7d69e0d82e74059115486fae5dd5ac6463c7fccd91dbbcaa9587117c7d201ddb

Analysis

max time kernel
2s
max time network
151s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
15-02-2025 18:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

77bd99fc14c25843d7ce183443119b5d7a1f524c00f5a9e2dcccc22f8dae6042.apk
Size

2.6MB
MD5

40981142bcde486676e5eea7bcdfadbb
SHA1

b61860a7ef0ec87174b92c59c6b68265a32619c4
SHA256

77bd99fc14c25843d7ce183443119b5d7a1f524c00f5a9e2dcccc22f8dae6042
SHA512

584e8dbd93b9d89c29d3b7180f524a1d3077cad2fc10542db15f8a604290f475ddd2ddcbabbf5a406f048d224bcadd00348abfcce39f9885a569ef6e2a9ec090
SSDEEP

49152:J/G52p3JiUhiZu/Rtzr52jvAOpPK4Nc5hFV3MM0b9kpYgs6V/Dce7q5px671:Rvp5piZmpCvBpPKr3r8MIWpYMV/6pS

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	Madsal.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	Madsal.com

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	Madsal.com

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	Madsal.com

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	Madsal.com

Madsal.com
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4308

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/Madsal.com/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fbdf955d4536d1eb2a1f81cba52af539

SHA1
53ce500deb33ff04486c9dead7a968dcd1760458

SHA256
f881cd3bd0c5f40bdc17d56fe095fe8db6455006caa8b7082aad9c03bbc5f9e1

SHA512
ef46e8068efdb0a1999b5f7aae4421558a5bb4458e57d93818f3f26c641c6a35689ff57720acc86e2c2302464809fa6626ec5ec3324e240af7c13a136f95f027

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
731654752ceb39b1878448eaf36b5aee

SHA1
8b9c2d17fe4404b7f6cb77a1ed539d7ddeab9962

SHA256
adeeab5a929e337f84e7ee5f16989dff3e2132f03c8ff5b0d277299fb2068218

SHA512
510dd9f344fbbcbb6edce8f4c7d39d4d5c3566ded1a71f9dfd8086a710f96560a8103f4ae53c7f62967bbe3b0b7009a6912736e649fda64c00904fb471319b3d

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
10090dcfeab62a0bdac0153b7a518fcb

SHA1
ce3710f6e6be414d6770863c33ee20fa7d1e4c31

SHA256
c252c73d189eb132f740180735234310ef3b703ae08218a2b5039b7909ae3ca3

SHA512
0283897c15c65112f4a634e4c395cad9106cc58ebcbff3ece7e81e3676a3f88c43dc243d4e76b0c90802ae18f9fb19dc0031003686e89a45bf304883eda5adaf

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e876f540a3dcfcd82f8f1599ea4d1990

SHA1
97f6189cd078ed5b5f070fbcc1c299bfaf6b77c2

SHA256
f2a69a5ba526bf3bbe03f4ecab8ab01ea3c91e57276a456a2cb8489a184c82ac

SHA512
b91655d3f85775df6ada1335afe57660dc7d8c76cd3f9ddca3e395eb15a6de2fd85d12ad0bb1dbceba33d2617909ca2c5c51697374619c3fdb19b462a3330cbc

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
666655716c62f70d8afaa1387aba7d32

SHA1
44043f02f62972294bb67bbc06a46d3133a26eda

SHA256
789ea403683ab2862b5ca10bbe6661e617c867c510feba7a6c5c5949087d5873

SHA512
9aeaed7b1ecc97febf9cf4730fac1beaabc21e9f2f6eb0295ed1430c6fae44d6fac342396ac8c96289be8689214f6da14ff43dd54d937720f35d5992f350e299

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a9d91d3b123f346e85387cd8ae67124c

SHA1
f204061caf0a20134c2f91938b7362dcd18cd1e9

SHA256
892fd86cfe52c01e089b138912f0914508eb9123950bb1b40b2e29b3e81db8ef

SHA512
07f0f5863b5f1fa18b34e5b48cf82d7d914cff580048ea8d17b2bdfc147bdf237a27ef06606195b9d4db63f6a707e05d360021730e446b9ea00a57f28054dd00

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d6af7dfbc809bf88befdb01b3b2b367a

SHA1
09a23f56c5b1f48fabb8d605bdc039b9122b9762

SHA256
9a8862ca9ba1ffbbcbd28bd3655318e7c9dd9aca1d1dfb3d2f7bd4c3aa6966b1

SHA512
05672cd13a01f10593b2aa30a2d276b53f654a6f60dcf94e467113f7f26ec9de094b69db65d8c1551ee4a21de6c69235d4ed786689761bf057ebb9b51573d3a3

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ad270747c8d08053c00e3b479da50987

SHA1
6fbfe10edd18d8247cb8df7e33911c4ea6dd6830

SHA256
b98f3d039ae8170571aee3d15a4ea3e0b9ab87163be4ac0dc8ff58eaa35f460c

SHA512
c75e95dc03d8614e61d8cbb93151b073c8b8acb78e93cd13146c96677538d6a859f78d99af11732c114893fa118743a0d31c2926b57158b2634d0a54e10e8926

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
ed5257a81f13d636f179691fadc57c21

SHA1
de520382e46ce993fd6045b8eba7916e7a87007d

SHA256
ddf123caf81809b75eeaf347656921daf8a6f8fea07f1e57eaf321fa62a31573

SHA512
df2eda130b5548b0a01e6a4c09968ac3f57932161017fbbec29ccc0135b297660683cc41161fbf46c366568d163e5e3f45163f2c675c433baa0cfc86e965edf2

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
cbc2c2eae5862e35590c86f95a6b7841

SHA1
234d88c2dc74ad3a17027821d412149415614d3f

SHA256
c1b50ab058401a8fb1e8b8824494926f9a4967435ea4afa5608fb027b68a77f9

SHA512
2f3122d62f22807510be01ce509c01152ffd7e6493e63e45313df23e8d4b9add647b04e73ed4cada11e468e9c34c930da2bd068d259eba98e4edda4898387754

Download Submit
/data/data/Madsal.com/files/MrAventer25413652.txt

Filesize
21B

MD5
0c1e3840fbec04cddaaa9ede4033f2f2

SHA1
82b7f73ef5d71cfefc1645b528ed20a2aed07df2

SHA256
481a2a8e5761a29c6939f2bf541ca7f06c1c8d671612b5a7dad02bb889051df3

SHA512
bec4bf1b315544e5d9862d476ee3e85a89803fcdb471833cb4bf04f31bbf4276fa02aeb6f9da36ef4c68de824e676a506c46ca45fe72a834a1451382e0ebba5b

Download Submit
/data/data/Madsal.com/files/PersistedInstallation2421756642231833429tmp

Filesize
90B

MD5
ee1f72c0f5d1c0deed0eb7d632d68560

SHA1
d93ea9a35cd53335059cf343f4f376f12b6dac33

SHA256
1746ccc2c36584507c12d041b455037097b82fd563f349a2c2603220970f8265

SHA512
201882567f4f3400797f6cfc8aa88965703946606bb594086f29d997991ec0d48319d0edd82dc67916bf2e310d7da341ad5734f237a755bc06b58c40e72fe1f9

Download Submit