f81b1cbac0fc3981660cf69031b4020a67ffaf0874391385c67e439c89b23a6d

Analysis

max time kernel
123s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
09-12-2024 03:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

3.9MB
MD5

37847a27b715877659f6157063a1f079
SHA1

657bbcac517147fe166139aa803578baa49b92f3
SHA256

f81b1cbac0fc3981660cf69031b4020a67ffaf0874391385c67e439c89b23a6d
SHA512

83f450794aa437dd61e3f92f9f0236f773b110cb8e99650f2aeb5f86ccf2b7496ee5f035c3c93d758b1f55b1e224a077e7e816147ebbb38a11051cbfe80f3ef6
SSDEEP

98304:7m9niXwVISnclTNS4zD1I4IQ8genjhaAMVf3LWO/:7Oni8ISn0TNv1I7ZapaO/

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.googleFe.app

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.googleFe.app

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.googleFe.app

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.googleFe.app

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.googleFe.app

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.googleFe.app

com.googleFe.app
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4257

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.googleFe.app/cache/1

Filesize
49B

MD5
bb506a04d2ac06f4be8d76fba38ebbd5

SHA1
31b3ac8bc9c5a70d9ad5fc6a8bd5c656fcea741c

SHA256
b709c0ef2d4fd3e826070b3635bde681c8b8a7f2e15009443b91281c5f6e3118

SHA512
e9f41cb5bf535e277307ab6eb0227fcf44b391f67f748a6b0f5ef2a12f68c4f95fe0915b166fe8f78a7f858f04f5704701872970d8c7cb9cd21c9befac11dce7

Download Submit
/data/data/com.googleFe.app/cache/2

Filesize
34B

MD5
c76013d165ef454e96824b1f62118c7f

SHA1
f9e0cf89bcf722d7204165ae26c131cf01cbff28

SHA256
9890e8131aca75cf93d9b0d92da3c653ca25768f93c29dcf486793de952fa142

SHA512
9b5d264af7541b623e5ab1f1fc96d572d5cd91df876351b5941646045bc3c268c10a822c6134aa8d25d81daf59e957a6c54d66757f3c7d2bdf60755d28d78b47

Download Submit
/data/data/com.googleFe.app/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5ca049fc916547ddfce7903639f952f5

SHA1
8cd685c1bbe1ea05123704d32b09f286bbe838f6

SHA256
3b262a295499b88102e1510bc208b9397b07c29cffd77796254f4c6c7dfd71d2

SHA512
390c3397205ddc5bb0688170b66ddba80445945de1321af72b6dfc06b7d815d4130ecfa1e1ca2c03fc3807f058aea6db87cad184d2c8db808cdeba8b157443aa

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1c6b6f2bcf56a485bca16517c5bd5a6e

SHA1
1e04fd7ed5310070db7971a99dd5c4daf8fbbaf1

SHA256
c8fd82a2bc9067d0795521a50b536c5a745e8590758786387ae6b778bfb5ef14

SHA512
8f66574c4233dda879798f0f325b00bdf0590e6213fc49caf5759729b477a85150993372f20dcb90ab143ace9ee373e532293f3feb6ef436e31daaf520852305

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
98c6e6e9abd12b9c5b981c5caa5ca20d

SHA1
c976e37adec10cc012cfc0bed846a2f14dfdb511

SHA256
d7b22bcb515a2a44aa63f392c3cfea87aa5098aefd960cd3a55044d53ddcc033

SHA512
6273c5f28670d9734d46daf7cec0e93e25ac955503a12ef88b4dbd76df17ad11b5786fb5595e6f4996b6ed1803658279deefaa56ace673bb6fb2f4a65b326f3a

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b5c0e3b7fb3089542e3dfdcdd3814d18

SHA1
4c3ca3c5408a558db98ea7579feed9f4d785faaa

SHA256
4953aa334470d95bf0f2194266231cacbd608146e8e5fcbe9f4878d09eaab82e

SHA512
b9727e3aa2192a3f34353d0053c5a36eab4879f517292fd0f874c51ed10b19f52d38a7c8ff5f60cec6abe648c2e85312199b8b1955673080bcb67954a15077ba

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
4780a120212e09b10c727550de389bef

SHA1
b9cfbeca3f1dd0719a7377262c31d59bbcb1fad5

SHA256
ee9c566450e0940ad178d46697ba5afec45d225bd0f0f7fa41d74f6dd098372d

SHA512
045ac9fad5cce0d12c816eac1e248632724271d127292fbbc80d7e93ca32e41e5b5ee9a33a1b312faa6de76da094d4f2de6474975c684f79ba7eb96b44204708

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
5b51bee6ef8341f643aa3466e013f35f

SHA1
0669f104873b6ff1d7cf6b609b30ec83e42a7b4b

SHA256
5924f0621ce82a47c76c1a16b269408e94fd27a40eda7786ff3fb603f5fb36cb

SHA512
e2c94a24d1d6f9cf763512efc3982abeec01164b7cc7ad0c8a0d6735345c0e35e9e0d772d1f91ff69e1afcde0b0ad4c6ca4afacd7d6bc769075138430891885f

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
9ef12ba4eccfd7ca8f038a195daed692

SHA1
bb1f0c457e5bb37c36db881842375dbfc870b943

SHA256
d2cc99ca9e0b01c60e9359d07dd564fbb68dca31fb687b54800eb0c052db9854

SHA512
83ffabcb0f913725b07a2a37779742e9ef4d0e4516f4fe2e1c3fa8e4eeafc665fb19e5d22e0cf552a05af419ed6aa496b35331cb8e4daa2616ec27454d75b481

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e0a4b49b6d8d1a462eadd1e5a14cc63c

SHA1
535d65e605124b4c2d109e4f36797721dbcfffad

SHA256
dcb580d28e220b2feec3bff47418c0fa0ffe27df45ec4eb4e0277c56fb4c8585

SHA512
e88d1091af7c9fd08c46fa13b9b7b44f69f20d16ffa09a9fc2e82afdbf7cfdb2c8ef1368d3681115fba66800501fbc1f13bec8e37b84cdc28e5a383c4e0a966f

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
18dc3afba5c949568a5f3516c82ba8b7

SHA1
1bbc0a7393202dd340ae4d9d57bf6eaff20252e0

SHA256
192fa41ec72da40ee13d0a8a43bc5ddb3dd1c6c67375f343e390b89297e4d029

SHA512
58e413f062c3866f3b8895c46adb689dcc05d996e43ec3bf60683fce86300a9d949d682f811793857dfaf11d5687034cbcd0da744c03a3c14c27ab5878bfb31b

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f7742683fc8c4c199dad3d0e22a813bb

SHA1
54e6a735228c68022d44f0fbe495f31bb43bb608

SHA256
17f80bcbeb0d0fb6c6c07cbb48c5956482695fae4b7137f058762bdd3f4e29ff

SHA512
1e8adcb452b1b6f1fe5c94eea56c91aa71b9305d884a23426a8f88a475c819365e83ae8b5b9f96bcec64f49cfd715605d6fbc48cca9824ecee9065f0478cc212

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
c11e2f2ffc5128dccf2801851b2706ee

SHA1
0e67145309946182196679e96783951f7643e538

SHA256
1871847d19741865be2fdcd7553365c9a2712b58208fee3671cc01fc43007fc1

SHA512
1b31874f688fac3fa394eaa8a7f96f5f8c3620c55a159bce1e703a21d7d6f0a29cea709e9eb2e7b4fc0903d44b9c7c8e54f08eb22e0a70275f3e80a0401c65df

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation3914411895918441650tmp

Filesize
90B

MD5
921784d78356643aa130b8116587a97e

SHA1
f40a82ba63eb8580020c2216668f4825755e71cf

SHA256
8862e453793faa63d26d419adfd64f2b476179b11a874ac78420fd01d4a6db22

SHA512
a3258a96304d6f03c9a98358a5cc4b4e6ef7318e210179e704277279ae81b062b54e9acbbecbdecfd8eff614a66bfd765a7493fcb4706b526cfd317770b47922

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation7159648826077796218tmp

Filesize
569B

MD5
f623233adb76f9bcf293104e78408891

SHA1
f52fa8a079f69cc97c88e5761e7ba27e0fad8d4e

SHA256
01ca0b6b9d2c5976116515b7d1d32318faaee919c816e87ccc17432ba32cd29a

SHA512
70aaa642032ca588383be7e8e17552972c72885b5d546b3969a473cfe26f4542152eaf64e0789a2b9dfcbb969ac77171238da0bb9dab8dfe5d78b8764084d84c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads