Analysis

  • max time kernel
    6s
  • max time network
    303s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    12-12-2024 14:11

General

  • Target

    smartpayzone.apk

  • Size

    38.6MB

  • MD5

    d0f05a2a91bec69cc33d05d9e055cf62

  • SHA1

    0e597f48f3c8a77c2c34b51f3c1cc8def9cbc2cc

  • SHA256

    714f140717663febb87371031c7a102166c96a6e8e22a7ee6836907f01e53261

  • SHA512

    8b3a3429fae2af0c3192e835d8b6395e05395c2bb9b44b759c9bfb279ad36822aa0cfe6193e26533d8bd875f56f5dcdde405d368f068b339aec73bc9aff2db4d

  • SSDEEP

    786432:YY4vFxsSwUj3YiNo7Y5Aa8ET9A2EmA0nwwjYtd+oCVrUBe:YYy35NpeXETZEmA0nm/+/

Malware Config

Signatures

Processes

  • com.ri.smartpayzone
    1⤵
    • Checks if the Android device is rooted.
    • Acquires the wake lock
    • Queries information about active data network
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:4284

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.ri.smartpayzone/databases/CFPGCore

    Filesize

    28KB

    MD5

    7948e5ae3bc5ee76b396700182475ba4

    SHA1

    2dc89f04b85e6897bfc870924ba0019dd79da491

    SHA256

    cb84f5e4bcebdb379ac202eef16ef8a3bb933dee8bd5d7f69f391484e7d83a05

    SHA512

    dbd4cea1045f06b98bef50c0a3f0a645945c78455367d9659962c466e93d9bb132d6f29c061aaf51767b5e99638d4ae0cdc84c8eefbbffe73f2c3e392e7e7995

  • /data/data/com.ri.smartpayzone/databases/CFPGCore-journal

    Filesize

    512B

    MD5

    c8894a4fef1795ef7afcf85ee6abaea7

    SHA1

    9d2b4a7d201329fe79812ff087f1021e4214f0e6

    SHA256

    10f2c0d92cb0be194b10ab4dd6eee2116b2e1760aecc1f47f03da8cf98286e57

    SHA512

    727a2c10898e5f63f0a2940e60f7dac53cc3e049469a8b306d676eb88e2e0f786ee681e32f298822536a349425665282ebf91fa434d32e34f0067905246c96a6

  • /data/data/com.ri.smartpayzone/databases/CFPGCore-wal

    Filesize

    56KB

    MD5

    1af0f66fb82e22dbdde41d44c9ad0727

    SHA1

    9a287a311d32bbbd680cdba0a08896e2472438bc

    SHA256

    67638e0444c71060c78fff90ec6bffcffa605e19cb3f1106266cc42a4684d7a6

    SHA512

    4868de7674f14220648eaf8d7e96946f3499912b9ab7d60fc7fce8d85453a95bd6b35b3eb810619f34420ec23136ec88197374375c5c560ba877d08150a7aeb1

  • /data/data/com.ri.smartpayzone/databases/com.google.android.datatransport.events

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.ri.smartpayzone/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    aa5c80a0554c92986fa3dc89d36d8a3e

    SHA1

    8f304c79218150e47fb067ff5abe1b8084606d47

    SHA256

    b2a61062190d7f3970c30ff284e0c6c483cd3d0dda23aa1f8a7d9f92470ca3d6

    SHA512

    6031676b3b547a2d1ce01d695051bd46e6423db9f861ed8782097225889f9a5b3658a870fc559014f424320b9fdbdaa6c9e0e4b04d8e349ebf0f2f837440de8b

  • /data/data/com.ri.smartpayzone/databases/com.google.android.datatransport.events-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.ri.smartpayzone/databases/com.google.android.datatransport.events-wal

    Filesize

    68KB

    MD5

    90649e2595337b713c26741052618b10

    SHA1

    54a9ef579e9ed5f14d95897ff9c94a9ffb3f1ece

    SHA256

    b3561ade2a5da8415e0ab5888717b93f23dae37cf9930d70bda5781844ec7b48

    SHA512

    3ec3fada3d70ca61912ce622eb481145f0db35da2a11a67cf1c0dac4d1e1e20340e6211068aabc0fbc9546706e02d9b5197c7b2e218e6bcc30c33d74dbb8e704

  • /data/data/com.ri.smartpayzone/files/.com.google.firebase.crashlytics.files.v2:com.ri.smartpayzone/com.crashlytics.settings.json

    Filesize

    715B

    MD5

    ec5c7386e5c0844abe8fa7cf66d4cfab

    SHA1

    70498213de5f26783b6a38b4bd7a7f4fd3f3619f

    SHA256

    3d41b898656c7bd8948b2af8101308a7dffdaec5254f643ef81b284cfbb42a74

    SHA512

    d2779428a35552f4c7f604b5c6c198b33894ac4ec08ede653c44931ffd9e7c56aa9d9875e947fd1f29f5c4e6643e82397557bc660569771e9f78e083dc888599

  • /data/data/com.ri.smartpayzone/files/.com.google.firebase.crashlytics.files.v2:com.ri.smartpayzone/open-sessions/675AEF570173000110BCE7B7EA396D12/report

    Filesize

    736B

    MD5

    d758a480d5ab5ebb4f9e77291300820f

    SHA1

    846d90ebd2a5531c2d4f3eb162c91f2cf80c3352

    SHA256

    a723e7ca0ffab93d82ae3421d8884444fd57699b7b7558d5e09696289095e436

    SHA512

    8d9c633756fce5fc8f637e299601026dba4adf7de755a8a5995d763829a19df1f38a30f258489ec33e1bfab01029e9dbbd8a822d7322f0386623097aeff4d648

  • /data/data/com.ri.smartpayzone/files/PersistedInstallation635835258527596189tmp

    Filesize

    90B

    MD5

    355b3992b0400d002f900aa48a18ac0a

    SHA1

    e0f1277f2691487fe960f939674d202883612283

    SHA256

    d11fb38654d0fabdf9b1702f57c71b48b31cbc86cf521117590f04a95454f974

    SHA512

    054dece3bd2ca0392d991df60cba40f3d534c1102d5de68714d4763c27261e8e33494e2896b208a35f1993997eac0e6bbd05389f7a1eb8d631e3a165bdcda8b5

  • /data/data/com.ri.smartpayzone/files/PersistedInstallation8346944253738214002tmp

    Filesize

    567B

    MD5

    91781b7e8441a7b54b08232ebbc26263

    SHA1

    9415948c7398e06fd0d6d8ccb3a76b4df9a6f984

    SHA256

    11cef634564297c0da8ae424e5d335e6d0fa9c40aae161066be2d258ea3419d0

    SHA512

    2f30ff3abcd7a4fea6e522e6f0dbd5e006d9c768d4fe3ffb588e036f01a613284cc1f545c0fbfa0a9627c902f8cd691bce06de3a571efd72a1e96184d2a31535