Analysis
-
max time kernel
149s -
max time network
146s -
platform
android-9_x86 -
resource
android-x86-arm-20240910-en -
resource tags
-
submitted
14/12/2024, 22:04
General
-
Target
934011382159cd62787ee5c5887da4faae903df852152faf191c66e8454cb498.apk
-
Size
3.7MB
-
MD5
476382748732fd119013f431eb526b96
-
SHA1
211be0602084eb863fc1509ade6647593278ed9e
-
SHA256
934011382159cd62787ee5c5887da4faae903df852152faf191c66e8454cb498
-
SHA512
4af84c7b27a0653ba612a9d4ee958fa1e203e140b1b15bc7fdc47e08e08427193dbc5d49f943b29e00c11a9481c8ea7091d558137e34bd580565c1f77acd48da
-
SSDEEP
98304:zZQ8Diz3+jcExrUH72jobqqKDPLWFovYoMkJkRFPj:zezuj71UajMsvwoBaRFPj
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 10 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
ru.sxbuIDfx.pFSOyagrF1⤵
- Checks if the Android device is rooted.
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
Network
MITRE ATT&CK Enterprise v15
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
272KB
MD5ab21e46df1fb7ce845c4aa4d1c814f19
SHA12d5ad0f9a22e2a8ef4a1f5bef826eec47fe23c5f
SHA256c879927cceb5c78106e8dc9fe4c74c4c07337c4da1bf5a1e3b4547ea0e4d68f6
SHA512b9f6f260dfa2eeaf0b371570762e6cfe0407a09ceb20d6a47c3ea1fe6709779dad8805de0c0845ce1c78870f46689d1faff5902507a73f322784a3125fe41fe0
-
Filesize
512B
MD510feb9f11aab60e0185865d9750da1ad
SHA16b47241be38de76c2f7ad109d3d50e0a92096b0d
SHA25671522c562add159e02fdfcb1c24e5db2b8a5fe893963d8ca041fb702c31dd943
SHA51245261495304422037916fc1a8f891a7b4dfe1285dd75cf16e18c43a9e7b075c7e613e5d5c5458c8eaab1c502af64cddcd33d39cf494d6d003c93109fff934b32
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
418KB
MD522b87f586eb8aa337f18191c95c8e000
SHA183edeb63e23a8f02d86486efa7405d7ee83f90ef
SHA25685b855ee4e159480a2ae8cbfe819cb678b6b16db96133329298ad8dc9b0d33bf
SHA512003fca0598e62e72ae961b34375df75915b3172dcea31dc0ad5d321ff2430fd3e949d39ad673d29cbeba868db8dab6d8f05cb12e91b3f6cf94313ce37ae737f3
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
68B
MD5429059fdba597db89e491d6bc8d92b45
SHA12500f7f118b7d4c29521eab5030ef652d21c3630
SHA256a9ecdd5568d8ab46101cec0af5a5e2d14a0d44859e442ff55e241383e293f557
SHA512f9ffc61326c7acf79ca5c6e3405126ed2035cd422841392c8f4e485313095e13ef0220c275a756481dfb8542e75ad14e66311d6d039dc2aa51d799cd63de97c1
-
Filesize
26B
MD5dad1167f858ea418e12422075ec07a58
SHA131dce368a4a99dd84788a911feafee273788a703
SHA25635a1396299be95bccbb1cc24d9d45ae7a9117702fdaa2ecb398a75a3d379fdf1
SHA512b254a7a2e675e181c55ead68fe7439e65ec615a8db44e59904c1de3da4242ec7cd7937f356933818004cfac96ab93d8b1f629e2a7d8651fd94c868a4f97bec23
-
Filesize
93KB
MD5ba57f9fe62bbcf10348091b7d08ce123
SHA10fba82354a775094f68fb49bd8530f97f6db97cf
SHA2561df6c43a03bf45cb91c83eb81d123877eb4f663b0693daf4ba590df900a01160
SHA512d030cb078a399eb104e5780426e14efeaeeaff93c4710186d1622b64a5ec547e20e318f72ac3c6adc3baa4680a955a3e43fa5964dd87a0684b21902672854e69
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
1KB
MD5634ab5e3e49b830079f88825c88d7f80
SHA1cabe4068d07d52c60f5b9f840fd887051748a3aa
SHA2562824000ad496be920c29d0a78589c72935288b40ce44b44c5fae672fbfe87fe4
SHA512ffc893fcad8d81f6ca272cf03737ab466eafd135599e6f6f20285d7f4c3454bedde4de5929dbb1be5010192747f5f11d86166509f24bfbf778f949762e47ef72
-
Filesize
29B
MD5302f7b6d9a4ffeccdda9ef94184c8326
SHA1d4038ca0629f57b7e5c4056e74a395e5598aa16a
SHA2565b36134b695f0a9a32f570b08cc3ef74e0687a0d2aa228853bc0346f77bffebe
SHA512299fda4936acf6479e22f9166d545976d5d99ba6fe7a5b7298cb336cf730eb7790524e4569fe64bc03c598c7e4117f163ddffc2e2889439f709c4d80ff665039
-
Filesize
41KB
MD5e00c742768f30bd4e90eeceaec33eabf
SHA1601746abb7a60535a3f3dac62d134b8971ec0640
SHA256feab96c0211e51d22c57d0ac33ebbe260bd0695608f1b2b277931fd677e3f57e
SHA512161ae35069616ed43dac4a44552f7b3cd1e81d3b35e941c4a06836f517b39022d884d805a7f10f46c9923661b256546341df8e611ef8cc27a32bd640b1c78b73