078970dac378d5ce28d98bbe2f89855d1067edaca4e10077151f3a4dfc5287ff

Analysis

max time kernel
10s
max time network
132s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
18-11-2024 04:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

adl.apk
Size

3.9MB
MD5

ce55cf6d05e81bcc4d71e7f9d7bcfcdf
SHA1

cb0a74dfba654c37729be778a6d74768d96799e9
SHA256

078970dac378d5ce28d98bbe2f89855d1067edaca4e10077151f3a4dfc5287ff
SHA512

bf2a4e2a449dc7167634f95e539eac7affae0f8e55cb4078c2957df5b5cef1d8c77de75c5bf7f25716a58fbd43b81f77adf23f84ca41be5e0a423d6f6de5de5b
SSDEEP

98304:/vmWXyiA7w8IxdDjcAT/2QedTGWRPdywjOmdUnvSJaD:HmmLvDjcAT/7eU6+

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 TTPs 4 IoCs

evasion

System Checks

T1633.001

Processes:

my.message2324.com

description	ioc	process
Accessed system property	key: ro.bootloader	my.message2324.com
Accessed system property	key: ro.product.device	my.message2324.com
Accessed system property	key: ro.hardware	my.message2324.com
Accessed system property	key: ro.product.model	my.message2324.com

Acquires the wake lock 1 IoCs

Processes:

my.message2324.com

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock my.message2324.com
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

my.message2324.com

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo my.message2324.com
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

my.message2324.com

description ioc process

File opened for read /proc/cpuinfo my.message2324.com

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	my.message2324.com

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	my.message2324.com

description	ioc	process
File opened for read	/proc/cpuinfo	my.message2324.com

my.message2324.com
1⤵
- Checks Android system properties for emulator presence.
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
PID:4340

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/my.message2324.com/files/PersistedInstallation3534815438031956118tmp

Filesize
566B

MD5
10b49381b06332d29840364db5176acf

SHA1
21b50738d67ba39f5d3698f0681ddf42127bbe1c

SHA256
f18402bf99f65bd0e3aab454531bf7b02c0a43a05a663e18dca230f565a83f5f

SHA512
f79d46db37324f431f724d6d155d7b3f4c13009f0cb5f397c3a9662e5856805ffc7bc21260c2f7c4673bf169493352d115a1abf4345934763c211cdde4840e0b

Download Submit
/data/data/my.message2324.com/files/PersistedInstallation5204062730072608383tmp

Filesize
90B

MD5
6da4e44550e7aa8ae8be386ba182c8bb

SHA1
15a367ef5909d41b0133b63017954a31f393b3ff

SHA256
822c314350b6d02bdb765f0dbd69d64efbc78002b07ae6b34749225ccbc2a4b7

SHA512
e564e4f151fce5990de2bef006b1fb08d21d9c930b79f6bf16bc075c48e4be9df3126ce9f37b0f38df92913428a4d14934885635befd05c4ff1ee2b89eff5fd7

Download Submit
/data/data/my.message2324.com/files/profileInstalled

Filesize
24B

MD5
cb98710cbba329f76ea6f124e6b6050f

SHA1
3f4fa25a72a97e1ed6b7014177735accb110914b

SHA256
4af5ed02db07058f72dcfaeccf923e1625627184c336d93cb4b2a4e99a08c1be

SHA512
27a8917956b37761b5e2803f8f68e44f226e73f72bcc946860c4d26ccfe9a2ccb28249e53fd275fc7655f03512925d11849f39a4bf4345481eacebd3658ac6ec

Download Submit
/data/data/my.message2324.com/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
3946737441bf349ec7283f77ea6d2a52

SHA1
61ef9073f8f66f63ae387b92ea3cce9f0c0ed16b

SHA256
d0b79ea8527ee7949365adb471a97de291f72da7c6288cd856fed472b0041d2d

SHA512
ece741cba1d4dbe5949cb2b4a5d4c6f874a3b02cdaedaf98ba7e7fb79e24cd46823b729febb3f8114ced8b2993123488aac5b0ba64b13b8ee8a9de63e43509bf

Download Submit
/data/data/my.message2324.com/no_backup/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/my.message2324.com/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
910d24d413add3b39acd9e07835d9af5

SHA1
14668e2ca279df201c22bbd71eac37893380642c

SHA256
24bdd36fd18e8296744735d6ec83f1e24837246c6f0cc369719180cb663be2d7

SHA512
27aab622446e6f40df6f9413becbdb4152f4b117cc46fcb908569b0f5473cf7f149b33d9dbec403937de1bcfbc7edc585f9a5dfb88ced6f19e0d7052be4be0f7

Download Submit
/data/data/my.message2324.com/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/my.message2324.com/no_backup/androidx.work.workdb-wal

Filesize
116KB

MD5
dc84de5f37c4469c8536828be5c1e7cc

SHA1
b8e5b1add323270091cc34110029b13c6513e1bd

SHA256
92d8d9ae2ab40270032727ec6c6015c90e26486b313da3e59cbcfbb3e9b62282

SHA512
b4f2740ab4d138bcc429e710ba9367dce05a450ccbd782b8db5b42e19f3e5409683b0225e95b1a547cc5ffffed18332a5e3a8df59345cf60f362978d7cc0276e

Download Submit
/data/data/my.message2324.com/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
f82636669bc2a5918da418225aa8d06e

SHA1
007aa108e4960c683284a8549a9059e7389ec1a5

SHA256
a803965a03bcfec3a32944e440fe5d6f079dfa22114f3f5f8b04424bf40603b8

SHA512
127efb83fe3a2dbbdd2038735129fea71ddf1a3e0cc29fc3d6c80ef55508ce8740911b51ab88ece927268fcb2b2ce9a560a3073146728fc4605284473a94b2ba

Download Submit
/data/misc/profiles/cur/0/my.message2324.com/primary.prof

Filesize
4KB

MD5
37cd1e2603e1dd1bf1a0554ee097ee54

SHA1
b30e07fd9f11e85d6b7f0869ef9ed287ad07531e

SHA256
6bacd4203ed79222bee1bc4af1d724c2270bf3b3576b82b4fe094f27503f6baa

SHA512
78433e76384d0a8217ecc6cf0b884bc2ea5acced684dd1caa85682e9abd2e1f3e8dadb884f2aaabe19befa47e4c2d004a6469894744da802efd945748d7f96bb

Download Submit