5ac0516a1c4876afaef78a9463a5311e250f780563924ce36518621906ac9451

Analysis

max time kernel
47s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
04/01/2025, 22:03

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

5ac0516a1c4876afaef78a9463a5311e250f780563924ce36518621906ac9451.apk
Size

4.5MB
MD5

7de05fc6e00db0fe4b5054fc55be0c2e
SHA1

8f3c46b091e54c1aaba0dacdd2133b655b4a804f
SHA256

5ac0516a1c4876afaef78a9463a5311e250f780563924ce36518621906ac9451
SHA512

2d36d4353992a4350c9c0e44e0da19e19ea244f33aa6dd5504904d7151bed316a9c82b8e6a2a9c53ca080b06486b02d816476ecbe0c196893c7ab5095b0345b4
SSDEEP

98304:XMTwrB/orDVlA4MSYGnOohCLLowWdBnyL+lyxgId3:9orD3dqTWXlyxv3

Score

8^/10

banker discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.errorforcode.netix
/system/xbin/su	com.errorforcode.netix

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.errorforcode.netix

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.errorforcode.netix

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.errorforcode.netix

Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.errorforcode.netix

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.errorforcode.netix

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.errorforcode.netix

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.errorforcode.netix

com.errorforcode.netix
1⤵
- Checks if the Android device is rooted.
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4317

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
dfcf425b654ff0010444c2641c233750

SHA1
40153ad0126ba53f79579b3a1f857c7a40453e49

SHA256
b0ac3c39f6288e22c78796f1ec6bfe8f9a86982346291a27a855d179c1ba7305

SHA512
53eabb72f6407786224446c29a067a04c5c806fe0b0c0e9b6615055417d67a92307a97f734f7ce362d5f94ef38583e6619c1e08f8558501facf1c1e131982b69

Download Submit
/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
cdd88d858e791265094ced80fc718cef

SHA1
939b412f7ed5e9bfa60aaeef0ee63fa4eea0c199

SHA256
efe6ea1dd040798fff7ebedacb6480be7788faab0378bee1aa90975e46aa0256

SHA512
1954f5edd30e81ebb17304d9d77fb475b88bb19231dfd54cb6169f428c534b27dfc8d189b1596f25d4fb44b11be7d132f8b21904ead2c73f93c420f684ab8865

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ec3813f6aad4e65e837e3dc081e85e13

SHA1
571e1538ad1e07583dfe58a68e692aaeae21c8b8

SHA256
4d22ff96adcd25cef4e2e4d81523d49f1632ba669f888433c786928f5f8033da

SHA512
5d90a52ed6b6a0e7969fd3b23dfb84004e110288ed09b44b00634fec7c6c5999b4a057cf73ec147536035011d859f9c34415f41e7cc58dd7a1a6dd1116605119

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ff74bc4f82e193a0047db9e5ab1c8d90

SHA1
597368c9af34ef1d6b83894db7083748c6242e43

SHA256
878ccab636db12c6f29ffc1bc45c4efdde6605d0ad11ee63f5eb8887ba27c283

SHA512
02558b3d8d80b84d17799902f387ecaad2ab9e26debe32556aa79fce58fa0315b97fb60487947050496c032a51e49013f9b11c8af03f9b59a177915f993cba43

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7d4aa76a647f5aecb765da1fc45e98d3

SHA1
df00a40a76e97904a20d79ce1efa7fdffb22dd10

SHA256
9f34092c48594d1d4c183e013d9cd3f1865e3d3fab8b8793bada02b6a6b41a64

SHA512
ab4a5170212583c4457ed371610484eb6dc48f213e147b5d6b17273f463827fd1745969ec8007c71cf9997de6f45cb4a96866dad589b387d828e18dbf1c647ae

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bf6122aa87b7bfa340173f639c1f22b2

SHA1
2fb93e5f44db48d1b2e999ea60df729713c25241

SHA256
1554a6d495ac85c61dea0a97cc37dc48fb77699a3d1be709e802d5ac306691dc

SHA512
062f49cadb4bcf8085fa1f26d56f0bab46f09e736d8aa66060ba740c7a9b98f5e6db853c5fca9cfc43fa22920da7536171b9b074468fe091a9b2c9cd85a45ac8

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db

Filesize
16KB

MD5
44693692da738db6eb133cf0e4cde91b

SHA1
e6bda56494c325d8d37ad89552263ae85d9b0550

SHA256
8fe0ac9db76d4a2dcd3b3d54c0efedcd223e25aabf716506493d50e243a7a2d4

SHA512
b34ddfe1ae343b1b12f7029ae476a0ba8e1b4043ccb520afb412b3f71335ef679bf29723c9a5c00af7e922e9982d5b3af54b2ed779da8cb601f378e5b9d26be5

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
7b54acaf4519cb5b79c2f7509c81e76e

SHA1
5ae291eb70666cecb106f33355fd3591ecbd1288

SHA256
5f44c13bb8ada6503625cda1f61ebb330d335d7b5b0a0bddad9452df92599eba

SHA512
896567795844c2b675a491340926ac834008db487b8d210de65774f8fd131c2dfc074b1ae3f50b5d53956690ee28060fcb6637f641f9349622823eee241902e7

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
4a872b847f019f3fd844a5d85064442e

SHA1
6c0570fa2fceed8cc82c1cb069b1b0c74ecdc2d2

SHA256
6fa8523ca8d053fe637ede8944d02d321b5e7c7e2722acaad0672b2a6d22317e

SHA512
62e8044af14f26ba478c1312918a682e3bc47ca4379ba9295e8adebfffe84f0c3341d86ea9521461ffd41e2f268a0315dcfd377889a9064c410d4dd34e2849af

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
5f5333e7c96a3bcaf667a8ecd0e61d6a

SHA1
4ba71d338a131cb648e065d157cf0cca87c88aae

SHA256
dfa52e8d71bafd63e8555ad4fdd1847d905c2061b53c55a238106f595a7c48e7

SHA512
4411bdb80b14f77a4169e1d0f2f2cf3faee330ac6e8bc94626977db78667f58464516436ef045acd6abb214c9b17ae7e4dee753593a32330e2171884641941cb

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1fb5a470272214089040d5f969d49cab

SHA1
93ce4d49fb824e377e83ce4f40d87bfb8f0c28f1

SHA256
c6351497a57a30d78d4cf6110cd9c46c8e164ff032d8fe100c40d7d23b28c890

SHA512
713d1e15b07146b66bba627dc9afdcda04b8ee9bc6024c752d6c1ea443d9e7f874098a712196e428b67fcb7f5a264af670c5d4fbedab093265bbe314f00d5caf

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6535d76cd8fa08dfac2854976c24e36e

SHA1
39bc773259c7eaa43af3b6b267fa80cec43f83e0

SHA256
5a4ceb6e6f87b062c6495dbd14b79f6fdb44433ff2786e4967d0934487fe2b36

SHA512
3128750b3ed5db79dfa355c34b70c752de39d8d1ead35587ec245bd671c9e6a0a7de123e125ad3d86cdf6bb6248304e2af10e1fd17f25ec12431b1c42edf13fe

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
28c1f71a553f7db79667c264456c4f09

SHA1
80f37eb910dea3d224d35c643789e4ae640c3118

SHA256
baf94d5424d75561385f5c0a690bfff255c630d1ed1594798878a16c4b0e2d07

SHA512
93f3ea82d69b71b37fa8d0fda0bc23f139e987c063166841c219090f4022e9399735314c3e98cf241f731f162d9173bdf533f7fdd75c27e307f8c52824365a5a

Download Submit
/data/data/com.errorforcode.netix/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
598252247c11adbe77f1b37e22ac5e93

SHA1
11af115603cdf46fc4e4b120e4f2dcf4eddd5607

SHA256
d0ab9f08d64f7d9dd962300ec8443afb56325832c568dd746fb5d2385a3f50bd

SHA512
972d2645b94d978bc5520d8a25df20b1499ee584902ca73475d75c48b29111232f39c7e613dc05d973e2c87fdc07ea05f11d1d558f485cfc7fdf2c3282072ea9

Download Submit
/data/data/com.errorforcode.netix/files/.com.google.firebase.crashlytics.files.v2:com.errorforcode.netix/com.crashlytics.settings.json

Filesize
718B

MD5
045f3191cd22ef80d583a9691e04e92f

SHA1
6baa1a5d053de37b8e1f5cf1c0576e3b4d7b7cff

SHA256
540f2ee848eb91b72d4676a109db6dffe0e18a28d099a9df4a76f5fb38e590dd

SHA512
af80fd7e58d8cc8500f9cefa76743d95747063e5b29f652212dd134e83d20736c46963b3ae99ca4b68f377da9bb8b81e4773f35b42f525583bdf3a2a0e3a3b60

Download Submit
/data/data/com.errorforcode.netix/files/.com.google.firebase.crashlytics.files.v2:com.errorforcode.netix/open-sessions/6779B034016A000110DD2B73044AEB6F/report

Filesize
739B

MD5
d3360f03d588c58fabceaa4a795c3e9e

SHA1
6ad79401be25f9c4e92aa6b80b01376110660b96

SHA256
1ae7230a6c9b3b0f69e4e7c716866d5c44c912d06d86264df1c28623162c29df

SHA512
993838c345102543967ad54d376b26c0b552a0ce0c95afa476268550759ddae330381cbb00f5325be3168cd7e11556bb25894c1590b337c11407423dfd0bda40

Download Submit
/data/data/com.errorforcode.netix/files/.com.google.firebase.crashlytics.files.v2:com.errorforcode.netix/open-sessions/6779B034016A000110DD2B73044AEB6F/userlog

Filesize
191B

MD5
6509541c0f82a219588644db55d6c887

SHA1
86fd8fdd8bac1e942f4354ff639cbd6db8facf57

SHA256
bb6db5b8341e5f623e2581e78b0039f65892dab6dfa0a0555527247e19bdfc1a

SHA512
d22a300f0a85e8c676a2036969c4daff9ca9a9bd067d22b661b2316e92b10e85fa83a9efda826ddd017917cf8a43160f8f53e7bfb4d83cd176370ec36aabd1b1

Download Submit
/data/data/com.errorforcode.netix/files/.com.google.firebase.crashlytics.files.v2:com.errorforcode.netix/open-sessions/6779B034016A000110DD2B73044AEB6F/userlog.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.errorforcode.netix/files/PersistedInstallation4515664807487675855tmp

Filesize
569B

MD5
ab22ede610fd7838066afcb640032bb3

SHA1
3b4dc8bb88ee169d311e4be3283f95e5aed2d5db

SHA256
ffd6b110fd1c01005646c69331df80a7d97f66ecfc02a9cb36b8742d8f1e3a77

SHA512
c19ff9873676c75a52c18da84259c55bed04c55c809df196f92228adb12c043a6266f89247c60749a9e6058fefbe1ccc424872e5d5fee91a506a69247686de10

Download Submit
/data/data/com.errorforcode.netix/files/PersistedInstallation5971444366693275509tmp

Filesize
90B

MD5
6f541776349092536bb91977c125f541

SHA1
ce6ef84371584db2ad58f2d1265b2b2aab457c2e

SHA256
9ab3f0e43e11f3506ebb66653b8e1cf8381a60ed25fc7d563ee4a338f2977a36

SHA512
18ebbe1964bb9e3f351b5d333734a3789c3e8c540d532a800e3a3d04c4f229169b7b382b4454a79ec36beb1ca7646031ded486021c0359d043514c1b5b081c26

Download Submit
/data/data/com.errorforcode.netix/files/database.db

Filesize
214B

MD5
de43f1d1a921118843b4eea8cef0db54

SHA1
b74929ad08bf4c61a77bcb738cef99170f421166

SHA256
2b405b64e5a367be3190391a3c5ef8210e6a8920f907c70b9276cac0e9dd0250

SHA512
310c0bd4f0d8b2f32ba9bba5d107561e7ec267c5546c563114b40e8e28a6784a225bc3ce88511bdf6c3806e14bb47f2044e5639c77cc5f19478e05521c006c2c

Download Submit
/data/data/com.errorforcode.netix/files/database.db

Filesize
317B

MD5
33d5071c92261678da110fe956b838f7

SHA1
417b958affadc191eb7a8d98380874a256bb5e60

SHA256
ca5fe7104c1eff1776a3b21c4dbf2370bada665515251129b3482ebfba30bacb

SHA512
7874db1dc158d14aa95505bf05710940fc57f1a9edb44c4e5c77d35844eea240fd23c2ff9924325a04b2e9ef70dd2e255ce16a5c3ecd40d6f9110215fbaf364b

Download Submit
/data/data/com.errorforcode.netix/files/database.db

Filesize
383B

MD5
3000097923682117c739a1212a328c93

SHA1
7358942d55a9048603814e29b89b714ed78ff63c

SHA256
cf7437775454870d1803e7961b97dc43ac8cf11e68c95b4db14741ee32fb05f9

SHA512
8df418a3ccfa918f7325a9daddaeecb4300a5dccc841895b2ece3d24046f5c3ae79c69c0df6a63ee0f6f754a5f6358e833185aafc8944ef38b23c0b7e6ec11e7

Download Submit
/data/data/com.errorforcode.netix/files/profileInstalled

Filesize
24B

MD5
29cf7c0f190f774d69f3ac26eb001de6

SHA1
fb0567b97ccf81a33086afdf2cd76e28e9321f66

SHA256
64c6ff7cb43200c925175ee0aefac023ffddb3d0a37ad427911068b7ac5f4632

SHA512
98ed907cb85e574c3dff50c2722c3c54cc5854e20bc5f740e5cb11749680ec284bd030e843407676059a3f6a830ae25bb39d9cafab60231cd3f7edfb7924ba6a

Download Submit
/data/data/com.errorforcode.netix/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
156e9e47a045ccf6e77a13abee80fefa

SHA1
60af8ca1895bba0b5c0f3dd94870f09467ae835a

SHA256
45c63291647bb0a7fc3d5b3d39f27e92c13f545af90a52e7f24845394bcdf4e4

SHA512
0955efcfae730746084dc13534649a500c1c699d9b32d77ab7ac33dcc39361267d2ac524f7e4265e5c276fbf063a1f757e30a09af0d7293b5485a30d014b1861

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
ada8bb1881198069f77b2ebb84719c4c

SHA1
94d31f4b6f92d1bd46550790fd6d08aa6241d18a

SHA256
fef5ced24e23ce41524590ef98fcfd6420311536ea0cf249b0a70fc625aaa22a

SHA512
8133e418a45f6f7398565323b4adb1ed589196274b56aa4983bf04a1fdc460df871b67b9682ec453946cd911fcb96561ce71759b32710114b83d7461e33e79d3

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
b8a5db741426372da1c357fa02488e89

SHA1
2adae8bc4cab4bb3034c3f5735e0711cdf4929bd

SHA256
daa0ec7baefc76c261748ac57265e48b827f2514b4086069773c71c55f830890

SHA512
5be16fe322c1228ff7e282f0fed48d08ed9a71f32a2f6bbdc569a7b80163de65a4535f69134e34ad891716ac4b204fb195fef06bd4ef5776c83d877654fa154a

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

Filesize
116KB

MD5
7b2c3525f7906d7ce116df3264d7ef4e

SHA1
709bfa79e0510a87541bde2afe75040d637d4553

SHA256
b26b4bcd2149dcdc6a54da12b939a813f583dd472999d50522e5edf7b4db633c

SHA512
df5b7ebc5b2965ad4ee0d69a5b2b1dfd341a7a5e8af44b20b1e1cbf44259f9aebdc26df2abbcdccf4ac6bbee72eff38b78f9782fe9436dac17c9da6ede56bbdb

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

Filesize
124KB

MD5
8340165448a4881630550893fa499875

SHA1
0a19dd0b00dc2a6c5be8c5400d2798a028165a9d

SHA256
79ce7000192be856c6b21e17bb03840159bbdb73a0ce874e1c2e66be71404dd2

SHA512
f2af2b4dce90fa535bc0ec77f884c1fa3cef1c70fee2d587b129038466f4219a1eec4e58853d7f5e944bbfa170e6d939032de33c458147c4ac5f8ce365ee46c9

Download Submit
/data/misc/profiles/cur/0/com.errorforcode.netix/primary.prof

Filesize
1KB

MD5
4cd821b97368d65ef7ea1468f0e1e13d

SHA1
2ac3ba809a747f6f16242b5cfb8a23e0b218834d

SHA256
94b84786c71e127b542af1c1113734b78937cd5292fd6b46f410c4bee6f9a28d

SHA512
8b077e149c9fb7d428c0388c9ce5215b53005618c5cff92daf35b51ae7279e52fb04cd461d35abe50d0fccd102e47fbd43ca092e99b0393ab60a8b78726ec10a

Download Submit
/data/misc/profiles/cur/0/com.errorforcode.netix/primary.prof

Filesize
2KB

MD5
e4c3ca3a74da19ac2e3eb36b2b4d558f

SHA1
901c0e1f3e264a2380547698f97e99ffc1b879b2

SHA256
ed91ccbeeadf21b29691a01f7c66bff507f2d0b62190bc6c22addbebfe33b410

SHA512
bcfe9dbd46c7b056e207c27c959b1583db1eee601d1398340495c12328107924f8ffd91efed89ad42ffca63cd7a14c0484f53a729a4aa887830010d20cdbe42a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads