Analysis
-
max time kernel
47s -
max time network
137s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
07-11-2024 19:47
Static task
static1
Behavioral task
behavioral1
Sample
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
-
Size
2.5MB
-
MD5
ac7458e2fa4fde4a6c8c3adc06a5f4b5
-
SHA1
bd30371b52fbc067bc29017c9effe30bfbd5aa89
-
SHA256
03ead8a86c4bfc846c7472972dceb853bd06bbb4c65f967a7b712e022dbad6a6
-
SHA512
dcfb2141ea62d75b02cd3060ce39c5190d22fda717e7c0740376655b7ad41861e3131167d83d7ad817e9f1419e653cdf140af0cc9d3c55f21c189f818e20cf25
-
SSDEEP
49152:FxOZOK5Q+q+XQvqqztSxliDImn66oiGDXpNpd2ZrB8HEj2Qo:oP5bbq4mn6hPBd2ZrBcEj1o
Malware Config
Signatures
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Reads the content of SMS inbox messages. 1 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process URI accessed for read content://sms/inbox COM.TUUURAHIDDENS -
Acquires the wake lock 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call android.os.IPowerManager.acquireWakeLock COM.TUUURAHIDDENS -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo COM.TUUURAHIDDENS -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone COM.TUUURAHIDDENS -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call android.app.IActivityManager.registerReceiver COM.TUUURAHIDDENS -
Checks CPU information 2 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process File opened for read /proc/cpuinfo COM.TUUURAHIDDENS -
Checks memory information 2 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process File opened for read /proc/meminfo COM.TUUURAHIDDENS
Processes
-
COM.TUUURAHIDDENS1⤵
- Reads the content of SMS inbox messages.
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4263
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5b34cd6623e2f6e7a5fb96aee44f56f91
SHA196bd693c301dd987309379bf23a967fb3c8d0f44
SHA256b1efbe03fab6d5a97baae6710832f9b45f7bf6f54eb50979ba8b94684d9fa680
SHA5128565ae8a66cbefed8752a68a3ba2cae951e099a469bbed89b772bbc73bd35d809363212b31275b9e6ea1cab13e7d0f7fb5097765a051f7f9c3e9f8dc4269b36c
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
68KB
MD57f0cfb074a6bdd424bb7c76d251ae88c
SHA13fef42b40a6f1cd277b77dbc6af7a864c0de2c31
SHA256362b209d6b0a08bcb544f934e0cc4c139372c43246bcc356204b713daf930177
SHA51249e9c36eb10fed38d31865c6ddd9a340fa45f02436930811eaedb584f50901064d9ff511de2dd84401c40aba954aa861e114965986fe0cbbe4a5a38c258acccc
-
Filesize
90B
MD5aea358fa76f4ed1ce460da3572f25a88
SHA1212ea3f20dd957a86c8c9017a5fecd0ac87177f7
SHA25638dcc42ee7d0d4b14778ddf0b7df285dd89ceffb91f2132716128a6178743c83
SHA5124a4f197b2da65e94b82b2fb2f29eb55b4c9ba772588b56145a5553e234d8236382c563bba7675af206b6b61062f28d8a828a1777fb49275cab7e3fa552138f45
-
Filesize
569B
MD55d48659e895e440e5b2f1a9f2f6a25da
SHA1f0f3566f0ddd828ecb41f7a766b093a1a689dc68
SHA2562036a6940b1ce931e701cc2020f17372654aaa60e3f5ec3d806a6f54f7f74e0d
SHA51229e490dca8c4e738670e2a24aa3e45dac7efb81b96379b86fb75ca3b77741cf3869b5fbf09a145894cce73ef2a0c6725b29cbb48304bbe2d32875ba435b1b691
-
Filesize
512B
MD5084e5d079c2b005000151187df93713b
SHA12d2427b0365fbb29603b12d58ddf5c2648ee7d79
SHA256596b38d1735569c6606b13ce9e88e45229ffada9860f8e5fa29c1b2c28c27f9d
SHA512b8d2f16eb876d262e84732ad753f36160adf5edea22b757bb05b8fe278110f6b7719f578c1e187e696dd79654a6c3426173924c57e22caa30730529a20bc7c71
-
Filesize
108KB
MD52d303da07e439f96fb5f48cf25323562
SHA11762b092955facfe0d3f4a6507c657aa9a156fac
SHA2562442ca261cb911f19496bcd648a4393cecfec84410be92d51ad8ccb6b84c513d
SHA512bbebcf8b68546c2c07d7ba92eec10982398bdc35b26ecb168439a1c149e11b724ec19067ca2000079af691368c40b78bf4aa0aee618a03b6910d60d27236f8b1
-
Filesize
16KB
MD5ca9454307ed6917fd972200225fa5b4b
SHA1083031f26be7b5cf1a396d9d1e05d8a880554382
SHA256d4425b464c5e03b40cb6d48fadb5cb70b9a32f2b8a35a08911b49cc6d9ea0b13
SHA512444ce09415224ef4cb5e6afd4156e77d284f2c6b369a888a8c27e6ab8cdb8750be98c318bc6b093c400d8522220287b5dff59aa45386324c761851147771ffb7