dda5cd8d5c1cf43f0197552c140d7bc396a0be913a3556590d2fe45ffdd3c096

Analysis

max time kernel
2s
max time network
150s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
09-12-2024 01:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

origin.apk
Size

3.5MB
MD5

60a50546ee79e6756c8571dbce141010
SHA1

59ae8063374f16100e93b49dbb3e29187d0703ab
SHA256

6a34ecd487969eb57e9558916da2af5761d6e010ef9c941aed22e4b4679e0b2c
SHA512

2de954c16d2d57aea1cbfdba73ff1d68414a3b03423d657abe8da42a52069d6acd09cb2bf2681394aa1fd8b0f0fe5b9bf015e06671bf49eff82322d820255f06
SSDEEP

49152:f7vrJFUtDJDTYxkXGGF8pfbkTQuLD3SEg7Eu78y/5dwzmsk9mt8f1lMpCP6H63A:71yt9DEOdCfbk1baR8A5C6s1t4fWRCA

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	matinlurd.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	matinlurd.com

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	matinlurd.com

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	matinlurd.com

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	matinlurd.com

matinlurd.com
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4337

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/matinlurd.com/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7687589ff7b28c4a168eaaf83ab71e92

SHA1
19e945d99abc222054a54a0275782fa7c0a2fc6b

SHA256
b3c0c5ce339355eda759cc272c51a87fdf39fffa71fc46400c7e64ff027930f8

SHA512
5cfb5eeb60cdc3c640613ed5922854dec3995a6d0399d0cc84a5e5c9ba61078c530ec49e2a4446b0eeebb562964f1e8fe75ec986ce72c574a845b622104bf367

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
be6cb880ebdea381cf8f8432a978d798

SHA1
ea1a3544ec6b94e07dc6ef53f2de8a8232d6f293

SHA256
39368510234e8ac23473aa4da5ae4a2ac6be781b8515f564e0b6e03f33a0de1a

SHA512
098c94241987e35abcfcb994e28bd5db005811912cbf28658813629919c1b4551df88c55ba6625eac036b8168d22361b1fece29d817cb556f5300cb0aa47c371

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a829958a78a317d007aaeda846731010

SHA1
be87184422bb7d3e1fe1fddfa57f08fce18fb148

SHA256
e4abb503b260cae5d1210ca1e0c57a1142c3761c3cc0f7996f8147d88f8b371d

SHA512
55a44d786213310d8019d1f8fa792a1a61af7e9d62a6f18d3ca7da0ddbd5fcfe6a047bdb72eaf366cd60358352008db36d43327b0264a3a5012efb3777001db2

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
4cc108cd3cefdd60dbbe4d68c2298184

SHA1
305f4de1617ab5cf28f4277542deb5009523db04

SHA256
0c031257ffe8ef7d48a95cfb82b241652d82bb2bf2847a9880891161673fde03

SHA512
aa1539bbd5dd627e6efa77f2c57ae13228d2771bffcf9c868d3122eb553d5bd07661fd8f6e0d3a82f054d1611e8f2b41dd6f3db8d97edaf67cb0196e1115cc04

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2c8f9cc0cc92e0dcd0a1d03f9911287f

SHA1
6e4664c053fed8a1da8d42ef35a1a5b20938cc32

SHA256
805d7ada01957f8a39ffdb143071378139a5b8135c8fbe4872024bc8ecd829ca

SHA512
a50e4fd25d900929ea41a95d321aa28f9f0b529155fb1a8303882bb32a79f6066f3ae9ce9d71adf3979f51d87f250131568b214b583a2574cb7ad58e25b9f403

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
718397ad0e534385927b368b24b9cdbc

SHA1
2a483687a98e6f77250f3b457a1d1f2804977d28

SHA256
5aee1d843a794371c8f03a14f5bae973fc0bcb81a8afe221ca3d06b4743670d8

SHA512
f2b806ab223b8fd5a483b9d07d550ad73a0fb9b32b88835017e205915984706429f6e6c554b4f0cad476b9d6372185688329b715d4cc2e0e4668e861217a4628

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e9b6962ab402759214aa0c035cc7ccc1

SHA1
8a45d46d8c3e6bcb685ba65d54b668b39198b60e

SHA256
dbd4131659daf3ec18792250b821d4857369c0f817d000be62f88b67fc77729c

SHA512
b40a5117900f6557c61c0d667552b254145c2dbdc7963e78693df18a8d2b15703416a97bd0626ac46e28499a803d9fe4e0b760c9f9c806c2489df8e7a593dffb

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
40d0dac0d54ae503671a9d2247715e8e

SHA1
aae197f2dd6e9c92c69fd36390464997114475fc

SHA256
7062387effb0cd289e43def76047c11331daae091588f770b407d5a2aea730e4

SHA512
76883fccfcf473778f07fa03c2f6eee37364f120a6308e4617f05b8d5b57028c164960a84ea4430852ba70a729e2d5fbf047091f513639980381d603027c8999

Download Submit
/data/data/matinlurd.com/files/PersistedInstallation390429688027425188tmp

Filesize
90B

MD5
c947f2401d91c84a4e05b0a7d97ab121

SHA1
946816cc406a17cf774161d82bca841306a5a4b0

SHA256
c40e0fbcaa39d1132b3873d28aecaa5b3a8be38f66e1e9836b9d9b90aa0d8d50

SHA512
219a86eb774e9738b793f978fa2cb4a75fda29b5071aac31a88d6d3b036a526d67c0e0b41bc4bedbd444135a756826a060ad9be68cb85f7efac83c53542da40f

Download Submit
/data/data/matinlurd.com/files/PersistedInstallation553543056535084076tmp

Filesize
569B

MD5
0aeaa34f6c54a70d346d53fa68dbbb16

SHA1
2fef57e8ce4d9146e44f8dfe5956ec7548cd8797

SHA256
1b4dd5ede35812f30a5998e0bbfe100e7bc6504910f6c86025fad270465b0681

SHA512
fd2da8c42ab8073b1cdfbba4d7bdeb124a9a4ac1a993d7f185ab23c099bf4bba9c2feb688ecec1cfc799052b724153c6d6aad3ebab65e59641c8b37414442a10

Download Submit