085d7e2fafc8b6aad0bd0e8361c5dae7249afa34ebd43d66278af27ace60b238

Resubmissions

13-01-2025 15:53

250113-tb1cmszmdj 10

13-01-2025 15:48

250113-s8783szlen 10

13-01-2025 15:45

250113-s683laxmby 10

Analysis

max time kernel
7s
max time network
157s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
13-01-2025 15:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

085d7e2fafc8b6aad0bd0e8361c5dae7249afa34ebd43d66278af27ace60b238.apk
Size

3.5MB
MD5

2be0c2b438dbc8dd89c0ed34db466f7d
SHA1

c795e972b09cb5a15e7e30ab6d6faad88aafc678
SHA256

085d7e2fafc8b6aad0bd0e8361c5dae7249afa34ebd43d66278af27ace60b238
SHA512

0cef57fff738ed45833b3d4ea657b71a329b5c8fc1206be680ed33490537621c1654e15cfaf687de20be0d2fb8181630fb12e18ba4e49602f234efe624f6bfce
SSDEEP

98304:3Z1IWbE4aPTHP5J2P2R1pozWaLIXf9Y6NJgd2ofrZD1y889wL:3LZFqTHP/2YjozWUIXfO6Puy889wL

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	com.example.mysoul
/dev/qemu_pipe	com.example.mysoul

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.example.mysoul

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.example.mysoul
1⤵
- Checks known Qemu pipes.
- Queries information about running processes on the device
PID:4509

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.example.mysoul/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.example.mysoul/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
26a499460e8b37a07d8b0cb3bad41a0c

SHA1
3c13d5a965f98a6730326b7eaef917d88aff1182

SHA256
38aa08a9fdcf89f435e237ead1aee11365432d838af4456920ead36f5ff9d3f4

SHA512
a86a16cc0894d1c88d84090d687836aec3e6629f089d2af923ce26ec68fc7cbf43f81e93c60d64539c5fccd2ef1ab5eb4eba7593044147d004fb4ab420928c47

Download Submit
/data/data/com.example.mysoul/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.example.mysoul/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
c905f980933845980148956963017a67

SHA1
753566e9a1896cf26ee334bcccd167df887a8cbf

SHA256
146112ef5d1fec70db220d28ec56a78e1840dea9d2641748bc5c0e8497b81da0

SHA512
02e9a5aaa9a61e865636ea2282749e64c89dcf48ab30d46fbeeb96d79a91c78aded29fde5ae07130b78dcd4ad2247ae608d3cdc158dade9cb437029a52d62540

Download Submit
/data/data/com.example.mysoul/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
1e4f108c0259fb15e9741bdf7fd87455

SHA1
841bdb8ebf9055b7004eea1ca1961c4868623597

SHA256
8c7508ab63e0513a1339579f924f5b2c3f6f14f3fce9b2d666c730866514a914

SHA512
ac0f6e7e290e9a410ce3026e803d893d936eaf74c651136b63bcff36975d9ea3376446d36ea102607111dc2919d8ede0124e62ba8dbc5341f6e098f4793617eb

Download Submit