b42069ac7eed7d2f4ea14971325d0e4dd7730732d868eaf0606142a5894e30d8 | Triage

Analysis

max time kernel
18s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
05-12-2024 19:26

Sharing

Report Analysis Logs

General

Target

inat-box-v13-rc2.apk
Size

10.8MB
MD5

9c6cae30bd0dccca546a60b36c36c0eb
SHA1

b004c1554c34e88e5d773b354159246c261ae04f
SHA256

b42069ac7eed7d2f4ea14971325d0e4dd7730732d868eaf0606142a5894e30d8
SHA512

937d45c85de983673948545715afe90b27906c9f5b5152c34074d469cc11149c1de0bbbe92d970bbfe983cf5e9a4d8035c0dc18f8c16d531bf6f6199056a0e3d
SSDEEP

196608:x6gVh4mcVyYZrRxNRR0GAetwwo1alPLFC1vhzqAkFcdgFsNmUP0ZFn:xLBSX0GEwZLYFhz9kFcdc8NM7

Score

7^/10

banker discovery impact

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.bp.box

Legitimate hosting services abused for malware hosting/C2 1 TTPs 6 IoCs

Web Service

flow	ioc
15	raw.githubusercontent.com
16	raw.githubusercontent.com
17	raw.githubusercontent.com
18	raw.githubusercontent.com
10	raw.githubusercontent.com
11	raw.githubusercontent.com

Queries information about active data network 1 TTPs 1 IoCs

System Network Connections Discovery

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.bp.box

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.bp.box

com.bp.box
1⤵
- Acquires the wake lock
- Queries information about active data network
- Uses Crypto APIs (Might try to encrypt user data)
PID:4306

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.bp.box/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.bp.box/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
3fb69c481a996b7b20fac85bb85c2e30

SHA1
7f9281b8ca7862be52b1a3cb46e7e037d4eadd16

SHA256
e4faca206fc1011bdd44c5572694337d2933c3fcf663e9a6dd9894c0cd5f6ce0

SHA512
aa9b2c0857ac42ebbb1780e96542029e9810ed651bb83f3ae72fc9fa1c35d144362b94dd7811549f3f9781843e7992556df8f7a9e3dfda8d0fb26d0c5fbab520

Download Submit
/data/data/com.bp.box/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.bp.box/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
3e7b02a3db83c4fb092570934c523ab5

SHA1
52f2b75c256a2285412caee1de2b9a111ea44c8c

SHA256
b32af8ddbe30fd85a696731e6e8076dc67157ac9dd161200e8648e47a08952c8

SHA512
32103e58dc8de144cb284ae535d18dbfcfabadfb8f5ae7b89fbd5a8829876f84826526b11fa5bf34b37d53a50983879e38bf9d2845a471d59f483cc0e31423f5

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b388abef7c928e962fc22f864b43c924

SHA1
58dec9a3ec2966384d3511ebb9bee3bea76d69b4

SHA256
39b2f912f7e1daf901caa02e767559ba7735474b45722f7840c7d83084565bfc

SHA512
18b47caeb7804f2638fa1e606170db6f95e0d5131dcb86e4c64718e5c5046cca5d9b3a0423de3a6cc500a1a63e51c76d5191980f356f2a33c222f4cbb5036210

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2d87566a5d12419456879ca561a71674

SHA1
1431a9d8e3a1fed4dd7edfd813c6857aa597cedc

SHA256
55af37b8eab42fa1d1537876ae3692da8c2ccc0c132c1d91c94a1198aafeafa6

SHA512
c43b9906a878b3dcd94b8cf4b62a2f28ef16b986a369b7acaf4b97586e3370b6461c270a723e94edd64860daa4cf2a9b961c85514251d9e087be7f963d79463f

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db

Filesize
16KB

MD5
124a14dd7ced024c2adf7f36d3ccb4ad

SHA1
c992e94172f00a69a0e06bf9307784b8acb414f9

SHA256
875e05d596cfb2212365ebaf33928301a2d4190d3027468cfd1436f4983a1cd2

SHA512
a689b89c8cc7fc7d512830159400e60d059d7e42a21b47b12a3a36a69c341026d8379fdb374e31bd4e2fe0d0f4b4280167fe913e5f5cb822c6afd896d10ed045

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b73306fc542e979cc71a50b0be688aa1

SHA1
bcfbdfba71bb5080ff2eb619898579f69645cbbb

SHA256
60a342082e16e203007a119e46f5b598c311a74e02de021755adde99ede03eae

SHA512
15e802b65de9d73c3f6e5742f311b5f5db6b26f301a471890ff18354b58c065b44165954101e7b4cb9127b557954b2fc68d87c29e853ba57e471b229643dbb8e

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6626783af72a0ccdceace420b7e7e50f

SHA1
b902a217ee0cf292c54c17e85c1ae8d11fa8812a

SHA256
82561f2414a061fb1151f505c883b3890c63e28bdad0535b6e89eeea0365c139

SHA512
793d8e1373c1818fa8baed46f4c2981b29cf2826935602efb825924cfa6534765f0204a7f9217fc87f5d82787e059cc97a2a1e935fe02183f116fbfc0487776b

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
56371b24b9f78e1280cb3279001bc4c1

SHA1
c5ad0535af151c803f19fe47ebed5a28fff8601c

SHA256
45b17fe1d48d50a38b3793ea7e6b7a081ae5523e1918abb17bbabe815f36bcad

SHA512
d0453fc8eeef2d20aa8a644174f7449e09183db151570a83363e56d93232186489286cd246bef44eeba5627819877df43e7096e292e8349b602dd40d67dcf4e5

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
87266c7a15b2c436484a7c75487a5adf

SHA1
b13337b652dc386ae648ee3ef95ad898b45ee2b7

SHA256
21713c2d924d603f3812687d4cf35a6781d3fbe42a848a5844d92e1df36b5d68

SHA512
741863246aa2446b7164a0acac8bb2b952ca00f15cd0c556393b3da2d97d2fcffcf6db41e618a6076b342c1e5b28584ba7e3577386c1691b1689235bad6b337f

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1f8f48d20308af1e3ad5993bb6e28b00

SHA1
283293e2d3adf9cca6e50623b98b48bf8a5c9cc1

SHA256
fe557a77416307376fd130aba961573a8d57f4b5e7f842b1a195a0b2a3108241

SHA512
429fa192c762639961e43c5cba8b1c39fcf48e9e2e96ba90c4973b13b5d8a4773f14842ad3da7c8e16f4b617d8ccee84a3178ee0907e10448ae71f937db55b38

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
81fcbbfc3bd9e81cb8d16f7a670c3a25

SHA1
4d54f4c91a3f29714c5cfa6b378fa9aa267d2055

SHA256
00878962961ece34f874a900e6b3ebe5c945efa3a8090123050335a0fb3b218b

SHA512
89fa9b692451e26ad6940931fe271aaf159f7fb29da527fb38cdc38ccbf8be12130de30a964e80a0fda22d4692bf1f3941a37511e9825cf35c834f7d7f2d7e6e

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
38fff795b7fd32570339dbc5a67ab959

SHA1
8249057bef5445bce5bfac026eeda849eed4a3d5

SHA256
a3900713e7d1c560437f25fb8e6497bc657ba7a82102439567091bff55fb4102

SHA512
518b35e636aec146a664ec5290dd974c03614d11c1fbf6163fabb97bf8012b191304e58ab2841ef3d0549c945e2b1d97334c403bbb9913cb42284da8f74e7098

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1c9b7858f82626413e8e2fc7074429ce

SHA1
e24ee77457a18f8382d2e31256664622aa65a0f3

SHA256
fafeff7f80760fd024758d29bb8f66d5aed9f9adace1a5a173c12bb55ac11aad

SHA512
e4ff44d46d9722de7fa55dd1d1c0661fb9a96059e8eb9a3dc6050af3f6470a961513e8d68ff411b3cc5f92cdcc36b80f27af295bb7bfa9023141eacd30adaba8

Download Submit
/data/data/com.bp.box/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
b4b97a9abe5a9179ef669a3fd7022b1a

SHA1
7c110aea2002fdc4dada07bdb8dcc41c37ee6103

SHA256
8a1c5ef092f98728d68dcac45a5da514961eb410818b0d25c0ae81048fab0847

SHA512
2c630eda0f07ad25b81f3f4cca5b1facc466d179dadbb1a0ebcab6354610e9d9b11ff02ae484e8e2c21d70cb4b7acfe5260b3ec6fb3691b68ea0938d6f104b53

Download Submit
/data/data/com.bp.box/files/PersistedInstallation1355776190520581583tmp

Filesize
569B

MD5
ba0a7bf6d4e3c3ad85e55309a7b19982

SHA1
dda90af149e0a54c96dc02bb77d4868b3714565b

SHA256
535615669ec43a4afc3d5271e6e1689f4bc3e0c77566d6570077bd8b321116b2

SHA512
b61a76d448848d4238e0179ad8291bdb12583133bdc81e6e59702b32b743373ecbb480c3008de9c57042a79d9bd9af24de9765280e4f2ad3505153ec6bee147b

Download Submit
/data/data/com.bp.box/files/PersistedInstallation2696583876413835306tmp

Filesize
90B

MD5
224230d4d88e504ae42861593b025e0a

SHA1
53b596e7e2fa4d2a41cc323ce46e50bd1a97f260

SHA256
017452760b8b7fcf13c2167aea25fefb239eb48e4d297ddbea373765cc276178

SHA512
743f2e7452f2ade6d5ef363185b4b0878ffb645094a16a47c713136cb4612f5e766571a9fd589ba4f704aa5d7749897d05f31b335f0eac5032504fe48428f3cc

Download Submit
/data/data/com.bp.box/files/profileInstalled

Filesize
24B

MD5
cb3ed7c5d9fa0020fb983d55da8df2f1

SHA1
6fbeeaf1d65aa06b17c3af5d2912a49637d3fb71

SHA256
ab8e9afe9cb71ce99441e9ace04b60183ca67a0525c922c62828341578ba8f4a

SHA512
51d25c99b4a841d1f714f2a97742c8d43f3c0afd04392fd9e410e14a571035dce8a75069c17d51164eebbcebb3680982038294fdb5a2daba320d8143ba8de04b

Download Submit
/data/data/com.bp.box/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
b19284fa5c72b093903191cebf0c2be5

SHA1
78c5581c9c9166d0aac827dc5c4ab66a2a2224d6

SHA256
797433a42903e21e3859f979d91ca910d5a72af6abfa563bcc46e4bb2477fee3

SHA512
1259ed4bf13d7d534a6b99a25d29f7d35a6174e11dc30c6891ca8b6e45ba9e58c7f66c2c9cf011ae7871438cd2af1ace3c0017896dfcda957e6866b878966813

Download Submit
/data/data/com.bp.box/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
669c42aad707ae39c137668da95fab43

SHA1
dfb4cf1fd10f918a885d51674de80eda0e356bf6

SHA256
b15bdb2d1332b813d0cabd5da641a5df267d7d80b1d5045cff8324cf98d149e4

SHA512
d1fb47c1e134121203950b267e404596ebd2924712cc7121513dc2782c8e0618127d323dec4291cdef0ab2ee30a812a3525663dd5bc81670c1a213dcf5790946

Download Submit
/data/data/com.bp.box/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
ef4cf6e6428285ad47d0e78fc785cddf

SHA1
5abd2963bbf25e652ad22eaea206bd924ac646f3

SHA256
157ee080632182bd105c2b25c6e7cca2d34f717ca472645eb539f7b211fbd429

SHA512
834c76514c5ac33a44948f4ac034b0fe7955595929a41fd5716805cc6a1786b2726084284bee646c8a6254983806281b42e3f044467d6d54d65a07a3a904df6f

Download Submit
/data/data/com.bp.box/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
dfd2148e7be7dbe01f76e917e455147b

SHA1
052cfdb27f0114594c36ecb2b6fecca101d88855

SHA256
6b5ff835e0cb62cdcfd3c290078da538483dffe498c9f229550ff4566e7d82e2

SHA512
6638dd9ba8950c7239719f16c59dc029298f84f98fa82f830d03959a1053f7308c8a71a52f3d89e250012f36379a7a1cd9ce65c8a12578d07653ccc2bcf88320

Download Submit
/data/data/com.bp.box/no_backup/androidx.work.workdb-wal

Filesize
120KB

MD5
82570f66fd05049c8beb58af98dc84e0

SHA1
19bffebfddb3bd65348a48c21a0074a365799c60

SHA256
80ab2665cefc18f89658ac16f5de109d5f0175313d354be80e5799829d91ba5c

SHA512
69881dc046fe6a36ce03a4d65d458b05cf160fdf0deca5d7ad48c8d350107e808eca00332676ce2be7fce5871e04285fbf7ab11edc690c6d96c6ddeda324eb2b

Download Submit
/data/misc/profiles/cur/0/com.bp.box/primary.prof

Filesize
2KB

MD5
85e039abb6397d1acbf0ecb4d900a9e0

SHA1
d7e557e894a6355f0514a6d6ba0815dafb0894fb

SHA256
feeacdbd8997489aa8ff1f8a288243413da3401d67d9c4973769886a3941507b

SHA512
82dc025b337d5beda79706ab2a809fd67e43f614c0657b0d709d282774e5332cf1b9b8d9646a796b04663971494c318ea2ed6bb3f0137440f16a446482394810

Download Submit