Analysis

  • max time kernel
    48s
  • max time network
    49s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-es
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-eslocale:es-esos:android-9-x86system
  • submitted
    07-11-2024 21:01

General

  • Target

    app2716320-wogdjv (1).apk

  • Size

    28.0MB

  • MD5

    65dcbf23b7541b3be3b5ca2a917d17fe

  • SHA1

    44a3ab6ff05a953d3e0bbb95ed76fc2d097e89ae

  • SHA256

    2e938a8c2fe83ecb18668babdaba364e9f2c9875f060e1a4adc7f8339ead3f40

  • SHA512

    5919602e487729f895741873c22e8481fc18fac31e44285eea9833f328ba035a5dd0dedcbace98e410f99ca11818237aee278178bb4ea6872608f21cf050a995

  • SSDEEP

    786432:OZkT56587OqQO43N/XOrGnaIqhENTrLbML:8kagOqQOQNGYNJNTrA

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • exercise.apvxm
    1⤵
    • Loads dropped Dex/Jar
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4274

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    7237409e0640cfab7bdbd429bf821a3b

    SHA1

    4c3da934842f8d4835dfe2a9c275a300e5123309

    SHA256

    5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

    SHA512

    c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    583d738c93b2a4c4f94233c73cbda60b

    SHA1

    a7d707be684bd49f3602c4734f11d608328fa170

    SHA256

    7a4e6177c5d5e8ce1740ad945d4874018fbd6404eb0c28a7ea151077223aac9e

    SHA512

    47ba1b33ca660995430a72c3dda872aec86b1942e910c0a9c43385c5b16798b822b57283c125f90ca1a6fa6a1148ba60e9a629727cb3044c63fcf2d258b7dd1f

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    8c0cc8262484c16d87a9c4891a094964

    SHA1

    d4aa0f8728c3bad5ebc4c6c2b5d0e2a53e2b209b

    SHA256

    b84e612aa000c1643b1c1f1c0825d5c864c3954a1157ed978e945c76d40fdf88

    SHA512

    134100577ef241f9f693f29bbddd3164b582a0cc8482032b272a4168f8db24c65ad20246afa857be8bd4827426aa68e0ea59a23649de4582165b41f6e6db0428

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    48ba67dd95c223135af19a4c3e15fdd5

    SHA1

    2d3257eefd157e43aa04ff37fab62a0f97574a97

    SHA256

    d702ef83872eebbca19565c7eaa3a668457b99951e077e1e80b45bf9bb09d3d8

    SHA512

    aa9d5c47772312739d1c1cebde83e912dc4c8bc9cff49215f4c908c3d12ba18c8720be3e6f4b14194c9239d0fe664bf0559a0002f219813bca5006a7795a679c

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    687a766635e617ca5a20ab81660280ad

    SHA1

    236fb55cb41de00476a303d3b0bcdaa79d618146

    SHA256

    19f8b012c6f29105dac06afa6feec97680ee40d836c010e58c18e9e7047258e6

    SHA512

    a09c7c47bf6469c502aa8de7ad9574697268df2cfc4a8e4e74f05957aa57ed2d23350aff4dc4e51bfc7f3ffe76bc5c5507639d945dbfc5f5616e7db1c80ddcdc

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    527dc320ab8d6b6b0504102f36988d8b

    SHA1

    2b3028bf2a0b1b76e25993ecb52185691024cc22

    SHA256

    e975acc795d8858cdc5228bab003114e1e6460b5db38ca465c0596653a1bd802

    SHA512

    aa66dbf7703abba4df52dfca8a43ab308725933b2d3ecb6811dbc829c27492f496e7184987825820282f58cee1a5f20c7d73959c8581fcddd5e0d4e92301a26e

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    b28240e129bacb99ce7c818047ac0db0

    SHA1

    a4ee3aae4c9e108075d9b41afac0bc92e8d623d2

    SHA256

    2acd3453dfcc8104af5a3500a7225c5080a4dd7fca48ec7375f7e8b3bbc45e66

    SHA512

    9ee89361d34268ee79b8a2166815e03929b9b8ec90df4e61b098460edf5680a289235cc4e0c40cc72d3eb1dd40196d97c705a75c1aed5c4ff2f2d21a0066233b

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db-wal

    Filesize

    36KB

    MD5

    d4a77ec135d4ed3f5adc818830ea154c

    SHA1

    14f1e76747cc2aaf086421550ac60e08f6936f18

    SHA256

    50422b072679e35007f521ae559b6862c592cde6fab6a0e25f63cb615e1576f8

    SHA512

    dfb0bea53a0b0a122bc095dd05585b4678ff0a2f826df3e0703a64d96b62366b76536ac2e07cb69b11c6a1f54027a61280ac1354d4ca135e1827264211b7a3ad

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    9647923ec91b5f862f945e9ce89a6073

    SHA1

    da51b7eed4a33ffdace4060953a71f9abcb39383

    SHA256

    76e7b01edbf8de489f12f036d868a55992f6793ce40927578b8e6e55b01da327

    SHA512

    97409ea770721775fbaa374bb5428412153d149281a546c830a787dbf301d13510a643a4310048aae10f857f0787da7d6c2da433ba12b8890261a37049d1e5fe

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    faf06c39cadd143b640e7a25f07d2311

    SHA1

    983d4e1d8a792a318de48cbae11579ecb4c3e493

    SHA256

    a11fddfd7c83c7008326f76a2ecac184554a33c06c2980d83b2479fe903240a5

    SHA512

    06d38822ff9c2bdba5f941a39c89ad8e09a37b139d157d30bce7f4857e4ea6ee76cc26024a35e1c40c1ea1711b7a0c7398a04639f368fa683e73d081befe68c8

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    f0c4e62b4f97da8238534e703164fd4e

    SHA1

    c5dc2eef878fcaed86b837a5abcf11dd7dd0ea3c

    SHA256

    c7c267c211fd06648043264284a1722bf8069320f83fb978443fd51b257ec570

    SHA512

    8f11c9645ba54055f72c90d187ce646bf98ead077c12188c926658997125b0dfd1fa8bbf7d951ef7f1d77b07fa7ade901771490789768a56d10c9902abcc936e

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    83e1881be84b6bb5e4205454123f5e6a

    SHA1

    6516fd817b6b7b5a1e7c03a9d5bdf5449b8f7aca

    SHA256

    730855a6f2a7827020521c2297463741ae07a9163d5a90e3908d4f12af398b39

    SHA512

    b871e785d60771f3280310d5863dec396328d3a494c7737d188c8a659ad2eaf8f3884a03f032e5c017f806761fce25c5d6460356368672475e6c544ae515a6a9

  • /data/data/exercise.apvxm/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    91612ea8590272a6998b54c5db5ac717

    SHA1

    099cf6ebaba39c4991b01d870da15ae2d1ea5834

    SHA256

    3ed41769f510a3b456675596e33036adfeb1f25b397b015ca24dcf3a23192b6b

    SHA512

    e0e3d6cfbfd679a49997d038b9a1ebae488c5064ed1c5ffca34d8113721373b431ecf4486f7b199151723cb2f826f6958434f7150f9be875060b7264f1d4d7e2

  • /data/data/exercise.apvxm/databases/mbridge.msdk.db-journal

    Filesize

    512B

    MD5

    9f67f2359d60cebf42f7b4a0c5050834

    SHA1

    cb3bf7c87e59ee5631632a29097a1a082149fe17

    SHA256

    5f993260dbef1ee0d0accc93440f564976e777e54b1b9014e4cec8df4d0fb426

    SHA512

    9fc24ea82e8dc63b2bced82d01bca40dfbb3ca2d4ac6aae39f29152d3b51ed753a292923b2a6916d68fbd799551b8697d00cc3c104d64baeee8bddeba9dcf0ef

  • /data/data/exercise.apvxm/databases/mbridge.msdk.db-wal

    Filesize

    108KB

    MD5

    c810a61615b03b33f578de0f8e8c42d8

    SHA1

    0a959fd248039a14d25794bb7cab7e46451e3513

    SHA256

    b880df597bc92c204631f0c0744b42b4f0c192a9dfbb0480345edf939d73ce73

    SHA512

    391f87c51faa27f2cdf090d1957fb5d609709b28bf00122f4d0e166e0cd2fb24bf8699c1dd2830a3ff81f92c0fbceef181a56a4cfc2a926af9ca4cb051d6eff4

  • /data/data/exercise.apvxm/databases/track_manager_monitor.db-journal

    Filesize

    512B

    MD5

    eb8bf34daeaef98101f7c90398e7f3e5

    SHA1

    fb833c95647a89bd313f70a02ee106af2b217447

    SHA256

    837934239de2fe68c64048d27126bf0a9dea06701abb1845574a38b840e5fab2

    SHA512

    a5ad07fa5e03cbb2c50a30c5d0657314d76f169bbb5a774bbd671266665791469001727a76f0327362dfb0869d9f9c9b3e482efcb47d1277f8a8de7fb52df650

  • /data/data/exercise.apvxm/databases/track_manager_monitor.db-wal

    Filesize

    28KB

    MD5

    821f7a6b209ab96c1ac7f79864691df6

    SHA1

    9700a6b1eaba2eefebfa84dba9f24d33f0eab08b

    SHA256

    e3390bc469a39f6913db97785916880aa387b2fa3580e2e6adc81df471561c34

    SHA512

    ce70f9501998601cde0b1512291ee6ab50731434f1a2a00df89b9542085c5caeff9178014cafb2fa268c8c6d2fc6c5c606259641734d2b62d5405497e70bf83c

  • /data/data/exercise.apvxm/files/PersistedInstallation617705887748404182tmp

    Filesize

    79B

    MD5

    60cfc701f6a74b41590b522f562d4293

    SHA1

    185ac27ffc35e9c7b8644f68d154dd831e5c0b5c

    SHA256

    4365673e2ce76c4dca50de03c160367da6d0649aabb82ef19789beb48f7feaf5

    SHA512

    4415226c3d520dfa170163b001b046b5af758f93b4e70247efdc6b023e0c8898415477c27eefc0286576ab00737f0a1c91d35b3295cef39237a1fe8864a5aace

  • /data/data/exercise.apvxm/files/PersistedInstallation7299353608259664070tmp

    Filesize

    562B

    MD5

    9aa7097415e0135f530a249474aea133

    SHA1

    fd7aabfc931c8f7737dea887853a419522d05b40

    SHA256

    55c5990da0b4601186fe4e2b3e96f574c3ae789231709fc250a56059c53836ed

    SHA512

    9fe0b55a5db8e196eac64b344c6e9eb8d38a6fd3d1d48ed54b6b3d2b172a47102faad8e5c767cf1288a864adb70573bef00aff565cbb76479da8eb772dbddf8c

  • /data/data/exercise.apvxm/files/audience_network.dex

    Filesize

    3.1MB

    MD5

    9b8164be4f0ffaedadc82125e5346c14

    SHA1

    c4bf7a6383958b493ed5c4dd6a19862d366fca4a

    SHA256

    8e632284c9b0180ef28e309b4b0f282ef608cfb9d9046df899d8bdac227ea9ce

    SHA512

    352b3e9ef70839d0850ff7ca4a1f19f3df546412ae5cac1243a80588e573fea6371edd4c408a2edf1b48d70a10a5cb579513d3cd38a4b5ccf4b7528dd28704a4

  • /data/data/exercise.apvxm/files/ico_notif

    Filesize

    24KB

    MD5

    c37c380f8b74aa92c7324c4db64061ab

    SHA1

    1457bbeb2d9d24c480ac2e3b568ec7312cac35f1

    SHA256

    d8bed6485170dfbb2d8485542660f2c3c8fc8136b0f7854a40547fd48b4268d2

    SHA512

    bf2efe78bc3c5286bda0b77b00ff4f5ec5b9467b56e5f0e2fc269a1530253fdd8ab710d0dcffe0ec7ea04f5e3aa496a43a455f3a441151a6f81a58de6189c187

  • /data/data/exercise.apvxm/files/ico_share

    Filesize

    13KB

    MD5

    6185b000b5985d2b320ddbd1bab560a5

    SHA1

    a87dccfced0c43a3a0fd84495cca533806e8a697

    SHA256

    4b856eb39f691259430615bca472c0713d452451b822662563e936f252e9a5f2

    SHA512

    f5390621abc8b976c91074555597fd25adf973a7936bea695756fbc7e8ef07644b2681c61cc5c1ebea09e4fb9439175e292f84023b98fdad097e040ee40e585f

  • /data/data/exercise.apvxm/files/profileInstalled

    Filesize

    24B

    MD5

    9b473d7a17b682a8f7c4fa17eb6ec93e

    SHA1

    ee46db232cbc76fd189da7520cb54dde634c5537

    SHA256

    95e00546235f0c0a53ad16e61a63be3a3aa5e02b95593756a8dc42d3ab3134ec

    SHA512

    eee8cd8bc8a78d2c4b922bf1e269d35b2e7137e689d39b9531566a37ce7a55ec3ac7c0e4cc20e664883399455c3c2131fa931b994fc1967670e5759030df2a42

  • /data/data/exercise.apvxm/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    5984f7769254c180b434d667492dcfc6

    SHA1

    4e6b5492a244f2cfbb5a7f7eeae4d820ef1e65ed

    SHA256

    20952610b48762afb778e7286d501188e1936652ba9e64feb0131ca2583e4b4c

    SHA512

    7b7e732da5e356ff1d830c26fc6e2492d390de32723949510392e5eee023b38707b30c04c152d281fdb1dd561d502f9615ca1c1c2af8ae6d06b0c65cea7872fe

  • /data/data/exercise.apvxm/files/splash

    Filesize

    6KB

    MD5

    0c1a63c938c0208a952e17e4eb429ff4

    SHA1

    1faa9a6952d9081384f14f09e2064594ae4b0c9e

    SHA256

    b93dfa2bd488ad5bb894b3213cb64332a75f8299fc8f94ace54b04ae15273a0e

    SHA512

    223e097d92ab1c9ae80e102727a52066bb8fcad47f7e1913202ac62b22fcc116bcdb39e5f21ffb45ec1490a143927491bf56291a08a10b1c76b78a5ed69f4954

  • /data/data/exercise.apvxm/files/vinebre_ac.txt

    Filesize

    19B

    MD5

    b315d82df28ec4057ec4ce306a308cea

    SHA1

    9422e4ec2900fd94f468d9e2ad8fc76dd4c914a5

    SHA256

    00d16c8e7c97c2a1d9563bc74add07e8a082abc8a779a2cd44578f0664d96697

    SHA512

    04a7353c52c374f8bda4ef42b1896b57080a6ffbeb437a54c53bbe0170506f2458a2772a31fb55a592a473f967ed586d082477fc2cb8aa7f3467faee7cef5826

  • /data/data/exercise.apvxm/no_backup/androidx.work.workdb

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/exercise.apvxm/no_backup/androidx.work.workdb-journal

    Filesize

    512B

    MD5

    919170aa08fb37f9a981d6117fb25597

    SHA1

    1162830e3d53c13995cc1230db47d9a74f3642fc

    SHA256

    313ec6ac9b7370d34eca809293e14523383373ecb752952e5f06bf53bdc5744e

    SHA512

    3e6e3f5c71699323d00e85dcc648ae367c21dd160ccd83a51824feb18b24ec22488e3924fd0258b3bf70bfa9e4c7d845304c0b09997948a0d19702a57044442e

  • /data/data/exercise.apvxm/no_backup/androidx.work.workdb-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/exercise.apvxm/no_backup/androidx.work.workdb-wal

    Filesize

    112KB

    MD5

    5dc913f5981fe1125a3cdba77f27ae31

    SHA1

    881351c7f5d06cb721b3a8b1d1c4d78fe8b32b38

    SHA256

    d37ef9f61e1911e157d761111655f761db463e277cf9214bb52e10490011cb35

    SHA512

    75519d8a50fce929e0a4e71c5bfa85ff78b261cad89acbe783fcff502641e9ded15f9e260e6b2e07e501640b5e79fcb59062dd6e84b8f47aa2b64780ebb018ed

  • /data/data/exercise.apvxm/no_backup/androidx.work.workdb-wal

    Filesize

    120KB

    MD5

    27460df431def3bd90b550c215dff9f4

    SHA1

    17d04d6258602914c69a0ca013a0c356d65a2bd7

    SHA256

    24ec61ff9180cfb5fcedcd4d944480c5b15c90a2cde11fbe9f12f83a48b74387

    SHA512

    00acafe6b36248a35d8c18b2dd492fb65f84e1ef2c866af7ca8f09ea296a607265b8e98a9266a55a6d181da674749ed449b4a0e9a0e56a29241a58e648b07aa4

  • /data/data/exercise.apvxm/no_backup/androidx.work.workdb-wal

    Filesize

    16KB

    MD5

    0416ef13e11609379c041b205391e572

    SHA1

    c6d0cd56d4ad3d3014d40aac542e853688573a20

    SHA256

    504016df964f2c77c9d66acc6ccafedc7bef111af6fa6901d9b1e80a0e823181

    SHA512

    d597d6cc182da0b79efe32deb234e0944b7a5999fab449e5acc75296a66e1035e3584790d9e6730ce56197e572a1e84094f1321d03511dcae6871373b1413996

  • /data/data/exercise.apvxm/no_backup/com.google.InstanceId.properties

    Filesize

    2KB

    MD5

    56d20295055172d771819ce9da345053

    SHA1

    d82d8cd84a799489623b73f42da39bc49d3140cb

    SHA256

    d9abe0246669b3d10d3a093e9bc7a8bc3c3840618d65468eec30176d54197509

    SHA512

    a9f9d7466f09414c8930d8a1ffd16b7f4ce0f5d0be1c8b104afb92ff6ed3b7ffd2eaa6c5062be060c7471f406870c710dc6d49ec5f958715b00e4f7968fd15e4

  • /data/misc/profiles/cur/0/exercise.apvxm/primary.prof

    Filesize

    1KB

    MD5

    33a5279364a6fc47323f472baaba97c0

    SHA1

    8f7cbf1c98b84497215f973568a917748139307c

    SHA256

    5b736796ab777ddb805c84f3ce5ab051b467ddcd62e2bd0505a48d9bc4a171dc

    SHA512

    cab16547246e5959133bff05fa3573a33e97624da06732427e6017f1fec16f34fbd6fe2b4e2bf05c91e1637112dd81e83f8b7ef3ce7eb2f7237347f74b14984c

  • /storage/emulated/0/Android/data/exercise.apvxm/files/mb/other/mraid_js.txt

    Filesize

    12KB

    MD5

    d265d6c539839f8034106635f3bd9b00

    SHA1

    45e82ee9aa8dfe81987d806cf222eabb19c4dacb

    SHA256

    61779e5e9b63efdceca3492897e0b02063c9c8f87cd1335cc735a3e56a1dd2c4

    SHA512

    bb49eedf3dbab86a06f918d3f43fbd7f2287bd17638301595ae5e40f0a326ed7cf6dbb28698d753632196c1fdb110cb2ce152c64ca19175efef7ead80d90692e

  • /storage/emulated/0/Android/data/exercise.apvxm/files/mb/other/omsdk/om_js_content.txt

    Filesize

    38KB

    MD5

    2710e879a7b0781d8ef8e5a5e6b35f9c

    SHA1

    1955e65b0f84b5c7cf118fd0b2ff694af9cfaa6c

    SHA256

    70bb8f51e8554a2dcf42e9e97205f0bab3623190ead9bdbeb4ec8c77cdc347f0

    SHA512

    f5dfd497920482fc1884188e2c595cd17d050c93935f87d02eaac54fbe5b666af27e8f5d5bcc2930cd2a03edf9727dbe418f8d0fc81629f8d5a47e2e7a964abe

  • /storage/emulated/0/Android/data/exercise.apvxm/files/mb/res/.mbridge700/mb/config/mbridge/b6ab625c580a40908260b5a39b9ff6cc.tmp

    Filesize

    6KB

    MD5

    3d2381eeccf752b131e6cb02e9aefd65

    SHA1

    acf42545c52c8cfd26b7cc92010795cd72b50f4e

    SHA256

    36ecf1f1ecc21bc3dc5450a90e54eb0ea6fa14252264cfb837cf52bd210811b0

    SHA512

    51ada98424b791c4e5742e6ca6fe9522774938497dc75981ac78b1b3f04698e6e70df22cf8dc4167f4fa268e4396eddfec7102a1ea92d1fca92fd95c39c970f0