Analysis
-
max time kernel
7s -
max time network
346s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
10-11-2024 02:34
Static task
static1
Behavioral task
behavioral1
Sample
base_beta (1).apk
Resource
android-x64-20240624-en
Behavioral task
behavioral2
Sample
base_beta (1).apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral3
Sample
base_beta (1).apk
Resource
android-33-x64-arm64-20240624-en
Behavioral task
behavioral4
Sample
base_beta (1).apk
Resource
android-x86-arm-20240910-en
General
-
Target
base_beta (1).apk
-
Size
385.8MB
-
MD5
05cad727d957f7852fa201ab8a325951
-
SHA1
71f5306093c57929849bcf26a10b3579f92cf818
-
SHA256
f827ff2efe540ac07d2b4b38ad2142424e7a4f7fc4013a260b271d8dbf85fb91
-
SHA512
e11b34447a9e6a83486051a59be739181cff79ade534479864b857b786bb63cd6ea021241f2f28e7834943b0227aa9681a59ba057386bee919eed259d0a0e629
-
SSDEEP
6291456:OspSHVP2jCphUIDmnFZQteanPlvmtDZF1UW87cmT2mzHo0cYm/mh2:96VWCPEiPl+tDZOj9V0/m0
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.zhiliaoapp.musicallyioc pid process /system_ext/framework/androidx.window.sidecar.jar 4679 com.zhiliaoapp.musically /system_ext/framework/androidx.window.sidecar.jar 4679 com.zhiliaoapp.musically -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.zhiliaoapp.musicallydescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.zhiliaoapp.musically -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.zhiliaoapp.musicallydescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.zhiliaoapp.musically -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.zhiliaoapp.musicallydescription ioc process File opened for read /proc/cpuinfo com.zhiliaoapp.musically
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.zhiliaoapp.musically/files/npth/RuntimeContext/main/1731206298919-1731206299658.allData
Filesize2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
486B
MD51166576e034164e06bb6d90be8825e50
SHA1eb098713c6c43c2f8161884c12d0d6dc88ffb2d8
SHA2562f4721912525c0fd0c1692c2232ad385e4b0f367e501f66321bacf3c3220d4cc
SHA512e8e997315ca68b52d9dcd536f09faa354f9ad98d10478cbf48e96a286007ffb8c3e5fa8705386af9f4746e7fdf7bd81d68c7daab5d8f111ae437d90738148e41
-
Filesize
4KB
MD5fcf3e64380052c185ca460e4c99bd743
SHA1750adba009a241fcaddce38f7b92eccbf2eee0f4
SHA256446750907fa8d4cb816f60abd3947bb4d0e2c3d4f74148ece2fe6b7526d58141
SHA512574ab44f25ee08028efcff8f5ca1b5ef603f44e5c807b0c38b45e18abbbebac565ed70671ac3900d7a2cc1c975de6c0d70246166cf37c27b89751deb835fec33
-
Filesize
53B
MD5381f99746004599fcdc5a9a3e8c7e4d8
SHA146865551a889a898911147a95c645eed3fb4468b
SHA2565879e2b1885704129f90285ea94c9435c446459bd3377741431c1eeb91e2f03d
SHA5124eab5dcb74a6001eb8d9ce771f39516fb784cc4c0c672228193854e87ff54ecde42751f1b937ce96b8b2b1775a4a45c28fa2fc0bba5b8db5694afca3d239a33e
-
Filesize
13B
MD5d22c49d23f8149c8e8ef631a420e20e9
SHA14fdd53f31a1722a006c2c4897ac65066d6c2b3e5
SHA256bd2708c2791515c7d431d53574e88b8396617f5ae96c9ad75360e36668fd9ae7
SHA5125f8fdcdd140aed3a8a4bb1125e28405bcd3f7257549784559e20d4a8d3c5e5cd4368573d53cd4a39c9d50b272f43cc7933c9c5b5c8759b2f64fef587f502076f
-
Filesize
24B
MD550ef9f5a0f3fc24b6f0ffc8843167fe4
SHA1cd9b2558bcf52078c64242e751017419651181d9
SHA25647f7aa1df82bc1b22c8bd4f539f704ea51ca37b8260f02129c096b736f86f104
SHA512351a8597cef0227e433991befcdd14bbf304964161fdbef54d74ea2ee7ffc1374ed4ac3cb5cecf7c3812eab0fe75e6270bb8d6cf790d2eb94f4043c6a1761707
-
Filesize
42B
MD505eb2ba2f527ce8695725b0966e84e97
SHA157028c8fc80638f3fea05a958f886a8d224e9924
SHA2567f3f890e7eca829b402fb0d58d673ee4598f56a9813f37d72fea08b4ea9258db
SHA512d7181cbc04b5593663a854ea3692fd57a34453779e2be589ce276c0676f4d45c14a47f3cc1859f805a4eb3f16cf82eeb4110dcf52bfdaf7f10c5208a7e749a4d
-
Filesize
836B
MD5d425d7eeaf35a1019f7a0993fd345cfc
SHA14dbe5bfbd2f8e6de4a422f43171d9cc40ba693a4
SHA256a0e9921f28a40ec9502c67e592f1177e69c000ca3947bf0804b9d69099ed394e
SHA5129b0bfec45ef9bd1d0dce3ba1bb2024f757eaddf13bed41b349aa44b905b361ddf5992be6e8b122ae37fabbbdae0a4f33edd960623f68d31947331aa8c0096fa2
-
Filesize
923B
MD5b6ed0901101b4bd2b386543b7a9bcfcc
SHA1c301a706aff933f8a494a740bd34dddbb9b7f635
SHA256ba0107f1af2b0a4c8f949cec96ff044b939e46af6deea576fc3a244e65feec31
SHA512c549f4864d5dbc956ad1f0b8ccc013cbab1e7a023fea5675d0750bf70c2a7451953da55bed56b76a2f7c380d39d337ed5df3a13d9617d8abdadb08e323e2f12a
-
Filesize
116B
MD5fa22ee6bbe623af1507f03bd6d92fad3
SHA1f7629ccf0ede95c044269c748a0a839d907d782e
SHA25664b63ed9c08e7bc28931f6ebcaa1bb87da32a99089869a7ccf3b45408e893fb9
SHA512a4f5dddcaa160763d414ac0990c33a15a2f1ac9a1713187f2f51422e8603a4fe3e1ad030a1f4c6fb5afcfd8986190f1d62f19f2550287e316c8fc42b695115f9
-
Filesize
8B
MD5d46bf94e9eb1d22281a71504685082ac
SHA1e4e0629aef7425ba63e897bc471f8625de44edd3
SHA2562ddb67b8a8c259ffaff61a5abdd38f5b5d6f1c6e2af4344c85b17b77af2451cc
SHA51268a1a1fd4de784e3a2e0e956d0a63ac4ca540ef90e7fd9a2ddc92cf68e52e29792db64f6615054a6e5460467f0b7abe055c899136d98ce6ebab3d580bc55ec86
-
Filesize
12KB
MD5bdf3529e80318eb14e53a5bf3720c10d
SHA125c9ace4b1af6e80ebb2572345972c56505969ba
SHA256bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b
SHA51248b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b
-
Filesize
8B
MD533cdeccccebe80329f1fdbee7f5874cb
SHA13da89ee273be13437e7ecf760f3fbd4dc0e8d1fe
SHA2567c9fa136d4413fa6173637e883b6998d32e1d675f88cddff9dcbcf331820f4b8
SHA512991294f43425a5b80f8a5907ca7cdbb611401282585a58bb415077005428e3b4c0f661fc07ba5c45f627bd8bdcb172389ce2fda461c029b837abc70f0abbea20
-
Filesize
46B
MD5f9b7c32a9efaf166a301db1baa991248
SHA1b0030c1dd14b6f2b5b9fed4a4958780d82486959
SHA2563b98db52e6cdccf92dd4af7729fdd808d70f7dd763e35fb7f92dd90a3def6c7b
SHA512917567706bed0bbd3bff5b6b7b9a775dfe78e758439649383827e1ad97c99060b03e8cbd5c5beb77cee8cf9216dbb13b73d36bf13837c1a70d57dc7b06857f60