Analysis

  • max time kernel
    138s
  • max time network
    155s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    09-11-2024 14:14

General

  • Target

    H570.apk

  • Size

    36KB

  • MD5

    93a3a74fb6f523fd2c418dd6529ad6f1

  • SHA1

    92eceb78ce954a739793b4ad92d85b0d096419f6

  • SHA256

    c99b92ce6e51f5f235884aeb979d36cace131641469f2c12b27d90fd30f7eefd

  • SHA512

    b0eeb93082889fc8fcaf41078eb78e13baeaea717c37e878ca51cac4253624a2a329525180ef7a2478c7bb09148ab4123f6b27712500d6d5c21b45bd84304f48

  • SSDEEP

    768:7FopZbapoLs4LCOs76NFS7ukyiissHGs+b4rP:7CPb+2xs2NFSHyY5srP

Malware Config

Signatures

Processes

  • org.noear.h5
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4991

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/org.noear.h5/databases/h5db.db

    Filesize

    40KB

    MD5

    73ea068258640fde38570fa440e69922

    SHA1

    0c6ff10eb5f6e9e5ff9bd17aea7104171f3e4fb2

    SHA256

    18546706395763a6c64e4abc97640b55b78735d61c1221c1701afaa5e72191d2

    SHA512

    4ebd356d58e997413994c453ae2f0e36bce8c2a3173cb79b042bad839b1e0c8bb14d10003db907465c063c630de0e93a855584951486b3276ac801e3b11e9561

  • /data/data/org.noear.h5/databases/h5db.db-journal

    Filesize

    512B

    MD5

    7ebece237b029b980ced6811bcd99295

    SHA1

    3ce297e4fc90e5b4a701fdaca6a13d5514199cc2

    SHA256

    accdef8f9191013decbc83ce15089cad79c86dbade1471b373e05d4748a7d293

    SHA512

    e7009cc093ab2f6ee8a044d05ec6d225e0a9a5310096d49877b1005a77ae9ee1c721130465faa7f059a2ced0439985850bd781b6658a8d4989c0d282777213f5

  • /data/data/org.noear.h5/databases/h5db.db-journal

    Filesize

    8KB

    MD5

    25b552bab8eab5011d4c4ad3796fa9b7

    SHA1

    05c3d01e11c4889bca64ab5f5a25033c1f33d706

    SHA256

    88d8aa45ae272134337d5fdf670ead8da26113d78f5ed3b2fdd4a5be64ad01ec

    SHA512

    a4706bb0aacc75b80fc6cc99a3769ab5dc3170f881ee383f932f14fd0ae5ad2527f3e24576e8dedce0fd68530d75946ce338ef9e6fb251739e6f2b76bf424303

  • /data/data/org.noear.h5/databases/h5db.db-journal

    Filesize

    8KB

    MD5

    df136d10e9555673785ac8353c11e10c

    SHA1

    0e6202a35c7d445e62315909de91e386da0fcb0a

    SHA256

    5911790349413a9f32bf1d147cfb5a06d68a51a31851ef4243389f2bfeb9e4bc

    SHA512

    5f738ed62ac5fb01a1c3a2249f7bfa766821c4edaf6f47ab4a7c832e3028b4237c88bebcd9600a8e2d0e2582a600e2e13fe072677e984fbc9b7456bc2e85f90b