38a7a8297da07b2ce191efac05f984e7d9726aa2b515c2ce70d022794bd583aa

Resubmissions

10-12-2024 15:40

241210-s37elatqfp 10

10-12-2024 15:28

241210-swnc5synfv 10

Analysis

max time kernel
4s
max time network
51s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
10-12-2024 15:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

38a7a8297da07b2ce191efac05f984e7d9726aa2b515c2ce70d022794bd583aa.apk
Size

8.0MB
MD5

20d18718d5233edc5d9d238a76bba508
SHA1

5dc367ba0241798bb0ac1f51945df58fcda65136
SHA256

38a7a8297da07b2ce191efac05f984e7d9726aa2b515c2ce70d022794bd583aa
SHA512

1bc8557869044bfea3c8596f9f7f16c1b4272eb5b211c420b9328b399d9eacf6264d0ecb11e448f3bc8523091263a9b2eb0d99abe56e6fd4045207a8cbb3c00a
SSDEEP

196608:xw2lBXLkj4MRC7vz53w7C1heYW8a7YjOPes1MUtThyELhES649yJVX:RsmL5g7iW8a7YjOGs1MUtT4ELhES649c

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/apex/com.android.art/javalib/core-oj.jar	4637	build.ledear.riufq
[anon:dalvik-classes.dex extracted in memory from /data/app/~~0G44sPNPPuk7VxlMKBllsQ==/build.ledear.riufq-8uBllCQLs4qlNR0kMLOdXA==/base.apk]	4637	build.ledear.riufq

build.ledear.riufq
1⤵
- Loads dropped Dex/Jar
PID:4637

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/apex/com.android.art/javalib/core-oj.jar

Filesize
4.7MB

MD5
17bf082d9e9a6eb8b5d62d82f4af5476

SHA1
a401c7fbd8feea319dbcece5b4b3f6a254e71fb3

SHA256
4df590b764f65c16b51176ff394458d0b3a866ca75a4f912d6f76b7793043c1c

SHA512
f1a2673bf5c478176de0fceec8419434ab0606a14343c3b7fe1e2b181b0a2ff8f00c888ea1dcb8e711c4eb14aa1294919440adc63ce7735a67e93da21a0f7ae7

Download Submit
[anon:dalvik-classes.dex extracted in memory from /data/app/~~0G44sPNPPuk7VxlMKBllsQ==/build.ledear.riufq-8uBllCQLs4qlNR0kMLOdXA==/base.apk]

Filesize
17KB

MD5
e6df9271c07cbc436b19060c49dd67ec

SHA1
436fe73a85304835fc1ff72228a392be772a303d

SHA256
d2299150720105422de315b518620cb9b8731738dd94710155dacf7d2f5497dc

SHA512
bc2f0309cc161c0f4730b2ba086a723c2758d5c6b96d5e74975404f2ff0c34a4a09f757bb76345b7bf986f6b42e11a68f7564e0429c9bc5e541ac368e24c0611

Download Submit