04ff7d924671ac03fb3b3a2e0bae7ba979276166766b97d0887c92076a326491

Analysis

max time kernel
8s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
23-11-2024 02:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

04ff7d924671ac03fb3b3a2e0bae7ba979276166766b97d0887c92076a326491.apk
Size

526KB
MD5

5040d56bc8276ece72a50d56384b3b7b
SHA1

4b0bbad9ca66179aafcb82fb211ea17b6f6429e2
SHA256

04ff7d924671ac03fb3b3a2e0bae7ba979276166766b97d0887c92076a326491
SHA512

06a448fe2c583e74d967eace563c04ee58265f695f034a4755ed2591c4ddb33f6fce94cfcc3fef7c5b7d0954dfc07e3506568407a29b91229ac9bf73a5380479
SSDEEP

12288:vIhgrqfV/akLo0HCO5GVlxtRtTl1iZyVsM7iV:vi2+RLhD50iV

Score

6^/10

discovery evasion persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.intensive.sound

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.intensive.sound

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.intensive.sound

com.intensive.sound
1⤵
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
PID:4468

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.intensive.sound/databases/com.google.android.datatransport.events

Filesize
32KB

MD5
7daa8bf70cba1177c0aaa35143f5ff54

SHA1
4ddb8e3e373296808fd5a3832a454ea9c0c60b0a

SHA256
f02ded6053bd0f124da16cdf40849fb201797ddfac5536ab36e1feceb21564a3

SHA512
7178eae8e99b2f8b571bd333a3c6916bd088c96dc2c6d5b074ac388e58a345de6a82daceb39994019cbdc5c2d4065912eb0c52787ec50d9e1f746ba92bcee22f

Download Submit
/data/user/0/com.intensive.sound/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
00e53a24711748d517eb9f839dd574fa

SHA1
c76de4598e355201f5ab99730a179e2256e6708f

SHA256
2d195865e9f5abdae0203445b12cddfbf6e9d77972c3dc52333700e1c62c904c

SHA512
99893e93c9cbd0f6daedceaf2b49f54bf729bc252879a33d70b413d5d20df1461ddee846ddfbdde3b11dc8f0191befd6415a199395688c2208a0ebbd5040e221

Download Submit
/data/user/0/com.intensive.sound/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
e07024545fa24884aaad623934400b38

SHA1
83254168633026ad5c82323318408b9d6af7d617

SHA256
e39266cf9a1127909acbd248794b01e87210f8b0285f6cc0d3024f95228a10d7

SHA512
7a110d6f69a183418c63f16ba739424bdefb812e60cce3a2620bd44263b3769f2defbeca758668c91bc1f9bda28c194cc189b7f280a4e2671fafaff0e0334cd4

Download Submit
/data/user/0/com.intensive.sound/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
b32f575aee2271b693ffb213a7c7c66c

SHA1
7f2fc2b3f617dbac22d7272ef4c123c117a0c80b

SHA256
0454cfbb115783a5f960c28be101e1519f49cae7501369edcb66b7512fda354f

SHA512
05cfeca3e5fa7a1064488f70e25db08d86084e3af7f907b8ba05e78780631fa6cec14f85c98e3a2d3ea6c4b0174c058038c8a71687b1930378d74bba2d4157ae

Download Submit
/data/user/0/com.intensive.sound/files/9fe946c1-7c84-4659-8f29-6ab738d19efe.dat

Filesize
548B

MD5
e476c062664d4f00b5344f9231edd678

SHA1
fff57fc0919f15851a43610d489f1c7a0d325654

SHA256
a993cc4d1628a632f27b5ed1e3aae222eb4cde953bc1e56186ff0e0232f8f17e

SHA512
e1fe141810a772e3f546df581ee8281778030f04f3d934254c11ae774417e8274ea78665486b043add8cb9b30950d254529e26fc2c43f7377065bfef758ce696

Download Submit
/data/user/0/com.intensive.sound/files/PersistedInstallation2902880739732597687tmp

Filesize
90B

MD5
7ea14f97fedd3074b460726fbfcdc61d

SHA1
c6166efe076182fee6982e1694c8de73bc0c23bd

SHA256
d1bd9d2c99bdc5cd4a08c7135d016b33e0c6a8b6f3c8e7fd01fd71b9233acd82

SHA512
90895f7192229faafb80747a1876925652bc086b829a16b3810f73a7ca9adc2303460c1686cbaa4b6bca0c8e0ca9d7c24a1101d6e08c5350d5c1bf008bedbd6e

Download Submit
/data/user/0/com.intensive.sound/files/PersistedInstallation6212056298461149764tmp

Filesize
566B

MD5
aefca2212d15bcd58eda92575ee01d58

SHA1
2b3cc42bf3c5a755646e6c380f8edb611dc71bd1

SHA256
123295f42aea65081a051b5dddd3ad4e515032c559816809f32016f15ac264fa

SHA512
ba12f8892579cc9aab5a975b19dbda4c3d382c37a056cd7ba297824139556c6384d3d370881ebc613d9966b2893e9cfe354f79cd082553bbec15dc279d09fe8c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads