824dc53efcde85333462dc179cf530d646b5c8b57ca4ab8887510a068bf45660

Analysis

max time kernel
122s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
18-11-2024 04:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.4MB
MD5

3fcbe71d7d0c7fe5f8be6d1638fc8ac5
SHA1

b895f8aebb887f5cf7bd149cf05b0729827adfe5
SHA256

824dc53efcde85333462dc179cf530d646b5c8b57ca4ab8887510a068bf45660
SHA512

f460a4f00ae650b735a040dbdaa8db00f1a6c790ab362947319509c9edc27a3fbdac7d8187dc90cc385f24de7aa99b9635a3d28b8adfe9c2a6193ed1aae31212
SSDEEP

49152:N/m7+MiFN7bFLBeRjNvrQriEwuCAuAQ7O0:FTX7RLBeRjt0GUCzHO0

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mad.net

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mad.net

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	mad.net

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	mad.net

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	mad.net

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mad.net

mad.net
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4254

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mad.net/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6e9df88d9f1dc8a87a91652ae204143b

SHA1
8c62a660ea049eb3f76e5475834a47ed1ca8a0bd

SHA256
57b3ec171950b6974fa44a4922fe81a7ff8564883b9ee5b75dfdc52517073ec1

SHA512
ed60764ee41a4b00fc9ff8d954c641935454209de0d4522897bbbff6c83643d09f0bb84b357d0c3edd6ab602534c8da6bf92b0dd125a43f9685f4d44654014ba

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
97b6ecd715c78d396af10d2a104acd5e

SHA1
003c2ee67431ce277e934016edbf80974c411a65

SHA256
c12fe841331b2322410547dc48ab50c895b26b932d964ea09a581e34c92ad97f

SHA512
4fd41fb7b6c2f7dc483b1457502e9ee519beb71ea8bb5a19298677770b791248551372904d0f7f87cb6505eeadbfdb06d22ae69135fc8ac8b53d67cdbfed459a

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
709313a1a80a54f541f9de29c4446d3a

SHA1
3a81bc28868df853b07bc136f9eab989a85181ee

SHA256
20fd68ee6b948b0c73f6d3a15a48e948f4e1bd03f02ca78b387b485698338ce0

SHA512
419f5263ed546faec93ae184447aed0f6a8e009304d8ae0d24c268b36c7217b0fe6602c5e07ef439c219857397ecc7980caa5d00568147811a1648550caa5f70

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
13403f923ca327e70987c38b8936f5ec

SHA1
0c030d666c40999791ae2d11a7762bec62ba8847

SHA256
323e3ee627b46d8dc2fae6271ac34d662d14e4f96da6babdeff3192211a65287

SHA512
1a671c189b4b9a77021930091f814dc9ea1c3b54ceb4787e7a32782b29a0b0501f087839437245dc6a0520027e28dd99956a0fd55ec7e946ad856e4a874a205f

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
1216d32602d8056b93251ba4058dfd9f

SHA1
165f642592914b2e1a43373ecf99a89bda3f8344

SHA256
9cd85533f668176319993c480af4d981462564dd87eb1a6e060f7b29fbec5f16

SHA512
7c5309db4bc535b4d588353c32e99e868acc1493c6459be75146472ac9b4cd9871d48f2aa94d804048fba4f7b532a107f7bf10906d3f8177f3719bb3e287b5be

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
65544fcb23b67559234cb0b875e424f8

SHA1
2f39c5d7bcffcc2cdb8a22839bc471131799d380

SHA256
485981d7ad0f582da5661b93b9cf91a24e404aba315a8b3900ef176e869c8fbc

SHA512
28b28be58e39875085d065367471c8871d5d0abf425e0f0003ae347ddb891dd25f9d037063553400b7ee8891981645fdbd9a7cc6091033c64d006a04ab83e9be

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ad89273fbc2c0b0029711373c9f82f44

SHA1
dbf67326d2b84fd830bcc03bddc8eaae89f970a1

SHA256
a2ae44aa6668d0f780d9b0c935ea857bdc84c277d8054bf369c0c35ba63f4b75

SHA512
0c9f0e1474755e416f361e6a4e1ec434979bffe86d69a77967ad72eefb91557f70bf960b294f83c818245b052ce2ddc246e29bf5adcff6fa47e75103df6718fc

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
b6923f3d5d2a129599a38ff84910b795

SHA1
7886f1f76108b75c9d741b41de99c194ffa85dab

SHA256
2e15eedfe621f0b7ddfd2d93aa5b4f8b6a52fff11a9c6244ee92fa8a196b2cdf

SHA512
a0cd3640804e6f63055a6f08413c7db2e23e7043d9357d49ca4b0b15c628c814d8a39d915bdeea5facfd97c5d53c40551a58c4b869d7468d40a985789416f387

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
75f48f1f035ef84eba9a318843988513

SHA1
06ff2504b52204406d79d53a866e4f5c1b2924f8

SHA256
628966d3de159c1d0b41cad75eaceaf032427e594551240f0bddcbd51ceabc69

SHA512
05f5d4062d2227628101b54c0233cb61a28f3a6367489a4eb83e5613bfd4de0fac0aaba4481d1720abf4c88d7ce96d0c2ac3e1f4dd967bb892bc5fee5dcba90a

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
b76dfbafd525520b14f321d5a5868f62

SHA1
ca31e3116ba8533d15b608a12f9d2b0f05382dac

SHA256
20beb0246d47e4505596fa9d326466066ede28c25876ad2f21aeb629fa6fa261

SHA512
dfc3d4d8d58cea6360edf941e3fed01df14187ba182afbb5d0fcbd77ab704ae88bed8d0644de015a02e603105a8b92167d427349fe003a4d85fc90ac33f8e9c8

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
6e9fcd8a4a26cd810a873a569a8288b6

SHA1
7e051f6982b115d203485f3563e0a0685642d0d4

SHA256
1968403a7d9ca53c312368042c4f9d382d7d7b19b2105b0e844c9231928df253

SHA512
08ac0be1a39c7c46f1912a8a0beb77f2d3c26fcab89f47572169d0fccca8215119a01694869ec9f905ec1c84686e71c904b55379d3bf365053203133d59cdd19

Download Submit
/data/data/mad.net/files/PersistedInstallation1934247001507560932tmp

Filesize
90B

MD5
ca2e9465122328be96dc475a210ad486

SHA1
9f79c6d51c23c487967c34ce9d14183968c6d65a

SHA256
74a8d2c1f8e580a69ca5000d10cb7e7f4a43f21b99600deb7bd92000025fa315

SHA512
7919985a60b2d765d23ba7bb818d84ca7f47729f3958f9239022f13a75ccb2012b150bcd6f03a429f3a9279efad9d21a4e000782006d199d5b57d2a53257c4ae

Download Submit
/data/data/mad.net/files/PersistedInstallation6004150745459761835tmp

Filesize
567B

MD5
0fc8ea106d3aa599217fa08311dc80d5

SHA1
ee53b8e20be2cd3f6588c216327c30e61d9d4b3b

SHA256
80ffdf9cfd71b2bb6df3169e7bba83aa345a33cef2f9ed58eb15199e95b37721

SHA512
cdaa72ae0e502e10241a7b71ce46e16de8178984d8349c99f2401686d18b15e13c5a2e65348816774e16aea0b2c14367bb7877eaffe1eae889a40d2955586081

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads