Overview

overview

10

Static

static

10

002d23802f...a9.elf

ubuntu-24.04-amd64

006e75ccf3...e6.exe

windows7-x64

3

006e75ccf3...e6.exe

windows10-2004-x64

3

010b63314e...17.exe

windows7-x64

10

010b63314e...17.exe

windows10-2004-x64

10

017f252187...45.exe

windows7-x64

10

017f252187...45.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Unmonument...GL.dll

windows7-x64

1

Unmonument...GL.dll

windows10-2004-x64

1

025a7cc996...12.exe

windows7-x64

10

025a7cc996...12.exe

windows10-2004-x64

10

026a0d5ada...ed.exe

windows7-x64

10

026a0d5ada...ed.exe

windows10-2004-x64

10

0296e49137...b6.exe

windows7-x64

10

0296e49137...b6.exe

windows10-2004-x64

10

0382436149...62.exe

windows7-x64

10

0382436149...62.exe

windows10-2004-x64

10

039b7cbbe0...f4.exe

windows7-x64

039b7cbbe0...f4.exe

windows10-2004-x64

03a0e7298d...43.exe

windows7-x64

10

03a0e7298d...43.exe

windows10-2004-x64

10

044d4141fa...83.apk

android-9-x86

6

044d4141fa...83.apk

android-10-x64

6

044d4141fa...83.apk

android-11-x64

1

0488488429...83.exe

windows7-x64

10

0488488429...83.exe

windows10-2004-x64

10

04ba453903...df.elf

ubuntu-22.04-amd64

8

054c0c0eb0...5c.exe

windows7-x64

10

054c0c0eb0...5c.exe

windows10-2004-x64

10

058c3a111c...0bc.js

windows7-x64

10

Resubmissions

10-11-2024 21:28

241110-1bhk6avgrr 10

Analysis

  • max time kernel
    4s
  • max time network
    148s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    10-11-2024 21:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    044d4141fa14d7abac6f282b72e4d4a6f0fec56df3d0d1650e2db3a1a5c80783.apk

  • Size

    3.5MB

  • MD5

    c126af541f25c0a689dea5f44d598764

  • SHA1

    68e1772c5bf7a0db611063205b2b6f90718893a5

  • SHA256

    044d4141fa14d7abac6f282b72e4d4a6f0fec56df3d0d1650e2db3a1a5c80783

  • SHA512

    eba66c60d7a38a18c57278aefaa7c235fb744b460ed7d9f59724ec68366af6eb6d31333c0be17e92faf91ffefd8629e8e0697771fb13cb3d16cfcb9ad556e215

  • SSDEEP

    49152:3/NUASHe5UQtHy1fffEcy317sc1x7B3l0ZL7ZhJqowVSvsEFP2R7QBub9e3g5zpd:vqp6efffnRcj7jGPJqikVQI5Dhpdns3E

Score
6/10
discoveryevasionpersistence

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • ir.shz.shzkisi
    1⤵
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:5024

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ir.shz.shzkisi/cache/~test.test
    Filesize

    4B

    MD5

    098f6bcd4621d373cade4e832627b4f6

    SHA1

    a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

    SHA256

    9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

    SHA512

    ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    a18476e1e4cbdee0b089f88cce0be35c

    SHA1

    5fc556d9e233e5f121f7b2c599287ccb500d3560

    SHA256

    e2b6e4dc21df0460ad85221d53ff516f6d90ce9090f6e0fc22087fe5b25d69c4

    SHA512

    2acd8b2a768ea0450566d274a369afd995eb47b37abb7f64ddf766dc8f8ff526463c28b05e99722823f7251bd6991113ae28fabd4eb72c0c792508135f547184

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    8488aeb2817c3581845e3cdb0cf2ca7d

    SHA1

    046116b1328b40d7ad47ba5da6cd29c036aa27d1

    SHA256

    d05ad4c9191ab04886b9b0f049f38524c464e22740a2f9d69a86d3314d7389fc

    SHA512

    b68cf8f64c48a908a37b828135b425191647069a260be1110396a6afa4461f0ea758649ce07c640c8d3afcd8b7904a3214c06d1eb489ad19299b9bb03f862b82

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    16acd2761dc7f8aababafdc9f44f8038

    SHA1

    8045af00b8472960518f040ec35affa71497b4f2

    SHA256

    049a9885f32a0dff7503b47ac3a9765b1263e757687dc56e9ee312b25b52870b

    SHA512

    0c0bee1dcdb6e6cc256140c8d691850ef17a9d7cebc796c3a8dd1fbb4bfa1bfc17a18d966f7da90b4fca83a7666b8bfd85f3c0e6372d04f7bc66c9278ea1700e

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    875c89e7d635fa43875a4643122948b0

    SHA1

    e705091f04f723b52e7b0abd4455789e6d1eee66

    SHA256

    0316ef253030d238ff496d0f77eee9b7ce98d637ece967becc6f05ad315deeda

    SHA512

    03c556c3bb60563a02830759c50c9efac99aa2e62a04124d5ec56033d404ea9819aab0177fa94cc72fbec267d04b455b429566b3026ca55d87106a944b1871d5

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    eb52a90bb70b76e946b62f50b6f7fb85

    SHA1

    42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

    SHA256

    48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

    SHA512

    b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    99f3775fc75af2fbc67288bd2866a2c4

    SHA1

    ea452d4171cbbd7730aa6884594227f3324dcc7a

    SHA256

    e93cc1053caad7f79f695cadd330ddbaf971e93aafab2f606e9fe33a05055cb3

    SHA512

    40f6799670be1cb1791bd7f0e9d872be1a657f6b693df51aed5fc04c97cd757bbee197ecd728c3b9da8e10749c913145a155d3f5fe8bacffe3423bc64a1d78be

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    dbcf7da5cb777e737e8079a1663c442b

    SHA1

    8c03057fb1a31ba18ae69106e8d4f147ff39fb49

    SHA256

    269ba4dbd36f118170a1786b98cdf95f415509b63bce49dddd36f205d79df7fb

    SHA512

    4363854b718d2617b67bbbf64fe6c9368f3c5e26fcb3e85475b1fd7d1d1cd3a6bf8c2b1ece6619c9dafde2171aeabcfb202b1d15eaeda410c42ee50afea23eb0

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    512B

    MD5

    ff7f5f2812cd1a656e20ebee0d220fe1

    SHA1

    a1c406193f19fc84dff9b88cea21316ff740674b

    SHA256

    3da55efe931bb57c9dd1ea979a994ebfdb602799087ba8367557876ff2fd88af

    SHA512

    d5b8472b9e7dec036af4485eb8fae9b581d064a3b0e25782cab0fdf762e288fb4f3344afe743b25e10c58a008286be168f4bf1c82875a3180e49466b05d87b7d

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    6e74067cbb59aa650228cf973b33b5c4

    SHA1

    b9ce0eb90adeb59b8dfc455b02c3c99dcac57b3a

    SHA256

    65fd7cdc5c33eb1996f45ca003b1f2ba426ea2573eadbcde553d19bfc1bfcd8e

    SHA512

    b6f6be2fd277f4ee42b6d983db876a9aee59afe3edc731c5b42a418731483cd3cf710897e74e07f7fbe02f3971ad45086e4ff3f031931194bf9fcc479de16c3c

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    4KB

    MD5

    993242b29a419056e93bf03423aa93c7

    SHA1

    725a91b60f456da36d50ce1726159809611a06e2

    SHA256

    1ba9606f93a1f6a8f27ec6063749da700c95ed5a11be28d36a086ff898b13906

    SHA512

    501be54df753b528a0d80b980eb0c704dff450a2a4d4de258ca49f17e05ce1b5e23f08cd906eafde6358a9b30979c836c678f47e8e80b2eb66051169a29ad81c

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    a11d2508214ceb5dabc47cddb0923ca2

    SHA1

    6adab96533dc48895b0946018c580d7c2635c040

    SHA256

    c4ac1019b032cf9d83f81d051d495930115b1cf661a36fb408100f1ec204697d

    SHA512

    b4efa04d211a90d384ddd2a0bd3dd75101f728b359a6dadd746c0013563e1ef0154001efecea2a74290f6fc5361dbf8e63d77c00c77e5f12fd2669e7ef5fdf4f

    Download Submit

  • /data/data/ir.shz.shzkisi/files/PersistedInstallation3926018198136178008tmp
    Filesize

    567B

    MD5

    be1ad69a05127a78ae9c478ea46aa08f

    SHA1

    4a82e28e35fc145d70da578574e3594eaabd6e24

    SHA256

    120320e3f99d5afca9ba06025a918411f54e5002ba1dd11dc47343c2d8fda5e1

    SHA512

    159a4b69fb5687af8d1bd6618a51bccf518bb9c5b174ccac318079bc1d7d1ec90f5bfb508b870904a8b114d3896f6b8c02f65a3750bd1ed53f3b810f61fb49f4

    Download Submit

  • /data/data/ir.shz.shzkisi/files/PersistedInstallation7869269441313590762tmp
    Filesize

    90B

    MD5

    f564f8293a761308ae03a568ea9abf78

    SHA1

    8fd1edef786e42da29b0a73c0f38ae716bbc9241

    SHA256

    706d071244d48d600d9006c55b4ff61f0d6413adc1d8d853c60af062179aecf1

    SHA512

    e8291dfcc1c84f89fd45e80fd77ab7ca007223b47cb6d0eac5bd3e8f7b8cbb4f88b0f318004c6d19af8f7e423d3065267eafde669034181628efa6943a1e029c

    Download Submit