d7d834ce199e3ac7889f18e83b32e5a2aec5b043619fc471bc92a50005f58c41

Analysis

max time kernel
3s
max time network
137s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
18-11-2024 23:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

EdalateMan-v7.apk
Size

3.6MB
MD5

c55d4bf5a53f4b977e4e063e73b3a7a4
SHA1

1157ce9bb56cd770e0bce97c9b8d88ea0a191ff9
SHA256

d7d834ce199e3ac7889f18e83b32e5a2aec5b043619fc471bc92a50005f58c41
SHA512

634d59d4f1cb0f3ec93a4bfe20c07368157d02f0487aebcc6e535198c11bf9ed6320f34fdde1db9d76b70d1943bd61d8ca99a48e75a16c91236b0a404a188f75
SSDEEP

49152:Y0uwlP1CEhlH5bkjWadNvjvFYKSNG9QZ1j4Q0PIldSFrU/f6QzlJZsreXDj8Jy:bRUM5bkjW4hjMNkQZeSvJGreXsA

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.ghost.app

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ghost.app

com.ghost.app
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:5050

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ghost.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
188c0542bc062e48b614e5ca8c1081af

SHA1
0eb9b89a5c92957cd1fe748cc063b32853339774

SHA256
c1ccc325c2699ed7f556cf171566317f706a911c4d02b1644a2a7908b93da58b

SHA512
62a67f2c56bc3b40d49c80094f160d355a8f67130e1924109426e0481008bc2cd11a9e2675a901abd03cad1e7fe0028031e20d826437edcf35b6f86e2499c2b4

Download Submit
/data/data/com.ghost.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
d8f05cd3915e1b0f4d5442e2381e9d2d

SHA1
5dcaccef7ee78341b1a5fd44d678e1ad1de45bdf

SHA256
d9a7ced9b94dacb3a244f16dbb60563beaf5d15dfdb7045c98455d96ab5fd1c1

SHA512
fddc734500090a6b9c97d82f02a831df76c3abe127f2c64f82329440b359c7e76569e46163894e5aeac0e7f66c274bb3a0338ef0936821837c0ac0ec862d6144

Download Submit
/data/data/com.ghost.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
3c9b1cf352f317450c78ec81fa7abf26

SHA1
b874aae5c07a1632f2a309a431641b0a51bbdd12

SHA256
a96c16cd0c33d90db2a88ac4d8d17aa7bd6ef5d4b56b85d41894cd334c259e16

SHA512
f0654c256a0e89167df3eb04b82e8217dfead9c2ae42491702ec7a91af91f0e2de45f4a1fb45a750c3b900f3cc01547596a6907c8a559da973c9db9ee9a84865

Download Submit
/data/data/com.ghost.app/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
2e43fe508cf05f22fcbf01f74597c0f6

SHA1
6f5babb6b8c8afe8dacbb5475c1cfae0b089b854

SHA256
b9b59f23f4b24c83b7ab381b6032b99ed6a679c590f34b910cdd05c81538328b

SHA512
639994fc6584913a398ce4a4ba640c2f989ba818fb2bff865edecb4ebd838d17bc8db4e6c2c0f4fac34d94f351d06cfbe7438aacdeea82187c79ffdacf8b6e7c

Download Submit
/data/data/com.ghost.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
4b20b434be7b2f64dd4f53913ed961ee

SHA1
77ef00ecd4c3a3319a37a03882df5e4f0e2403a3

SHA256
6d117a5a2356a323df1afa94cd638472052c8420a887d13d6ec6a777f628279c

SHA512
e7aa39cfe03defc8f5f3ac66f9f7485f78220334b3a9a89b866237ee6289abe2b89d70bdba518d13e84e3b87a6d1d5c278880f210c75308233b7afd3f63110fa

Download Submit
/data/data/com.ghost.app/files/PersistedInstallation4789813672422345422tmp

Filesize
90B

MD5
7aafd9b77b43ea9fc79f7a611ad69be5

SHA1
f444db933c5fd6313c9982f14b0465b8f0b922a1

SHA256
f7d4e5c0662435f1884643aa450faa829070c0d3a7c26fbc1d8063a6b046a0f4

SHA512
6f2a2f62ff19072bf8a41a1650ed68fadc4d349a3f1398cad7f43b40aa703ddbbd4fd4d29dc62147c4e4b940082ad3439bd90a8621f38442ade010dc4137dbe3

Download Submit