3a2e31f2844df5cb91eedbf24c0b93de4b0aa08525f733132c2bce0d7ab81acc

Resubmissions

10-11-2024 21:28

241110-1bhk6avgrr 10

Analysis

max time kernel
122s
max time network
135s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10-11-2024 21:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

044d4141fa14d7abac6f282b72e4d4a6f0fec56df3d0d1650e2db3a1a5c80783.apk
Size

3.5MB
MD5

c126af541f25c0a689dea5f44d598764
SHA1

68e1772c5bf7a0db611063205b2b6f90718893a5
SHA256

044d4141fa14d7abac6f282b72e4d4a6f0fec56df3d0d1650e2db3a1a5c80783
SHA512

eba66c60d7a38a18c57278aefaa7c235fb744b460ed7d9f59724ec68366af6eb6d31333c0be17e92faf91ffefd8629e8e0697771fb13cb3d16cfcb9ad556e215
SSDEEP

49152:3/NUASHe5UQtHy1fffEcy317sc1x7B3l0ZL7ZhJqowVSvsEFP2R7QBub9e3g5zpd:vqp6efffnRcj7jGPJqikVQI5Dhpdns3E

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

ir.shz.shzkisi

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock ir.shz.shzkisi
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

ir.shz.shzkisi

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo ir.shz.shzkisi

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	ir.shz.shzkisi

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	ir.shz.shzkisi

ir.shz.shzkisi
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4347

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
232d4f6142447321ae497d04f2c24b1f

SHA1
6569795764c8b5cc4d9635a8a37d2093983d4d6d

SHA256
d3966ca1f83e36300ec19bd526be169633eae1d3c390c726b0a39a208ac72b9d

SHA512
0aaac24c39cb0f1058cb41e11b7cf3b6cf2027fca5d6d414ef783fb98e1a205a39e230dd9b71f8071fc42a0bb8e281e4515762f5bd6bfd46178b93f0ff12b9ba

Download Submit
/data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0bd83d874c77a121122ba03b2d0b3061

SHA1
98347c03c5d7048075a755d2c3edbbbc9ac2266e

SHA256
db1ae368506e2b5dc0e9b636115b3cabfab65849f082b40280fb7d43cee6eea1

SHA512
045c311ccac6090b6da6e7f2419519630c07fd85e11136d6daa3223e0a8aaa461fa2bf78047b7325676cff081f3befc1ab0420ea1c5a36a0ee7c278c4928e956

Download Submit
/data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
60b045b0b6782cc37de970bf27b91130

SHA1
1ee6a6ff8da80a153080eb0b02cd168baf5a3a79

SHA256
c8290122323be01bff1d2f66a85b5d7d6058e60428b48afa0dc67621a0629238

SHA512
862bcd6d99fcf0e1803c2e94f9e7330f618522fc7a028d8f93842b56f136bc529df5dcc108ba369cdd0c343ca77dcc50ef6a2a75df7e5b0ddde4eec32bd6a276

Download Submit
/data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
038b3a7daadbbd87fc36cc9c86d7385e

SHA1
4b943600a21d3b55a58d0e5e756b2cdcb0743fba

SHA256
2e0a461e12396fa073f5d1f75727e3beeaad9e939e8ec036ba497143ddcdbe87

SHA512
cf816283dc5c808a49f1879c027895e0007cb98bb22c56929c18afa8d1523908865381bb72d2679043f13e7a3e8829622ef4591679ddea0e160206664fc9646b

Download Submit
/data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2c8eeafe1160dfc873dff4626b54cd0e

SHA1
c5859880187e6f97ddd5c0f6775ec7f0e39ceffc

SHA256
942f60ffe0631aec08c4b722f587f38129409f353d15f64c6bdaeef7e3e82dd4

SHA512
0f1c7e0e6e21e11de101b7cac4c40ccc12a60dfcc49096c38e14eb70e28f1f85be589dbdcfc9f521db4605bd4d329ed1d2bb9a42c1fd502717e659dd913c0b10

Download Submit
/data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6a8de11256636d12033bc9200d122889

SHA1
1a89d06e8cd385970cf03fd5c1f14855193e9ead

SHA256
b859bf98f9024a9d7238d9529391cc552e9aa041486d114a7cddaf3e44bac25c

SHA512
742980529c4fe9528ee315137227fc6060375fe480e3682530700fecf4e28132b7cbfc51a2428175e0cd8105e81aa65e34343b6224a2a5e1a56273e17fe0928d

Download Submit
/data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d7e6e6207ec6bc978ff21ee35be6888f

SHA1
ff1ecefcd4374f8fa6c77b84f4f1e872aed03df6

SHA256
e5404bf342b5eeafe94ad80bf48ee4b93a341067541151646256a417838eb78a

SHA512
e65f8902934f598bc4899fe11b73898ff46185691c3a2c82daa7a65368e3990d4c6e7821b723a9ca1cb0881488a869eb868b204ea60a56618e34f57b05603566

Download Submit
/data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
540697833e7616ee0fd2bd05a52f96e4

SHA1
e26fc4a7bb553a0475da68b0c46290f6dac4b6ba

SHA256
711cc02fbba8fd0aec8aa64b967e25a5b2e0692c762020630fd1faffe4472f2f

SHA512
54c37b31a8a91420d38ba100b6c99a504a1093e9bf0421bf65aaae000ca113fdda6b53a6ea7794c176b1be0941d120221f9a3a9cc9d60d772fa2a5a4240f5654

Download Submit
/data/data/ir.shz.shzkisi/files/PersistedInstallation6713670913357989433tmp

Filesize
569B

MD5
ac820dd85752bf377b1014d545a14b89

SHA1
fbd68dea4ffdee9cff90c19969afabe70fac37df

SHA256
8ad65ce2071de28bf41dd2f82e41ec9239ec757515726760f3a6884e5cf09610

SHA512
76b47ecf556e35e8eb2f1fe8326f0e9145d7733046a8f1d03c0cac5f87e23263cbe07de6a5101b5cf3096bcdfb4299e21d512107fef862e7deb88595fca3da69

Download Submit
/data/data/ir.shz.shzkisi/files/PersistedInstallation716971310887016271tmp

Filesize
90B

MD5
94bc4f68c90eb8382d21441e44483267

SHA1
231c1f4b760f7cd8fd1992a167916a2c5f6500d8

SHA256
95bdaaf6adb926090af4c453e2bc6204141dd600508a3a89cdce60ecfc054bcd

SHA512
a974fe2645790118f5761d9a6349b665a0a3b2b358a827208f7bd6779a16868dc607aee58d285a104df6d45675b96226bf13a865d4f3d1ae9c58fcb8c14f6e14

Download Submit