8c284a2e0c84546990d59c7db4beb248cd8a5f01e42b1ec919bbee6fa7c99a16

Analysis

max time kernel
11s
max time network
309s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
20/01/2025, 23:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MP3 Cutter Ringtone Maker v2.2.6.1 (Pro)-android-1.ru.apk
Size

22.5MB
MD5

91dfc3663252f63e82d1ec051bd2b537
SHA1

0256a855ad5662fa893cb1c00d1bd42a9af18466
SHA256

8c284a2e0c84546990d59c7db4beb248cd8a5f01e42b1ec919bbee6fa7c99a16
SHA512

529382ae6b94c4c52a9a6a6d9b7d8dbfd208db54aae55b265644c2e877c7d331b7fc21b6e6469e52afbd4f267f80f90118557b1d364590ba3f77bc9a2541955f
SSDEEP

393216:dpALxpWxJzwmF3BZYUdqf3piF0l4+jlpx5278Xok5nHAB5iHlF9RQV6aEoh:dpALzIzHF3YUAP8S2Kl/Afk5nH2iFuVZ

Score

8^/10

defense_evasion execution persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

defense_evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	ringtone.maker.mp3.cutter.audio
/system/xbin/su	ringtone.maker.mp3.cutter.audio

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	ringtone.maker.mp3.cutter.audio

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

defense_evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	ringtone.maker.mp3.cutter.audio

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs

defense_evasion

User Evasion

T1628.002

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	ringtone.maker.mp3.cutter.audio

Checks the presence of a debugger
defense_evasion

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	ringtone.maker.mp3.cutter.audio

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	ringtone.maker.mp3.cutter.audio

ringtone.maker.mp3.cutter.audio
1⤵
- Checks if the Android device is rooted.
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Schedules tasks to execute at a specified time
- Checks memory information
PID:4521

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Foreground Persistence

T1541

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Hide Artifacts

T1628

User Evasion

T1628.002

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ringtone.maker.mp3.cutter.audio/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
e5b6a89c3d0439cefb67a664b1fddbfe

SHA1
ca32c5ff42e4ea5157d7f21d715493d102d5492e

SHA256
e0781c824af41880909c82ffd088f185d294e46ed2d1691ea90d04b3c64b50eb

SHA512
93b24c61c18eb867f966205c65739638873e6995600bbcff9ff6f74f3fe4332559db6e71beef438fccadf20e53b0715ae6ebb4836c168c04c76905284ad57603

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
37162c1226fbbca973d0afc7faeeddf7

SHA1
95126c16bcd267fc1248d6ba2e108de10e6ee93e

SHA256
5f015195d8438215b2bb35ff3f8bbc26cd40339d3debd78e45275927265c70f6

SHA512
245a11cd90ada8e3334dfed8af48cfb19cf21f2fb398583adf5e4a524142a5d0891907eeed8fd9691f6677a5f0094f5aaab748464d2ba5946dd90b2eddcfca4a

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
f9de1e39f11fefc1081f81c9d1e60e51

SHA1
15d7b5c1624a8cd53a6725a0842deaff76335a0f

SHA256
b27aa0147ec35514a8b967bff464f1606d4ac417916f4bf8985eaef38fc07c3a

SHA512
91db29824aae58e03eefed940d8d252ff57745b2411b4d3f706bcf8a45bb69a460aae1ec99ccb87f79769e21e7f2e059df37601ac4d1738c3f2ee7c7e4b627d1

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
e3564139cd80d456d91e188f3dedba32

SHA1
fa355174c242013555bf1158baf59b52fe0e836e

SHA256
f298b0a9ef4dd5c3f279693d1d0be025c39ce9488455d815fdc5e61fca355c44

SHA512
87a0efb4a58b9c5d2c62d0c4068916d6efde3f60f7dd3b572dfe6ce461b08c9593f9519c0357dceb7d17632c92d8a7e9aa0d1d793904ec587005838d7ede5b6e

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2cbc7ae5eed51a94c9d8ddda76bb1718

SHA1
d3eebd75afa003ffd69a4864bc597df90fa46133

SHA256
ea552ac7a90da5216041c5004700f710fba9fdab944f476dbecdea65ebfa638b

SHA512
7001c5906c3875ae6d44e2b1c37a44046846e35d8adbee01ad73978a891a5d1aaad285f37e821e00d3cadc41173424ccfbf732abf43f9e7df1775bb6628bf104

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db

Filesize
16KB

MD5
696e73e2cbd588da93a81bbcfcd73dd3

SHA1
864235a3572def16c6f8ce829581e721af1072e8

SHA256
cf7699595247e68dc26c712213ec6a5851e1f758dcc222e25b047d9187fb989b

SHA512
1388fe8ee9372a8429369e5c0f09fec5e9ca1285d005c76e949770084d595894cdf9f3d5a6b39f3665c495790c3186bf26106f616b6d980489437619a8ca6a77

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db

Filesize
16KB

MD5
105fb52086caac7d6f390285e7293f3f

SHA1
6d2403ce014c420bb6bff11191c707cd9d88dc35

SHA256
76c4c268a8b6dc66f1dd66298cd8e9ceb73d498c6feaca31a3dbd4d944c4e9cb

SHA512
7596305b3afb766945647efe4b1251c78a3d949d9630953f51b7b4ef57708547bc58daf7653a792ef276376bd1f6b8d6813064091dc5d2b03b979dee1f5ec32a

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fc0f7e8f97726ecad8de276ce75658d7

SHA1
806be3195c743561ba41d04dd2e37bbaf49e81d4

SHA256
22e619b9b40bc81e2710195a4b2f39769de82774fb9315b2af923c2aace74e32

SHA512
4db484e6bbcc0850a6e4a4458cb5e0f7ec07972fdfba686c12e81a1c3e61eb7a602653ff0cb01b0c209582d2e34482daf4deb260f66ccc0992e32b349aaf7228

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ac46c33a9f6b379df5096faec527626f

SHA1
9965862e605a56b01160c4ce6685b45fd05e050c

SHA256
d0c8b528832f692d86784339bcd39e3eb7444130977778a6b355f43e4c803672

SHA512
278e2fcca77d0abd8183208f0381bf53c59304fe774c56023cbc4c2f75faad7c87130ed56bbc4254d442d241b0485330b197f421cc42dbf5f85abdd3817639ce

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
57988a5bd08223b16f07928879e102c7

SHA1
06dddc4b531b3eec8ecaca4da148bb6c71c57b1c

SHA256
a72c610837934de845b87206d3dd1aebf0eca70169527aeef075678eb9217d0f

SHA512
d2835fe77cad749d60032203f57cf4ff2ff874a83f87654ea88833b46df71a983210a46c76ca856c0af37800aef5a84f0f87cb05dbdc8ff32c9e90c8d8502680

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a369699052c00a14095005b7a105f1cc

SHA1
93e5ccca9d8fa325f5dd0dcdd90e3c2ed4f28edd

SHA256
d8e47680cf13c9678322df5ae8be8c86cbbded3ff25f8fb32c00fbd8b189d090

SHA512
b2ccdaf9934bce7fd145800b1d4cae4389bce63777b8eace6edade6679d69acd16bff1a26a58178abba7bd1e281080317fb24baf62bb9f211a24a0b252c92ab3

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
8efcec77537bb7512c1672af94f8f289

SHA1
e3a2fe2d4e599781a7d1ad36a96c3f63f34d85a6

SHA256
29e65533fb1ba9a7ac450ace37a444568925ab22e896e59cd61614cd2fc864e1

SHA512
37463c01d431cd3663d188b4b9844d2833abdd2530c4c32c2686599d345ae81063e64e2ce00429fd42c46fb78987f99a716ffc26fc94db50f5d6a039561328fe

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
272845e5fc3c03924a7bf744d0aa2d87

SHA1
916ee54ecc127142fade0654279f5618c29f80b8

SHA256
24e059a17e8712e7f16d41988bf67b9109d38b85759d47addf3c4dbfe3be1d77

SHA512
e7597c237f13e0e24ed223aa91ffb6e826ea28edbfc22bab102e7e9576b17dff214e5ff2f8cc285d209bf5ec5f87e444081cd9855f54697d48fb8678f1204331

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e61daab95ddadb56a7079a0954d3c94a

SHA1
81f28a4b4f31241a7051fb31a6b3e33b3fc6a496

SHA256
eb1370c9e43514d965d9dbd0cfbbaa670fa5beb4cbe26430d5507d1da149f555

SHA512
cb11bf58010972f116840477e290d117be8a75018b2f0b206398f10e9031128d10312f3d44d3dd8b9f7083ad5f5d41f9371686155a2c5deecd54cf8f0e01a7f5

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
500a60738f3f7670738a99048c40e626

SHA1
8fb0cb4832a813b3b7386a37a1f47d210eb9bbf2

SHA256
674d44d44815e0cdda4b68565870d7ea4b27640ef0c0f03ee26d788a46b64a26

SHA512
6abec229c32fb7a2f88049065aa611036a824a879904aca504bf587fabfc200d7e04e75619908f5e19b706ba9532152d3ce23241a3ca30ad4fccaef5a104ee81

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/files/.com.google.firebase.crashlytics.files.v2:ringtone.maker.mp3.cutter.audio/com.crashlytics.settings.json

Filesize
727B

MD5
c5b9a309e936526b3ef5ba2577bc44b2

SHA1
60b7b6f8875edaa2f32926fc0245f429419ffdb8

SHA256
04b1b483bcd36628f4effabbe4ccef51fe77363501429640aa361db2654a9b10

SHA512
f84e6977c04e0b3b57efbc6e0bd4c12df4e8a7d992a35080427aaa652c5617f8e578a07d999d258bdad14fea9a504ca1e4ac58796027ea401abb9fc43fe0dc09

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/files/.com.google.firebase.crashlytics.files.v2:ringtone.maker.mp3.cutter.audio/open-sessions/678EE3A40040000111A9ACA7544D8BA2/report

Filesize
769B

MD5
db332ffc842c06a8bca6d83c309206e0

SHA1
a5c8e79a7cebce73eb80d4aab1ae97b13a303cbb

SHA256
8af35aa0d182d05821fd163a318d2098c14dc807f40c08c670718f8e7f129d6b

SHA512
ff2af37fdcdbbab8f1ae95afaf7786d021ea1e1e66f5153d67151bdee48aab826885952daeac9c6ad8745ec76ad7e6ae4f2645287fe51ddf0b8c04624a1a6950

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/files/.com.google.firebase.crashlytics.files.v2:ringtone.maker.mp3.cutter.audio/open-sessions/678EE3A40040000111A9ACA7544D8BA2/userlog

Filesize
338B

MD5
8b2998b567ce511a06024c933a47d9ed

SHA1
f3297d85ae87c2fe96b176b46dbb9230f07e0ab3

SHA256
8007805588cd00bdb4d83c7267bd10e77fe57243628c27d951f0bd89a0a53120

SHA512
e212e30821b221f2263d509f076fd4bd3e4d5252e59ea64600f9cdf61d2bee35d4a606f5eb7e0e0e939f5bcf1f657ec320b40ab8b5b0fd6d0f41f8a856ea0b35

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/files/.com.google.firebase.crashlytics.files.v2:ringtone.maker.mp3.cutter.audio/open-sessions/678EE3A40040000111A9ACA7544D8BA2/userlog.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/files/PersistedInstallation4146819612703769547tmp

Filesize
90B

MD5
5308b2afc442e6a88f64fe3187650982

SHA1
3484c3ed44a3ea15cf057053dc5494dc6dc11932

SHA256
29521b7da7d6221902cddadb718d9ab922f6514712a58a81998b803d6db7a187

SHA512
28711aeb3e31a16bec2921cab6006deb4da150aecf730c0d46a5326729d4846a7137c71477b8529426cedef8974756857694bdcb90bfa7200c529af323337368

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/files/PersistedInstallation5314095416879768087tmp

Filesize
567B

MD5
269d990e7befd478f968766277bc07dc

SHA1
39299008c7e27380dab2e42ee91dcfe079f02ee6

SHA256
869d69504f720e606565bc179a856748826f9a94706fc135b99fcf3355633e4f

SHA512
8b28a3b0981cb0ddc34f6f7d84c030b5b89695b1c8c71d9e84eb262039653aa5e11a111c8ef3784cbf3925927968782dd2b131c39c79cc67a9e0d5e2c25be770

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/files/frc_1:267602214636:android:86ed8c3f7184231c0a6fc9_firebase_fetch.json

Filesize
3KB

MD5
8616371f334dcc01e957a754057c3818

SHA1
f125a327c777c193a998d091d7868df5195e39a7

SHA256
80cf0d883a7be299ed38213f740811796271058fc4a40e95d138985c846d320f

SHA512
8b14da9c8cbe5bbab31294af25af286292baf2b5d487b51f092925708fb038e505b09ad09bd375a9df282cfba15e59fca35b9b1b91feafe802a89ad90d2194e0

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
f3b73bb288b90c50dd57e17c4d0591e0

SHA1
67beffa0ca0762ab751e533a54865121f635ae6c

SHA256
9daa38e5b6473990ff1debac869d8092349efab146eb1c71e522b762ce4cc046

SHA512
4af0d9d06d193d4f9948f5a63ed1393be7848168be91ed25cd6ca88c76cd84ad0c6a0817b3bf94b125a7f3546cb55190be8f49304464794bd8f8538fc3b69d48

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
ded746e2b9131e4649d62693fde67c48

SHA1
00494615f3cdbb2014a8a920f29a937408a82a98

SHA256
2cb70aa12854cd4600ff3397e958d6cc6e9735456b95fbc353bca699dd0c66fc

SHA512
b023e53d266580a5979f4fac6101e23ef75e532fddc113cdfbcc87a2febcd70c1036bedff7fc7d843fc31938c6db4a1f29a6a1a9be4fc27d9c2de26dc905067f

Download Submit
/data/data/ringtone.maker.mp3.cutter.audio/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
891888743c198517d6bb3cf40f21efad

SHA1
f467f3c8b433fa925909f9906fd67cddb3b03052

SHA256
109058c382b2060aeeb3073ebb6db8265dea83d7316f9354d4f669913a7bed2e

SHA512
aa888acb60ec435451c1ffd33a0294adba8f40aa388736cd26761a65b68645051840bf4998fb08191b426d70d3bc632075a5d3aa1901659b6efec2cb5208dc2a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads