Analysis
-
max time kernel
10s -
max time network
133s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
-
submitted
02/01/2025, 02:17
General
-
Target
769840a979ee956291e924d5cb95061f424adc3221b26d85e0e8e7f65777decf.apk
-
Size
53.0MB
-
MD5
85ed51b00887d331b476f9568222743c
-
SHA1
fba6938bd6a675b21b4d77d49a58e7fc0b8f9e4d
-
SHA256
769840a979ee956291e924d5cb95061f424adc3221b26d85e0e8e7f65777decf
-
SHA512
e097b553c7682849580c0841f89e7141f92a1c2c6e6252496c3e61f504c1e7522953ffb9a61cb129f14100e4e6d39433f7a2c21a3596029422b1c5d27a6c962a
-
SSDEEP
786432:phP09KrszNOTCzZSs1LllhySA2yFy5msUonUdnp5ZxQ56OcpvcZbE33bHeVjKek7:f09Kgzacht85sXU0DcpvkEnoYcxiJ
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
-
Loads dropped Dex/Jar 1 TTPs 4 IoCs
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Checks the presence of a debugger
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.makemytrip1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
-
com.makemytrip:playcore_missing_splits_activity1⤵
- Loads dropped Dex/Jar
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
56KB
MD50af1a233c1f59058d702d1646e648ca6
SHA19583cff741340d6a8b82c7ef1d6f40dff698242a
SHA2560e85acdb640ccb74ce08bc03787357804959b6e323394389a4f61ba83893e3b7
SHA51295c6b97d5b9fba27f56bd6f9b2efd3df6311e1c516602ce0d25fbf2414a2d33d70f62c26f17b892152eb774d1b9797e62c76ce5aac82c9810f078885fb9019eb
-
Filesize
512B
MD51b4bbbedc9ab6484368b04350065dac6
SHA1f31b250331d78b309b92971c1e6cc369f45e9394
SHA2568b8da071345324e9cef3c5759a6f29966032a2d15c6cbd315d1a87431244607f
SHA512a365d1fdd8c5dba6f325b241a51071d10745814df086f73a605f0339e03885fed6dfad2bd7766c71af9f109d5b4f5d1d2ec2ba44f9b70544f735f6631a59a5a9
-
Filesize
8KB
MD5a55d48017ee1ba72924a4c3a689d8e96
SHA141ce6c2e7c75a4a84b040663083dc9eb085b3497
SHA256ae703b616e8e76c42418720343b2dea1520b881911e2b105f685078e26f93903
SHA512a55b7bc219df10a8f36dc9a0030b956ea5bf239511dd32f11511b8246936fda08933257536c3b1af70a1881c6b1d3285a866773e842f5c7825045aa4e66917f4
-
Filesize
8KB
MD5cf32f4565c86fe052bc2142bbb155d49
SHA1b512743ff8002acef856bea0dd72b5fd8da00572
SHA256189992e64bd729ea7943c6c2b1acd74c9d8f786c35d38dd61d0b30410facee0d
SHA512a1cccc9db1d1d1ef985381f6d27a01d07521d12b32bf7b4da99317bbd9148d6fe5d747ad7e28afec75b56b380b4172165bb59556d5b8cd7f1e7461dad2bddad6
-
Filesize
710B
MD5e2dd83e11b9efff490a219013feaab2d
SHA1b2c988b41bbe805472b692e8cd86e419c3506819
SHA256a0cdee4ee8cda7839d88921a19cb6ae4282272fba5306705e5c0cd5f15e92a49
SHA51265e6dcc6a06a3619da952ebd6a9be72bcc5a11d30206398ff0b3c0c0b136059e6ad88c07812684bcfb2cdde753b945633878120e46c62983afc247b74bca6af7
-
Filesize
736B
MD5ea7dd663cf245bcfe44031191aa2bbea
SHA1b0d39e41e48655e0d738a25315692c70aa2379c8
SHA2561570e468c8ce47bc43e1212924e22ddd6554a0bf40f6f611ef22244183ec80cf
SHA5121261beca131ccb8beb2eb63d27860ab9d620c25d4046496e8585c263bd8220eeb2fb092e716b15286e54bce526c9553c4ab4d846c08d7e8f9b3508d0b6534ab3
-
Filesize
559B
MD5001a2427dcc4a0bb0847e99ced2ad2a3
SHA16b3c6a0f98c14aa04afe2be8c40010b32f79cdd3
SHA256017d6a8b6b3a6c73dff19c7fa168cb3a1b3a303822bcc8a461ff1a24b2f7d9b8
SHA512baaf78f8e73f5c05c517ef54668df5e0abe1d5400fd62b90acbbbad7b91a7c70dbbbcb4dd4440ea175f778b849921d740e689f67c0dd8cc01d4c68e1e8eb429a
-
Filesize
90B
MD5a99bd685762cb297165d79228b91bcb8
SHA13a1a2b4843927c3244cbb16c0ef7f7f6e22d203d
SHA25682b35c401a4d367d5ab82f9605ed4a8035eabb52baf6a25e84301c6851dc69c5
SHA512dc3f9dc64a03ee5c33d0cd687682ea0d5d836f6fc2bbaea63256e9af91677296c53beb1c3efe1d724b0e378550a25b41fc7b1d1a2e56dff172ec05f75e75ecc0
-
Filesize
4KB
MD57e858c4054eb00fcddc653a04e5cd1c6
SHA12e056bf31a8d78df136f02a62afeeca77f4faccf
SHA2569010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb
-
Filesize
512B
MD568fc9907648a8ba655fd91121fb39b26
SHA1c91b5a52e378c98bbbf41ff4024a2fa1a3cf5c3c
SHA2560e6e9d1251414941d1733b50973f7ea8062d48cba9a1bb507e5dd6c4f8b81c4c
SHA512f553a7a0ee19dc8a40e5cddc21c1d9ebc56b866d9dff7cf9d815f4662a9029886aaa5aeec2280912ea6ca3805decbcae8b6792855afe395cf6ff8c052f8b54f7
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD5918a18013dd18b250baa4a09d8b4ec0f
SHA10ee628237ea90ea57d7fec43a9efa415c0164441
SHA256281131bd4e882696fb0b98eb3dea676cc1e3a57c74a0f074f255d8b250f68104
SHA5122cb4f88a828f5346d1c387728adfbafb8a6fd5ab30c6d729af922268486029fba888f3e695114efcf8c91388c79d560e5ce83eaf696ef2ce78c02a5af07c6941
-
Filesize
108KB
MD5b3c4e631a6e6407740c70327ede44672
SHA12373fd28ec5dc205e589bbfea489654f776de25c
SHA256bab0db3b22ad8c83c35bc1a2a1f11c865963bc938d91a7580288f37107a738d5
SHA512d371d31c12a6dc24dfca969f417078c537a1d3292fbde0bbad3ced1e64a5d7d9927b22e59f85b6429bc97159d05c2b0471b5bb483156563a0e20b4563d08e9e4
-
Filesize
12KB
MD5bdf3529e80318eb14e53a5bf3720c10d
SHA125c9ace4b1af6e80ebb2572345972c56505969ba
SHA256bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b
SHA51248b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b