0ed8987b07a4d017db6a475ff327eb6d9c6004ec5155a72635d3a4202a28839a

Analysis

max time kernel
3s
max time network
130s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
01-12-2024 15:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0ed8987b07a4d017db6a475ff327eb6d9c6004ec5155a72635d3a4202a28839a.apk
Size

2.8MB
MD5

6b75d656c4bc46679e85fe0b2515951b
SHA1

d795ea1715152ce0381476725766ec76db4974c7
SHA256

0ed8987b07a4d017db6a475ff327eb6d9c6004ec5155a72635d3a4202a28839a
SHA512

e98e942ba8214891c4afbeb626c5fd3fcce22ce7b14570d249a0e34487f7173a6a44437f1e8d45b39abed43fab36200f78d8de5f417b348c91cc2b87b71d8b4c
SSDEEP

49152:Q/odkkEeXP9acJSg2a41GOh7/ZS6yu3pXJY9cLyy0F8S/0KkuB/W8FIet9H9Ck8E:+0kkFXFZEg2/l7xlJY+Py8SDYeH0DI/

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	edward.org

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	edward.org

edward.org
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4445

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/edward.org/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0e083b267fd3093933d5b844d906f609

SHA1
be965c6b096a77bcf19a834a8ac7e120d286d65e

SHA256
67f4ce3ba601f958e6022a9a9a80302259b3a34c4ec98cbb6f4f05d3dadd7a42

SHA512
12d5d6d2b03bf1066ea7a6b6abca9c112ab32fec71da0a0991bcb605330a932e06516a7e82eb19f13bbca75ca33a25872a8f3d02e85077cc1a63a0e5f6fd7048

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
8501c3dc3f7da918d7b2f66717e9078c

SHA1
5af998f7c16f9267c569e0861a81164d06678019

SHA256
10df95450e914530459555ee01ba2b8bc3b9e59f0ac72b453d8e72aaccb41cab

SHA512
48316be48db76b9366dc2824dc27124bce554833f60fe9506825413a2e66cacfb45a2fa7a4ea2cc4570481b759d06592949bd131538d431a8ce4e920c73368ca

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2b99bfb85a969b7c583971a4177b4222

SHA1
42749a6a0ba79fa9ea5c5e64a573600622df1ff0

SHA256
6c0fbef0a11e54adb709dc8c0e4bc891e2b79c48ce1a2a8da9aa6b3bc45eeffb

SHA512
cd456faecd68c887a76f22e96570ab61ed67ee00374131212b28855802ce26cd2a22307e4cdff97d84c4d16f229b9607dc2db93a5afecc11ca800d3e77b6506b

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
645f8b39591c92491bdf10ada820474b

SHA1
23536cfde84e93c86a1d843fa8160c8308ca1060

SHA256
0fbf48719287a6d672f8264863cf02226b428870c30e41218c68fcb4ece49885

SHA512
f0f6c8991339f0f2b84bff92a01e7d1856bb271cf9a32d2b41fae6d643487705aa3e4ae8b177fe77af24db3ea1aeb114d54d8367a4f199b651a522070e90c27d

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0561b5939bc7c5cf3469cdc1d4e24e21

SHA1
2d6fbe6937424e93ad87caffae4509e8fd7487fc

SHA256
f6ac3280a1530bf2dbacd7e90299b10957165d01f832304fc080a98f472f8aa0

SHA512
2f5d7aaa8dd4e3f97e5997ad2ee8cefceb20084fb6ae6190e2b37349571d9b683ef153c2095671d45a44862323b275bb471adbf8ff760e31c763a0977499d6f7

Download Submit
/data/data/edward.org/files/PersistedInstallation4197045116340434624tmp

Filesize
90B

MD5
eb6548d44da7d24cd29520247a42b32e

SHA1
a2a8ab29d856e5c1a765b4053965a821ecc205e9

SHA256
3884f9f7901b8b395e22f1b4f57aae315e6567d27286f05b066b3210aa50c7e6

SHA512
38f21f02c7d4c351050f8b2844a9b5ea84140627596dbdcc50782a3841227fe08aae1ef2bad0cfc0eecf87da120086e7f285e4d3147e95b45e7c7da9d0842ddf

Download Submit