57ad143f9535bbc63ba8d5c55dbc6c567610576033135bb3f50aa900d45c5366

Resubmissions

20/11/2024, 14:04

241120-rdp9caxqdx 7

20/11/2024, 14:03

241120-rcnn5aybml 7

Analysis

max time kernel
8s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
20/11/2024, 14:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ce0a2127735cc8ccd483356ea772e7d1.apk
Size

43.4MB
MD5

ce0a2127735cc8ccd483356ea772e7d1
SHA1

e8b49cb1c9201bfbf590394481890c8b8e7ffb99
SHA256

57ad143f9535bbc63ba8d5c55dbc6c567610576033135bb3f50aa900d45c5366
SHA512

6b4175e9ef193b44653a050168f6ec8d829eeb0a85212bd075a684547ae4436e20dddea9d4437512165839e4e33b0918c7f7e0b1411880383bd4d157ff003181
SSDEEP

786432:1UZAe/Yspm+oZJR60bpUcgt2QFMXZj/9n0mFzDmoX3xxZY5uPqobGs2tLEq/K179:SyehwZnVat2QFMJb90iKmxXbr2tLEq/G

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/system_ext/framework/androidx.window.sidecar.jar	4468	lw33e.hwr47.w6w51
/system_ext/framework/androidx.window.sidecar.jar	4468	lw33e.hwr47.w6w51

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	lw33e.hwr47.w6w51

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	lw33e.hwr47.w6w51

lw33e.hwr47.w6w51
1⤵
- Loads dropped Dex/Jar
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Checks CPU information
PID:4468

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Hide Artifacts

T1628

User Evasion

T1628.002

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/lw33e.hwr47.w6w51/code_cache/flutter_engine/36335019a8eab588c3c2ea783c618d90505be233/skia/9d530bb0bcbfd571ee3d820fdd79ff859d61e2cd/11d00b0e8f0d71627c22e65f8829978ff620085e.temp

Filesize
1KB

MD5
2ab442937641dde50635bf6b8161019a

SHA1
c9ad1b77193cfcec72cc2f424d969a9f5082504c

SHA256
0ae2ec2196af01340a616011f28d75fed5a925baef1dc8da8b0209aa30932ed2

SHA512
997749db44180abde79f2348d1da23180915c4cacd04f098f55f084044a12d2fdc8ebe6151bf5070b741dbfdae18205c559fb42eb479c8842ab35a04d88645e9

Download Submit
/data/data/lw33e.hwr47.w6w51/code_cache/flutter_engine/36335019a8eab588c3c2ea783c618d90505be233/skia/9d530bb0bcbfd571ee3d820fdd79ff859d61e2cd/5a551daf3d51192724478ed516c3602fe7474765.temp

Filesize
1KB

MD5
c0444e5a1bac2d7079e77b09d49f5057

SHA1
79dbda0a4c58cb8b7c1dc44041b445e8046d4880

SHA256
6a5435b57acc6d5dc467a341d8d283957d2ef380a4c47d1abd9ba2962eafbaf6

SHA512
2511d379c314224d7d2759cbc21cad190f60abae55af95728a8a9b5025eae2970a35e18950d712a92aaeed81941ff0585e2af312d7285ed2916808f486caa3ef

Download Submit
/data/data/lw33e.hwr47.w6w51/code_cache/flutter_engine/36335019a8eab588c3c2ea783c618d90505be233/skia/9d530bb0bcbfd571ee3d820fdd79ff859d61e2cd/5f5dd003eaa24005e7ab14db902f3efb7ca955ae.temp

Filesize
744B

MD5
8f8b22a2193c906428bad44f798c357e

SHA1
2b6915f04c164c08100584d3dae68706d1c9eb8d

SHA256
8a5638801e24b70259e83e267de06c69cc6a58d661aa9ec6449b7748403d2748

SHA512
cfde87b03702f670f09c3fb6e73bfcd7eee75eee9515c2cb2ea68de9dfdec3a7364afc4442151cb25695ceeefb64f0ff7e1e1bdcc9b3e1d6f7087812a35c1e53

Download Submit
/data/data/lw33e.hwr47.w6w51/code_cache/flutter_engine/36335019a8eab588c3c2ea783c618d90505be233/skia/9d530bb0bcbfd571ee3d820fdd79ff859d61e2cd/6b6195ba1a69b3d10673e750c52f17f20834284e.temp

Filesize
1KB

MD5
7c7e19dda29257bd2e92a9f39912df82

SHA1
58fca4a50d32f92477da6e088e9bd4c569ad41e3

SHA256
0ff0c7cd17ff22304c86d2b401b30770bd398e49e7ff328d2aadf845e55fd19b

SHA512
f1cd3426390eb4fce39f4e0cb0cd0854f8632215b15b1457bf2d9b3543dd6fba525acceb7701bdaf1aa99ab62faef60d5f4b9a27b991e15a92ebab5b1a4e544b

Download Submit
/data/data/lw33e.hwr47.w6w51/code_cache/flutter_engine/36335019a8eab588c3c2ea783c618d90505be233/skia/9d530bb0bcbfd571ee3d820fdd79ff859d61e2cd/c2279a2a3e1ac049335a9fe18bce229d6f2b6f35.temp

Filesize
1KB

MD5
e6b2a3f3c8ef3c336d26d613dbf531f9

SHA1
63358b13838f0f5abbf0ee7d502c332c5af8a2a5

SHA256
6bdf885a9e4b0406212923f1ee1d7ba5cdc00d799a974acb972240dada21be21

SHA512
f51b6fad0639de51d7f83ce2ec313d049f50e4915107f1d409b24ec1aab65bb2acff93c52c83b2ba79e23ac91501eaef713e2d3cdc4daad51b9bb29dc531692d

Download Submit
/data/data/lw33e.hwr47.w6w51/code_cache/flutter_engine/36335019a8eab588c3c2ea783c618d90505be233/skia/9d530bb0bcbfd571ee3d820fdd79ff859d61e2cd/f17ec4e6286c3fb2ab7c368367a730d9712a1a4d.temp

Filesize
1KB

MD5
e078d70cd2cb3dc0a09bb4ad40709902

SHA1
1683b4eb6b7acf5f27ae01aed83d7e7d885ba645

SHA256
372d64f4d7ab1d05af0be19f534f76613714da33af2077b01e2bbe6dbb139ccd

SHA512
361cb6b8c5094e138d96fa94c55d4aeac6a9ffeb193b5c1fce3af0bf9e17ec413513381e50e14bff3be0a5d7ae9f08d4278c4f6fb958cebfd0f5ab81d51e1526

Download Submit
/data/data/lw33e.hwr47.w6w51/files/Montserrat_500_0640b607f11322748abad42219ea40d3c9d15736374ac53a8117a58dd7d0edb0.ttf

Filesize
106KB

MD5
9126bdc00484ade5cea9df38be4b429f

SHA1
bf8e1de6e8986d4f147c53fa774ea3ebc47d5388

SHA256
0640b607f11322748abad42219ea40d3c9d15736374ac53a8117a58dd7d0edb0

SHA512
6d77bfab533f716ea84f6fcdd72b0f05bf969fe3ad35109cd810073a140f66d8d0d9fa6cf115321400588ab20c1846cd185c19f9ea2f4df3240e24aa2a87d9a1

Download Submit
/data/data/lw33e.hwr47.w6w51/files/Montserrat_regular_e3bb63f2cd246ff159b0841c2bd55d0914291a93487340cfa27574cc8d1861dd.ttf

Filesize
106KB

MD5
753e2cb516ddc72f1fdc525d59220744

SHA1
0b09f85d21f21a6a3188d9da06969842546238ac

SHA256
e3bb63f2cd246ff159b0841c2bd55d0914291a93487340cfa27574cc8d1861dd

SHA512
05a46652ca44d8fcdf0e766a74f5de8392f7e39573270a36441d7f244636fa68b87841629adc72569ab30e6c42477fbd01d512f95f60fd3c2c6c25c177b94c0c

Download Submit
/data/data/lw33e.hwr47.w6w51/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
c7cb9beef9a5c650f7340efd97fa780e

SHA1
9d6c441da56b648a2aa6db85da33892b223c6153

SHA256
9132e936ff047706b9ef105fe973345693ffa0b8ff4a27ca124f9305d315a258

SHA512
67b707856f561db4a8e524cd08c4d3c2db5f898e98f2d179c896d28b15b7bd8d851a3ed542f19ab98bc403ba968c4ac56c00c876559dc7ba3d7e92ea3ae4421e

Download Submit
/data/misc/profiles/cur/0/lw33e.hwr47.w6w51/primary.prof

Filesize
1KB

MD5
5424a9f64e742f2f87b85513b176f62d

SHA1
c8a85f46dcbbc5ec14c64318b98d88a0ad62ca85

SHA256
d7c025abed2ac06977c64b1f3cbba5f3ec9c9bd032706336733c6cde19e9cd24

SHA512
2d2f55fffe60a7adc25667c92f0a809c7a16f2e947af95d928ba4d489346457153c66292a8c08659fddc5e97a9bdd09307bab22773cea5bfaf51727b4743fb35

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
12KB

MD5
bdf3529e80318eb14e53a5bf3720c10d

SHA1
25c9ace4b1af6e80ebb2572345972c56505969ba

SHA256
bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b

SHA512
48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads