cd37275d2fd81ca39fdd7785d6592c4a746821c68a92472bb825073e760742f6

Analysis

max time kernel
149s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
25-11-2024 08:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f608d71b0e87b52c5679afd08902b5f5.apk
Size

4.7MB
MD5

f608d71b0e87b52c5679afd08902b5f5
SHA1

4b390764b89bb1980c270ff36ab3f89d4d54b71f
SHA256

cd37275d2fd81ca39fdd7785d6592c4a746821c68a92472bb825073e760742f6
SHA512

797db5d626232dfa6580f432167117ae772237487c573c3ee1a83cc1a4c7a34ce240a1da7a4daaf62287b51988d2294d0cca5aa9f4502ddb1c7a318b7543b78e
SSDEEP

98304:1QPKjXhAbdl2hmW6AGKaoA41UpD7cPV+FY4XTikrAER6RIPf0T1+Rgl:1Qi7hKdl2EAGit87zfWxJT1+Wl

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

Processes:

com.ranger.cheat

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ranger.cheat

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.ranger.cheat

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ranger.cheat

com.ranger.cheat
1⤵
- Queries information about running processes on the device
- Queries information about active data network
PID:4463

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/misc/profiles/cur/0/com.ranger.cheat/primary.prof

Filesize
1KB

MD5
874bffb97ee10e6d0ded298258846d0a

SHA1
c1f6ccf57986a7ba77ef850078030dabc38c8db2

SHA256
b1a6b1960cd65907f926f46e0e0fae3bfb4f2234419f7309906de743fd485903

SHA512
87cdc2aacf45e57a4c5d2fd164731644d4a66b94311b11b9d81f83e9d33ee34b9df30d3ab5639a441ff7c769584b41eed85daf412b0c75640069a3ad82506cbd

Download Submit
/data/user/0/com.ranger.cheat/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
f9c8c727be3071594103b6354925a87c

SHA1
fa76ba1be32408a13c6ea8512eecb9ba86d7cee1

SHA256
a8ad8986ba47910427c41c8a81b0ae234152978f5a07b825cd77b1ce75cf590b

SHA512
17d4b635d0cd3150bfcf2d5b75ff2a3a4a16853e3cc089436d924a71079e3dc85d0fe33e3cef30bcf34fdbbf13d25caa19679a4f92581006194369583bd2dbf0

Download Submit