Overview

overview

10

Static

static

10

Elite.apk

android-13-x64

7

Analysis

  • max time kernel
    9s
  • max time network
    31s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    08/01/2025, 16:39 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Elite.apk

  • Size

    533KB

  • MD5

    9f01767647e2e72f446d374bbcb20c53

  • SHA1

    f6b1adcd7723b525418a05bcede5c671366d7ab3

  • SHA256

    fcee982b3d0e1601b40078d98df03503668aec7542721f921ae8248bc3cec3a1

  • SHA512

    4b9dc2dc08f015ed96a3ce30978994314d3edca84348eb62e7cb65d4d5477f179c44c80cc0a67863bc119555d0217f57681d047ce98ec405bd5eeaf2da8280ed

  • SSDEEP

    12288:kjRH6+O//n3tKpSsM+1HA+x283ecVS3EVqPlR6i0Ci3jM34D9Z:kN6+ONjstg38OOS3EW6i0C+M3SZ

Score
7/10
collectionimpactprivilege_escalation

Malware Config

Signatures

Processes

  • com.elite
    1⤵
    • Reads the contacts stored on the device.
    • Tries to add a device administrator.
    PID:4327

Network

  • flag-us
    DNS
    rcs-acs-tmo-us.jibe.google.com
    Remote address:
    1.1.1.1:53
    Request
    rcs-acs-tmo-us.jibe.google.com
    IN A
    Response
    rcs-acs-tmo-us.jibe.google.com
    IN A
    216.239.36.155
  • flag-us
    DNS
    update.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    update.googleapis.com
    IN A
    Response
    update.googleapis.com
    IN A
    142.250.179.227
  • flag-us
    DNS
    remoteprovisioning.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    remoteprovisioning.googleapis.com
    IN A
    Response
    remoteprovisioning.googleapis.com
    IN A
    172.217.169.42
    remoteprovisioning.googleapis.com
    IN A
    142.250.179.234
    remoteprovisioning.googleapis.com
    IN A
    172.217.16.234
    remoteprovisioning.googleapis.com
    IN A
    216.58.213.10
    remoteprovisioning.googleapis.com
    IN A
    142.250.187.202
    remoteprovisioning.googleapis.com
    IN A
    216.58.204.74
    remoteprovisioning.googleapis.com
    IN A
    142.250.178.10
    remoteprovisioning.googleapis.com
    IN A
    142.250.187.234
    remoteprovisioning.googleapis.com
    IN A
    216.58.212.234
    remoteprovisioning.googleapis.com
    IN A
    172.217.169.74
    remoteprovisioning.googleapis.com
    IN A
    216.58.201.106
    remoteprovisioning.googleapis.com
    IN A
    216.58.212.202
    remoteprovisioning.googleapis.com
    IN A
    142.250.180.10
    remoteprovisioning.googleapis.com
    IN A
    142.250.200.42
    remoteprovisioning.googleapis.com
    IN A
    142.250.200.10
    remoteprovisioning.googleapis.com
    IN A
    172.217.169.10
  • 216.58.201.100:443
    416 B
     8
  • 216.58.201.100:443
    www.google.com
    tls
    1.0kB
     4.6kB
     9
    6
  • 216.58.204.78:443
    tls, https
    234 B
     40 B
     2
    1
  • 216.58.204.78:443
    android.apis.google.com
    tls
    3.8kB
     7.6kB
     23
    23
  • 142.250.187.227:443
    tls, https
    329 B
     40 B
     2
    1
  • 216.239.36.155:443
    rcs-acs-tmo-us.jibe.google.com
    tls
    1.7kB
     6.9kB
     13
    12
  • 172.64.41.3:443
    tls, https
    357 B
     40 B
     2
    1
  • 172.64.41.3:443
    chrome.cloudflare-dns.com
    tls
    2.5kB
     5.6kB
     21
    15
  • 108.177.15.84:443
    accounts.google.com
    tls
    2.1kB
     7.8kB
     18
    15
  • 142.250.187.196:443
    www.google.com
    tls
    2.3kB
     7.1kB
     20
    18
  • 142.250.187.196:443
    www.google.com
    tls
    853 B
     4.6kB
     7
    7
  • 142.250.179.227:443
    update.googleapis.com
    tls
    2.0kB
     6.6kB
     10
    9
  • 172.217.169.42:443
    remoteprovisioning.googleapis.com
    tls
    3.5kB
     13.3kB
     15
    15
  • 224.0.0.251:5353
    2.5kB
     8
  • 216.58.201.100:443
    https
    144 B
     70 B
     1
    1
  • 1.1.1.1:53
    rcs-acs-tmo-us.jibe.google.com
    dns
    76 B
     92 B
     1
    1

    DNS Request

    rcs-acs-tmo-us.jibe.google.com

    DNS Response

    216.239.36.155

  • 172.64.41.3:443
    https
    3.2kB
     5.5kB
     10
    11
  • 142.250.187.196:443
    https
    3.5kB
     8.1kB
     11
    12
  • 1.1.1.1:53
    update.googleapis.com
    dns
    67 B
     83 B
     1
    1

    DNS Request

    update.googleapis.com

    DNS Response

    142.250.179.227

  • 1.1.1.1:53
    remoteprovisioning.googleapis.com
    dns
    79 B
     335 B
     1
    1

    DNS Request

    remoteprovisioning.googleapis.com

    DNS Response

    172.217.169.42
    142.250.179.234
    172.217.16.234
    216.58.213.10
    142.250.187.202
    216.58.204.74
    142.250.178.10
    142.250.187.234
    216.58.212.234
    172.217.169.74
    216.58.201.106
    216.58.212.202
    142.250.180.10
    142.250.200.42
    142.250.200.10
    172.217.169.10

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.