bad1cfd200f08fa76278dd11e6e7b28004402f58312f1771fbc124c257819285

Resubmissions

14/01/2025, 09:27

250114-le61latrax 10

14/01/2025, 09:16

250114-k8wlaatpct 10

06/12/2023, 18:03

231206-wne9cabd79 10

08/10/2023, 00:01

231008-abc3kaba84 10

Analysis

max time kernel
3s
max time network
38s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
14/01/2025, 09:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

394534c9ad058e4e99ab6d8c48dbaf12b18c823a374c58f799e01322fc414faa.apk
Size

65.1MB
MD5

3a5c78dddb02bb3e9963e608aeec461c
SHA1

22d821aacefffad8934e3f07fb9fb43805493c2f
SHA256

5fb1886775252b05f43b7245efe35ab155503a525ed4c59e06b3d757692e4a82
SHA512

964d6040082ed962656bfd5218c64c65d6916aa114304d2006225100e0e6052005518acad18fbca747a7c6d36b4faba21d244a58cf4086fd24f7cbbfd4b75cc9
SSDEEP

1572864:bm1DBaMz9HrI6dVbmzlhnlqIWaOaVA3fIPXtJY:WBaiI6dVbmz3Q8DXXY

Score

7^/10

banker discovery impact persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.eg.android.AlipayGphoneRC

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.eg.android.AlipayGphoneRC

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.eg.android.AlipayGphoneRC

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.eg.android.AlipayGphoneRC

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.eg.android.AlipayGphoneRC

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.eg.android.AlipayGphoneRC

com.eg.android.AlipayGphoneRC
1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4275

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.eg.android.AlipayGphoneRC/crashsdk/tags/CRENOHPGYAPILA0DIORDNA0GE0MOC.meminfo

Filesize
332B

MD5
3a354bd9449fbd0d30cb25234bd11db5

SHA1
2c7aae20ed210402d0eb1936ff0e94f900143d2a

SHA256
cfe3a7844e4b2ecb891967a9b99da6998a9052df2def28e3fd58a1c081f96025

SHA512
fac670895c6db86f1df1983015f5e5aa5db02983f7995415e0b88edb85aaca07efc03d6f607c9322569c59be5397583532c2b6b817e91f71a843848bae31c0e7

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/crashsdk/tags/CRENOHPGYAPILA0DIORDNA0GE0MOC.pid

Filesize
4B

MD5
eaa1da31f7991743d18dadcf5fd1336f

SHA1
b35f0fe50be584073cee5dba6f6b7ca0e4782720

SHA256
f69b0e3717c397d562c3d2a419895ef63413a5ba0636da66ac2039fbd70fd211

SHA512
7861111754961e4aa5ddaa70c068a886ff41f1daa01f2d9808fe9571cec98e7f5504acbc82d024a056e4ee24806f8338d4a3a270455ce859cd643dedaed7798f

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/crashsdk/tags/CRENOHPGYAPILA0DIORDNA0GE0MOC.ss

Filesize
1B

MD5
92eb5ffee6ae2fec3ad71c777531578f

SHA1
e9d71f5ee7c92d6dc9e92ffdad17b8bd49418f98

SHA256
3e23e8160039594a33894f6564e1b1348bbd7a0088d42c4acb73eeaed59c009d

SHA512
5267768822ee624d48fce15ec5ca79cbd602cb7f4c2157a516556991f22ef8c7b5ef7b18d1ff41c59370efb0858651d44a936c11b7b144c48fe04df3c6a3e8da

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/crashsdk/tags/CRENOHPGYAPILA0DIORDNA0GE0MOC.start

Filesize
25B

MD5
0d6226f55002f2d9e56063ab866b0aae

SHA1
3889350ad2ecbc40565e99455c57c0760ee8127f

SHA256
7075dc84f98217c27828592c62d6282566a4cc6844afd6c946bbd7e1fe35e966

SHA512
83ea5e654d6bbb3677b3d996549abde9bdbe359ca1fd6fdf743a7c45529d230cb49fddf0df9f69067085a06329bc1442983456322533e7d833c738c730965725

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/crashsdk/tags/CRENOHPGYAPILA0DIORDNA0GE0MOC.status

Filesize
276B

MD5
f78e1f7d0b9ad5fc739af079f3a799d4

SHA1
ea9afe0af71d2681eacb977c644724aa95a8611a

SHA256
a06da71f4658c7f2e0904c43a3ce502cd87786397cef3f37c578619ef6381353

SHA512
9b1d1a7d7a8788f456928b05ff4525334f48b4fc9d85e9a438a6ef7270eab406201c825316f68e41b041d24df565cb1c8e365e42db26404d1d9072283575eb8f

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/crashsdk/tags/CRENOHPGYAPILA0DIORDNA0GE0MOC.time

Filesize
14B

MD5
8e0cfef05a77227737a4cdd985735b6d

SHA1
4acfe67217a68aac88bb3155625724d8dea9708b

SHA256
576e12d63f77964672dd253670ce03b3a15259ce45cb021c74cb9facc09ab5e9

SHA512
b78329d84ec33f54070677cfd30c1dab6af558aea7e20aabb94bcad751a6a71fbd9957ad32f3d38f21610f95c0aed2e690f6e47b9f0a69ea5e20cb56da181340

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/crashsdk/tags/unique

Filesize
36B

MD5
72cbe8bb545196b08d4fc971554f7043

SHA1
dcbbd4e8f256ad92792c95dc58d916b2439185c6

SHA256
fa6fe83ccb53da152ee55caa04d2ba9f5cb299e8365edbfdf4626b56518e6633

SHA512
06e3d84f73b89c7f9134703bcc9f8bdcd8da73a04a27228e96f2873e65ec8a2fa7ae1c2b8276171486727ca17c3857cf9195da1c4b1dec3eb677be09bffc8707

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/crashsdk/tags/up

Filesize
7B

MD5
bdcf8bf8ab2fc402b9852bacf0e97b98

SHA1
023fe2db2efe880a289c2a77d1ca30f4f781da22

SHA256
3296952102a5250a93b790d3b7cef5a03fc125f2f4b9a1a8d407d5120154b3fe

SHA512
7fb94f8457e84aa6b4b0a0e6395bc5640713df6745fc95d7a233da3f81c78ae07a0b1ce0a51e2511689fd9b30b2092a53cb208a565c48e39eaa2ad40b317f9d4

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/crashsdk/tags/ver

Filesize
31B

MD5
deeeaada34f79b44f619e16d03310b36

SHA1
bad5872da4adb1a99d55087724301a1a5f823888

SHA256
867b97b70f8c9ac9ec34bf547fd6997f17ab964e899e459debfbfe06d5ec2197

SHA512
46c61df9ac52400eed53db397df2388f124985bc9e92f737fed180f04511665032345e20a8cd9acf2363faa58d3e0f2041a1800a065d0c780bdd27ac84bfbd33

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/databases/httpdns.db-journal

Filesize
512B

MD5
eb0c1eb651d91ad5d27eae1fec1b2fc9

SHA1
dd8289525ade357dc3b95d3c6b487fe48e8be209

SHA256
21486b8b45895d907048c97098f7a496f0634d8a3e0f588a4e6d18a9a25b572d

SHA512
4e825d102eb66e5ec0ae8d1f4e63e5183c20ab20afacc44587872badd0c21edc298b9670f2f34492abf90c262cf14ea7f35fc2c404e3085ce3f922199bf3a0c1

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/databases/nw_conf_mng.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/databases/nw_conf_mng.db-journal

Filesize
512B

MD5
32d464f79812e60a00e5c108b0dd0034

SHA1
a9b289f4a04b2c1e1273aca59ee008e161e0a0d5

SHA256
33f54720f54840e4ebedde5226641c53a7b000f3f5b236ed2ee48fd245cd886c

SHA512
15584143ae458818825a50be35e19ae521b34d1a78a84b85d7eb2f7b4aa8ec6bb1a7948837d675b777d5beac20dfe2a29cd5241f222b4f08c6e1e248b83acd15

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/databases/nw_conf_mng.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/databases/nw_conf_mng.db-wal

Filesize
36KB

MD5
284a4cb8fc25764fcaac424a2e567d61

SHA1
2d0a0f10b27659ea1f55c0dccd61078bf3e0abc7

SHA256
5ef990b315ee5c0d5fb9699046c68f10e3a96a27506df586f19cbc630100d8af

SHA512
ee0ddb91ace52e791f23713960b7e5ceee97cc64b485e5fa4f565a92aaedb9a35ea5f62195df4215e729c133248a26cdbfa58f6508e2aaa6418cc983e0ea2046

Download Submit
/data/data/com.eg.android.AlipayGphoneRC/files/mdap/com.eg.android.AlipayGphoneRC-main_AliLogin

Filesize
431B

MD5
8b69648849321b2ac5a215a980012e2f

SHA1
e5a549c9be422cf5c298004745a545b40f50d4e5

SHA256
45a88da19bc075e8adf27edd76a348b09cfd8a735a8c0d3c71ec8cece0113e51

SHA512
623655ca0c9454c667d14b053ebff2db345e1e14c05e36efdc712f1ab90a642c3b1e2cd034b73ac6d48976979686bd7ef91819350101e3d4eb52c77cf9b0edb7

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
b43e08d5ad46a8f25264a259c706aa6d

SHA1
e2c0170d84890d9ce3219e91e32ac0d360031700

SHA256
5c8f7c742950270465abd4f6c860834a2e8c40d76c71e106f71eee9644b00823

SHA512
58e66a910a659fe0c8f18b17a8acc05a6e4196e3d8d6346b1d7f81e3221b890f1679c6a95da4800fcf5f9aa438e0e5b20fcc4b08fc27d980ed48fceef136fbbd

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
661ad7dd6be51675d927269db6d88a33

SHA1
00d9b859da640183c4b95b6dd7dedaf0351190b8

SHA256
8b4f49b1001298378a0579bcb301c43d5805402681235e438b2af7f9776f4e83

SHA512
54df9048ae5a26e2cef4d4d4f3707b7b95c8e600360eb0bb7f49d2b07052769f7567c9ba50858d3b1176027715bde5e0bae2bcd970f69c3b8abf9bbe66015203

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
58c8004d35a67b458301aac8d117960d

SHA1
3098e19b3ba643ea0cdb5049d57fd68dc93e3a1b

SHA256
0563163141f8073055828d0996e4c3ce49bb79d3a8def458d89d799b91783617

SHA512
1b44e3b837be0f7ef788d45230d22d13c315a3d5cb6214a1b3fc21779a21fc985bc156174b965dcb6b01f2774f57455c4fc38cdf4c526ed911a1651b448468b5

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
9d7a7425c3a564b69ea094838571ed29

SHA1
623be22b1525ee1b17c729bf5cde50ffb96b29ae

SHA256
641f1bca653d7b44c3b623b7fe815ceb2facd567c124beb0e4da4afb9e25ea97

SHA512
9a045f86de44cc896c11e59c555fbfb68970f98436ad7bedd9cddf1612f4e02788d3f374e25108ba7d33787955a8479936b1fbf167c4d852d41c15dd6912afe0

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads