Analysis

  • max time kernel
    7s
  • max time network
    311s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    12-12-2024 14:11

General

  • Target

    smartpayzone.apk

  • Size

    38.6MB

  • MD5

    d0f05a2a91bec69cc33d05d9e055cf62

  • SHA1

    0e597f48f3c8a77c2c34b51f3c1cc8def9cbc2cc

  • SHA256

    714f140717663febb87371031c7a102166c96a6e8e22a7ee6836907f01e53261

  • SHA512

    8b3a3429fae2af0c3192e835d8b6395e05395c2bb9b44b759c9bfb279ad36822aa0cfe6193e26533d8bd875f56f5dcdde405d368f068b339aec73bc9aff2db4d

  • SSDEEP

    786432:YY4vFxsSwUj3YiNo7Y5Aa8ET9A2EmA0nwwjYtd+oCVrUBe:YYy35NpeXETZEmA0nm/+/

Malware Config

Signatures

Processes

  • com.ri.smartpayzone
    1⤵
    • Checks if the Android device is rooted.
    • Acquires the wake lock
    • Queries information about active data network
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:4943

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.ri.smartpayzone/databases/CFPGCore

    Filesize

    28KB

    MD5

    ef9650627a35f169c276082cd6c9ae61

    SHA1

    c8a9cec5ae5e3b2a0026d225bb1cfa63dfe5820b

    SHA256

    a4feccd5666316055adf7c7612df476c210b78e0f65225a87edc5dbeb04aa673

    SHA512

    1edcbfba742311ddff823b98be6eb263d68da584038875aa3fde86224f1af2b84cbe08d4f0dad3f8552a541743a2ff1b8ef1ecf8d87a3eba53a9a7802ebc0248

  • /data/data/com.ri.smartpayzone/databases/CFPGCore-journal

    Filesize

    512B

    MD5

    795b4fe115b0c02a0c4c763b374dbca0

    SHA1

    8d023ee657990c2b8ac9bbea5748fdf2a40e3274

    SHA256

    7622779eb595795944f1cd7f8d5e5f340b7fcc3abdf02f8172a7b9de87d64764

    SHA512

    a110a1ab0a978cd3a0b6832e7e29bb540bd51b99f4d5cac14d11ac6213e243f1624e82f6fd736ec21aecbc495bbe3cc5edb3c5b513eb943fc6a1d3ddc6da7632

  • /data/data/com.ri.smartpayzone/databases/CFPGCore-journal

    Filesize

    8KB

    MD5

    214377dd5d37ca288d20787501cfaf11

    SHA1

    371904f395ce1638f4bf66c3262c6ae74ecfc1a3

    SHA256

    4a7d6592e73d07995893128fd7aa852791920b456736af24c82379bb581bbe34

    SHA512

    fbc5233458b77b8eb413ea2305c3f7e13e2ca2e0f477bb4072d7fdaf11a62b80960ff3297c661176f6372f42a7ecb585cc5d8d8bb01316a7e270d25b2eed7b09

  • /data/data/com.ri.smartpayzone/databases/CFPGCore-journal

    Filesize

    8KB

    MD5

    99cd204fb00ed51025ca3b965a030b23

    SHA1

    dbb43f66872fd0c135a1d6455dee9bd27110e3ac

    SHA256

    f1a2b532cffb25644720608240afe882b8f7e82e5d47d681b214e9a6d0b48ef3

    SHA512

    96bf116269b2cee613cc48cd5aad55ceb35ceb29d95cbbd7279239e23011a661209667dd15fad2025a5247d145a29fce0c1689e954044d77aea475e8791f43b8

  • /data/data/com.ri.smartpayzone/databases/CFPGCore-journal

    Filesize

    12KB

    MD5

    a8530071ffa74de355dd167901bcc37d

    SHA1

    0da1eb4c0a2ddcfd1cc59f214d879477fb1e822b

    SHA256

    02b523b1815fbe4c7c16bef8110152ac35e8cee77baa32657c93992fa8f63534

    SHA512

    840eab50d5117cd8d2ff9018e0e12d43ab6d75fd2716664d812e21a5c70cb40c104d0d529b989ab2bd9288a0183f42caa056391453c26c2348b79411a72b8518

  • /data/data/com.ri.smartpayzone/databases/CFPGCore-journal

    Filesize

    8KB

    MD5

    9b2c279e84cb862a7dbe03820755aa23

    SHA1

    072070e3872bdc72c84eef0c7f9e8c965f5b4eab

    SHA256

    c2a4b2278d49f3da7d2685bb77186ac1cb5bdfb7455a7ae8b44cde11f4800b1c

    SHA512

    077dfebb15083f6809288e9463a05190bb56fa8e3b4dcdef70fc430738c6e89155ef0ffb099067cf321651fd62babd8a04313373c50278809042f3d0654a6f3e

  • /data/data/com.ri.smartpayzone/databases/CFPGCore-journal

    Filesize

    8KB

    MD5

    f9a74283959ddcfc4ac074988f078739

    SHA1

    7480a343f54638ec6de8ca0ae901f5d42ca51530

    SHA256

    edb789383325c751d0ddf7d99ec0f3e1c889922c34bc142d498baac84a519266

    SHA512

    fbeadf95bad2db716db81206f4047e550daae3266f23004960e6f194da3de247bd57303f1773ec90f71bc52e1917313d6637d691756e9339ce97ad0c4c1199cf

  • /data/data/com.ri.smartpayzone/databases/com.google.android.datatransport.events

    Filesize

    56KB

    MD5

    c14f5ba1d82a43547d06efa1a716d84f

    SHA1

    044d90681d9fe7cf1d3896d4b9ffccbb9b6b1064

    SHA256

    f5e05f85e5cf6cc8f55e3afc686c2f3ac95f6cf2178f8c1b2edf97a7ae11befc

    SHA512

    99c967f281b9230cf7724d3fedf377da33ab6070dba3080f5db03548899a6426d65990da82df77c9e9054d6d6a23352066dff26350881aee7646fda76d4022eb

  • /data/data/com.ri.smartpayzone/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    dc5c63839e720b97dc406988cef2d3b9

    SHA1

    350522c457ba928f18b85ff1d3d55488f0d9c753

    SHA256

    17479d6a1e5d0884360fff4d9f1469bfa884a82e2384a97162c1e34ffaa9d190

    SHA512

    f01eceb071988d324eaeb12368727ab083a047d4c439f6aa03dd47749751bb624d5becd09774168f9db6056fa3103306df1aca745114c0764a354b83e5b87f8d

  • /data/data/com.ri.smartpayzone/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    c8c3ebb4ccf7e6bc1e16f6a7b4ed14c7

    SHA1

    d9d1ee8a05e1c86c18c7f5f2eebbfed35a5a4717

    SHA256

    26ce40cf43118750317fac221fa3705aad0b981bdd950c8e3f0e2720cd2c8cd7

    SHA512

    9d24fd84ee68f3aa06af349152fe5e385df9c575497b021e450a498486fffde3336eb09588aa99e2ac02930d7c948b9cfffba71729e3ec7bbfeadf826797a27e

  • /data/data/com.ri.smartpayzone/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    5510bc278085ca4bffad18656157c040

    SHA1

    d6965e389471f1f924ed1e371ae9c697a6f08cf0

    SHA256

    1ff63f02c2a2ceb774a71d5589316b4afab9d053b1afdd9dab1d7eac76b1082d

    SHA512

    dd8a698134dc217f7aef9953ae0565f05e8a4a3d6fbf5600ad2acab91dbf3a74afc46eedf681b5dcd28c68c126e7f3f16ea3f15fd1c31072f44417e7d6f9ce25

  • /data/data/com.ri.smartpayzone/files/.com.google.firebase.crashlytics.files.v2:com.ri.smartpayzone/com.crashlytics.settings.json

    Filesize

    715B

    MD5

    7a963b24707734b0819f2ae7a53e407a

    SHA1

    d127ba3d351e8a31baa3b526cd4a9d3dcec3e9d8

    SHA256

    3690239a346d8184c55d03b5fb5a3d6098acaf941d79b5b0f607602115d895ae

    SHA512

    f0ab3fccc3e869f85eb11db25766f209010e444e013ae41cc2c4ba24515f2ceeb47b664efabdf3750d208b8b9c17aee0103103a841dae6832a67c9dd865d49db

  • /data/data/com.ri.smartpayzone/files/.com.google.firebase.crashlytics.files.v2:com.ri.smartpayzone/open-sessions/675AEF5A03760001134FE087B33CF49B/report

    Filesize

    737B

    MD5

    3f23f668e66d8d14d49e37b989f1541f

    SHA1

    f4d7aabc4e1d34a6a808e8841678b9dd42410e88

    SHA256

    6e1d7d158d8b94445ff2a5866740544cab3af4fe14ee965cd1cead45dc7ea73b

    SHA512

    eb381c91ebe787a42b1c31427bdd6868d5a7a2ed6851d301a36a6688af3cad99bedd47e1a2182cbe2275486525a156275671104f59d743914d5eddeba1e88bdf

  • /data/data/com.ri.smartpayzone/files/PersistedInstallation129598317593792285tmp

    Filesize

    570B

    MD5

    8ba7735b1dd746a1f06c63a75c2dc9f0

    SHA1

    cd1caba8b2d299dfba7813493cf5d297c467becc

    SHA256

    976571aa921546b110e126a717bdf7eeaa92cd114b89ac1474e6a185d85c26e8

    SHA512

    9cae624dba6a8189c79580af098dd60e570bd3f5a45d4c86d93b2c0cf9bdc668a2dda72f536ca90d0c0e9ef17e039b0c3f7c8a1783f14a6ca744307c9940327f

  • /data/data/com.ri.smartpayzone/files/PersistedInstallation2813809100189951251tmp

    Filesize

    90B

    MD5

    e54f007af854dd41841f8063ea460307

    SHA1

    d4f8195185a0385559d908cee9dbe2dad6e309b5

    SHA256

    65193e0ee72513a16fa601c4cac8ee272fb4ca4a29c274044b949506fa04787e

    SHA512

    a2062b036c168755382d7b4e38fc6dbb3df3da02d1e1786313b80ea8b0f3b4489433703aa95b2e6c3c8e3567d25c66ef51a0afefcff00b8f988d4a9950bd1c71