Overview

overview

10

Static

static

10

14738acb5d...28.apk

android-9-x86

7

Analysis

  • max time kernel
    110s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    25-12-2024 23:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    14738acb5d7e082ef950f0d42af019fa5fa270959e9bf4b3474a1c68e7d88c28.apk

  • Size

    3.7MB

  • MD5

    d92c0d97c8beabde5d41777e98f8e9f6

  • SHA1

    6e074e132de20cea49cdabbfbb6c1048ed3d1e04

  • SHA256

    14738acb5d7e082ef950f0d42af019fa5fa270959e9bf4b3474a1c68e7d88c28

  • SHA512

    046b031cc5c6e2226f1acc2f1a02bdf514f65be43bd7cd05ea26f81eb4aed1aee17e30664d1036f0bf93e6d70c6457200061d7ee3b13c893fef19463a1a99c27

  • SSDEEP

    98304:KI1y8VlJ8mgRNdWSJCyZx4dBXa2QFjL6/CSZdf+x8F678YLNcjXr:By8V38miWVXdNAmaSZ0uM8GNcDr

Score
7/10
collectioncredential_accessdiscoveryevasion

Malware Config

Signatures

  • Checks known Qemu pipes. 1 TTPs 12 IoCs

    Checks for known pipes used by the Android emulator to communicate with the host.

    evasion
  • Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Queries information about running processes on the device 1 TTPs 6 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Checks CPU information 2 TTPs 6 IoCs

Processes

  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Queries information about running processes on the device
    PID:4255
    • /system/bin/cat /proc/cpuinfo
      2⤵
      • Checks CPU information
      PID:4285
  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Makes use of the framework's Accessibility service
    • Queries information about running processes on the device
    PID:4329
    • /system/bin/cat /proc/cpuinfo
      2⤵
      • Checks CPU information
      PID:4393
  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Queries information about running processes on the device
    PID:4423
    • /system/bin/cat /proc/cpuinfo
      2⤵
      • Checks CPU information
      PID:4456
  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Queries information about running processes on the device
    PID:4483
    • /system/bin/cat /proc/cpuinfo
      2⤵
      • Checks CPU information
      PID:4515
  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Queries information about running processes on the device
    PID:4567
    • /system/bin/cat /proc/cpuinfo
      2⤵
      • Checks CPU information
      PID:4599
  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Queries information about running processes on the device
    PID:4700
    • /system/bin/cat /proc/cpuinfo
      2⤵
      • Checks CPU information
      PID:4732

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.example.mysoul/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.example.mysoul/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    efb12646075def3780478048592551aa

    SHA1

    869e89b6aa4255537a1abf6ba2f27d17e745417b

    SHA256

    d723e276ae952ad910b6154397f88f55fdd137977dd50ca28795a37809387822

    SHA512

    7b063b81341d2c306114488df59939feaf1c296fb75c925a5a70ad86f8d33bad71e19ed56ef5b4027d151aa5f30bbf270f69ab9d25b4b100246ec1a0050d11f2

    Download Submit

  • /data/data/com.example.mysoul/no_backup/androidx.work.workdb-shm
    Filesize

    108KB

    MD5

    067f157d2a6452dd944c530d37e41859

    SHA1

    a2f0c2428a1d84a8c24c754caa87fa871af2b991

    SHA256

    21e6223f02761afd4360e7380016769f005e39396c38145ef5f0f1829123a846

    SHA512

    594f84d07d9f3082f668411afae76c0f5fb0a432e9c1350bfbecfc8613cfa0d07e68fb13c14560072d0e2b3eb5fbfbec1541107e83c3b60a53ce89c7c04ec163

    Download Submit

  • /data/data/com.example.mysoul/no_backup/androidx.work.workdb-wal
    Filesize

    28KB

    MD5

    02624a2c9a124ea85cbcd2358ffd1d8f

    SHA1

    c5ce81aaecfd991f163981dfb02485cb2f912381

    SHA256

    ba8d292e329195460776943759f949e28bd1d829e1bf5355f32d7918adc2d1ac

    SHA512

    ecdb0205a1f4b487dfac59e4d75dfacfc089f340fdc30a68bede407e4943dee4554323ee1711592e5c95613c6465d2ed11c442d6a116d1398ccff4f84a6e3974

    Download Submit