0ed8987b07a4d017db6a475ff327eb6d9c6004ec5155a72635d3a4202a28839a

Analysis

max time kernel
2s
max time network
150s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
01-12-2024 15:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0ed8987b07a4d017db6a475ff327eb6d9c6004ec5155a72635d3a4202a28839a.apk
Size

2.8MB
MD5

6b75d656c4bc46679e85fe0b2515951b
SHA1

d795ea1715152ce0381476725766ec76db4974c7
SHA256

0ed8987b07a4d017db6a475ff327eb6d9c6004ec5155a72635d3a4202a28839a
SHA512

e98e942ba8214891c4afbeb626c5fd3fcce22ce7b14570d249a0e34487f7173a6a44437f1e8d45b39abed43fab36200f78d8de5f417b348c91cc2b87b71d8b4c
SSDEEP

49152:Q/odkkEeXP9acJSg2a41GOh7/ZS6yu3pXJY9cLyy0F8S/0KkuB/W8FIet9H9Ck8E:+0kkFXFZEg2/l7xlJY+Py8SDYeH0DI/

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	edward.org

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	edward.org

edward.org
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4978

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/edward.org/databases/google_app_measurement_local.db

Filesize
16KB

MD5
188c0542bc062e48b614e5ca8c1081af

SHA1
0eb9b89a5c92957cd1fe748cc063b32853339774

SHA256
c1ccc325c2699ed7f556cf171566317f706a911c4d02b1644a2a7908b93da58b

SHA512
62a67f2c56bc3b40d49c80094f160d355a8f67130e1924109426e0481008bc2cd11a9e2675a901abd03cad1e7fe0028031e20d826437edcf35b6f86e2499c2b4

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
5a6f68cbbee03e20728801f8f3b92bb0

SHA1
9af802e5b46143fdec95acd210d7c96ddd4d00c7

SHA256
a3e6ba39ffe2b393df0f7f6e53a9da8a4d55f99d8fc6da1c64398fcc2b75adf3

SHA512
9b70af59f4ba2d5636919919f9e42471a45e03b3132d0fc5270ce562c4ca668725c59c54ec4385f8fdb52650d05f76fdf091174a0984c6dee1ae3659fc5e1f59

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
d552ec0a9914381f1828614e5ce51c1a

SHA1
6139ce4808b31df0fb02652fef9f3b630968537a

SHA256
ab5e692efd8847f51d98b39df711e4b165258d6006c15edcfa5e13bc6a8048e2

SHA512
6cd920ab23d426684a3a6b53cd81cb82257a2e6ebf2f83c9b7fec664ede1d81c6aef0715e698a8bd0954c8d273e51865e08039bda3b5fad97773a08e6140a85a

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f89fb82ed3ae9e2c6f42dab1c785c2ea

SHA1
affe8ff249ead6de3abdfed706672e5d96536259

SHA256
d24fe7c44ecd4f9bd05b6f3fe0a96bff1646dc15b61b92de461af26a649d4627

SHA512
b70d8031cbe198286d5993e746555cda13bc7b57644c8888a09528ddcc47ef4bb2bd2f095e1505994134cd941c14b7dd1e75ca1ca3c6b8ad8957da2ba40a4c7d

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
4e9a229afc89f5bb9bf168142dc20bd0

SHA1
1fe72040b1a9459265d7f42564955555161892d4

SHA256
26e8ff0019465ce66953afcd642cfb7a69e41f5d1cc977b22af949ac10297dc8

SHA512
e59c755a48dcd6667dcf10c2ee65b1b8025af4b0686d2c1ed7dcafda5a9d5af3a0c9abae9da50165b0b7730c7a4b73428bbca82e127614d274b5147fbe5efd0f

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c78e52c73eff23d56b47c7cbcbea5ea8

SHA1
fb555bca6bb235e4644749fe60394bb8c4d8aead

SHA256
9bab5d6943dc2463cacbfb8f3116cae57d11dfc34a9671050f5e93d5d63320f1

SHA512
59eb4b28f892a4bd6f119aae2773b8eebbe76465abbd9cf9d3a75b366e3ec5eed57be311f931f73e2a82667758275bf9c88cdb6e34380ce577c243fec61416f4

Download Submit
/data/data/edward.org/files/PersistedInstallation2109957894545379565tmp

Filesize
90B

MD5
08221c37a9a214aafb81bfcd6aa0fce4

SHA1
1988d043978b0e0be5cabb5b26b03c1738b1e6e5

SHA256
07d2ffaffbae93757b05ce098a5abe7148cea8f06f87bb72c6a61b57064de1cd

SHA512
1e1fc8db732c091ac8775c541497e4b66b84b0b9b53eca6e5adb31c99ff7e0147081372d527282f14be3154eeb1914b0f14505fc74e1760c4bd5e579e990df90

Download Submit