faca6f37c60a21804ad72938553da070f7641bad0a29084da9babfa22e495be6

Resubmissions

13-01-2025 18:05

250113-wn9g7asjat 10

13-01-2025 18:02

250113-wmhyvatpgp 10

Analysis

max time kernel
217s
max time network
298s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
13-01-2025 18:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

faca6f37c60a21804ad72938553da070f7641bad0a29084da9babfa22e495be6.apk
Size

3.7MB
MD5

0fde05a59f67cf457fb60b55793e8cb6
SHA1

de648669eb42fc30c300615de65922fd1a01a166
SHA256

faca6f37c60a21804ad72938553da070f7641bad0a29084da9babfa22e495be6
SHA512

7d1e643febdf2a45fefa78f5be947834a637883a1adad3b8cbe5bf89c1fd6acd5d99b1b67df89799d03a44961cc6adb16ba298a9c4d896aaa81a7edada098047
SSDEEP

98304:dz1y8VQyJ8pVZflV3BdXs0DDVaLccrz8e:ry8VZ8pXfl9Bd80XVUccH8e

Score

7^/10

collection credential_access discovery evasion execution impact persistence

Malware Config

Signatures

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	com.example.mysoul
/dev/qemu_pipe	com.example.mysoul

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.example.mysoul

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.example.mysoul

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.example.mysoul

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.example.mysoul

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.example.mysoul

com.example.mysoul
1⤵
- Checks known Qemu pipes.
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4345

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.example.mysoul/files/Bwnu877gebu9

Filesize
40KB

MD5
f2fdb59f2eb823c4f5e959f970973f1c

SHA1
7f8ca86abaa2e464904cbe5817074f5a2f80e56c

SHA256
904b998afb4fbeb90be14a01c9456374a18087a057a9ea159b3d7573eae331d8

SHA512
7e726c9a4a64b7433262bece27d98d16266cf35f63f0e80fa18ba7c641658398e3fef68677ffab2f57cabd0f4f6448109ed8ad355c304e0a12857c687a6ff3f0

Download Submit
/data/data/com.example.mysoul/files/lang/ar.json

Filesize
5KB

MD5
6cf44569f41e5f0c857bf62127909789

SHA1
e3515d92ec6541787de1eb9da524fdf3d4ab7c11

SHA256
969b927fe71196dc78fbfadf008bfc5614de0643c13c440181992e6d534cab92

SHA512
6a8cb20c596e8b0813c14d2c5e5da4b1c20e9b31447d7ca974cbb7cb95f6bdc8d29667fd14a1b8dd1a6823b0fd28693424fe28afd7231f94c991d6be80e5204d

Download Submit
/data/data/com.example.mysoul/files/lang/de.json

Filesize
4KB

MD5
640e3a359a2ce2dc2b38f32103d0ddad

SHA1
29ee94d7a2379d36711260b123018a0d324d1d65

SHA256
e46ee30b8f4d76dd82a41b141f0152b9d4de6391baba5a421445e123af4ef34c

SHA512
3c29404879e2e5c06edf9bddc2588015e851548e9560dc56baff768eb2246133a7f951a0bb0527d78957541f0ecf70c8d90b39abc53b10e8847280a727a91ec4

Download Submit
/data/data/com.example.mysoul/files/lang/en.json

Filesize
3KB

MD5
4fda6fad17e9ef88f897241f321659ea

SHA1
b4a647fa4adb9794847ebb6a653e314eec2f1919

SHA256
6355a77e4491e9180c5553bf17a0e56d7a334fbc96074af1af376d41a9bab888

SHA512
55b2b0a3b5b8fd6f934524870f4c481086b0cb1fda24c84329a843ed54e7fa15d03477cf8ea2ab71406a056f94931be5ff4318b32033dcbbfd759aa42e4cf112

Download Submit
/data/data/com.example.mysoul/files/lang/es.json

Filesize
4KB

MD5
11374f3401e6e6c3727d69a0add7f819

SHA1
735eacb25ad4bc087d56142a7349282d6f3d70ab

SHA256
c3a61f4aa50b93c4471e9558bb22c988ff28c5a03d4edbbe048b5ab2bce1dbb4

SHA512
69f7223d0128d1dd26e8ee0f8b4f3263e5896a63321df4bcf297cb0ff1af6d180888077773cf89baf8e756f659ad1e44c5bd425bbc6ae8141c6f7f2aa9986904

Download Submit
/data/data/com.example.mysoul/files/lang/fa.json

Filesize
3KB

MD5
432d55defccbe71fb41cc62fade92e10

SHA1
8ec97d80caffb4b1fd2eaa7280a42797cfc3d1bd

SHA256
8d794ae5892ec5f1b3e3f1c0552cc58532eaa4c921eb4420957b5b9d8276be2a

SHA512
b765049b29f2b6f9e4ae65275190155c669f4b9442c0d564cddfdf909fdc6c110c8374e7c529fc7d693911d72b2498f282100c082ac0d0f9edae47033bed6f3b

Download Submit
/data/data/com.example.mysoul/files/lang/fil.json

Filesize
3KB

MD5
ba8a91fcd5090f977a9cef8b69d74c4e

SHA1
3bcd775b4d8faec0e46af3ed2def7765e3d5e11b

SHA256
894fd3e3600abcb56df4e5aca901741bd9337cf851d6df1c6941c30365ac5cb1

SHA512
8f7011ef3d09b1d60cec10c3692320d562783d27371140c743de3fe072ea001448e221763599011a6252df5bd7953555ae3e177959471569e59257426f16366f

Download Submit
/data/data/com.example.mysoul/files/lang/fr.json

Filesize
5KB

MD5
ce147da4e1058d0251b79ab34fef8c9c

SHA1
b8df0c40eaf201c0ab5f322fd4a89a985c1d0618

SHA256
4c5699a85a51d3950e7b067600495fc61082e3a4ec2a7e18b3bdb6fe6c82d3d0

SHA512
6dde2b085d18340daa38be4908c22c0cce04c6615b30d216c591fbaeda7dd2b08d15c4717d552d80b9aef83ef26a9fef9b727cace604cd528b71bc40e9b0cd2d

Download Submit
/data/data/com.example.mysoul/files/lang/hi.json

Filesize
6KB

MD5
f075b48093aef67c34ad551121156950

SHA1
9a069734e4c30fc44d75bc4a896091c822af2350

SHA256
5596e6460cbda748965e898e1b34f036d26889d0a22d5ac6d6bf44a05d38f72a

SHA512
103e06b4020e0789fc23069be15964048e27626c59fb40d0ab7b4317f58908b2a6c0425a4d061f896a82e7b26afe99cbf1e2fed50bce4ce91a5acb0a289474d5

Download Submit
/data/data/com.example.mysoul/files/lang/in.json

Filesize
3KB

MD5
82b8ff572b408c1b2c4917c32c4b438b

SHA1
ffd66a043d3258c907ea41ee364158b1a71451af

SHA256
de09e1ce11982f78e15f8816179029f5120b4b050063cd7c035bcb630883b3a0

SHA512
2a470cc60a6224c563235d760aa54cca77b14caccbad9b580685be289e13253ca36c5053a759f526fe04a73babb32ec2713b05b1dc46afbdf66cd6b6a80a0233

Download Submit
/data/data/com.example.mysoul/files/lang/it.json

Filesize
4KB

MD5
61ff11b0ddcf0292d22cd8dd27b4b1e3

SHA1
c7ddfe72b92207e7e4afde422158fb335780e582

SHA256
b8f48372c899dc8e1ed06d29559429c9e75090bb2925fb8b310fc0ba4a35b089

SHA512
a78190319a32c09c87bc124226123607a116c990ad35ff26ff971fb44470c14492866d7eb825b84ba0af4a52ec2e5c22a8c23079c6f4d5f41db73bd903bb0153

Download Submit
/data/data/com.example.mysoul/files/lang/iw.json

Filesize
4KB

MD5
afb56e0518e6483857ca83025194d484

SHA1
604bf9db8313357c58e2dc1c594a2fdfa971f880

SHA256
69ffaf407d5ed09e0e262f8e5b7c9bdb9c35a633c27d0d9f9a8ebfbb4a147778

SHA512
a6fa9f0d35051434137a7654bf7cbee16aa285fbd042cea576269b20a5708a80694a82c782837d63ee6a9a110015ef5e75a49407b38cda06e7f416dff49909c0

Download Submit
/data/data/com.example.mysoul/files/lang/ja.json

Filesize
3KB

MD5
f14b694bf73f41f556fce0f7c1c7aba2

SHA1
8c962cf2e1c507273ba388ed8c1b2db8ea743f0c

SHA256
1e87d280011f87f19e1269b74aa82b6885b38f847286635cfa921a1aee863df4

SHA512
e0b7a75835db5930c41700f1ee70690820f0039a192b8cad39205afda441facc8cd492db46207b6edeba1a9efcf486642ddfb90640e30a6790dfe4eca0893a7b

Download Submit
/data/data/com.example.mysoul/files/lang/ko.json

Filesize
3KB

MD5
3205099fe676ded66dc1752f1bd244d7

SHA1
0f39e9fabc5cc42ce4d6cc2f5197efa0c01449db

SHA256
e4270fdabe9da0fef6d8c254e1b41857e08ea46ac568478efca632588b0256e3

SHA512
2d397591eeee018795021b89b67938e8c8b9a580a3c5443ed2159e0719892855d926bc85526e3c8c766c9dc352df1ce963312ee315ef5eea9ec3d43ace3c4bb5

Download Submit
/data/data/com.example.mysoul/files/lang/ms.json

Filesize
3KB

MD5
e96000f78015cfc5cb311a5d55ea903d

SHA1
9aba1d2cf4404c118fb81d8c28eb5dbae3afc72e

SHA256
a19bedeb70fceeddedd0b071067f304b9da5d97e5412316312dfb7599e10981a

SHA512
d352b08a55504411086a741d04713c934ad54b2253e0fe54ac7c4cc0830693bb70db5644eb20d1ccebbd9199702b13a501a3d0aad9db9ea57424db77449893ef

Download Submit
/data/data/com.example.mysoul/files/lang/pt.json

Filesize
4KB

MD5
32ac1770820500ee1677993404dcd7f0

SHA1
3fbf82185713648f5cbba35a4d8e3b41b876caf6

SHA256
93fcaa60d9267a33e50c9fd9c44ed3303cd5987daf15b387ab4bf956a8c6b0be

SHA512
914d206b72552cc17587d3f60c602e6bbd5e285f668dc72abcfb8d3b0d992b16964d4fa4fca0bb9ed51a8c9d975fe39c1414141f8bb56b694b637ee072e66404

Download Submit
/data/data/com.example.mysoul/files/lang/ru.json

Filesize
4KB

MD5
089d720ca4a4609d1bbe78cd1522a690

SHA1
f4449ba78f13b4f75b9da4c55286a3f7e90a4237

SHA256
23c31d9925151e141e001c71766f5965c52ba4ca1c1bd082c41b6ea38c308f84

SHA512
7fa49c6fa5d9653b22e9b08f75f68f894ec335c78273950ce2f186b54e0c47667e9de605ceb9c5b93f23fe04cf0d59a3a26ee8eaebc86a9cee4b9558fcbc7b17

Download Submit
/data/data/com.example.mysoul/files/lang/th.json

Filesize
6KB

MD5
f074b0757ba8a9f90269f49a563be662

SHA1
7ba07c6be010f6c802fd0da961263d4e490392ff

SHA256
298e182a7304ff2c6706c20122efa5753b5fa02bcb50131d750a4d3b9bdebba0

SHA512
ce807faa4a451d97771112a9d32e47ba020d44618eddda009cd35b5bbcfbe31a767aeeebb90b7a131b4abc782c24b462b19f3667f34eed5b9d2c36612048c2c8

Download Submit
/data/data/com.example.mysoul/files/lang/tr.json

Filesize
3KB

MD5
26dc5030784cdeb1fe62f5bd935affc4

SHA1
634906f3892ac9c1e3c31b26a82a03ae5adaa3ed

SHA256
379c021bce16218f35c96f1c9b6306376e67b5aca9684d5b0931fa2e31105014

SHA512
e9fba48ea3a6b66c2c3a0c9514f3ccffd0fde77d7937de2c4797104f8e1b051afa515b12b7d6d5b3b4952b6502c2526f6ee16fda2eb9b91b433668b695bea709

Download Submit
/data/data/com.example.mysoul/files/lang/ur.json

Filesize
3KB

MD5
3a1196e350fda1f7303f8a12defed7ef

SHA1
872778a398c24ae7bf8ae3901b211ef8c7988fcf

SHA256
d56628f27dabf4c48f9e1017ad068786624bc742cdf7a3f6f9401f3811ad6e3a

SHA512
d675f18d600845dca66f2b34a39abb8bb607c10c85747a95e04ca43225b5f223f41b5eb2096f3b7e23a008aa3cacbdcfa0010d7a31c611a8ee2c84b8dec734d7

Download Submit
/data/data/com.example.mysoul/files/lang/vi.json

Filesize
4KB

MD5
968fc0589e584445415d464bbdef70c1

SHA1
73f25c387d7df784ae9629a9d71dc850482402e4

SHA256
da48f32c6cdad63aa141aa02260042f17ba48e6ba0fc86bc47e24537ed663683

SHA512
57260346866f2148288868f08eaf3dc05f7c9a6294d6eab4940e5deb428a3173ac6b246b755788dc74ab6a22675fe19d026194fb4fff7061922043feae6c4f7a

Download Submit
/data/data/com.example.mysoul/files/lang/vn.json

Filesize
4KB

MD5
bf5c526542440d3f932b9f8ca30777dd

SHA1
b485a9ecadbfb15cb19a75fa6874f06732458ab1

SHA256
327ac20924f2dcbed1ef1a5ee1a20e532b26ed55221720f8e39115df48f20fb9

SHA512
309148ea8446545e0d81873315b4d866ae4d326513e08cc9557159ae7c974bfdd8bfdb7d83e4f180f253f8b9756013897d26ef34279d389523332e988ced3eb5

Download Submit
/data/data/com.example.mysoul/files/lang/zh.json

Filesize
3KB

MD5
f94499b21887da5005957df04797bf74

SHA1
cfb812b13a811b00da3dd4bdff250f5cba00d2a4

SHA256
e85a56506e1b64160941488a1b68cf594a367d6f8d0db7aefa7ec67c803c75ee

SHA512
ad56a3b53d668f6c4909712f22495118aaf061d44ba7b09569ea0092cfe083a1002df3424e660652bc140385fbaed859e103637522e8ae53a47d5eea196601d5

Download Submit
/data/data/com.example.mysoul/files/langs.json

Filesize
16KB

MD5
92f4fccd58415db0e92162a51e719449

SHA1
15f497fd30d342607967aa873c78865d9472c5f0

SHA256
0be3961d25c265074fe92a0e0f18bd6b59f7fce478a964b156cfb6573dff3c04

SHA512
606cad27d1ffb6d5e4c03ca5049cded29430665937c94f05f1b755694338639d69715025e55707275278d40ac54cc41ef6765211cf376db6a79427726c9b0aea

Download Submit
/data/data/com.example.mysoul/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads