Overview

overview

10

Static

static

10

769840a979...cf.apk

android-9-x86

8

769840a979...cf.apk

android-10-x64

8

769840a979...cf.apk

android-11-x64

8

Analysis

  • max time kernel
    12s
  • max time network
    133s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    02/01/2025, 02:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    769840a979ee956291e924d5cb95061f424adc3221b26d85e0e8e7f65777decf.apk

  • Size

    53.0MB

  • MD5

    85ed51b00887d331b476f9568222743c

  • SHA1

    fba6938bd6a675b21b4d77d49a58e7fc0b8f9e4d

  • SHA256

    769840a979ee956291e924d5cb95061f424adc3221b26d85e0e8e7f65777decf

  • SHA512

    e097b553c7682849580c0841f89e7141f92a1c2c6e6252496c3e61f504c1e7522953ffb9a61cb129f14100e4e6d39433f7a2c21a3596029422b1c5d27a6c962a

  • SSDEEP

    786432:phP09KrszNOTCzZSs1LllhySA2yFy5msUonUdnp5ZxQ56OcpvcZbE33bHeVjKek7:f09Kgzacht85sXU0DcpvkEnoYcxiJ

Score
8/10
discoveryevasionpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Checks the presence of a debugger
    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.makemytrip
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4303
  • com.makemytrip:playcore_missing_splits_activity
    1⤵
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4399

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.makemytrip/databases/com.google.android.datatransport.events
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.makemytrip/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    cdb29001f8a2f218f73e6510ff035739

    SHA1

    2d641b66ada3840d5fd3e565916c1767b702610e

    SHA256

    edcfcadaefaca2e794db4d8d4cc50e3f2bc9033a26fce3839aa62e4bc93c9302

    SHA512

    6dd7824a90cdae05785546f0cbe779544f6acbae58179ea33acec47422e69379f4d739b9ffc740952121770244a4aa73279c020890c0cc17e3857c5d489d7661

    Download Submit

  • /data/data/com.makemytrip/databases/com.google.android.datatransport.events-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.makemytrip/databases/com.google.android.datatransport.events-wal
    Filesize

    68KB

    MD5

    87b9703286f894d542eea83a55eb077c

    SHA1

    4978010695ce70e15b430786edd09bc976149963

    SHA256

    4de4f7fd8df86f6a8e9298af23ae7fd54b33e714681e7782ec644f95dcb673b1

    SHA512

    51a00b2f6c63b9acdd7e94668e4abfa547545f4917f172798c7a399ca86bc08cc96de53b76a4e8a68c2cba929f3c9b717c8d841659c503c1693f73dd508e4897

    Download Submit

  • /data/data/com.makemytrip/files/.com.google.firebase.crashlytics.files.v2:com.makemytrip/com.crashlytics.settings.json
    Filesize

    710B

    MD5

    d9f8279a3a239fd70b58815219a9d1ff

    SHA1

    87a6326210c0b3fadde7a21ff5d59edf069b7bfb

    SHA256

    61bc9374773f2c2e89cc50c7ec9e356e2e78b3635a856501fd9ef38995ec5577

    SHA512

    35855fec38d327e62452463651fb503917cffc0723b25cd8a60516bd67afbceaf70485d8c8862d48afdfe69839d8640248cc71395fa7ba1ac11b4f14f5c8cb87

    Download Submit

  • /data/data/com.makemytrip/files/.com.google.firebase.crashlytics.files.v2:com.makemytrip/open-sessions/6775F7560046000110CFE3234B920862/report
    Filesize

    735B

    MD5

    e77e046ffcd5c527502522a9f700155c

    SHA1

    59b1b9e5bd35430b5a6a1bbaa2041509ae3e73b8

    SHA256

    aa27eca8dabf72836a8144f82a6bb18eeaf1f3a9c0e84612780576a30be8c195

    SHA512

    20519fdb3c0c8060c62e52a6b62fe522ea118f774e2abadbe5f9afc6583b0c1f965050a9f625dd4fed3a01eb2681721c7eecf72715edbf66a23c3f2b8aac652c

    Download Submit

  • /data/data/com.makemytrip/files/PersistedInstallation1211909979790520159tmp
    Filesize

    90B

    MD5

    19fa0223da94cf1a29c6a3902f59f360

    SHA1

    a36a42a5caf4b06c16204e6151a17d5aa1d38b7d

    SHA256

    3b8446e821020ff6e008ab5c441a402954febfc291417fcd29a21c00cb08f94e

    SHA512

    30690bb901cba05e8c9d4d813ab38d2b5622447fd69e31c39a1781aef60476c25c2652aec0876c8304a32afd30e4d29f8d09bc83f778b6699f52942b747bedfe

    Download Submit

  • /data/data/com.makemytrip/files/PersistedInstallation5595067159946693030tmp
    Filesize

    561B

    MD5

    65eedcf4a21670d1144647efc766228c

    SHA1

    f3ab92aa480ce43c001bb54d046c497d8205b455

    SHA256

    b369c94660ca9f5df5084d18c1fbbc5a51c556b416b052f13eb358311d3294d5

    SHA512

    321bc10d95090e6a4616d0b6df867aebf69a71df0b0fc10b483b2e9268c2b36d03b37cf7856d2abd9fa85e3236a89290aa4e8ae13275984556b9a43840047794

    Download Submit

  • /data/data/com.makemytrip/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    425ed168658d3593984cb788ef4ae190

    SHA1

    983bdb8964629f560f06a4ed8e0fd86bd7f7a367

    SHA256

    33e67264a6e12944803fb2cef0478edfda254f67ea62bee11d27084cb25a5861

    SHA512

    9ec1ba5ff0da05520c7b0e4cc88b38a808f6919b5b8794401bbba1fa0c0e76d2301be71c04311e11193382bdd179f67540cf75cf72fbe3a9ed0b51227d0434d2

    Download Submit

  • /data/data/com.makemytrip/no_backup/androidx.work.workdb-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.makemytrip/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    eac5ea5e2927d0a79bdb2cea690d2c31

    SHA1

    f8484c79626a464b782d37bc8e4c52139b188587

    SHA256

    eb5d3a155162d7e977794157ae06a1b90ecd640db1ef284f0f58aa1984c0a7a8

    SHA512

    a8fac2b9db0def1b7826e3a2229d221e7b8c50844b119c3a2e7ce776c3198ad5cd42602980f3c2cd5503975cc827ceebc686f64e183324d59e9532170801f39a

    Download Submit

  • /data/data/com.makemytrip/no_backup/androidx.work.workdb-wal
    Filesize

    108KB

    MD5

    bd2894fb7ce91421b0e1839364d11da9

    SHA1

    3d569fbdea1eabb5255419dc3b69e1ec11965b43

    SHA256

    8ab0f3f2864a0645fe14d6f1d550cb8da87647f36db931b3de8f7a2f73c13bdd

    SHA512

    81c342f16d599dab71720b8cd975153fe5dea3b633b383bdb1831433c2d7a927a2d5487cbca1ca03c3f5e1cdc1abc62c7fbc7ad7e67f1dc1e442b30fe9f9a8a9

    Download Submit