4f386b4971d5ca9d048c76a9766f850a0da67c2c0ab3696cfd296c1a005a47a1

Analysis

max time kernel
2s
max time network
146s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
13-11-2024 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4f386b4971d5ca9d048c76a9766f850a0da67c2c0ab3696cfd296c1a005a47a1.apk
Size

3.7MB
MD5

12b8f6d4af2c83dba8e6edea9b1bfd92
SHA1

254137ca4230deea6aacb184ab81fa6ee1a33172
SHA256

4f386b4971d5ca9d048c76a9766f850a0da67c2c0ab3696cfd296c1a005a47a1
SHA512

0afe5e02f3279b8f8b8973b6050d389b181f16f324564d970c20a9a8f5c2503c3cf220e8071424e412f65b5d209a6b3aef45f2cd494cb1c78f5aa388900a8608
SSDEEP

98304:fnSJ9JgbbU4HjbNBMZAGNKdO+QmbedvdPGvWC3l:fnS7JgHU4HjB6ZAGUI+6gWc

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.riverlightlrab/app_dex/classes.dex	5041	com.riverlightlrab
/data/user/0/com.riverlightlrab/app_dex/classes.dex	5041	com.riverlightlrab

com.riverlightlrab
1⤵
- Loads dropped Dex/Jar
PID:5041

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.riverlightlrab/app_dex/classes.dex

Filesize
3KB

MD5
fafd2517ecb1685b96f71845fa4ecabd

SHA1
c0eaf86a80573da14e9855deef0940eae87ae347

SHA256
1436e6ca525b89b050d645bdbf9be3925a7f3e589bb1711b01c814d1b37a31f5

SHA512
4a4773b461360fc792dfa11fb2cfaad3ff1a223ca517c181768df7737f7a439f1d43dfd578e6539f1a65aa7bc15cf7a8ef5d6791d140aeb1d87721c0e7993014

Download Submit
/data/data/com.riverlightlrab/cache/classes.dex

Filesize
1KB

MD5
2dbc54d718bab0af35d5845cfd7dd8ed

SHA1
c7f42ca13629f66ccf1b4bd9e68ab68c95069418

SHA256
bc41abbaf04484e2549a5ed9b54974073ec854fd817549b458064cc3f8ef0726

SHA512
3c829f13b0c8057bc5727baa5b9ffacc2eea259467a472ef10f6808c8d99afbd7ebe8f89cf387e6b4ecf171ceb5d572d8db8a05b9f0fe0920a9685dbb25cedaf

Download Submit
/data/data/com.riverlightlrab/cache/classes.zip

Filesize
1KB

MD5
7a6aa58730717c342195e7673baab112

SHA1
229347f74d7aec7c9ba0c46165003ea9a709f1f7

SHA256
34125a57487597c594698e718175dd293486e1976fddba3d0ec2012b51b8cd78

SHA512
f44bd4531a9fc0b6f61f215d9abade6736737ceff671a0df7edd2ba5b5c90cd268f9dc3ef7a5e96aacab0fedfc622bcba035976d6fe834aba6d961a4bc5565ad

Download Submit