d14247ea058ba1c1e625370d00dcfc41afd69275065be576abb008936dc87db2

Analysis

max time kernel
118s
max time network
135s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
14-01-2025 18:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

com-mod-tasker-mod-apk-v6-4-9-beta-5405.apk
Size

40.1MB
MD5

a3e67dd6627319f1bf57f22d47bd779e
SHA1

785d513dc4be4cfa90f41ad18e6935ffe8d5a2e3
SHA256

d14247ea058ba1c1e625370d00dcfc41afd69275065be576abb008936dc87db2
SHA512

7fe2023bebbaef5fc57001430f20483b127480b9342d7edf0866b08f65eb10e6b046f782e312cf6e73fd04324be311b74d80f2eb39c95a375c9293b66d1324ff
SSDEEP

786432:clLgf64/Szm6qRr8PwCQ7I+j7P3AAUsYi2IRSPzOdmdljlVWgXijsIJe:clgd/SSCPoD7PQALX2I4Pzsmd4gSI8e

Score

6^/10

discovery evasion impact persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	net.dinglisch.android.taskerm

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	net.dinglisch.android.taskerm

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	net.dinglisch.android.taskerm

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	net.dinglisch.android.taskerm

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.dinglisch.android.taskerm

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	net.dinglisch.android.taskerm

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	net.dinglisch.android.taskerm

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	net.dinglisch.android.taskerm

net.dinglisch.android.taskerm
1⤵
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries the mobile country code (MCC)
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4227

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Hide Artifacts

T1628

User Evasion

T1628.002

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.dinglisch.android.taskerm/cache/amac

Filesize
100B

MD5
278bdd5c02bef60e2297398b2f384aaf

SHA1
2931ff408c4e220394a15cad4b71d87f2ce337a8

SHA256
94d17d1f308789636300d7f2def7f66cfbbbfda317884e2dd433ecd857776c9e

SHA512
c5bc5914f12fa2e1ffc0c4134290e9ca4728ff1b54468bcd77936b913d544b9691146fe978c33bcddce2eae60320f6c0117b860da6df1e84c0e5c41368d0a205

Download Submit
/data/data/net.dinglisch.android.taskerm/files/autobackup.xml

Filesize
214B

MD5
3f93156cbb926cd23906d89e80f4c780

SHA1
b229d9903f1f964d597d79ea230b6bd332c422a7

SHA256
3920dcb64bff669d788f8628aa3f839ea48ffd4655ecfbde3a08422781a424bd

SHA512
5ead48cfb893c64b4ff45ef09f5fbe4b68b49b69611243e7667ab92f67346bce37176b355631ce66eb00316a0540c972b2e1d45deb41f22de56d34ab694230d9

Download Submit
/data/data/net.dinglisch.android.taskerm/files/profileInstalled

Filesize
24B

MD5
91f31c6ed9ac012e1bddffc135f5b3d6

SHA1
436d6beb2ff5eed3b27332a5f52e123e7076c25a

SHA256
111d43c3d83553229f8b82599f1c86850f7e0742fae5eb4710eea1f715dc075d

SHA512
3c77bc306cd7efb8d48d4d6ee50fb61b0d40f08131116c9baf9d5f3e9b266ebe98c86ed5531b7fea9c36e9423e54d4282671e3debaa511a885dc4c227370e276

Download Submit
/data/data/net.dinglisch.android.taskerm/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
8728b79a080d31b709cb22c1262e83bc

SHA1
20de5114be67781992bb225de1c857c3c9e074b8

SHA256
735d41887af4907f53cd26e558cdf19c371eea5cdcaf28e11b25364bf1302cac

SHA512
44244b82c3c6d6c3c7d3ca86820354377325c95a42bd7862ec6c794385bb3612fa0cf16158492b4b93bd3849d723ad73217053bd647beedef7ddf52ee4d7fb83

Download Submit
/data/data/net.dinglisch.android.taskerm/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/net.dinglisch.android.taskerm/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
749f4d5c3c9725a0f516e19ddcd2e872

SHA1
450247a6e0197c5545765bed0d9d8220f72c461f

SHA256
8d6315b1af0ee6493b6c31a489927dc8f52e5b76dcf4a746521f7a206e1b938c

SHA512
02b59898964a9b96310e99ac11b31924f0a4ef0251dfd4150104ee63f3c6a4c69f9cc711b76c1a539edda902aba9163167a1b4cf7a2deeeca94a468404f3b15f

Download Submit
/data/data/net.dinglisch.android.taskerm/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/net.dinglisch.android.taskerm/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
0956afa3197de671955ad50f7d25af49

SHA1
63b8053bf61b7ed0049c1745849bd9f1a2549dc3

SHA256
e1df36703146b03701655432112408f8cf632051b43d1df77683a5f107a8bada

SHA512
f6a13519916eadc62249d17664f40aecda28e358e352b4055236a1ab3f9c643fa98b820262019d61d2018ffb55d0baa8e90c55b1fb886d58fa54b3ca98baa2cb

Download Submit
/data/data/net.dinglisch.android.taskerm/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
28a9ccc068481fa819a5a91adfa2f864

SHA1
8321e482f8bdc584f78ab9e6d8444678ea96aba9

SHA256
b7f1fb9d187bd44a68ddc735b49d3de12cab989f230500537dc28c32dea005fd

SHA512
5ded81df2f80ba0a29ff65dbf5095b037ff5e4d7cbd8182186f78d70c67dd9e57fac29140408f47c65cf0df248b7a26b357ffb935629cff7f3004810b2ec1511

Download Submit
/data/misc/profiles/cur/0/net.dinglisch.android.taskerm/primary.prof

Filesize
33KB

MD5
61e87816681b2f49df819a5ed75dca3a

SHA1
badea389f854b40106222edebf3febd377512c1e

SHA256
63620a10ba9d10f20d67c26eaefae8aafb0cafdbd3b44b598e5ac6cd11be93fd

SHA512
7eac736c720b77bb4333acfd865d21d7aed7a2328ba667b098980a99a76063ba64f772664901cc90b96843c46859f90c7be728e3970b72850330424c348d3eae

Download Submit
/data/misc/profiles/cur/0/net.dinglisch.android.taskerm/primary.prof

Filesize
11KB

MD5
da4c0c36ac84311528ae780d3c1f3204

SHA1
32380c6e2171c9d1bda2950e433e172840764da8

SHA256
78cb60e400f4d74147c6e2bbd63afd0f83627f4c801582b6d644b46f111be388

SHA512
a6ebf2a1aac71ae2d53d27e81eeeec227782923d37668e6d2ea2c1b598acf9e68f6f2f67563cd137afd0e43007e983ab37bc4ea4ef603a2d99cbabb9fa1482ac

Download Submit
/data/misc/profiles/cur/0/net.dinglisch.android.taskerm/primary.prof

Filesize
23KB

MD5
d939fa795c53c85988d4e23ea87dae3f

SHA1
dd86d489940fa2a2ff4d2583bf54719b4372d097

SHA256
aef8b7168b55b5f27f8f233b2fc758723c7c8721af6e4c03d33ba0b2b3f85d73

SHA512
078a6c11cc8e321373328183a8a0d2cc99605e9e197db0e60bc14a954050f0c7bf2b7e5879226a09879a6809ebc235ecac213044c7da33a1e4cd2879c3715972

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads