Analysis

  • max time kernel
    124s
  • max time network
    132s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    07-11-2024 20:22

General

  • Target

    6ecd1e9488a3a03950a92a13f86693711954cbcb20a2c9f4e3d0b0cdd3e498ec.apk

  • Size

    23.6MB

  • MD5

    eb6d6bb09deec48fc9ad473075c53de8

  • SHA1

    1e5074cfa0456248a3fba759c27d22b7caba4d85

  • SHA256

    6ecd1e9488a3a03950a92a13f86693711954cbcb20a2c9f4e3d0b0cdd3e498ec

  • SHA512

    6eb10379d325a808ef992474dd1e08376001f2f54929bc390d28e9482f2f56305519d44eaf1411a42b253d540c64bb0009a82db8da0e7529e5e9d39310d889b1

  • SSDEEP

    393216:QgHIDkAvF8h+7ZmNBMPYsrtHRNGe8TXOA6l+iF0DdVNEHUiNh4lk91DJ2htIYW7y:zo4Ad8h8xwZTXOjl+iF0ZE0QEk3FYtIG

Malware Config

Signatures

  • Queries the phone number (MSISDN for GSM devices) 1 TTPs
  • Reads the content of SMS inbox messages. 1 TTPs 1 IoCs
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Processes

  • com.myidentifier
    1⤵
    • Reads the content of SMS inbox messages.
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4243

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.myidentifier/cache/http-cache/journal.tmp

    Filesize

    36B

    MD5

    37e8e716e0e2f4a0b05cd9571d95b84d

    SHA1

    f8d068f6931707bddb8cd69f706f2224ad1fea3c

    SHA256

    7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

    SHA512

    e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

  • /data/data/com.myidentifier/databases/RKStorage-journal

    Filesize

    512B

    MD5

    52bbca7b4b6d3d63e53806ed9dbdcdc9

    SHA1

    45cf286032e945944dc94888ce182d45996cb9af

    SHA256

    75b19bd6dba632eee555f3a04b80c13c1af408ef3fb6e953eff275fc8579c219

    SHA512

    921a6851fd84b7e53698fa78d9fdbbf1ddf1347d6f0889214725ae6103d8177d160e686489802c860127f4a0b5a018241b498262f38a1af6c4f5228ffe788128

  • /data/data/com.myidentifier/databases/RKStorage-wal

    Filesize

    40KB

    MD5

    029f5b9782304f02acf5ed2b6f7d69be

    SHA1

    9f4314bfc25d3480889c217dde1123364fd6cec6

    SHA256

    b8fd3862dacb325075294a4fd7a11033c9ae42d5973d82440f045b370d882df2

    SHA512

    783924066d0e4a2b84722e1469a5740bf87020a8714fab8e4ece0c97edd6662173871173d7dfedcca79287c8df633ddb8df29c5c836fa13ad87368988522fd16

  • /data/data/com.myidentifier/no_backup/androidx.work.workdb

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.myidentifier/no_backup/androidx.work.workdb-journal

    Filesize

    512B

    MD5

    e20ad2b3d0c9f494a69ef49be54a12ad

    SHA1

    55b729d168396c186cfdcb2f9606110ebc5ac256

    SHA256

    8dd7f6049fe3b26461425491ae0a9361a56215c5b36dc9011b5b75e91cb11890

    SHA512

    ca5d639121b800bf205f9df66431def08fe780870394db589d724c8c56f1216f672da4f83972034323375c55e536b04382cb4cca607aafda855b01d42288368a

  • /data/data/com.myidentifier/no_backup/androidx.work.workdb-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.myidentifier/no_backup/androidx.work.workdb-wal

    Filesize

    16KB

    MD5

    d5bbad705a2916d6126feb1ed9b520ca

    SHA1

    01d28066050512eee913b012d37c56beef6df769

    SHA256

    779bd9bb0db414d49fc4ab8b5a20ce06802b84fb43db7c09be6b5ca301c79123

    SHA512

    c716674161c48f8e767fa02ff06b96ba1c7a5276fa8a9c087a509a962644a1229f09e033995e791e976a764a8fc01a33595748c442274368dde0d83753b07c04

  • /data/data/com.myidentifier/no_backup/androidx.work.workdb-wal

    Filesize

    112KB

    MD5

    7a48f217b61cad2595afe495e93efe45

    SHA1

    a30438b00d0a78bde687f9ed8c078d18ebb3c876

    SHA256

    ca6f4eb5222fb9eb664cddd093ddd226bc6586d9e63e3c54a646dc7761b01d6f

    SHA512

    0d2fb6ec74aab482ee0ac2e152c56c30d704a09eb3246b1b4b0344aa7a621689c05400f6a4a6dfb7707892ae6264431ab2e458c11f669261be853cca7634da1d

  • /data/data/com.myidentifier/no_backup/androidx.work.workdb-wal

    Filesize

    120KB

    MD5

    f73446bf34dada1c2da237a3c3876e84

    SHA1

    6edf030848490ee554f51217d3656484b419a9c8

    SHA256

    9e5ad3d883afec6afce6ec803b7f63e473f08b3377dc88ed239a88acfe764941

    SHA512

    d038c5852bd7df95a3ad02355d37a79e7cbd937960ab2ce8a42fe11e9fcf71758d2024ba544427021604c3b976a72908e7e9fbc09b43db50d53600e9344ab041