Resubmissions
20/11/2024, 13:58
241120-q9xgvsxdlb 720/11/2024, 13:57
241120-q9k4tsslck 620/11/2024, 13:44
241120-q19qtsyalm 720/11/2024, 13:42
241120-qz7j3sxckc 720/11/2024, 13:41
241120-qzgzesyajn 7Analysis
-
max time kernel
27s -
max time network
43s -
platform
android_x64 -
resource
android-33-x64-arm64-20240624-en -
resource tags
-
submitted
20/11/2024, 13:41
General
-
Target
46c1dac6ab259c443ffb430d78f53227.apk
-
Size
21.7MB
-
MD5
46c1dac6ab259c443ffb430d78f53227
-
SHA1
a082164d3db681c426aceb32b1cf15cb7fdd805f
-
SHA256
60b55876648845b67e3313ead3e3fe2cf9c4609a2c4a67cdb9df7dc210427055
-
SHA512
e12bfeb3b18b4594b2d36f573e532514d5bd1b4dd036e3b990d2e17fb7d45d88042c5c9954f5c0cc9092b68aa6dd019f0996fe540b045b625777597da70fc05a
-
SSDEEP
393216:pW+zGWQytGXRiE8le7b7AgSBefOLUtLao500k6WH6ilM7UY2fw:pWuTQggIVleH7IYfBtn50RlM7UYow
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 6 IoCs
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
clmwq.ur8gc.r74yr1⤵
- Loads dropped Dex/Jar
- Makes use of the framework's foreground persistence service
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.8MB
MD597d99fe21968f56a1f4153b8cdfb927e
SHA1c825646f6d8e27356dbe674358b730a4a3b2e7f8
SHA2564bbdb130d1a757de25bff107b7ef6cf71587d85f0b54257867ace449ba3ca37d
SHA51202cadcfde1ac3538b432bddbee11b093c307808526aeddac79266106cd8bb578d7de5b8a205f8c28cda815a27a6385991d3e884a5a57cb8660f219f8556046c2
-
Filesize
1.0MB
MD553e0bf87a52283164069cb981b6caf59
SHA15e6dadaf661ce96ed5a5a1ac6681405d3daa55db
SHA256f2ad59fcd13944ff603a4fe383b89a8d8702771faf716058fcce63b14ccb3e21
SHA512fdec4ea15eed78203633392c7d42ccf560f60147f58be6a7f2bdaf4919c7f829234a56c0ccecf52ae8454ce5224fe23e3a17708b072fb391566354e90e018d1f
-
Filesize
24B
MD579fa04446ff0457cc874a4bcb0259d68
SHA15622f6f88f38c5a6809f3959d34f46f3a46a7a42
SHA256806df6e0e27cb5f7ea1fd1e1f492f5d14fe839dab992df561d57fe65e468d068
SHA512ee614a5dd6739d77789c9e8bed609fb13233801db0d840450e3b8578a630f0335457ed01b23f99008b8c611d7f81ab899da53b89e75f9248fee8dbf74f5790d5
-
Filesize
8B
MD5d5ef9d7b7a3f04890d181d3bad49ee20
SHA1f782fd7791d62c74a5e9f9821cca13624287e285
SHA2566b665903f0a568eade51d695fbe76b19fdee21585cc8ad047e5c0c2865e7495d
SHA51292538fdb3c0d5b3678d617e085a00da7b81e9e78a2b0f599c13a20e197de1701f862f43be415f05365e6a8350dec31924103c1a64d5384660c7c793368e7b204
-
Filesize
433B
MD51a6148802263b027b0a506816fe8c33a
SHA117743a6fe6751aa75541dcaa11a53330294e7879
SHA25696b41c4377152289b9dbbcdabdde3c14f2e55efb7bf89c473053fb699c02c2d1
SHA51248b2d4da400321dfac3b16449ba15b364f61a2178b7bc4cd5e82091d563ecfcba1eda685a4c1ab9e631218f945beb91fb626d19d15dae08cc9b57f0efe5b0359
-
Filesize
123KB
MD53056e1bdb7d4e19789d0319eff484bd0
SHA16791ae47aa9466fe0bca27ad6643f846853bbee4
SHA2568e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0
SHA512c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658
-
Filesize
25KB
MD529469324e59dfcc052f24b5af4e7b2c4
SHA110c1e17ac6f598037bb51baa07945663645de4eb
SHA2569195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a
SHA5125e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2