d58905a315a82016

  • /data/data/com.FortuneRabbit.app/no_backup/androidx.work.workdb-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.FortuneRabbit.app/no_backup/androidx.work.workdb-wal

    Filesize

    16KB

    MD5

    5d0d064adca9f08921a20c966703622a

    SHA1

    b3fa8d3e5d0db41bd91ff3cd4db07be2185cb109

    SHA256

    87e3dc0b013a1d3dd1a18e586db95ba34db93124e8876fa799555bc01ab859ea

    SHA512

    7cf1f15f5a860001354cb2ffc766c1b53d7a2c32e140cee7dcfa82d54da0a64ab45afe4b92f9f5863453257ab91ecadf05005c9e827d79bad98ec74d1672b59a

  • /data/data/com.FortuneRabbit.app/no_backup/androidx.work.workdb-wal

    Filesize

    112KB

    MD5

    e7139ee7a840bdfcd83e4948a1230597

    SHA1

    0016a7227666e44e7b0db9d79755274f8e147d72

    SHA256

    5343a182ae19452058b8b6c040eda3c515d71adf750d1aaf21738d2e6f335817

    SHA512

    46c060bc8caadefa52c7c0f5af020908c3bc4422f207a86ef787b8c55e9d9e09905cfe8452a125255cceab0077ebb931a804fe73e71e59c203c870e50cbebddd

  • /data/data/com.FortuneRabbit.app/no_backup/androidx.work.workdb-wal

    Filesize

    193KB

    MD5

    0a4ce5e193d1ccc500a143a71229c8ce

    SHA1

    cec17b74692e4186907984c5098969185948d26f

    SHA256

    cff67179b99aced7498b75d8b40f2f3d8794d37f65eb9b34bf4820d767faa595

    SHA512

    aaa5b58b6b2aa5a035e475d3214c63835f2e2aad12fe9b26e55e7399f54def17c6660c842f36753cbd6b113017662edbd78477ffc3650679b4d7857011a09be0