Overview

overview

10

Static

static

10

002d23802f...a9.elf

ubuntu-24.04-amd64

006e75ccf3...e6.exe

windows7-x64

3

006e75ccf3...e6.exe

windows10-2004-x64

3

010b63314e...17.exe

windows7-x64

10

010b63314e...17.exe

windows10-2004-x64

10

017f252187...45.exe

windows7-x64

7

017f252187...45.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Unmonument...GL.dll

windows7-x64

1

Unmonument...GL.dll

windows10-2004-x64

1

025a7cc996...12.exe

windows7-x64

10

025a7cc996...12.exe

windows10-2004-x64

10

026a0d5ada...ed.exe

windows7-x64

10

026a0d5ada...ed.exe

windows10-2004-x64

10

0296e49137...b6.exe

windows7-x64

10

0296e49137...b6.exe

windows10-2004-x64

10

0382436149...62.exe

windows7-x64

10

0382436149...62.exe

windows10-2004-x64

10

039b7cbbe0...f4.exe

windows7-x64

039b7cbbe0...f4.exe

windows10-2004-x64

03a0e7298d...43.exe

windows7-x64

10

03a0e7298d...43.exe

windows10-2004-x64

10

044d4141fa...83.apk

android-9-x86

6

044d4141fa...83.apk

android-10-x64

6

044d4141fa...83.apk

android-11-x64

6

0488488429...83.exe

windows7-x64

10

0488488429...83.exe

windows10-2004-x64

10

04ba453903...df.elf

ubuntu-22.04-amd64

8

054c0c0eb0...5c.exe

windows7-x64

10

054c0c0eb0...5c.exe

windows10-2004-x64

10

058c3a111c...0bc.js

windows7-x64

10

Resubmissions

21-12-2024 22:57

241221-2xpr2atjar 10

21-12-2024 20:29

241221-y9xfvsyngy 10

Analysis

  • max time kernel
    144s
  • max time network
    162s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    21-12-2024 20:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    044d4141fa14d7abac6f282b72e4d4a6f0fec56df3d0d1650e2db3a1a5c80783.apk

  • Size

    3.5MB

  • MD5

    c126af541f25c0a689dea5f44d598764

  • SHA1

    68e1772c5bf7a0db611063205b2b6f90718893a5

  • SHA256

    044d4141fa14d7abac6f282b72e4d4a6f0fec56df3d0d1650e2db3a1a5c80783

  • SHA512

    eba66c60d7a38a18c57278aefaa7c235fb744b460ed7d9f59724ec68366af6eb6d31333c0be17e92faf91ffefd8629e8e0697771fb13cb3d16cfcb9ad556e215

  • SSDEEP

    49152:3/NUASHe5UQtHy1fffEcy317sc1x7B3l0ZL7ZhJqowVSvsEFP2R7QBub9e3g5zpd:vqp6efffnRcj7jGPJqikVQI5Dhpdns3E

Score
6/10
discoveryevasionpersistence

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • ir.shz.shzkisi
    1⤵
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:5034

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ir.shz.shzkisi/cache/~test.test
    Filesize

    4B

    MD5

    098f6bcd4621d373cade4e832627b4f6

    SHA1

    a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

    SHA256

    9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

    SHA512

    ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    f913bc65ac131d1bc923af2d0d08242f

    SHA1

    374e124d65c2b206cdfa6868457f24ce2dd14e0b

    SHA256

    2ad36b4957d21488e67e92e0e9fca2e3ffe9474c5d4a834c1a704b9eefd4f71e

    SHA512

    ef344198264fd46bde13721959b249f2c3fb8738472ab76e4b215087e7e01b2bbd2ba494980e98a15a1f49207d76a5293fa8fd2d02b9262c5729c824cb5ca537

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    86066a651aeee00ffb7ea3eef12c3341

    SHA1

    27fb8d75efb3815738aebcdc77372ac8cb963d52

    SHA256

    bd18416006f6c3b2863b39396efcb3433f22765e686ba33c0ad7a541d15344fd

    SHA512

    a16f7735ba324aa8dced10e2b13de3ec216416ccda89d74022464f55202138112cc68bc6d36b0356a0ab0967430f900aa7f55568db7165305a2d3b62c3679db1

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    10416e8c6266f8705301c481b9c5160a

    SHA1

    41f948d4f8e4128140228c454e59a10ffe419d8b

    SHA256

    f248b0191bd2f76a582db2e74c091db30122281ce2ba0d979778eb78f0254a0b

    SHA512

    73d8c258dd2c2d89624ee56d042e228f13eea0993647e29b81d3b47db40e228ecc6df2f3836f044441a17824416dba0fb7905cba1f73c03c21ab40b787a7ce0b

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    9afb52052273a0b2cdc7a978becf19bc

    SHA1

    e6d32c9cc66199d74ccd43dbc29773bc0a78958d

    SHA256

    3c96b404812618bfad529b991c2867a07939bcf0e7eebebf86344a98a2e69d0e

    SHA512

    859cd2f5a84d7c92c642602a76f13f4c74da0427bd49231dc8db4444132d65a84760788693bd02476e118d1f7f2125e28b543552d9ec1822313f8bbdb654f7ff

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    adf6082723784327d7d1b34adf974e7d

    SHA1

    b1502f70eb881a1dfe41139cb719fefb877ee37c

    SHA256

    252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

    SHA512

    762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    eb52a90bb70b76e946b62f50b6f7fb85

    SHA1

    42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

    SHA256

    48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

    SHA512

    b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    f84f2bd0718f160ec958972200541c6a

    SHA1

    f986a4c215359749f11e8d2ff893a521f5a4e024

    SHA256

    21009bdddfc22f6bef216182155e39879b1eb731e735e3da4bfc4fe39518eaaa

    SHA512

    c7ecd12e27c8dafc8d0e51dfd5bd0e615545800902edcaa60561ff2d69dc4927ff4a2c7072939417aaa7404118971d14d0cf02b84075b82f66127992dd9135bf

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    19af3ba441a72d54aaad89a574a947f5

    SHA1

    eb055c8974a2c3a18e6b09eeca2c7a0ab8fc60c7

    SHA256

    4478734ab0964145f19da9cc6feeac0acacd47462ec4cb38fa51357694a83b07

    SHA512

    e031c26e348c3ee8fbda27d655053518ea6a637e10adf6ca8af01765a02f3b6bf5739154e6a67e3d0c8c407061280056d17087623b94f5f21c1b334bdf602ad8

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    512B

    MD5

    6c73cd53a98269cd1f8636ac39e3c3c3

    SHA1

    2134245973bde587a1a79aaf27ae3fc3a042102b

    SHA256

    2dad1f4d0eabf4509a91e70b900f096714c55eaebce29c186e37e574ded8f528

    SHA512

    ee395b49793e4511620ec0fa942288ec4e618476032f04f8f521bdbf104dfe1f130b977a0609b97f3d5a1e7d472329f2cfa8a92ea68ec3f29170511cab621626

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    2c4b6cd9147309cab4acec68b5073b39

    SHA1

    4937250479a9e90dd8a88724dd010f2df5bf0f26

    SHA256

    35b1a4f8340c7b0b1d3c5209cfca4cfadbdf3b5a8ae31b7c73d3ce5c6bef3eb6

    SHA512

    78e9baac98584468da75e60e3fe5f53d47e0a65205af6a4d37a31803a1f337cc4f2a174ad202fd50b622a2d068a7769f4a6da5da1dccb3de928dc0e3a338c093

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    4KB

    MD5

    01d7191e0b7fe4b48917170875b76575

    SHA1

    915115b1dc5c56547693db3526de88ec4be53d09

    SHA256

    f78525650095a2fac3f04165eab5e3b49c50a6e46bab5dfdf0de9ee719282e6a

    SHA512

    1feb4fc281ec3733161f7da29d3b93b055bac2f0a5d279597ee9f5ebfd7086c40ac1b2ca30304ab283038bb6e9148a6bfda37af31764893aba0695e0db394786

    Download Submit

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    16470bb0bcd1cfc2168fc9b890174194

    SHA1

    ec5623453ab67703d5a7abcddc13be88641558ee

    SHA256

    670049728ea29deee1bb5c47f200d59316e0ba9a70fc51e0fdcc578ba0485d59

    SHA512

    5360a8393f2cca5890935ed4c4c04cb83924399f2a79391a8ac20e8dc9c34e8c8fd5a9987199f10b53162182554f2d415c073fe30c4b19bb64dd02e62a144b68

    Download Submit

  • /data/data/ir.shz.shzkisi/files/PersistedInstallation2439058878432038004tmp
    Filesize

    90B

    MD5

    519b0aacb8c292eb5ad9219ccdb6971a

    SHA1

    7c8c9b559696baa26dd43f4f80c6207120e61e3b

    SHA256

    1f0c1363fe2ffc1dd351a96f4a7e12ae0b5aadda5cf4363ee7ca460ebbe1b670

    SHA512

    c7c243b54b33760a762c1d79d95d6e8a6e91213236b4a99ec15e1a8be2368ff0cdc17e7874079a38cbe7cfb5eb76c4d1ca285cc8620ffefe5a184e72166ddce6

    Download Submit

  • /data/data/ir.shz.shzkisi/files/PersistedInstallation6690223351509660667tmp
    Filesize

    566B

    MD5

    624919962404af1744520b5574eb44f2

    SHA1

    07c5a53720a72674143325e04b1e587f400c7c34

    SHA256

    62e7bd26eb57f15dc1d20aa9e04a599edd13444e68a5ce0f56f252523763e2da

    SHA512

    70d0e2b65f7e8f44a3383b88555ffbc0b1742f106a1a13f520a189f5f80b99e5c44b4bd053e86eb3a3bb46d762c49069046a96391a6b4bc3a41384c87696ce3d

    Download Submit