1b1eebac29f8ab1a41e5f20bbdceefb3341e93bc3d55a0f995c902b0fe877fe2

Analysis

max time kernel
2s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
25/11/2024, 05:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app-release.apk
Size

10.7MB
MD5

4d1de127abc2e9aa2b8582c8c5614085
SHA1

84c3cdea6f4b10d0e2abeb24bdfead502a348a63
SHA256

1b1eebac29f8ab1a41e5f20bbdceefb3341e93bc3d55a0f995c902b0fe877fe2
SHA512

c335f687121eecc37f9bb8cc1502d3053c5e58f6cd2213fce2dee0e89d1f3b58e7fb80449a33a0ebb4f58f56b72460d37192d81c87a0aa0fa4c55bf6cc4ef571
SSDEEP

196608:mCyjD8a3EB2o+hgwa1mMQ+MUnw701XW3fHqghsH5Wt5RgYyiewAi0Kp:mdDZLKwgmgqAX8qCHrHz

Score

4^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.topjohnwu.magisk

com.topjohnwu.magisk
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4253

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.topjohnwu.magisk/files/profileInstalled

Filesize
24B

MD5
75b4890066fbd3ecf811b4c55a44df78

SHA1
e10ef193dd582019f1947fda28a01782ff86ee73

SHA256
d39b75f98c233bd502f0d8e7c525777595ada8f83a4a5a1bb28aa279ce1bbba5

SHA512
150eb1e62bfc0a073c197772fdba6da7f40e9ccc81fd75fdab1ee63d2b6ac6ed225c43279f16d4a069de189a041862b55e71592cc3cd3b93c459bf2cb0ae581d

Download Submit
/data/data/com.topjohnwu.magisk/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
ce8809c22f0ec995cd351b89f6371269

SHA1
1b6202fc9b7f7177322b9522d1207520b4bf6edb

SHA256
80ddf1d5957ce1dd92bd8c0aeab768d7556c8c6eb170c9dc6e7a2e63fa120fc9

SHA512
f79182f3b4ecfc7c0c671529b31f3eb42b08c94ddeb256b1e5f7bde2941d73d01b081884e4dd48b5d62c256f1984de421072d8018717e8c1d1d7d54ebca5f782

Download Submit
/data/misc/profiles/cur/0/com.topjohnwu.magisk/primary.prof

Filesize
2KB

MD5
75a79b30aa58e1e567a00bd82c96e5f9

SHA1
3a4c2fe041a5085f0d187343243f0e73cbade028

SHA256
a395df904939f7e8700204f0f98d2360ae9e2bb85d1d394645f66328d3165653

SHA512
dbf38af1c4ee4e701580dd44930efa22b147f9ecefb015b56aa3569615c6f15bf0a1fc8879eec40ca309f87ccc5e99091053179354647aa6b46ce6c7e86adb17

Download Submit