Analysis

  • max time kernel
    47s
  • max time network
    137s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    11-11-2024 16:26

General

  • Target

    Incredibox-Sprunki.apk

  • Size

    8.2MB

  • MD5

    1aefcf2ddeb7a9dd5ee0b8be18b0cfa4

  • SHA1

    81b7097658f886d345ab8a458eccf1846d525dc9

  • SHA256

    480202492f12938f93798c2ecbc4d68ffdb16aac0c644d63986f17180ae46538

  • SHA512

    5ca3a92d1576a6ce6658bddb1b1ba238d1e21df53d1422111dfcdad9d80b79f81416fc21936d0430b3beede40c226207b680b90394919fbb27c7404a004c4d73

  • SSDEEP

    196608:/vmOW2Cd6kt7DKRo/7usBbchRQ+ZTrv4vDQ+vk+4PJ:/vmARo/nBwRVZTb4Ltkb

Malware Config

Signatures

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • co.median.android.leezlz
    1⤵
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4261

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/co.median.android.leezlz/files/INSTALLATION

    Filesize

    36B

    MD5

    26b95a35decdd0782bb7ce95065ac7b2

    SHA1

    11097c0670ce7824e33886162d82b6ad7aa90634

    SHA256

    65cf8049f9a0673f49fe724998b5fec03880b159cf741c7dbbe386073101a698

    SHA512

    0bcc60081fe054c938f1ee91b02b54e0520b808c352cdf8093966dba1a5a056911a3e85b87f7c5d06418eab4017c9e2ebf705108834f90ae1036e4d474b00dac

  • /data/data/co.median.android.leezlz/files/gonative-config/regexintext.json

    Filesize

    1KB

    MD5

    ad12f43961ab46511df5ddb2c0a8c139

    SHA1

    d5202081c0033dc2a4147c97a5255ea5b6dc1a0f

    SHA256

    537892617ffc701ff8c306ee15bac6f81c04d427d9df47eef137dc77882a2023

    SHA512

    955eb641704a9de4bd934a928e5fa3af2fc24f840b27117038f650905e9c69509b9b7f42306419363d6bda5e9b04e57bf9ba84b2690bbda85ae20091799018ee

  • /data/data/co.median.android.leezlz/files/profileInstalled

    Filesize

    24B

    MD5

    671c057eb6ed479e42ad8bc162111d21

    SHA1

    fa4a8cd71b96bab2dbf139e34654b26c263891e3

    SHA256

    a84239799ed416384e9629325f2ea5ec1e7387aca4d2b5afcfdd6ab1597e064c

    SHA512

    81d523108130b9d4aa02c614ad1af8633314fecd4e249402f9425e885c8e1c23992d37c135c8ceb8c34f156497fbb25deb43fff6d1e5c3849fd82f484223f92d

  • /data/data/co.median.android.leezlz/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    49bc1a28f791199f83c0f92bcb629c66

    SHA1

    7585d0caaed4d909585e20dc8324e6c35f3aaef9

    SHA256

    dfa22789c82239e581f559c7cf6468e58f7fd95dd85524d4f6f1866735f7cdbb

    SHA512

    f4c5ec7fe507c2f7ec0a25f9a354d63fbd0c554ff2734cbc89d9d2239c5d7295ef6cbf34d50a29c3eb9dc0a30e9722b045732d5953326dfbbbad2281df4d04c7

  • /data/misc/profiles/cur/0/co.median.android.leezlz/primary.prof

    Filesize

    2KB

    MD5

    3f5cfe4fc19be316d18a9c517f993ea8

    SHA1

    4a86c072ef020f6dd6dad7353e9ac09a55f0e385

    SHA256

    48fef3acaefdf80aae362810301bf24016a0c499eaf4ef1fca14a8cb6e0b32e3

    SHA512

    a98e4d143c92842ecaf448a17bc6aeb890bc239040663bc77bb844508d5e17375371ccfb8bd555342332a485062ed96b2eea207a129d4b6c07852080869222b4

  • /data/misc/profiles/cur/0/co.median.android.leezlz/primary.prof

    Filesize

    6KB

    MD5

    c9eaa32e7f79ca0d0f50a88961534899

    SHA1

    b35b5af507d94eba162bd69b2b890cf68a09cdd7

    SHA256

    e9b982c371bdfcb9e921e54113c90ce8346c1af7b468115fe322bcfbf8fd4f5d

    SHA512

    24280d610cc752c49b0cea8f3d04b02235673ce5e93e1afc52821dbcf53b027b97ba93a48e39a13ee53d6d4b1fd25496ffe1ed9c11c27e9d43ea1737cad1f5d8