4e609c2edadf166dbcb5c492e48d8169d5a36b09a3698a1ef27cd681e9f36f1b

Resubmissions

13-12-2024 08:39

241213-kkgr8asrg1 10

11-12-2024 15:26

241211-st87tsspgr 10

Analysis

max time kernel
123s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
13-12-2024 08:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

version3.2.apk
Size

3.6MB
MD5

86b9be3dfc022d5b4725756c0cc5a02b
SHA1

e899c25a2674f317b8327682553ecf6a9f436f94
SHA256

4e609c2edadf166dbcb5c492e48d8169d5a36b09a3698a1ef27cd681e9f36f1b
SHA512

ae5798ec1e65fa91adcd73d6f6dde480e1180725e1b6c60aa4c4d1e10e2aefd890988d5f93ea3fb49c689d67d024dbf95df0ca20f8547b70662b7a063b96aab1
SSDEEP

98304:oK4MrIdrbxVoPs14H9xx6eDo6ddgwLOKTQdGd:oK4MrIdrbPoEwv0I7IGd

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.googleFe.app

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.googleFe.app

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.googleFe.app

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.googleFe.app

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.googleFe.app

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.googleFe.app

com.googleFe.app
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4254

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.googleFe.app/cache/1

Filesize
50B

MD5
ce2caab3e836f88c7e999792501e8013

SHA1
a28a0d6033576cf12aa39c17e36dc94395fd2f56

SHA256
521a6d6c7762a72698cb4e37773309f3b015773a72b40c53b0b015c6097bed9d

SHA512
21919dc956c0b0e7259afd887edaf1f014e85905b11cf579a7f9b2fd59ab66ae10925d2ddc01a3d2aee6fa9f218b1606526ed821791257f9905b47555cbebb84

Download Submit
/data/data/com.googleFe.app/cache/2

Filesize
34B

MD5
c76013d165ef454e96824b1f62118c7f

SHA1
f9e0cf89bcf722d7204165ae26c131cf01cbff28

SHA256
9890e8131aca75cf93d9b0d92da3c653ca25768f93c29dcf486793de952fa142

SHA512
9b5d264af7541b623e5ab1f1fc96d572d5cd91df876351b5941646045bc3c268c10a822c6134aa8d25d81daf59e957a6c54d66757f3c7d2bdf60755d28d78b47

Download Submit
/data/data/com.googleFe.app/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8f0f2a353b609f84c3143c8120bcbd45

SHA1
596f005570a0ae7fb309c7764167d858c96a09fb

SHA256
763fdcd2713576b51cd780e77c93985d6b5d34a6fe0f044780758d778b7b3017

SHA512
093b2129817d42fa32ea4e0451d8a2b3b65d745e389d6428db944782ecdeaf9152a43138b362796f3e67429dd7215e8439403ccf23dd3bdaeec75cc6b8a41a73

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
abf134a8adf53328164b9aee10a70863

SHA1
d64fe9d5ed31e9983f38e9aac0385f8c41f85b0b

SHA256
38dda38667b5d31d01c6a0c7cb6db2d83e54a8623e36895d56d9238c7093865e

SHA512
a835e7acb728e381e1b461ecd1735066b688d01e6a0434c179f0c0286b26c15a73742c8b434b0a5814f1add24fbfa720c35a2bd4974dea5e3e1ec7a2cc678cb1

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
21144d22935843b927b238bd2c2f75b4

SHA1
c11f7e767df47f99580bfa8f51986f2cbb41ee36

SHA256
b74ec367dd77e13fa878628d70d0b5adc4efa33d750f581276d7e0cd355cca5b

SHA512
8d3f3332cffa74ec6872ca6f926a9f40d4e7f17dba09139073cdd84e2dc9dda9814ca3a9dfca46bf031d5848fbc511aa0fef8e87c9738a95da8fdacf89b45788

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d0923ebdd05df330741ee3186331c077

SHA1
9bf04b6c1b9a0df11619166509dba7363c7ad938

SHA256
17bf1ac63eee9b04b9a3d497ef8eac784f8989da2cebc8db25570d1e90b697a7

SHA512
50c9e5816c0c24ea41e606d78feaa3efa92125c4f6e6ba1545cd7ce05190ed9eb238740a37a4978c27c8b656c05ac6d750711d2eb08424c8b31bd53fa05a58e2

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
60e965745f704d0fc2672378933937eb

SHA1
7738e81047593fbc4d37f23dbc74a039fd33b95e

SHA256
a3470820f3c0fb43c8342e3786b0f70d4380ff15297809dd4a3a096a47c13eb8

SHA512
0511258bc668fc286e79bafe259ef7ad940b1997de6a7815719675ac4675e1a3b88d6d719fa75dc7b63779862ca639b7ca44fe31bedb44c22e7c5b40746febbd

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2ff61aee99370b858f909b4ea2dc8b4e

SHA1
232c4d3249525f654c0ee62b6c1aa061b7bc7edd

SHA256
0bf744ab3837e58ee11a43ad00186a7dc2e73604fb757f63e70b00dc5dec9b4a

SHA512
1f9c8455583216bba36376666919c27272cf444b5b8242d0a4dbcf27f6ac29ae8da479d18d11768b10d8f5d3b4e9b66bd5c88110314459f3b80556e93fd1d1fb

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c37bf12c14120cf4b66d85d1056b14cd

SHA1
59f36e645dfcdb6cd9cedad98126682bf8f0ec51

SHA256
11ce659035de1e80b3b5e01e054bcf078f4fec33e492f9a2dc00adb7efe90863

SHA512
c47971ee7648a7d5a27aaca2df26eeea08052e1965cee52d1f0b72e61cf68af53ba2475429e1a90c89357eddddee1cd9cdc615cd8777b076ef82f437a09409fc

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a8209e93b41382eee221670a06ef2add

SHA1
a10a82f1357c2195ce5993b4d4172c517ddfe65d

SHA256
1ff0bfd2efe902934ed96b367b9aa83a1af331cf6d7bf8b6a0dcd8eb1ddf7495

SHA512
ad8393c8cb66005069b7b8bbe2c851d9a348b55aba39e42bf4f84970445877b6a5400b54b5b2c02c6f6f66381459024b22c442927e4f61d26fad78a463d96a37

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
31e0d71d3a5f9cf53ed1cdfadd7c876c

SHA1
b4bc24c3155c3deaa1365b175f0f29b5968cdf10

SHA256
89a0d0ad2c0e8e11a323583c6c20c73ac0af7dc949c1e1f5ddb6b1494d0ae198

SHA512
278128f40adf09d83b0c1e29ddf1b214cbf818082f86864ad8727185ca28ba1ef1accd8baeb4b591e7129e82981baadfb6a230385edaebc0b33423e6bf28d7b6

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
462e6beb933f3b90fd14072ed193f7fb

SHA1
6ac97a8673df4b3b087cbeedad87f3f6ccd243f7

SHA256
df01728c9ee31d9ad4b14c9b25e0603a9d918f971f73bb87d5a8a9c836190c19

SHA512
ee41bd5a9cff57f3804df460ad096de0aa9a9ba05671fca28d8a33ca9bf4f08fd081c74120187a71b6001fa179faf60e7231face5ecb826c24f7bcb493e7d629

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
e08e95006468bfe3618457aa022c2163

SHA1
0a01122aef9de2e97b621a38d977522d8014a042

SHA256
a0bd76ba39f1a92dba151904b4ee88b579e735b7154a8eaa2df76040f14036bb

SHA512
51ba49f7f1c1fa9128a94052fe0fb88acf3872c3218d362cb0dd4dbc3106015a22225909bcdc6ded1caf9fd08019db4fb87a1835183adae522a8a9233da0c113

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation1227527676321795406tmp

Filesize
90B

MD5
d0bab56a9ca0888db6f255482bc74681

SHA1
05098e781b26d07c69aef5d1e9a80372bf3376da

SHA256
beb2176ba85351d2dcabe1ddf2e8cef00f756a16246b508ab6eaa9ece09b7568

SHA512
9a7a39e803cf1eeeff3541acc28eddbffc7ccc8b9a290e90522f6c11e79418db23d7bb1bcbb329470394a163faa48ea7e390b3d5f23ced4aeb4034e9499930ea

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation5353488290788171349tmp

Filesize
566B

MD5
fb2c6c3719088ea893a518596a72a49a

SHA1
34ce386db4b73cdd58c1ac7797ef4c38c7ba298b

SHA256
c46f2e5d9b3fb0b645b3540a8a6d5a14d5656257fbbad307ba3503f1c5111374

SHA512
4ebda38327f3c327326dbf5294eef8d0a43707ee1f667de88990e10616ed4a6f368253b70f370afb2f3ffafbc9fcb20e3ca820c9e2b40592d31acef4c5e7604e

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads