275e49361237833cdec20921929fe0cf9f76552d77d8fae601cfd29d2d2532c0

Analysis

max time kernel
5s
max time network
155s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
11-01-2025 22:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

275e49361237833cdec20921929fe0cf9f76552d77d8fae601cfd29d2d2532c0.apk
Size

3.2MB
MD5

bf2a2f3b770a9981c697f26cd0870f2a
SHA1

67a65c7fe1eb75495a63dd2bcda8f8795f9e6c8d
SHA256

275e49361237833cdec20921929fe0cf9f76552d77d8fae601cfd29d2d2532c0
SHA512

fc25a59b347ab42e97c977159644f49780aa1127b5278298c44988694b177caa2611bd86a00e8ac851765b9ee1a502141c9aaa5c20668b791d0fb8f5baba829c
SSDEEP

49152:O+NcRCY35qK6xWOKzR4gu0xNV7yGE4ZTYb3XCXsyT9hTtjoTdx6Gg7Li:BNcQY35qKksegP7pVYb3XCXLJn83g7Li

Score

7^/10

evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.wantbook61/app_ded/bMdd83dBTJZkJLo3Qmq5gv0mEF1XorOz.dex	4505	com.wantbook61

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.wantbook61

com.wantbook61
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4505

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact