Analysis
-
max time kernel
56s -
max time network
63s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
-
submitted
23/12/2024, 01:00
General
-
Target
NetCut_v2.3.3.apk
-
Size
11.4MB
-
MD5
6f06f35b4d268cab5d37556f5455fcc6
-
SHA1
3483b8e6c550aaccdee6aeee9188a80d11058ea7
-
SHA256
8a501a8c4e7a66fdea5d55973599df8f91944b292cb48b51c932bb4c13bf7a1a
-
SHA512
9274df15caf10a6563c7ded7a7bc022cb03e6aa14355b423282f9f0f2d9492f57a6d6a2ea5424cb97fedffedb7a0545bc9cded41a69af4c8ca0ade3f6a4925db
-
SSDEEP
196608:7ciklFNGz90BhyfItjZqY4/QdeCXtgd/pHG5GCy9eCl20cyPLS4qOFsFUT1Fi9Z4:oisCRmyEqrg9+d/pEu20ZL3FYUz22iq
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.arcai.netcut1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
16KB
MD5f10b7e236bfdf48cef5584fb48c32293
SHA126d0af0ccfd9b43b222126f36e54d03acc4dcd2e
SHA256bccd2181541c635c9f5fb95752db0af0657614f70e4a468eb4eb5f562319373b
SHA512af5ac2b3681d4a9740d86ff77e67e62969f8ad3eb32305811b24bb85da14f2f4271a72b5b413a64b50fba4c9adf92c8396522aab124cb1198595fcd8a9688247
-
Filesize
16KB
MD52fb64c499fea9f21a53ae0b348ed6e42
SHA1b298897bc64d936b14ac53520e24c7c90ed8dd84
SHA2561c0359a2e10921bb14ffae2a273ea4308653da2309e1498ccf57ec70bdf25eda
SHA5124dbe4997a25907472ab02db8e3a42de692307017b7af43529c7a931fd48db014202ed6a90a9bfc12d9ce8423e8c66456a73ae1bdd459f3a5207e398f58ff24e2
-
Filesize
16KB
MD5a51bd92059f8e05979c784a4e5ce5e70
SHA11dc5f52964292be150c3609d757a4ae94099110e
SHA256249e49e765589a9d85ece01d655205f804a791b5b55677154ad93e5dc427459f
SHA512fef4ca1db66e62d7264b266a298cf1a0cc98a86addc597399200f1cb0c12c173242299e3d452db56c843ac9e0522ac65cf4f3d695cbd233a343cbb891cd4ccf6
-
Filesize
16KB
MD5f6823b4ff70338e37071b91df06f3c9f
SHA1a1fa637678863e386254c7f9bbd83b82a2bb5662
SHA2560f0a2048fdb4f0512158215a4bdc0643f7ddf455a6faa3def3a1dfd7175b786f
SHA5125cbde02948d9ab10e293f0c6d570f2a826e85559d1ab9690e722d7cc5d4cd11f7fad0045a9743aecde07716c6afc7bd8659e66a98aaa9c92fab4db5a898177bc
-
Filesize
16KB
MD5cb4e86645c075d7a7b425cc810b6b923
SHA149bd80b19323166b96f5b82aa4c04687b44b3d1c
SHA256573a1f0956209635134481a628c49b7d69e63f8d4b0372748391ec5aa024fbbf
SHA5129c243b0dc2a6317e935c1c6ad1edf93169c456e2a26c84d59633090d478f868646471f105b64b818430ff8d489f4eb35017420f899ab507fbf89c86d0f5875e8
-
Filesize
16KB
MD57c81ef7564858bdd798dea061e2a297a
SHA1c84e53fe190a0e3a99bd5287f00b6f4814b33c2a
SHA25608f4fd9c9236f7456a68a0b191738fd807762af4b6e440b0a6b586fb677fcb68
SHA51223b9a04b422ebb5822ad4aeceabcd0d112e9337e8e7308b92458d33755f74f9094012d16cc77cf790bac6e1946bbed125c3ba20c47c09b6f10859bdf31b09782
-
Filesize
4KB
MD5373af3e010ce5184c5a8e1379b8ef593
SHA12fbcbceed7edb776c32a95a37ec1d386376c3008
SHA256da22c2af15855bae2c2d81abf524a2dc57410702cd7964f4b6ff0f753a541fe0
SHA512710e9dc72ecce683e950db51c66e7c2c2a3b5559300fa49ed34c6107bff6ba1e84d3e01c018477aaf7bfe0f925e2c13dc726333edb52da6f9f6b10ad67f4d0c1
-
Filesize
8KB
MD5003c0c8b6bb5f76b290532201e3ad0d0
SHA1fc67e13185bbcddecf3fd9c217cf4eef60b45b7f
SHA2568f40b6514128650c66a7a3c656387c6ba83604496031f3f6e0ea689664927a55
SHA512293e62681a2fdee7759f0aa806439872a9f4c3e35ee3ba229cd10a0864eda024fd40d8361caf4a11b8b0c9041275367117161311f9969c092f5d885f67705ba9
-
Filesize
8KB
MD57ed15ba530a896802d86c01d40a58076
SHA185b29814f902640861740a22d829ec671fd84b34
SHA256a64bf4fe395c1f2c0fe99293d51bacd5a12c1f8d42ea9596add404c70e4457bc
SHA5124c5188546ad8a7df105fa6df9869c32db75cdb0d3f7b8765808e29416235dd0bec51566f03dc3f98eadb82347202ed0a6de01c6c3c29dd20738615d5931f4ace
-
Filesize
8KB
MD5d45f3a9b35fe6d038006737fcb33b501
SHA1fd332ba1bbe96012a30f24a5b15142b79c684e41
SHA2561893a164a2311cf2fed9bc474e74904f2d9756145208041297d50fe88594065f
SHA51215eb8ff422ce1552bcb15c7f1c3e97429fb0c72a61cfe4baea4c9df0626ddf73708d9a389f97020b6f61d72d9c856c3d3f31ab084e90fc9f2a53b9e2a8b34dfe
-
Filesize
512B
MD5ca92da9afab8bd65be2740752a86c521
SHA1ec8bf1c6c7284175e9ff01bd4003bc484373f11d
SHA256df4b2117711ab4b987d04a0908ffab170e7cb187b3bde139c16c58e4e0106754
SHA51201f51db2c0dbecfb00bf5a0836c5450a59204cbf687f2608660ebc9c6812e0c6a45c565f942f34465523d79fb2a744c66a288cff6a18600ee5f425b29d277488
-
Filesize
8KB
MD52f9135d077e11278a5d5df7a1d8569fc
SHA1e3222f07ff9153c04e59f5082877b67bd3e3e429
SHA2565ea841c83dc59207ff34d0cd84fcfb0d5302042e5415bbe16a955505829b65f0
SHA512d60b44876b3f31c3e715b8035f631aec37637707a457b5c9e92a75f24910d0251a0202e0332fd4784797f39b6a07e477b3a9c52177e52ed07b7c3771fec13674
-
Filesize
2KB
MD570699fced229a798812aafb8ae434bdf
SHA18e9bc3516f4f2071681b8e349f3c04d2fbbd7287
SHA2562621107f4d6a844a6f301a67f767d5997ed7ea9bcfebef4f3cd0422b2618fdcd
SHA51221d9f54ed768fdb420156ce2f9b0e02443aa687ef0ef50ec9a80d218d2c8d420c59a672799fb196295ff34867fbc1322edd36304a564c1910a2ac3f8acdcf0c6
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56