5353b55fb1ca2750fae7d973ba4ee23c15d6347a17cef7aa788b50b51fbfcd28 | Triage

Analysis

max time kernel
25s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
23-11-2024 01:20

Sharing

Report Analysis Logs

General

Target

Жмурки.apk
Size

50.6MB
MD5

2967e6a8abe76f19ef7354894e043e86
SHA1

a1a08674a2971dd0ad9d874cbf89027b590ad591
SHA256

5353b55fb1ca2750fae7d973ba4ee23c15d6347a17cef7aa788b50b51fbfcd28
SHA512

08c43f2ccc590c3cec00c2b4216d3908234070a60675010398b6dd3a3be9228b2df6c31046f5479c9df7462fd9374a1fe5edbbdb3f01adeda354d905dede815c
SSDEEP

786432:K779slHDt5vRonmol5HRsjwioyiDD2iGssLMxTdr:K7ZeNyB7HRc5oyiG1srxJr

Score

8^/10

evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

System Information Discovery

ioc	Process
/sbin/su	com.kartuzov.mafiaonline1x1:AppMetrica
/system/bin/su	com.kartuzov.mafiaonline1x1:AppMetrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.kartuzov.mafiaonline1x1:AppMetrica

com.kartuzov.mafiaonline1x1
1⤵
PID:4455

com.kartuzov.mafiaonline1x1:AppMetrica
1⤵
- Checks if the Android device is rooted.
- Uses Crypto APIs (Might try to encrypt user data)
PID:4527

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/appmetrica_vital.dat

Filesize
57B

MD5
5c04b121747857ee634f7538ef1a1e0a

SHA1
3ad098afcd46e57cde68bcbb46ab1e021930f2d7

SHA256
d60d9714dd0e3bcb0b426420f08f9fa6676da479f866ff085608bb92d32e6ee5

SHA512
34f2fecc8875b0b83657a37e9eb068a9ea9028bf61d8d269d08b465691bb7b62306c128f2530c27f78dd55425e6bf925b4e8c1c87db3f565c8266e9741de13db

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/appmetrica_vital.dat

Filesize
104B

MD5
30df9be269fe79ef1161136a63098455

SHA1
949b226397b4eb2246af696a320703ce50dd1830

SHA256
9a4e900c61b9d29ba08f062955f33248be301954864812f3915b1517d573e6c3

SHA512
f21c6e1d8e0449316fafe6733d5d4ef346feca0837ad361668aed3c0f9704224ec19a0a065c1f22cffbf5f1151a41b8d0fca307381f1d480c1f1da8aed07492e

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/appmetrica_vital.dat

Filesize
124B

MD5
fa01df453f1939b3d58ef5bd70a34848

SHA1
096804d6d42813855eacbd68393b6c9996604350

SHA256
fe0c81ea08981e45b4b4a236eb9be933538a127df8208f36f82ead724cb567ea

SHA512
ea042c59e397d25cf87ae233c4b4e5a0369f82719493e28beec4aa625add4f92eb91792003f79a2c8bc5b18f088c24a8ec9ac99f68ad505dd7dbe76bec462acc

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/appmetrica_vital_20799a27-fa80-4b36-b2db-0f8141f24180.dat

Filesize
192B

MD5
caf5782c23120d68a3225965e4d52448

SHA1
d7055419c9da7f68dc6329b3d66cb6405b424e80

SHA256
0db88089e3f969a41eb656ff377055f7807019ccd9904a974915a36fdf437d1b

SHA512
c06e6f3f8e8eb0990d14c256f5c88e3c27338feb3697c6de4c6f6c2bf9083bb9a55b167035acaccad45ca12b0ac78b0e85c3eac6a8bfd5a43946edf36eecfc6f

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/appmetrica_vital_20799a27-fa80-4b36-b2db-0f8141f24180.dat

Filesize
194B

MD5
e0211ddaf47414d1af1b2f81138f5885

SHA1
196c40b9ffe9dda4e8ae8ae9c8ac8df231d566cc

SHA256
3372316b788e3de92ffc02a1c6d1e0e7c07a45abd3b18b98faa9e3734899f925

SHA512
e2064e512a9330b832b6e7b6f8a320c52ae4d15d584fc258661520ed406a8a21f58fbab3bfa49d18198b0a932bfc2a470c8b836a0fb5d5536487c3a51cf4f8bb

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/appmetrica_vital_20799a27-fa80-4b36-b2db-0f8141f24180.dat

Filesize
203B

MD5
20c963d14b2a44372541fb21d443ad0e

SHA1
3de96c61ca9180552a3995de99949f39e8d6340c

SHA256
cbd03974a4673fc61c548e19289b08b8fa2cbe1390ccad3a8abba26e62ece895

SHA512
104ebb7483ecf4351d03949c70e2bc591399b89bf0ee036b38d8ba6b342f4350e59016a6fd45dec59c4a9c0eb4c9419d2ac89651dc99af51effc02fc90ae4cf2

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/appmetrica_vital_20799a27-fa80-4b36-b2db-0f8141f24180.dat

Filesize
203B

MD5
4554cc7469d50332407523840962e08f

SHA1
98e158c61ed0bb09a3e9ece36a711755029cc465

SHA256
ab300c25f0a28b8738be7313456566c21b91fcc8d6ec5c5fb91fdc6710ca1551

SHA512
b5f086545cd8eabb065a7731f8d1608cd0a302e6de603e72421e4309c9d43357aeccb0f9d9d574296739e25636fcff07adcc388f9d5a961a5565c45e05f566ad

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/appmetrica_vital_20799a27-fa80-4b36-b2db-0f8141f24180.dat

Filesize
232B

MD5
842e63534bc0c7c4e95c1144b69ea8ff

SHA1
6da99e297cb4db40731fbfed47197dfc6fef7bce

SHA256
ba275a54ea48180262bb6f3ecf3b5d757dc8fc21c0a7055794f742824feeabc7

SHA512
f98318220904b7b40e4267f65eefb67683d09cec74da44e926fac8fb8e32fa6f969ac97f3d9bab1d9048ddf70c35a89a1a420026f7d65922cb88c6da3f57afa0

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/appmetrica_vital_20799a27-fa80-4b36-b2db-0f8141f24180.dat

Filesize
246B

MD5
8f0374d7f436bdce660e82a08f253ce2

SHA1
fbdc8566e4a0df1d5071fc5322971ea0c7cce6cd

SHA256
b6a658db3a804c86729b9e9c9d12b19d6b2fa6dab9f4ef68d3afe3ac71e480dd

SHA512
68313941fe9428025bf1cb75e3a706e3cbf8ecc38741c1a4ac1d20ae239339b915e7632576927250a7ebc042ab512dcac330c0695e3596ed4c29a79f0812f0d5

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db

Filesize
20KB

MD5
3419f4604cc0327ff4d536de4c4f3d63

SHA1
4611041ca94b83ee3cf89371e3303bcd3495fae3

SHA256
26191db9cf5958018e51f68e683404b3878eaa3244a22a717dee0abe287643e3

SHA512
857ebe04bba391ba87e061fcf991a2dac79b59ab2f9b9785e56a6343c298e0b10e6750fbe39dd1b711dbe6b74c77a9c23f446a3ba7e405ea933a20b37186e6f8

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db

Filesize
20KB

MD5
41f53a605436f1865c53d4f939008a9b

SHA1
17861271ab0505cd69d6c5aa0aeeeb237a395137

SHA256
8ffb99ff7e3da97397d5d6f9079657799384c8ddca0e61d884e02081b0d85080

SHA512
3d6c97bf1bb0415c1ab9bc07b86e99d2fb41349174fe4058b1e639819df127dbb26441df8a42ae9587c4c7289a8a50f3f2f4f167cb7db8b8c5e86fda61fca79d

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db

Filesize
20KB

MD5
61136675e0ff7b23b2788ffac6587877

SHA1
c3c2012026882377f74b4b3aaccac621dc4f5099

SHA256
08f0ac0a1f5ba4230c4ce33b2bc4788b502f978bdfb4a07536165ecb0f99756a

SHA512
27555aa040bdda2c8707a993e7ee97fd2b18e8ca24a23c0b67c79dda457656f8a23410b7ec6c7cd859cce12d2433f6dd7c0ae3a970c1c9ab6dd75f265d76250d

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db

Filesize
20KB

MD5
de1e4fa21ec5a15611b943fb0edc41e2

SHA1
c63d5194a69d4c41d566d336d9b517b554fe3aa3

SHA256
8228fe6df23788f81f7d0a8ffb987fd9c78a124b4f7b25cf810cf86070981c06

SHA512
347d6303f46a09f75bd5739b98d276faa9accef42edf58ad35ff818da9611a6ee971e2d1adfe3ea51e59c15525642c09dbcbffd061d79b1802f0fa504b30a42d

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db

Filesize
20KB

MD5
137a3374b253b6be876cc5941574e360

SHA1
2dce8bc723786d6f42eb9166f1e5e06dbdee35b0

SHA256
61b3d4f54e040a418013b144282f9ea9b8d22a986f43c7ec926c4176e6ffb26d

SHA512
496d7079e6296b038f6c68e30e91533ce7f61b08fd7e8dc255b4dd2cf0b7c6fe6a462cc9bf5d0f2751323d6aa0ff4d4b4d70b690fe962654b752cc3549df3631

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db-journal

Filesize
12KB

MD5
3e22a1e83fe0ac0a3e519e488a94b85c

SHA1
320dfe0cb13d9a0b7f90ad40773c5f9214c39c6f

SHA256
75f4aab3c7e424a8cb6af35d5709f89d1b90e9779724aa1b61814a6381f59f95

SHA512
e088461fd97a254e0a5b806c3b433b0ea619c6ed7cfd5dc3bd07d23925ea9932abb75e93e7f82b8056e5c12bdc38bdb29a6eff8f7b6df524596a51f10cd45eac

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db-journal

Filesize
12KB

MD5
10650240d93e8509ac0b5ba3ef0fd18f

SHA1
7deea9524c05f1f35c4e674ebfc8faa6d59fad9a

SHA256
0d5e8fb76557912236fd05f75357c2ba0c4759466718e62adcc991c730741167

SHA512
879ac6f77bbbd2f14219149792923f67e1d1ac4b38538fe7e8d102652d65001fe66e437992507f0e8c7c7485d0ad2f6e93eb3a6b89a6b9ecbd351aeb2c3db142

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db-journal

Filesize
12KB

MD5
3b0656f842bf397c17a21133a8f88368

SHA1
64b83867f6b1bcf05afeada6f370c40599c9bda2

SHA256
52ff9cab637429a22b259a1945fe2069659037ff591f0d599abf8a43ff24d6fc

SHA512
3d2115f411e7e86a6854eeb72ca08575de46249f7aa7f493f2beb97397e750c013cfc4694e1871275897d512ecdbf3ebe8dc9483d11282d5e8cde5d92507573d

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db-journal

Filesize
8KB

MD5
dbf3d83754fa0439bbdf4ca50475122f

SHA1
00a64b31a5144867a14aad9094f25e5996bac060

SHA256
8804d904ddad071f49333ff4df6defd321857a3232260d65306bf4a4d2187144

SHA512
bca0a3ecdc9e83c17827b31980870c2dd187559d6db5898247e4a0196b897c530a6a4c4ed39664d4b6c83e0d59f6542a9d782f01810f1634f38871b626d3418a

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db-journal

Filesize
8KB

MD5
4783b4544370d7b0d72e6ebccf52f840

SHA1
87683011d4c428a2bc9e94082271db32bceba7cd

SHA256
f2f88ed9b4791a622ab8f505863957a65fc500da76bb8232b4a5a3183198623a

SHA512
31a20c71b59a70271d468dd65fcf644646455368c4c3edf54f555ac3e3b5c216bcf8d298423b6de09fa1a9b877bbfc31768417822b7d0f2f9d481363fb20d4b3

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db-journal

Filesize
12KB

MD5
e8bfa4b306b53b141aee645eaccb262e

SHA1
cba660486be14a7f424eed0c8bd2e63b14b60fbe

SHA256
0485b85414f9fd67f62177e7fc1b7c2306ba0fd4fb2efcbdc72f6d7b818bcd9d

SHA512
fab3ba7c68a767fc72e9d88adf008f4f6e8ae7776f739777b3c558ccdb005f90d8ebde112be5b801c5eb330e9d485e5c9752478497c839a32efd18f9fb690c37

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/client.db-journal

Filesize
12KB

MD5
ba9043a189c93ab862d8da3c6a979468

SHA1
1684da9baa1f0c762bb647bf8070173e20a476a4

SHA256
f8578d347e8b478ff535fb522beba39c90a22a2057adde3d49be19ba7cc81913

SHA512
9b51615678380a4e2fba4f0c5a21bf31e4cf6c64e8c71fc0872bfedeac4f4e57e1bff1145bec006d47f408887c4861e38204bea0a816f2242a75ce3e4109409a

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/component_20799a27-fa80-4b36-b2db-0f8141f24180.db

Filesize
36KB

MD5
b8e6fc93c3b805a325465d29d678cc47

SHA1
d36c792543f1f612434587564ed26b8267d2e2e3

SHA256
f95f75b6268f4ec71d6f1b01c2a45932b234609809f44164e403c4a72d400276

SHA512
9060c7ef0562ddc0c80b11f0f46b8c9ddb5a4611e5faac07808623b01082346c4373c0db42a2750d7d7f8c4b30dbeedd141763f204047509d33e3990f5582e51

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/component_20799a27-fa80-4b36-b2db-0f8141f24180.db-journal

Filesize
512B

MD5
b3d8a015e4ebdbbbfe4f58a43672a8a5

SHA1
3e74d3241a8e20099a31365da768a157a568cd2a

SHA256
48a58bbbf0b4acaf313bf055526217094e3c7d46d6680ce07311e9b68e83ce15

SHA512
eb5d95f5d8648965f8a48a242d0e0bd9ecf6c0c7d02bd8a53907381c21c6a6e2990d14d44f9f97580656010c7e2a449a688d80a7498f4ae96fb78771291768f1

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/component_20799a27-fa80-4b36-b2db-0f8141f24180.db-journal

Filesize
8KB

MD5
8eba5accfdc18fd9c450ffbc9ce1c38e

SHA1
39cf77f330f05ecb8d6c02b7e2ae5f63f7b99fa5

SHA256
e1c66890ea99cc2bb3b55a17eb85b17eaf0c52d920ab1941f445946c4a5cff72

SHA512
b61b1df03df2db939accb586bbe9a8b164b067a175f36cc3afe8dce1b2bf8aa70769f1aeb691b247768da8744e18ad68ca981556bda0ba32510b98c8a2d3e040

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/component_20799a27-fa80-4b36-b2db-0f8141f24180.db-journal

Filesize
8KB

MD5
85b6c3c2e9feefcbe98671bd7bd37e56

SHA1
ac1533c3f726061a70c326659d6a58469f7e4367

SHA256
15abea00d921be6872067260cd7eb58e1b9bbac1199bb13a3ff175aed4e740a5

SHA512
43db1b05f087dfb96f6f14171c2aa1cfea492c286700dc0a82d0e3476b6827c3c1091ab824048f9217872e374f9565ae203fedb20efba548f5a4721121929629

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/component_20799a27-fa80-4b36-b2db-0f8141f24180.db-journal

Filesize
12KB

MD5
d2cbaceed96f08d117730d800c41837e

SHA1
c2bd9373f8be42e8078f9b861cc6c67d3efc7013

SHA256
60b042845a7fcc4e3a0425883b1c5f21d4bc42ba806e8a5e3bd63d17d07586be

SHA512
bb4e958341cf602f329d30205172094efba5532ef93e5115b1e3fda2785472cecf1c934466819c52966d4f2c0b0600326f132507e0bb198a2e9020a926eda451

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/component_20799a27-fa80-4b36-b2db-0f8141f24180.db-journal

Filesize
12KB

MD5
914051d03c0568c10974a03b3afbb4d6

SHA1
37123fee12e38b172c6ec82af60f6c443c5490e8

SHA256
481e49c123390e85af91f89313841015f384b05622b219b431706470c0ceda6b

SHA512
800451d0c22dd354019916495ddf11ef67751397cefc6216212b2a5feccf82a906bd9dd1a2b975b4df24aa648c8c7fd95c8a60451ca88d436888f15ac234855c

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/component_20799a27-fa80-4b36-b2db-0f8141f24180.db-journal

Filesize
12KB

MD5
fe873705e555bf4912e8f0bdfad9dba8

SHA1
50384ea3cd55cf20e7802432d7844dd0f80d200f

SHA256
e0de4453790767650a53db28a4a7425131ab7b4e207217727af47edfb9e59d0b

SHA512
95ea5ef6d9ea42eb25332d6d5cea0d81c846ca6a7c7e0cdf37b1ff0cd7660247bb3261783e95efbfc1ac37df4d463398ec286e8129e8de142b0938bcfd308362

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/service_main.db

Filesize
28KB

MD5
bc023e5140ade2f6675c73490c7d5698

SHA1
2be8ccbb6f375c51e003dfd7866aba48c0c9fb41

SHA256
384b3a165b5b82964ccb4085d5712fd8ec1d9b97f39527714aac899b5043f5be

SHA512
6b24887061169ce967bb76f0221dcbb49f82076dd81b9def9bbfc6255cf4a89f15cc96b38a7b5965f6908a51bda471a82b2aefb3e11d0d532feaf2d94ee476f6

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/appmetrica/analytics/db/service_main.db-journal

Filesize
512B

MD5
eef5046a10b8525c812dd2bd96f696c9

SHA1
9e43cb07d83d69b34ad892eec7145680019001be

SHA256
1b1328bd6cf96e9fe439ae0676520c3f41816e1934c183efd030ab8fa5eb07ee

SHA512
41a80440436568dd941b420c8f511c119346dd3ad32eb35447b999a6de00c9f34592349860ed858647daff2f12ae88e60c0ec35cfe6bb2567f46389938936f13

Download Submit
/data/data/com.kartuzov.mafiaonline1x1/no_backup/uuid.dat

Filesize
12KB

MD5
771648e66d8b9d6941a389f2ac5e0ecb

SHA1
9438ddc63e8b175b99081be294add8c6690ebd72

SHA256
4e1ce58c24fc2afbaed882ed01f319da2b7f65060fd5be43a20eca4e55a01a47

SHA512
bc2e905b334798d8e7cca6c61eeb731abefe7c28aeec1f2c8ef100c28ff457d4c56a6bc1608de45201e0cbdfa65e25e03cf03fd4c83c5c0cf7d6aed23f307e1c

Download Submit