c7e19c454970c5886effba510c181d56bb849316bcaf7b9bf17d4951414d30a3

Analysis

max time kernel
140s
max time network
146s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
26-12-2024 22:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c7e19c454970c5886effba510c181d56bb849316bcaf7b9bf17d4951414d30a3.apk
Size

4.3MB
MD5

7957ea4c12443f0c65bf9962701add5d
SHA1

845b5bacc1f2c5331c1f468c531bc15677c2f923
SHA256

c7e19c454970c5886effba510c181d56bb849316bcaf7b9bf17d4951414d30a3
SHA512

fc20094ec3499a8c31a09fa9bf9b6920a9e645658e0bae73e93c2634f5ffd0f6b7effca02006000aadb015956c693deaead8fec33f8706c8005bcf9d9aee6474
SSDEEP

98304:t9MTwruT37Qex2e8Job7G7IwZbw5a64Wl/ZOvvcdw:t037Qyy7Nw5a6xZOIw

Score

7^/10

banker discovery impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.errorforcode.netix

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.errorforcode.netix

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.errorforcode.netix

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.errorforcode.netix

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.errorforcode.netix

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.errorforcode.netix

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.errorforcode.netix

com.errorforcode.netix
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4252

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
bc17ca6cbdba6de306ae1b0b0bb8762f

SHA1
aec4cea31af22681b5c0442ac5b995cbbd5f8267

SHA256
63905aa367b9cf3f0e89d7e25ecfc741d102665c7c2d9d019fe9cf3ea3f97273

SHA512
d99e2d2fc8324683f59d42ed84f78b3ef2514b7fca143e5cc3bd7a790c1cea7a62ede196c0b936ce36bc01b252e268e2ff7f7ec5a1a1bf06b6732badd414a601

Download Submit
/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
4a4990287fb138d84f82b1aec00b05f3

SHA1
f42475eae98bde5266d2b2d62889437115985673

SHA256
ff54fdbe155f27ea8a73f20fe7dfb4d120f485c58c970ed06e56514567ccd85c

SHA512
4cfb6448bd96de43281654c8068d175984eed77fb33bc003c607dd23061287e6e23758e5480d8e050cf5d2edc070804673bf45be286e65ccea437d7541405c2c

Download Submit
/data/data/com.errorforcode.netix/files/PersistedInstallation4223003794712173544tmp

Filesize
90B

MD5
eb4b2ac2f8e56057cbd0628cf6128ed7

SHA1
367bf3735cf7427cbf0f42dda1055140b46449d8

SHA256
b639dc69bbc7c00694a51d8ecbc9f49f11ed612c50ba5c4d47e6f4675f7a653e

SHA512
c169f6d8df1d2b345e17d9d273bcb454320927e155c5f14e51babff5dd5e1767c7f71d8c22d250883f7a2c743e1a11911ea21499d0a832e21262755d596c2cab

Download Submit
/data/data/com.errorforcode.netix/files/PersistedInstallation6885177104374820833tmp

Filesize
568B

MD5
7267e8d5cbde2d856315a3f73238fab4

SHA1
0eda1fa3de14a78946fc9431e38af8508f2e27c6

SHA256
873fcb83b25b55d7c8a6aba8887c1c91cd54099ebe5a2ffb6b8156855d7aab92

SHA512
63924ec3966b8e69b3ed39b806a114d5384f76877a4ceabba5d3a2e9b11fbf8d7719d7272f19dbb645a3140c5567daee6614241829394860ae7635f0d0b79b5d

Download Submit
/data/data/com.errorforcode.netix/files/database.db

Filesize
155B

MD5
d9a515b644bb97558a245f9ba4d0d8fe

SHA1
4beb84291e3769a378b62344504084138dd25074

SHA256
8bedb23b95b6b580ba09b09ed13e9348d4fe056f8438338c7de964cf9921efa4

SHA512
0df3cd1102dd19b7effd45f254f1d9c30b94538c686be4f192ab672babbc04fa599e1674c57a2980632cd17b12a077dc4754bbf48305337c63096fc6ca09bc90

Download Submit
/data/data/com.errorforcode.netix/files/database.db

Filesize
355B

MD5
3e1b70df1fd720da3225f2f957c6fa5f

SHA1
03bfaf3a2025b4773774a286edb892b24ee0f64d

SHA256
3c588fbb473705f6f752765f5519768ea11c0773395ced0bb796332af4ad3659

SHA512
6a89d68fa158c15e3297a170f25a356e773b773b7a9becbd0b2cb0da2a718f3f2eaccfd9027c899dd5d639b851068c77d0d46d346155de5475285f0076b41f13

Download Submit
/data/data/com.errorforcode.netix/files/profileInstalled

Filesize
24B

MD5
9fb2a6ed3e867d821b0f362349380394

SHA1
8c572e79908d3fdfe1e3de1ba51979ffc9510270

SHA256
1ccfd08239d8f015db9554ce0b48df120bf767d5fccd65d9104c1a6a851d809f

SHA512
1a97acffbc719c7e33f03465d33b9a450e5ccea31bcfda83bdc687ca5b6caeaba17f374a2b0247810020c16f8c6cef0f9f6f403f65a9e3c96e843813fbbde252

Download Submit
/data/data/com.errorforcode.netix/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
4a2fb42193ea40ff94980f9adfbcf5ae

SHA1
25d3a05e5969f8d76c1f004f5be2aa778e955ef4

SHA256
1adcdc401beb29473c2008c222ab48f93adfcb503154c1556bf299389f3d5e36

SHA512
63f5a3d8675cc25b2b6a4e08e0ef01e26af1c62dbc6fa0189fb9ffab25a15a76113ba3b51fc394829d2d1fc03741889add519be20fbee9843aab7787ad5e2a39

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
e66c19a5c915b71a481a812edf809aed

SHA1
f89050ab8f97ca31d1a8631fea12222869068496

SHA256
aa7ba1277ad557ca8e24fcf6a4cd78490d6f2b38b5d634c9fa2291c6fa42ce76

SHA512
6fd3231fdc823a93204708acee781e70f232323cdf93017472e403b1fe4788c8dd72d8030e7c51748df61d6a7aec587f7ff5ec333bd200f48627ffeb1bc5fc26

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
80fd3db126b466548d82a2b72be12bec

SHA1
f4fab811aff508473656dbd30c8185b7c52eded1

SHA256
60f036e3b7b3b0006dc793bfac5806625a3f4b6c1e3a9dfb6c5abe288ec70a7b

SHA512
0660c24aa1225e5df4369e5055e79dcb8d4eb84d96ca0862292def64e47896e8ba81bf03e08dae1067a97e5d08705d49bcbe86a2b7b076dc04456c55f9a7c2ca

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

Filesize
116KB

MD5
97c60402340030dbb1d8cdc9fc6c3712

SHA1
9f1a24aa1a505f5ce21f74240b9ff69fafaf55cc

SHA256
5976fa2b543c66cb8080abf3bd6f7dab93fdd9b11f1fd1191a1d7aaa8190e3dd

SHA512
799f91f6e170f5339f649b64325c577f85798c68079573c6778632a2f23713d2fe4a38f77f98af883582b7231591ae776d48002a5e0461c9822a129a871fdd8b

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

Filesize
124KB

MD5
b8e344f39484af6f93a5ae435be4c351

SHA1
b52165cb6ba6c38e4ecb0bc13adb95e9cc3f6c5c

SHA256
5e7ebc37e0be67f6409d6ac22692829017b31429e3b91502efdfe1206b9f9595

SHA512
740bfbe9e955fc3057a316701af428f6eb073a42833840dfa0b39cb01f8e77eb2ca8aa7252bf2b850db3f4780d1320eda457b39269049ffea06a6b2b31745c77

Download Submit
/data/misc/profiles/cur/0/com.errorforcode.netix/primary.prof

Filesize
2KB

MD5
24a68235374500012828e677cf626dfa

SHA1
9f0d9011624cd22fce0fe180c2e879187dac7642

SHA256
2377fd9bc43ef4255893d3c034914647f82bb1e420fac7e493c86a3139333ef7

SHA512
8e3de81e64044753d840e941c3df03de00e9ae5be27ccc28e223ca6fdfe3aedfccd1d92c8a29176fa42ee87981371198877a2d4bdbd36bb8fe672557222c47fc

Download Submit
/data/misc/profiles/cur/0/com.errorforcode.netix/primary.prof

Filesize
4KB

MD5
9ec591fa306de230453ec1b3bb8408ae

SHA1
fb1f02d72aada732d6f88af6659e51fe58823564

SHA256
bec4faab651f9a922179a9d2e6800559cb95081c51b5099d5df0ab3a0a1784da

SHA512
b234a54d947676a645178808324bbe7957dd86dcef349893f459a6e54ed760dbe58dd452c3e9ddec210d947ec985000e98ee2c6be1811c2d7891cd3d5f4f1f1f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads