Analysis
-
max time kernel
48s -
max time network
49s -
platform
android_x86 -
resource
android-x86-arm-20240624-es -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-eslocale:es-esos:android-9-x86system -
submitted
07-11-2024 21:01
Static task
static1
Behavioral task
behavioral1
Sample
app2716320-wogdjv (1).apk
Resource
android-x86-arm-20240624-es
Behavioral task
behavioral2
Sample
app2716320-wogdjv (1).apk
Resource
android-x64-20240910-es
General
-
Target
app2716320-wogdjv (1).apk
-
Size
28.0MB
-
MD5
65dcbf23b7541b3be3b5ca2a917d17fe
-
SHA1
44a3ab6ff05a953d3e0bbb95ed76fc2d097e89ae
-
SHA256
2e938a8c2fe83ecb18668babdaba364e9f2c9875f060e1a4adc7f8339ead3f40
-
SHA512
5919602e487729f895741873c22e8481fc18fac31e44285eea9833f328ba035a5dd0dedcbace98e410f99ca11818237aee278178bb4ea6872608f21cf050a995
-
SSDEEP
786432:OZkT56587OqQO43N/XOrGnaIqhENTrLbML:8kagOqQOQNGYNJNTrA
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
exercise.apvxmioc pid Process /data/user/0/exercise.apvxm/files/audience_network.dex 4274 exercise.apvxm /data/user/0/exercise.apvxm/files/audience_network.dex 4274 exercise.apvxm -
Acquires the wake lock 1 IoCs
Processes:
exercise.apvxmdescription ioc Process Framework service call android.os.IPowerManager.acquireWakeLock exercise.apvxm -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
exercise.apvxmdescription ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo exercise.apvxm -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
exercise.apvxmdescription ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone exercise.apvxm -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
exercise.apvxmdescription ioc Process Framework service call android.app.IActivityManager.registerReceiver exercise.apvxm -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
exercise.apvxmdescription ioc Process Framework API call javax.crypto.Cipher.doFinal exercise.apvxm -
Checks CPU information 2 TTPs 1 IoCs
Processes:
exercise.apvxmdescription ioc Process File opened for read /proc/cpuinfo exercise.apvxm -
Checks memory information 2 TTPs 1 IoCs
Processes:
exercise.apvxmdescription ioc Process File opened for read /proc/meminfo exercise.apvxm
Processes
-
exercise.apvxm1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4274
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD5583d738c93b2a4c4f94233c73cbda60b
SHA1a7d707be684bd49f3602c4734f11d608328fa170
SHA2567a4e6177c5d5e8ce1740ad945d4874018fbd6404eb0c28a7ea151077223aac9e
SHA51247ba1b33ca660995430a72c3dda872aec86b1942e910c0a9c43385c5b16798b822b57283c125f90ca1a6fa6a1148ba60e9a629727cb3044c63fcf2d258b7dd1f
-
Filesize
16KB
MD58c0cc8262484c16d87a9c4891a094964
SHA1d4aa0f8728c3bad5ebc4c6c2b5d0e2a53e2b209b
SHA256b84e612aa000c1643b1c1f1c0825d5c864c3954a1157ed978e945c76d40fdf88
SHA512134100577ef241f9f693f29bbddd3164b582a0cc8482032b272a4168f8db24c65ad20246afa857be8bd4827426aa68e0ea59a23649de4582165b41f6e6db0428
-
Filesize
16KB
MD548ba67dd95c223135af19a4c3e15fdd5
SHA12d3257eefd157e43aa04ff37fab62a0f97574a97
SHA256d702ef83872eebbca19565c7eaa3a668457b99951e077e1e80b45bf9bb09d3d8
SHA512aa9d5c47772312739d1c1cebde83e912dc4c8bc9cff49215f4c908c3d12ba18c8720be3e6f4b14194c9239d0fe664bf0559a0002f219813bca5006a7795a679c
-
Filesize
16KB
MD5687a766635e617ca5a20ab81660280ad
SHA1236fb55cb41de00476a303d3b0bcdaa79d618146
SHA25619f8b012c6f29105dac06afa6feec97680ee40d836c010e58c18e9e7047258e6
SHA512a09c7c47bf6469c502aa8de7ad9574697268df2cfc4a8e4e74f05957aa57ed2d23350aff4dc4e51bfc7f3ffe76bc5c5507639d945dbfc5f5616e7db1c80ddcdc
-
Filesize
16KB
MD5527dc320ab8d6b6b0504102f36988d8b
SHA12b3028bf2a0b1b76e25993ecb52185691024cc22
SHA256e975acc795d8858cdc5228bab003114e1e6460b5db38ca465c0596653a1bd802
SHA512aa66dbf7703abba4df52dfca8a43ab308725933b2d3ecb6811dbc829c27492f496e7184987825820282f58cee1a5f20c7d73959c8581fcddd5e0d4e92301a26e
-
Filesize
512B
MD5b28240e129bacb99ce7c818047ac0db0
SHA1a4ee3aae4c9e108075d9b41afac0bc92e8d623d2
SHA2562acd3453dfcc8104af5a3500a7225c5080a4dd7fca48ec7375f7e8b3bbc45e66
SHA5129ee89361d34268ee79b8a2166815e03929b9b8ec90df4e61b098460edf5680a289235cc4e0c40cc72d3eb1dd40196d97c705a75c1aed5c4ff2f2d21a0066233b
-
Filesize
36KB
MD5d4a77ec135d4ed3f5adc818830ea154c
SHA114f1e76747cc2aaf086421550ac60e08f6936f18
SHA25650422b072679e35007f521ae559b6862c592cde6fab6a0e25f63cb615e1576f8
SHA512dfb0bea53a0b0a122bc095dd05585b4678ff0a2f826df3e0703a64d96b62366b76536ac2e07cb69b11c6a1f54027a61280ac1354d4ca135e1827264211b7a3ad
-
Filesize
4KB
MD59647923ec91b5f862f945e9ce89a6073
SHA1da51b7eed4a33ffdace4060953a71f9abcb39383
SHA25676e7b01edbf8de489f12f036d868a55992f6793ce40927578b8e6e55b01da327
SHA51297409ea770721775fbaa374bb5428412153d149281a546c830a787dbf301d13510a643a4310048aae10f857f0787da7d6c2da433ba12b8890261a37049d1e5fe
-
Filesize
4KB
MD5faf06c39cadd143b640e7a25f07d2311
SHA1983d4e1d8a792a318de48cbae11579ecb4c3e493
SHA256a11fddfd7c83c7008326f76a2ecac184554a33c06c2980d83b2479fe903240a5
SHA51206d38822ff9c2bdba5f941a39c89ad8e09a37b139d157d30bce7f4857e4ea6ee76cc26024a35e1c40c1ea1711b7a0c7398a04639f368fa683e73d081befe68c8
-
Filesize
4KB
MD5f0c4e62b4f97da8238534e703164fd4e
SHA1c5dc2eef878fcaed86b837a5abcf11dd7dd0ea3c
SHA256c7c267c211fd06648043264284a1722bf8069320f83fb978443fd51b257ec570
SHA5128f11c9645ba54055f72c90d187ce646bf98ead077c12188c926658997125b0dfd1fa8bbf7d951ef7f1d77b07fa7ade901771490789768a56d10c9902abcc936e
-
Filesize
4KB
MD583e1881be84b6bb5e4205454123f5e6a
SHA16516fd817b6b7b5a1e7c03a9d5bdf5449b8f7aca
SHA256730855a6f2a7827020521c2297463741ae07a9163d5a90e3908d4f12af398b39
SHA512b871e785d60771f3280310d5863dec396328d3a494c7737d188c8a659ad2eaf8f3884a03f032e5c017f806761fce25c5d6460356368672475e6c544ae515a6a9
-
Filesize
4KB
MD591612ea8590272a6998b54c5db5ac717
SHA1099cf6ebaba39c4991b01d870da15ae2d1ea5834
SHA2563ed41769f510a3b456675596e33036adfeb1f25b397b015ca24dcf3a23192b6b
SHA512e0e3d6cfbfd679a49997d038b9a1ebae488c5064ed1c5ffca34d8113721373b431ecf4486f7b199151723cb2f826f6958434f7150f9be875060b7264f1d4d7e2
-
Filesize
512B
MD59f67f2359d60cebf42f7b4a0c5050834
SHA1cb3bf7c87e59ee5631632a29097a1a082149fe17
SHA2565f993260dbef1ee0d0accc93440f564976e777e54b1b9014e4cec8df4d0fb426
SHA5129fc24ea82e8dc63b2bced82d01bca40dfbb3ca2d4ac6aae39f29152d3b51ed753a292923b2a6916d68fbd799551b8697d00cc3c104d64baeee8bddeba9dcf0ef
-
Filesize
108KB
MD5c810a61615b03b33f578de0f8e8c42d8
SHA10a959fd248039a14d25794bb7cab7e46451e3513
SHA256b880df597bc92c204631f0c0744b42b4f0c192a9dfbb0480345edf939d73ce73
SHA512391f87c51faa27f2cdf090d1957fb5d609709b28bf00122f4d0e166e0cd2fb24bf8699c1dd2830a3ff81f92c0fbceef181a56a4cfc2a926af9ca4cb051d6eff4
-
Filesize
512B
MD5eb8bf34daeaef98101f7c90398e7f3e5
SHA1fb833c95647a89bd313f70a02ee106af2b217447
SHA256837934239de2fe68c64048d27126bf0a9dea06701abb1845574a38b840e5fab2
SHA512a5ad07fa5e03cbb2c50a30c5d0657314d76f169bbb5a774bbd671266665791469001727a76f0327362dfb0869d9f9c9b3e482efcb47d1277f8a8de7fb52df650
-
Filesize
28KB
MD5821f7a6b209ab96c1ac7f79864691df6
SHA19700a6b1eaba2eefebfa84dba9f24d33f0eab08b
SHA256e3390bc469a39f6913db97785916880aa387b2fa3580e2e6adc81df471561c34
SHA512ce70f9501998601cde0b1512291ee6ab50731434f1a2a00df89b9542085c5caeff9178014cafb2fa268c8c6d2fc6c5c606259641734d2b62d5405497e70bf83c
-
Filesize
79B
MD560cfc701f6a74b41590b522f562d4293
SHA1185ac27ffc35e9c7b8644f68d154dd831e5c0b5c
SHA2564365673e2ce76c4dca50de03c160367da6d0649aabb82ef19789beb48f7feaf5
SHA5124415226c3d520dfa170163b001b046b5af758f93b4e70247efdc6b023e0c8898415477c27eefc0286576ab00737f0a1c91d35b3295cef39237a1fe8864a5aace
-
Filesize
562B
MD59aa7097415e0135f530a249474aea133
SHA1fd7aabfc931c8f7737dea887853a419522d05b40
SHA25655c5990da0b4601186fe4e2b3e96f574c3ae789231709fc250a56059c53836ed
SHA5129fe0b55a5db8e196eac64b344c6e9eb8d38a6fd3d1d48ed54b6b3d2b172a47102faad8e5c767cf1288a864adb70573bef00aff565cbb76479da8eb772dbddf8c
-
Filesize
3.1MB
MD59b8164be4f0ffaedadc82125e5346c14
SHA1c4bf7a6383958b493ed5c4dd6a19862d366fca4a
SHA2568e632284c9b0180ef28e309b4b0f282ef608cfb9d9046df899d8bdac227ea9ce
SHA512352b3e9ef70839d0850ff7ca4a1f19f3df546412ae5cac1243a80588e573fea6371edd4c408a2edf1b48d70a10a5cb579513d3cd38a4b5ccf4b7528dd28704a4
-
Filesize
24KB
MD5c37c380f8b74aa92c7324c4db64061ab
SHA11457bbeb2d9d24c480ac2e3b568ec7312cac35f1
SHA256d8bed6485170dfbb2d8485542660f2c3c8fc8136b0f7854a40547fd48b4268d2
SHA512bf2efe78bc3c5286bda0b77b00ff4f5ec5b9467b56e5f0e2fc269a1530253fdd8ab710d0dcffe0ec7ea04f5e3aa496a43a455f3a441151a6f81a58de6189c187
-
Filesize
13KB
MD56185b000b5985d2b320ddbd1bab560a5
SHA1a87dccfced0c43a3a0fd84495cca533806e8a697
SHA2564b856eb39f691259430615bca472c0713d452451b822662563e936f252e9a5f2
SHA512f5390621abc8b976c91074555597fd25adf973a7936bea695756fbc7e8ef07644b2681c61cc5c1ebea09e4fb9439175e292f84023b98fdad097e040ee40e585f
-
Filesize
24B
MD59b473d7a17b682a8f7c4fa17eb6ec93e
SHA1ee46db232cbc76fd189da7520cb54dde634c5537
SHA25695e00546235f0c0a53ad16e61a63be3a3aa5e02b95593756a8dc42d3ab3134ec
SHA512eee8cd8bc8a78d2c4b922bf1e269d35b2e7137e689d39b9531566a37ce7a55ec3ac7c0e4cc20e664883399455c3c2131fa931b994fc1967670e5759030df2a42
-
Filesize
8B
MD55984f7769254c180b434d667492dcfc6
SHA14e6b5492a244f2cfbb5a7f7eeae4d820ef1e65ed
SHA25620952610b48762afb778e7286d501188e1936652ba9e64feb0131ca2583e4b4c
SHA5127b7e732da5e356ff1d830c26fc6e2492d390de32723949510392e5eee023b38707b30c04c152d281fdb1dd561d502f9615ca1c1c2af8ae6d06b0c65cea7872fe
-
Filesize
6KB
MD50c1a63c938c0208a952e17e4eb429ff4
SHA11faa9a6952d9081384f14f09e2064594ae4b0c9e
SHA256b93dfa2bd488ad5bb894b3213cb64332a75f8299fc8f94ace54b04ae15273a0e
SHA512223e097d92ab1c9ae80e102727a52066bb8fcad47f7e1913202ac62b22fcc116bcdb39e5f21ffb45ec1490a143927491bf56291a08a10b1c76b78a5ed69f4954
-
Filesize
19B
MD5b315d82df28ec4057ec4ce306a308cea
SHA19422e4ec2900fd94f468d9e2ad8fc76dd4c914a5
SHA25600d16c8e7c97c2a1d9563bc74add07e8a082abc8a779a2cd44578f0664d96697
SHA51204a7353c52c374f8bda4ef42b1896b57080a6ffbeb437a54c53bbe0170506f2458a2772a31fb55a592a473f967ed586d082477fc2cb8aa7f3467faee7cef5826
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5919170aa08fb37f9a981d6117fb25597
SHA11162830e3d53c13995cc1230db47d9a74f3642fc
SHA256313ec6ac9b7370d34eca809293e14523383373ecb752952e5f06bf53bdc5744e
SHA5123e6e3f5c71699323d00e85dcc648ae367c21dd160ccd83a51824feb18b24ec22488e3924fd0258b3bf70bfa9e4c7d845304c0b09997948a0d19702a57044442e
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
112KB
MD55dc913f5981fe1125a3cdba77f27ae31
SHA1881351c7f5d06cb721b3a8b1d1c4d78fe8b32b38
SHA256d37ef9f61e1911e157d761111655f761db463e277cf9214bb52e10490011cb35
SHA51275519d8a50fce929e0a4e71c5bfa85ff78b261cad89acbe783fcff502641e9ded15f9e260e6b2e07e501640b5e79fcb59062dd6e84b8f47aa2b64780ebb018ed
-
Filesize
120KB
MD527460df431def3bd90b550c215dff9f4
SHA117d04d6258602914c69a0ca013a0c356d65a2bd7
SHA25624ec61ff9180cfb5fcedcd4d944480c5b15c90a2cde11fbe9f12f83a48b74387
SHA51200acafe6b36248a35d8c18b2dd492fb65f84e1ef2c866af7ca8f09ea296a607265b8e98a9266a55a6d181da674749ed449b4a0e9a0e56a29241a58e648b07aa4
-
Filesize
16KB
MD50416ef13e11609379c041b205391e572
SHA1c6d0cd56d4ad3d3014d40aac542e853688573a20
SHA256504016df964f2c77c9d66acc6ccafedc7bef111af6fa6901d9b1e80a0e823181
SHA512d597d6cc182da0b79efe32deb234e0944b7a5999fab449e5acc75296a66e1035e3584790d9e6730ce56197e572a1e84094f1321d03511dcae6871373b1413996
-
Filesize
2KB
MD556d20295055172d771819ce9da345053
SHA1d82d8cd84a799489623b73f42da39bc49d3140cb
SHA256d9abe0246669b3d10d3a093e9bc7a8bc3c3840618d65468eec30176d54197509
SHA512a9f9d7466f09414c8930d8a1ffd16b7f4ce0f5d0be1c8b104afb92ff6ed3b7ffd2eaa6c5062be060c7471f406870c710dc6d49ec5f958715b00e4f7968fd15e4
-
Filesize
1KB
MD533a5279364a6fc47323f472baaba97c0
SHA18f7cbf1c98b84497215f973568a917748139307c
SHA2565b736796ab777ddb805c84f3ce5ab051b467ddcd62e2bd0505a48d9bc4a171dc
SHA512cab16547246e5959133bff05fa3573a33e97624da06732427e6017f1fec16f34fbd6fe2b4e2bf05c91e1637112dd81e83f8b7ef3ce7eb2f7237347f74b14984c
-
Filesize
12KB
MD5d265d6c539839f8034106635f3bd9b00
SHA145e82ee9aa8dfe81987d806cf222eabb19c4dacb
SHA25661779e5e9b63efdceca3492897e0b02063c9c8f87cd1335cc735a3e56a1dd2c4
SHA512bb49eedf3dbab86a06f918d3f43fbd7f2287bd17638301595ae5e40f0a326ed7cf6dbb28698d753632196c1fdb110cb2ce152c64ca19175efef7ead80d90692e
-
Filesize
38KB
MD52710e879a7b0781d8ef8e5a5e6b35f9c
SHA11955e65b0f84b5c7cf118fd0b2ff694af9cfaa6c
SHA25670bb8f51e8554a2dcf42e9e97205f0bab3623190ead9bdbeb4ec8c77cdc347f0
SHA512f5dfd497920482fc1884188e2c595cd17d050c93935f87d02eaac54fbe5b666af27e8f5d5bcc2930cd2a03edf9727dbe418f8d0fc81629f8d5a47e2e7a964abe
-
/storage/emulated/0/Android/data/exercise.apvxm/files/mb/res/.mbridge700/mb/config/mbridge/b6ab625c580a40908260b5a39b9ff6cc.tmp
Filesize6KB
MD53d2381eeccf752b131e6cb02e9aefd65
SHA1acf42545c52c8cfd26b7cc92010795cd72b50f4e
SHA25636ecf1f1ecc21bc3dc5450a90e54eb0ea6fa14252264cfb837cf52bd210811b0
SHA51251ada98424b791c4e5742e6ca6fe9522774938497dc75981ac78b1b3f04698e6e70df22cf8dc4167f4fa268e4396eddfec7102a1ea92d1fca92fd95c39c970f0