Analysis

  • max time kernel
    47s
  • max time network
    155s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    18-11-2024 23:26

General

  • Target

    base.apk

  • Size

    3.9MB

  • MD5

    ca22959a33dfc30b7a4e04324bfb1894

  • SHA1

    58447ccdff16f721ee9e97aef1d19a3b8d72e5f7

  • SHA256

    7899ea0aa36bacb8d2f94907373e550cec71d02701107cb2ef3cf629c305f877

  • SHA512

    00bf285e1479b90f233228f8b80181e67abff9babf3e8b7421c769b6a2851f010e7417a65a85d35a96f2b408a3a4e220bdb9a6f832579b78b6b25f3d6ff4012d

  • SSDEEP

    98304:CoTwrHK7OUlcD+1inVLgTmJSfbtMLOvP+7j9yd26IynpfClhFJW4r:j7OUyD+1inRgTISfJMLV7ByFxo84r

Malware Config

Signatures

Processes

  • com.errorforcode.netix
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4966

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events

    Filesize

    56KB

    MD5

    9f00064e01ef1e798ecd5da79c1ce65f

    SHA1

    44e9747603a7b5ffdf65a6fff6920c98052f2c9d

    SHA256

    af9e4594b847755288b54ce66f6676dfeee3a4a096b99b6e508f5812ea2756a4

    SHA512

    8d25cefc3034d89b85074c855a408256d04170b0e055e6a23f94bad74630af4db4346ab38b4ce0a26e3625c902aa8e9aa5975f906375eb3d97153d3701ff94f0

  • /data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    89ab3fa24f01d01962a6f13579c30d66

    SHA1

    1a8db36725b0d25067543587e7ab96c58b95c261

    SHA256

    a5f8e1ad2f61b5771565d7694425136c3d22a79b8208fd7fb184fc06ec272141

    SHA512

    44285a86535b871345b264879e43399c0ac6809c67be13ea4d4515ad2ff5e3833046d1113e8a4e5338bf1c8d5af35333f48f11260562f83935999fe0cc16b04d

  • /data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    0748e728d945b47f5bb4b68afb0a73fc

    SHA1

    b5ae56c94b9d04932d898f1c3eb2e06b7fd2e6d8

    SHA256

    7c54541da3273e8e4fa36a60fb1807cb538eadb113b25463541d6cd5a0b6482f

    SHA512

    ce7fec17f654eaecaf01f300e30886c911b84a1f89253e878c5997c05d199319223221c904409e76d5fd915dbe51ef1195af08425c864c466cdcf0b3c0328d79

  • /data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    bf3d91ad5729b62ede3f2448b555bd88

    SHA1

    41bf45d555d06ae673d3b56b702b6d1b09bdfc2d

    SHA256

    47b297b8098186f5e71916f332f805aea4cc37e0a7039fed5e5dd6f15a6a922b

    SHA512

    72527ecf203c7aafeea2f936553bf56c3e2459d8b6c882fcac5fe6ed77d655fe50cf0f6bd76cd452a1e568a7b28834a662ac2ab8ae966b8d4af58bee6ec88e2c

  • /data/data/com.errorforcode.netix/files/PersistedInstallation526286929307427160tmp

    Filesize

    569B

    MD5

    732aa0bff2c6761db898cc366ba8028c

    SHA1

    f52e8add4c3026fc005fc6a63282204f4be806e2

    SHA256

    fdef9cfbacb0022f0ae90cc2d1650571a6f73ce4228cabf24dff67c50d446063

    SHA512

    2d215f8294be49cf17082e1614291db4cd215357f3d503f81283cb6306e5cc912fef08e2eaa4fabd96cfb14c4287ea7e26e815db5cf4c33d6c6468f92ee96a9e

  • /data/data/com.errorforcode.netix/files/PersistedInstallation6151301454572477180tmp

    Filesize

    90B

    MD5

    eb9a97c84f338e40ad315a8feac53d96

    SHA1

    aa6f9d0b8d6053e7da4b6d51042af1415b1bba69

    SHA256

    703787de8ba294cb81500235ae4331b500972074a0c2b4cf94af2564b274474a

    SHA512

    72534e863b931be506f88da098f0aafdb43b2a5b64c07ce1042acb9412515e2254f62e19f418157043b981ef93d38511da459d2c74e5300e215bc8418712f01c

  • /data/data/com.errorforcode.netix/files/database.db

    Filesize

    174B

    MD5

    7106e107a4fc2fb23a6576ce6f64e607

    SHA1

    3b3b0bded0d66fb4916a1d06a0389c9c5ccfd74e

    SHA256

    5fe9d02f4ed21df7fcd64aa0e9bf75c3a87204558ec9097e3e02b2588d94828f

    SHA512

    3f445ce7d45f280eae4bb04fa537ec16f96c45fdcbbd0593a663c9e30c110046b30c55b3cf439f05581baa5cda2916058d56a7c94021f2d8e63dd10d6fb50c7a

  • /data/data/com.errorforcode.netix/files/database.db

    Filesize

    374B

    MD5

    3ac0c169a251a6e83bb04296c2e4f7b5

    SHA1

    d9e633c03259cc95d981f1191b7926646298ec5e

    SHA256

    49ee13e98b10b2c122bded048b4a4c4838ead21acc9728449a20feda0c366947

    SHA512

    ae01181875c12b748a7aee21832e1a2843cb14662476528f89117ae288f3ab369dcfca6f39203d152173662180957863fec71634c5ae3fa6957f3ef3003d4827

  • /data/data/com.errorforcode.netix/files/profileInstalled

    Filesize

    24B

    MD5

    ab06336f3182194e28587fbdd9e45988

    SHA1

    6f40cde3e08f2e7a4d8c36f778c0f85d07fef461

    SHA256

    55f952af10115ba5dcb930afdcea0361584c9431e2291c7c66fe12f6bff22a3a

    SHA512

    6e2087a0ffeadc20bd2d153890c65488e53b8b9161dc73e743d62dd8d6f5a75464e2d65a9b1b439b5424058ae5b5a278009daae77ea5fa100d85805405da4260

  • /data/data/com.errorforcode.netix/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    349e76f35aa3d0dc25d872a2f0dd90e9

    SHA1

    c3a0f3fed4216bd4eb0b1e27be238215ed3f95e2

    SHA256

    62c1c9c1e05e9fb7d5e7515d4d31908e435ab4cc9fecb251260f2b24e01501d8

    SHA512

    a8e33e60d78142bad63b04849946028a776c7d394d63484e394efb08cfcd01953680ca5f7ab26f50d2f6ac5d3eccb16ff2ed6d4d84bdf3382c12212e6e3a380d

  • /data/data/com.errorforcode.netix/no_backup/androidx.work.workdb

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-journal

    Filesize

    512B

    MD5

    ab851638aef94d7812feaff90356a925

    SHA1

    728fee87ec0bd64e864b5700df3c5f8cc5850f62

    SHA256

    cec09973dd4ff7c2374ffbb8103e8e5d8489534431a199283860bcb4795de3b5

    SHA512

    5a45ff55fda00bdcff794be3c4ce73b2621e1465f455b5281bea6ba0d92e2d6d3ef82b81f11446c827970aa947cc6922c930b678dd98dfe8ff43c6323d9c476e

  • /data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

    Filesize

    16KB

    MD5

    8e78bd326d5c7ff36a930a5f007668ed

    SHA1

    e073de0a1a596af48c0ca2b8071faf9c75b3e392

    SHA256

    4bc4a04084fb41bafceb31c5a592c87bc421dc35f8ddeb07ffb973de2a2f0cf8

    SHA512

    ae7f67c7f219a22a54b0e3427fff89494040d04cebbdf9822af009669bb1a79501765995b5ceee03978e9e76117eb63becf7499afeeb754062142626b13d2de8

  • /data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

    Filesize

    116KB

    MD5

    faf6a2750396a4167f2ad3129d264967

    SHA1

    c31aee9b3a2f4103b588015f3d5ad6bc21f1758b

    SHA256

    61160616b54d9c82840a82e059b2f2c4190828b9b4b06b4e8bd2aae5313563a7

    SHA512

    b50b1df6671eb57ab9aa1e3c64a54a11464579a97a5f416eb33e75758f02a2630daee85303d09e44328385b30f58cf51019c704d062415aeda803a33afb82268

  • /data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

    Filesize

    124KB

    MD5

    77b02e911c8206c226b053ebf7e86da6

    SHA1

    4c0d713f586d7e131787840243f4ed84bf2f91a8

    SHA256

    e753a947975978efa4489ee231210262a553c7cc402313b13f3b08c893146be9

    SHA512

    ad6a395686d36122fc98317a2da167fd62cc030807385f7e85e734ec639bd964c85d0049c4a70f8b73d598a56f4a79e91ec2c9188d86d34ad5c350399de01859

  • /data/misc/profiles/cur/0/com.errorforcode.netix/primary.prof

    Filesize

    1KB

    MD5

    876f39180ce19170b302ef554db6f117

    SHA1

    d444ef86fce1b8516b8a5b79dab4536ecb211aa1

    SHA256

    12a3b167d2d0670e8807ccae86b80ba3815e041abad97c6fc46dd85a00a8fc5f

    SHA512

    e9a8f245dc23a18706ca4739c971624f34ac23caae1aa7396adc363ef4fe967be5de7f82f0a5aa89c5fcfefca4ecf98fd3b4d737d5c8311ab6932a1ee9204362

  • /data/misc/profiles/cur/0/com.errorforcode.netix/primary.prof

    Filesize

    4KB

    MD5

    b676ec95aaaa97546ab24f7e3b74af02

    SHA1

    4d9b0a5b1e3f1a52a2cb30fcc298cf8253588552

    SHA256

    5a0337d3554d6e075f24285edddc0f559f20000323790b4372fb1a817f500b01

    SHA512

    77659fc8408304d29273d8a8f8456577f67a0ea50726fe54169c062997a069f236672021d820716340d8e2dcbee1972c0f8cfd47a68d09805fdc9c24c3100194