Resubmissions

21-12-2024 23:02

241221-21ca4ssqhy 10

20-12-2024 07:27

241220-jalsratphm 10

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    android-13_x64
  • resource
    android-33-x64-arm64-20240910-en
  • resource tags

    arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
  • submitted
    20-12-2024 07:27

General

  • Target

    bayadoje.apk

  • Size

    7.6MB

  • MD5

    baf3c550534acd7dce3795cb7176d738

  • SHA1

    2f99a11bedeaa8357b75414e0797d8cfb337aa7d

  • SHA256

    129240b79c82258e10643b16f0947b2ccbb88e6fea642176a85f8d21d94a2ab6

  • SHA512

    c3180ee141d9080aa97c38936dfb9bb164a8151912f2b9594275566eb8f107dfbd8bd167e8e2472a7a53562f34b5f3be88ccc501efe37ae404c4b8ddfa346f34

  • SSDEEP

    98304:so/Krg4JmdxU1g9hZB0/HRCQoR9cKzqtKsRm2ieSyeTgnrSs2a+5nWKCYFWY:sJmdxU1IN0J6zqNBYErSs2a+xH

Malware Config

Signatures

Processes

  • com.kofisahoke.access
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Requests uninstalling the application.
    • Schedules tasks to execute at a specified time
    • Checks CPU information
    • Checks memory information
    PID:4468

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.kofisahoke.access/app_unaware/Mu.json

    Filesize

    948KB

    MD5

    ecc6d6a9a8f8d60c9f6a2806ad244142

    SHA1

    71c977dd3d4636fc54621fefaa0ea93865d23c17

    SHA256

    2150b3bae123782e01c06a7b449f5b1f6aa4475efa4205546efd35a1908b867b

    SHA512

    a140c0e5aaea771bc269639af9fe25c04d69954e6a02942fc6d6277590018b65a99820bff65c692513c06105798ca05b5c625b23f1cdfc96d41f34eab8fd9a48

  • /data/data/com.kofisahoke.access/app_unaware/Mu.json

    Filesize

    948KB

    MD5

    649b032a2e5ba2989a825f13c899dcb2

    SHA1

    c85ed2b78dac1fcac281d88d37805065096ccb3e

    SHA256

    b89bbafed6409577b07257c0c044a2e6aeb33eaeac0dd69d02b8159b381ab464

    SHA512

    ca2734109574ac148726d11fea2e1c491d220ba115337aec468054356f0076527c9cc3e09e3be28fa21826e5031714cb3a02cc4ad2042b9c7b5618f9e25d5197

  • /data/data/com.kofisahoke.access/app_unaware/oat/x86_64/Mu.vdex

    Filesize

    36KB

    MD5

    ec623d47e9c877e6e252c4b026f5c237

    SHA1

    a18ca80405565d778c1141119e4ffcf835fda747

    SHA256

    fe36fa07594d6f6c1aad0f1151df17380a96b33b328dab700ae86e93ac1113f6

    SHA512

    c082f860adca2325d780474ee3fd9aaf6639be3c29395206dfc510d4e9c5cb87629d041547e74ad44462704da53412afdbb090fe0ccfb59bae4c2d75d9eba10c

  • /data/data/com.kofisahoke.access/files/profileInstalled

    Filesize

    24B

    MD5

    b9ce0572ac4557a505d2edfe687018d3

    SHA1

    19755bbf58dd3b7dc9cdb2b10cf2e3b26c3bfef5

    SHA256

    aa46a7deb8b201b45b0fd09b74036f753135ad4bb2c81bb7e9c6629b110e30e5

    SHA512

    70c7a218f5bf19a57a464926ae9ca6602ca0963b608c64dab0b6a40c9adc5c2a2b022352a6bb9bcb9a5e680796c71ecc6ac49f14cd91718d42f19a2fd9542e04

  • /data/data/com.kofisahoke.access/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    941bebffd1574fd67aa8457d040a074a

    SHA1

    c841e11a2edc06b71f262f850fbc0b345854abc0

    SHA256

    2c14e366e1801b33a089106f1e7740ed2957d56d7c0a6be2524b4bf1bf6bb8de

    SHA512

    cad26f48b40a5cbeafbcf999a7f5c7360a2b7c233b77f3f0339469dbf5029377d0f19839821bc1534af84eb3871b4a48ec3adfea561013656e9dd016b3935421

  • /data/data/com.kofisahoke.access/no_backup/androidx.work.workdb

    Filesize

    104KB

    MD5

    45e327669bae623f9624e1c52b792771

    SHA1

    f887eb299ee6373bcd3d69c1425383e44cc00e9d

    SHA256

    99ef64c6c207d937535ca4457bae4369dea7d14d2adaa9b1fcf6002d4afc983e

    SHA512

    d0dd2ff812837f55814e3b4c17d550874469643a938de84e54a98ca628ea0fab3d0a75fea6f81f94521f0c04dbfef241357e03eea42c5102328d5cf982fb328e

  • /data/data/com.kofisahoke.access/no_backup/androidx.work.workdb-journal

    Filesize

    512B

    MD5

    4029177e1fe8e78abf85f0a0ab0b2acc

    SHA1

    f9832d3657f5aa7fd6648b80e44dfeaa70818900

    SHA256

    455140eb7b975ca4966b34f9763eb755be5def9c3b96d9d912db1020910b6409

    SHA512

    7a439f6e3e7b97722651d637c664dfe819aebb19baab253df79befb64b68e68be6dd0baf74bf8b438f5ad05f596b5005d78c3c6a3bd8e490db7650c7e80b6b09

  • /data/data/com.kofisahoke.access/no_backup/androidx.work.workdb-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.kofisahoke.access/no_backup/androidx.work.workdb-wal

    Filesize

    116KB

    MD5

    45d280b5f5901e3e5805bc0fc1c8b1ec

    SHA1

    c8c004c5bf4a742d50c1b3db0533430bffef6eae

    SHA256

    3837b00ac2fe9c832628b352f4a121ea8b4ea1c3ca116acd9364e00906b0f6bf

    SHA512

    52d02c8f02b62a9c14df325f3161bb9a618aab0b9ccca0919d43121343ce4c058b1e3312e5bc8c9dc50c264f128d145bff1e8195ca30c1423e0c13333a51db3b

  • /data/data/com.kofisahoke.access/no_backup/androidx.work.workdb-wal

    Filesize

    402KB

    MD5

    d39fd6850063c3fef1d0e1a3a6c049b5

    SHA1

    393dbdfeeed77b932fc44609cd1237412f9bd244

    SHA256

    d335ddc5f9fcfb7bca708accca3ab946bfb3a7508f587b005aa53ed8109b9501

    SHA512

    a38133b4fc5671c07e71a1cbe3a5d12a20cd65f4da1a41a801b4c5b9fa5ca3604498de1a3e11ade3d1cc0a0b59932eda0c6f2b9c65b876b6aef3643f00264c05

  • /data/data/com.kofisahoke.access/no_backup/androidx.work.workdb-wal

    Filesize

    16KB

    MD5

    7da1798a103a4c0b275cd4c06362f208

    SHA1

    f77d0fb43bbcf248e62d367c8c0969868230c05a

    SHA256

    6154c914d48098df8b12801aaa6477cffcc6c9e28f02b0da80287fa3e66f93c4

    SHA512

    9b293c0554cd66b6ed5a5ac6bdaa1cbd2beca82194c81e9ef3518f69592f74a3a55c6defbdba8661897fa24b0ce0ca77141468f845ccb943221e93359df17c96

  • /data/misc/profiles/cur/0/com.kofisahoke.access/primary.prof

    Filesize

    1KB

    MD5

    3a8e6e8cc1fa2a0dd153567ff1dc74e4

    SHA1

    6d141fbe4d4bbca2ad3c7969a5fc0e4e3eea8b0b

    SHA256

    5574c15b32a157ebfd2343dc1da97ea271e281813c31b50b5a109a79e3d22772

    SHA512

    c2e52cd18457638bd99c05c4d0fda2b240b41663bddd294ef0ec4ecc175451d6f31f8b7b74f11ccd14c181b16f3a5f3748d0c2f34c4f940e2b8cd6a05501d46e

  • /data/user/0/com.kofisahoke.access/app_unaware/Mu.json

    Filesize

    2.0MB

    MD5

    93a2f2cec2f35cf80741cbd0cdfe992d

    SHA1

    057cbdc968d110c278adf0695a4cb258d6c8d3ef

    SHA256

    a07a5e5dff06e2ad058d50f17e9a1fb475af0cb16e6b90565ba7d61220838d5a

    SHA512

    0c2a4e54559ba05f8965ccebf33284a041454f81ede8ba43ecec013438ca8a2b64befa551a3123a8fa160342bb2cdd0aba67e194f6ae0c98d780bd21b3b45fc6