Analysis

  • max time kernel
    27s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    18-11-2024 23:26

General

  • Target

    base.apk

  • Size

    3.9MB

  • MD5

    ca22959a33dfc30b7a4e04324bfb1894

  • SHA1

    58447ccdff16f721ee9e97aef1d19a3b8d72e5f7

  • SHA256

    7899ea0aa36bacb8d2f94907373e550cec71d02701107cb2ef3cf629c305f877

  • SHA512

    00bf285e1479b90f233228f8b80181e67abff9babf3e8b7421c769b6a2851f010e7417a65a85d35a96f2b408a3a4e220bdb9a6f832579b78b6b25f3d6ff4012d

  • SSDEEP

    98304:CoTwrHK7OUlcD+1inVLgTmJSfbtMLOvP+7j9yd26IynpfClhFJW4r:j7OUyD+1inRgTISfJMLV7ByFxo84r

Malware Config

Signatures

Processes

  • com.errorforcode.netix
    1⤵
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4253

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    3344435473015b822dafb52e3a9ade82

    SHA1

    a06a5a567bf230e8526522a59e462c64d76c4448

    SHA256

    233b34c607b9a46562bb639a52278dd591cf88cfd3304399e2604cbf995dec99

    SHA512

    177695075a6e83d24b177fb24b05981c1ac81626d11465dd88355ea30b6423a2cfced9fed4e3d48a4f338bca383e04a4a0b5f838df8cb7ed3f180253f41f38bf

  • /data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-wal

    Filesize

    68KB

    MD5

    c30992d6bc9c52a5be2405d3ae608e16

    SHA1

    4a7f4bc6c7e1f04119a03316e2eb034d3a217f67

    SHA256

    11177dd58153b8975f7a0d71db132c85b26116e611955bd6c94f2b2854ffe9fa

    SHA512

    fbf70e3572bf554904dccf929141b3a194dc1a98b9dd9d087c78981d0fa79cf0e9016aee1af1373ac9c7bf8d7fb559344c7b7ae41d7528c07c1d659096d0a81c

  • /data/data/com.errorforcode.netix/files/PersistedInstallation6262017881629921311tmp

    Filesize

    90B

    MD5

    77bb665bc327ce953fae50d2f9eb9c27

    SHA1

    fc3044c83a7bd9d8afde47f5469cd12e5b13b6d8

    SHA256

    50edc78dca89220c9e69522f8a215e718200c56a48a5d0f4a9d2ea38ad832d15

    SHA512

    c0f07c7dfe411d7922c8f55346acff165be227fb9a3e3dc7550b79c79e0ef966bf6e9fc044c4865343c3710a5c6ae181ccc0e6322a0dfa72950bb30386d9447b

  • /data/data/com.errorforcode.netix/files/PersistedInstallation7157421965675638972tmp

    Filesize

    569B

    MD5

    4ba11b3158ee72cbe1365f5660ad00e3

    SHA1

    76d0d742cf2d317be46783a238e381eaa9c592aa

    SHA256

    efae5309be013925954f6686be46305b2fa9bfcc82dda43090d353a908d30ebc

    SHA512

    59ef36c31a4c2de3291e2d25b98655ea25cf321a4d1ab2d2b276e0cf00e37c0874695624cd925b8ba5e483f96390e876979d17138c84d006d8af168fcf6ba736

  • /data/data/com.errorforcode.netix/files/database.db

    Filesize

    174B

    MD5

    07ee0ee1b388382f7b3b4a7049bebea1

    SHA1

    43f7542b7f3cd7b841b40ddee70964469a4a94c6

    SHA256

    8b768b9ad5d6d682cedf30bd14dd0a7a45ab88392e1591941faee5ff0d36c70a

    SHA512

    cb2e408769e0209ab948b640a84278808d94304a9271dfd6bc026f39e9f7aff80b6072c4ed709229781053d3e6d61fd334ba63a9c28ce20d2e857acadc14b9d1

  • /data/data/com.errorforcode.netix/files/database.db

    Filesize

    374B

    MD5

    a021441a139c24bdf6a23f963cbcafd2

    SHA1

    e88fbf03d85734880f9a9937e1d1a83c4cd68250

    SHA256

    b033c6ba0b8dce536df05092f9c75c5c23a079389a7e504726da1ea0f586ad15

    SHA512

    ca3623994230dac38ae2ea18cd945184c0deb2198d869737701b90e0ae6304f547d90fb7108719fdfac4e7e7fcf56e2aafd2b3436f4efbd69b303b34418d7009

  • /data/data/com.errorforcode.netix/files/profileInstalled

    Filesize

    24B

    MD5

    35a97d0de2efe5e2a804fbfe4ddcc4cf

    SHA1

    541e8d6db0e13df9301aca5cdde89a7a980773af

    SHA256

    5f633dfe8887201accdcbb88eebfddf23f344dc04895f343392e8634b04ce236

    SHA512

    173453e040111388ccdcfb31cf95540572d8159f1f6f952e2b6462825874487958226292648c12637490615df8cefa230dcb468c94d81af133ead2f2ec700f34

  • /data/data/com.errorforcode.netix/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    22661d119fdc4635c55683fcf85f1835

    SHA1

    569edbbc910c62b999531eec156589f67636ce91

    SHA256

    a116d788a3ce96e12cad06be8305578141d0afedb26331328ae46820d2e2717d

    SHA512

    a7a4eac8db8a24eb54ef51b8396559519883ff4ae2513853d8e65e74e5ea191dc0b49cd05b783506ac2c4679e40fe4568b384103de4c92016b31d9e52a415ad2

  • /data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-journal

    Filesize

    512B

    MD5

    c851df7b4f8f2ec0e189e6fbbea002f2

    SHA1

    9b2942f657bd05e70fa8b5ec116f92ea82fbf55a

    SHA256

    de7e0c575004e5860d02c5c3633702c1afb971a6890bece70c5a3c7c7737970d

    SHA512

    eb6c593f10737ec2de8988b28a16f681ea4c14c071733e90c4d81809229f30476da53614cc481af37d8c8de535431e98040cf4f9ac36ec4296ce1ff5a92c1385

  • /data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

    Filesize

    116KB

    MD5

    40334acd54f565ca7734c58a4b67521a

    SHA1

    69a122d883053ba061e283d533c925ac421bd797

    SHA256

    c2b41244d9ca8853e9d6186f41664a8a2be826e063926082eee1f07cb669b6b1

    SHA512

    49e5427b456729c7bb37fb0b16b9fbdd6c5446711d4dbcd776a37bf8160737230bd1e323521567d1e7f7c710ef82f0cf8e226535f6e2b2477f213d7057669913

  • /data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

    Filesize

    124KB

    MD5

    2f8b5eeeadcdfbef42fe6478ae5f91cb

    SHA1

    1f1d19435d877e80a926d27f020c214955f0695c

    SHA256

    c2487f348bd03a1eb01a77a3eb042c25a59d1e9bb16f0767d7d160b10ac6bb91

    SHA512

    f492746d075d8b1edabad738af217338d8bd744bfa94aa6a34bbe7e4c6b63f95a92a61f7b2518f29029cad247719ea9f94b054a1458cb3508bade547b8392c18

  • /data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

    Filesize

    16KB

    MD5

    94f8a184e5e98eeb8e1bdc61285e485a

    SHA1

    69be917d86578cd5f14565dee3eae4883878d060

    SHA256

    303d3c2c919ceb3974d8d4910daaa0ccd26d87072130d5f8f226122869f1baee

    SHA512

    a8cbe9d8da6995cdef3f658db788c2d0ae6e0844d8539cb2153b51d38493c142d769b929dcbfe5fa5487542eb5f900383a13bdf5ae11a8a401ca532c43e88b7d

  • /data/misc/profiles/cur/0/com.errorforcode.netix/primary.prof

    Filesize

    1KB

    MD5

    876f39180ce19170b302ef554db6f117

    SHA1

    d444ef86fce1b8516b8a5b79dab4536ecb211aa1

    SHA256

    12a3b167d2d0670e8807ccae86b80ba3815e041abad97c6fc46dd85a00a8fc5f

    SHA512

    e9a8f245dc23a18706ca4739c971624f34ac23caae1aa7396adc363ef4fe967be5de7f82f0a5aa89c5fcfefca4ecf98fd3b4d737d5c8311ab6932a1ee9204362