Overview

overview

8

Static

static

6

google_rec...nt.apk

android-13-x64

8

Analysis

  • max time kernel
    26s
  • max time network
    37s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    20-11-2024 23:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    google_recovery_account.apk

  • Size

    59.6MB

  • MD5

    ecb4c40dbffdef1156b276a8d5a5cd4b

  • SHA1

    da3f7faa9dcf3370359f862424ba03db89ae2b46

  • SHA256

    d72f569ecc854625ba50d00c1a11c8274ff9811e0f600fbf29f6ab82a9c12c3e

  • SHA512

    72d595e24d5da6cf03a0a9ec3c59459b528ef410e17578c2b10a3f44e5913959f77e1bcabf0215c05c4878e825f4a8db967ca428121133f532571ac2fa9f4180

  • SSDEEP

    1572864:W5VVZXLFMxCP2sml3WZo8hqIgT8bqUrjL+Tpp88YndA:2hv2ODLb7b+Tc8Yn+

Score
8/10
collectioncredential_accessdiscoveryevasionimpact

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 5 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.robotemplates.webviewapp
    1⤵
    • Checks if the Android device is rooted.
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Queries information about active data network
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:4310

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.robotemplates.webviewapp/cache/1664557424545.jar
    Filesize

    10KB

    MD5

    dfb68e70e8eb84d844c9ce623ee069c1

    SHA1

    369e761858a904fe9fb89efcfc9bd3e6e56ee44f

    SHA256

    8ba015cb192f34326e6a46f765c6712d87c3797661541275c84b9a30ee449eec

    SHA512

    0d5f8ff91d3cd5c976cadf774b8d5cd6f276793b9eb9f3d8e7168eae122b0bfcffd833be9762de441d4b52f7bb3eb3850479aea37ac327be9b71910c6fdc566a

    Download Submit

  • /data/user/0/com.robotemplates.webviewapp/cache/1664557424545.jar
    Filesize

    21KB

    MD5

    722310b17c81cc3d780d23e1a63eb450

    SHA1

    0a0c1a939f923570e5da88aa5c7b105052f056e3

    SHA256

    9f2d7ff525ca785553557c351812252c0beface31440517e2f19929fe76472b1

    SHA512

    1a48e9383a0befb0c6b4755a8b56f352fba317910308f701e13ce8189c465cade6b0af510165d586745f1913a61cc68f91395949202394336a59c34596691a91

    Download Submit

  • /data/user/0/com.robotemplates.webviewapp/databases/google_analytics_v4.db
    Filesize

    28KB

    MD5

    2d6369c2aadf54583e28827cd93fbb22

    SHA1

    16677e586adbfb954578ba4168fb4faf57f2321d

    SHA256

    ab357c3a06244d8d9d2ee436a630332e8dd4d920be0672f6e88f75569335fa1e

    SHA512

    0a93cfa177412cb8ba6e2162ed7218c547801d95d5d482a23b9e7dcdd0dc7bba3816e609befe614f6315df8102e9fcdce3e254931f9f8d54e1016fe2fe24cae1

    Download Submit

  • /data/user/0/com.robotemplates.webviewapp/databases/google_analytics_v4.db-journal
    Filesize

    512B

    MD5

    91a347e48f47fd3a703ef4160e6c74bc

    SHA1

    6ca13c0ded40414ac2bf338077b1632a33c0cfa3

    SHA256

    6f99d87cb14f556b00735a4ed7bcf156cbe3f6fe30699ee77561872b059cfdf7

    SHA512

    26073be5bfa50ee926fe272707d69cfba9b608b2ebae12134dfc2e47ebae130047439f02589de75be4a98eb819d0b1f27da5bffd882b29ba5f6667eab3734a6e

    Download Submit

  • /data/user/0/com.robotemplates.webviewapp/databases/google_analytics_v4.db-journal
    Filesize

    8KB

    MD5

    a5443e6fc11a29e4806d205c9b123f05

    SHA1

    2ca03d0e605ed50a475132fa4500b7fad63fd780

    SHA256

    c9596baf4bcb49305b776ef470052b3fd166c032f02070f06f47bb3dfb5fb43b

    SHA512

    3309f701b5ca789717df29feae3495d694352e1e777e79c5c5a74daa897410099252e3b29ebd499026e9ca73ff8c56bd14ba6c5f83df563956739ae996458cdb

    Download Submit

  • /data/user/0/com.robotemplates.webviewapp/databases/google_analytics_v4.db-journal
    Filesize

    4KB

    MD5

    a33a90dbf914e6762fd0ad3b148bcf86

    SHA1

    b215abe462a9ec6ea28d642999d17be0a4b8cb18

    SHA256

    dabecb51d4d9bf54a3891d2717e0c7c41c77cb2ef57c12792f38c992b1da0292

    SHA512

    3b165d0e4f64e6d573c362f392b32bc50140ce29efb1b76094ddc7f86b872f035fcd13698a1f736dc835a0f950d07f036a7c389af72a240ee9a04e764d6ffd19

    Download Submit

  • /data/user/0/com.robotemplates.webviewapp/databases/google_analytics_v4.db-journal
    Filesize

    8KB

    MD5

    d9c7acc158a862d064d7e82f836a2c25

    SHA1

    eb13e9cdeb43ce5bd7a89de64fb5a907e276c69a

    SHA256

    ea8a0e3df9dfe74ac7bb38df15d29b090eecb021873c1a7db429b10104e46bbd

    SHA512

    da3ad2698caf719963646b795768c6df70eb8bc9019dca918e4f61725888ded9e70ea5d22b2446305d3be4cd07ff293f895aec29210e29f31e390d503b77068d

    Download Submit

  • /data/user/0/com.robotemplates.webviewapp/databases/google_analytics_v4.db-journal
    Filesize

    8KB

    MD5

    a9849167294c644354bb19be1e903c04

    SHA1

    46bf6bd5f1cc2efdd714f98a8c78f5032e20d84b

    SHA256

    efdfb17e133c4696b7e91a38d2817318d4be3f9002416e808fb3a8e97e39f7df

    SHA512

    144558b789bf31a79458908ded91a54fcbb790d63475237f1c55ba8141064e21dd482f1e6a656052dd202ad87cdec393a1d269de57c195d7588d4c261ac28f06

    Download Submit

  • /system_ext/framework/androidx.window.extensions.jar
    Filesize

    123KB

    MD5

    3056e1bdb7d4e19789d0319eff484bd0

    SHA1

    6791ae47aa9466fe0bca27ad6643f846853bbee4

    SHA256

    8e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0

    SHA512

    c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658

    Download Submit

  • /system_ext/framework/androidx.window.sidecar.jar
    Filesize

    25KB

    MD5

    29469324e59dfcc052f24b5af4e7b2c4

    SHA1

    10c1e17ac6f598037bb51baa07945663645de4eb

    SHA256

    9195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a

    SHA512

    5e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2

    Download Submit