47e723b9e0dd52cc893fc5ca075c31b4c9ff0fb1c24d0c9786f885976ae476f1

Analysis

max time kernel
139s
max time network
140s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
17/02/2025, 12:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

47E723B9E0DD52CC893FC5CA075C31B4C9FF0FB1C24D0C9786F885976AE476F1.apk
Size

5.0MB
MD5

72ed89bdfccf705155b51f1c14c0aef0
SHA1

db81286899fdd7d81ede5f202e8ab24e75855ed6
SHA256

47e723b9e0dd52cc893fc5ca075c31b4c9ff0fb1c24d0c9786f885976ae476f1
SHA512

39ddde52723c83953c55ff3d539de9118e47c14593d5b26661c4a0c5f982c3e5bb9fa1279d329767dd58d53fb14beefb1574e940cb0b7f293dbb522d66008116
SSDEEP

98304:PfEh8RekpJiSqoUNjq0RP88iJGuvWZPtoCtaWlZw5V4pNKmvSqfGJTk/sQSSSj:PcseCiSqxq0RU8iJrvWZPtbpCV43Kisd

Score

8^/10

defense_evasion discovery execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs

defense_evasion

System Information Discovery

T1426

ioc	Process
/sbin/su	com.pixel.gun3d.hack
/system/app/Superuser.apk	com.pixel.gun3d.hack:Metrica
/sbin/su	com.pixel.gun3d.hack:Metrica

Acquires the wake lock 2 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.pixel.gun3d.hack
Framework service call	android.os.IPowerManager.acquireWakeLock	com.pixel.gun3d.hack:Metrica

Queries information about active data network 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.pixel.gun3d.hack
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.pixel.gun3d.hack:Metrica

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.pixel.gun3d.hack:Metrica

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.pixel.gun3d.hack
Framework service call	android.app.IActivityManager.registerReceiver	com.pixel.gun3d.hack:Metrica

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.pixel.gun3d.hack
Framework service call	android.app.job.IJobScheduler.schedule	com.pixel.gun3d.hack:Metrica

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.pixel.gun3d.hack
Framework API call	javax.crypto.Cipher.doFinal	com.pixel.gun3d.hack:Metrica

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.pixel.gun3d.hack

com.pixel.gun3d.hack
1⤵
- Checks if the Android device is rooted.
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4270

com.pixel.gun3d.hack:Metrica
1⤵
- Checks if the Android device is rooted.
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4307

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.pixel.gun3d.hack/databases/OneSignal.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.pixel.gun3d.hack/databases/OneSignal.db-journal

Filesize
512B

MD5
87cf47b5bbf9b5fa53e0a4ba336785c0

SHA1
2cc425fd93e66711d11f9d0250887e1b693e4d98

SHA256
325a10934640d24813470db89f2da2b88d204c354beb33bca5125a0167641026

SHA512
6e239d9e466bb0de2efa2e0be932d8f5a499230da6d61ed93543f699435cfedf419f64ad968fbfaf85b8f323c43cf24fccf47c5c778c3eb5e1b44fafcb23b432

Download Submit
/data/data/com.pixel.gun3d.hack/databases/OneSignal.db-wal

Filesize
64KB

MD5
5512bc6eefe905cb41f65307ef7f000f

SHA1
8e31116bb664cc603354f028c17336d1ec95db03

SHA256
d6c291bb5cf40c68ebe68c6ece7b57b4a4387b25e8a0b0999652b40687ae939c

SHA512
0c8157c76f4739552a03130bd9c497d056bec92a991cf59ecc6e88298541fd5411e6dc56f1114e9180f9b0fb01f32ddf19e719f029f3cb626b5f9e5a67904111

Download Submit
/data/data/com.pixel.gun3d.hack/files/Mint-lastsavedfile

Filesize
34B

MD5
56ec9f8495c8a187755fe97a5a8f6f40

SHA1
717d73ff4dc6a3e4fb29e86cb9c5270caf786199

SHA256
f6cf01ad0388fef79676f229439e779fc47e7c43900e903b668032ad2cdd9cbe

SHA512
2f530429d7ad6579a92275eeb6330a6a4c115ef3c272eaf6db487f6265548fbbd6a1ce04fcf9839451005b3e876924da5c328cdfb78f80102407616f59af0187

Download Submit
/data/data/com.pixel.gun3d.hack/files/MintSavedData-1-1739796944615.json

Filesize
662B

MD5
afe7e04618baa99947316c9dc277aa0c

SHA1
e0f3299060c799ad4fc3de69355d972423fe4edb

SHA256
7cae966520f93b22bdcac2284c89e1ab26e84d9ba7fcdefce30b5c93c3d01930

SHA512
c52f13248ce9cfc1643355718065a72c4e22a8a00eda97c00522315fbe1333848600048323112c9bce1ab6337cdf0c15cdddb2a70f61b558340e558de7d98bbe

Download Submit
/data/data/com.pixel.gun3d.hack/files/MintSavedData-1-1739796944615.json

Filesize
3KB

MD5
1b886a741b56853c1a7ddf60685717c1

SHA1
32af4e7d5ac88c7abf4e04c2c253a18dd60ebba7

SHA256
bb2dd0c9ac5954256ca6820cc94611d975d2508209a08a22668cccb68647676f

SHA512
8ebb7599528fbb9af122b29308f77822ffcde04e0eb8b959e8001cd87c204845b1a3e467b4cf266c981dafb6e7124fbeb0395904427920f60b6e3d1d3ea6424c

Download Submit
/data/data/com.pixel.gun3d.hack/files/crashCounter

Filesize
201KB

MD5
0a66c8fbeef6b69880e4f228060e24c2

SHA1
6e48929a3a70cc3e0c696cbb956c047dc2b73f42

SHA256
9d3f6048731efc187ef67adde5480c0896170f1ca4dbc2c025e225367898852b

SHA512
2de46e56445510ef4d1a10db36b6181473f72aa570ab57e3727c4fc042f17c5938920777a07abeeedae18333170ca132e5ee9c104db1138d1042d6766b1eb0a8

Download Submit
/data/data/com.pixel.gun3d.hack/files/credentials.dat

Filesize
226B

MD5
32dff5e382855651903a366dcf495b40

SHA1
b57088cddc2982eb41126d9b61c183557479a967

SHA256
c353ad295db1b67cecd51f7d6289ef1418a881fe6dcb0cfa8186144ed4e9af4f

SHA512
4a1722763cc7e6c42ad11136f9e484d1ebabf87cf4da60397f8022faed68a37c9d7cac5694ab8cb35a767a5d6c257600f48fd88e72a9328705af5bee2c05987d

Download Submit
/data/data/com.pixel.gun3d.hack/files/lastCrashID

Filesize
374KB

MD5
3730be165614faf0957cddd318bc779f

SHA1
455303224429adfdba185691ad6ec5fb4a86ca35

SHA256
2b15d2a6072d1663acbe4084929b368480def7222da609a181bd9dcb1f9db742

SHA512
0ad0459c69cd46283dd12d6742013d18ab532524cf483f304cdbf12664999a25c5bb0f9c2caabbec294c34d4058339e60945fe682ac304fc162398830d80ad36

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb

Filesize
4KB

MD5
9189eba53221221e306e94e2c7d87590

SHA1
0f7357fd853e196b3c01d2d16b0c783decffe0dc

SHA256
15844a3607e2cb095144ef8a28c83db35e21c7e10af2e8ce4b48b0188d54c194

SHA512
a0612ce3ae22a74de95329b371e8ad387bfa6d162431a02438369ac3371cb514f201f74d444a6db4d19612318accd8192acdfd48c8be53073b19b53f5d4ebfd4

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb-journal

Filesize
402KB

MD5
dfb288d05db6901fe73779faa946c6e1

SHA1
cad6dcd4c4b548af219b1303abff36f3659be066

SHA256
b66b59f4c333403cfdecb5f5bb2f05be9623f6632d4b520c6ece2e7473d1df33

SHA512
fb60dbe7e6e6bba5cb919dedebf655892ff44051ac00ac108170137d567cc9152ab32dd5db19af4f7492b32c5bcaf626124082fdc0ed2a3a1ff1461feb7cfb36

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb-shm

Filesize
116KB

MD5
1ab0d775dc122ef6e1d88e29e025455f

SHA1
2c323f422291f3c5dcab79f282d280517b105f7d

SHA256
a5da4f9f2decb0025531b993682a932dc4453fb792e7515c397fdb34849abf7f

SHA512
a42a38154e9a0ee0812752e33094beb98d75aa8ea61a6b8505283145dccb714f3f0c874407751de015fb6d94d4baaab958ed00accea5cdf2ca91d0ab358eef4e

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb-wal

Filesize
32KB

MD5
207fc97acc754a07b57b4a91f976a9c5

SHA1
46046a02ab9b4d95f468b1df86ca6c9e33142beb

SHA256
7f506d9af4b9cd5f8db758f886683f6b5b35b3d9fc4d12a761e9bc6ef65e3443

SHA512
c729b582c554c1247ef130a96a6b83f3c0ea71f739ebb53468b70b0b66cd470913894fc403c7c3f8d706e62d207bdfe83d9aa8781576ce942a8af47dcc0b93c3

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
315d5762c78d6719f605d522d9db6aa0

SHA1
4c0adcb5cd1e082b559933a48686eddc3ba3993e

SHA256
2edc49ffa3573dd9873fc7d908ac5a841aaca35afddbde889cf0d2f119447c29

SHA512
cb9926d44645ed47b624208880e10eb2ca951f94cd824ca1d56265544ef62d9b82a3e85b04b1d9e2bac430b0e06f274233690b6061c8102a62994633b1d5c4ff

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb-wal

Filesize
181KB

MD5
c4c36877e51070234016f32337d5fc15

SHA1
f5ed4c79a580db58a42573b08d69d855ea7d1895

SHA256
74ec4c0411d1be7b8b08e48772dee40667d7bb9b2f094db85adb50a79a08cf58

SHA512
e4f1177626f3f71ddaa96e910ba0a6bad79d43e77c0dbef980a8cb0d9cc500a6a717d2c68fd74668c32d162b5bddc28ff1542daabb8b506d671299b35318a437

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/com.google.InstanceId.properties

Filesize
32KB

MD5
acc0947d00480276ac3bc5185d2c94f6

SHA1
8c7de41bd4810bcbc8f2a7bf1c59d26264432fc0

SHA256
d7afa6070ad62ded074efb39ad8c3aed153d45487eef0c24a6e09fc8119215b6

SHA512
dedd790595b76c490fb80b40d6e6967e53278054e81b06a18fd6e74545d4d302fcd5518051d3e8e0f8edf616b6f7319b3c2938339e8dcc4865bbc44525ca1b16

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/db_metrica_com.pixel.gun3d.hack-journal

Filesize
512B

MD5
76aaa0052d15d61b68753db460dcc429

SHA1
44c44389ffc94cab692f20f63943ea04b1ec32ee

SHA256
8f47630196b5152aae2382f771c767ab710d64668388f8e00be395e568625505

SHA512
147e423e5179168d20c01a93886e2ffa0e92853e8fae07e80851dd352022361c23a08f27f3521b54c906c2d3d04a4b408f4ae1520b99879737c240f62b66c6aa

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/db_metrica_com.pixel.gun3d.hack-wal

Filesize
402KB

MD5
92eea93bde894d2b5751b435d052bc08

SHA1
efc28762cd902ce10ad2c63091ed69c84b09d374

SHA256
972c9f03a6d997d03d79a27ba6b386cc26a02678c4b04f8b6f2829142dbebea9

SHA512
17b003539ae39dd6c272239df4bb9d5972b83d24bd22b1900fa554ab9411f5a82427465739261f9eacbb52e8e593df1f960fac2c09f1b86676684f52eb675f75

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/db_metrica_com.pixel.gun3d.hack_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
512B

MD5
02a1f0433f4a6aaaa9d5aa8786936d80

SHA1
bd9bb0679269c2118c76214c24f946dcba0a6191

SHA256
091a70fdb02d2cd4c7f2531f3117608ae3aa84d2c67b25f6ea1296fc499acd3a

SHA512
bbdbb700c116e9c50845692b4988ceeac7ec6409f562c5b36e1507dfa8302cdb9e165d1b3ec579bf7f807d6e266a9353d00664a5707d4eafb36240a438fd1f22

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
5ae1dae9eb36649faeb07a94ca96e7f8

SHA1
9056cb35b999726d6576ef6ced55ca9228cb97c3

SHA256
62eafa0fe191047857cbfdbd6909930487f2216d260b4be27fd52e3cff6086d3

SHA512
e33d2cec8122673da3c8ffc788bf2984eac878f7dada265485d960a886ebfb00e17b12a30b546c959bc04c62a31d5646fda748df693e0bdafbb974abbbe77c1a

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db

Filesize
44KB

MD5
30d8aca5cf965f1d168d5815ec1a642d

SHA1
6cb0ab697dcdbce53a8d2596354cad1bb9f861f9

SHA256
109613db71a9a2825e40fa7682e59762057b9714e28df8cbd04b8ac8c9bfe98a

SHA512
b42b554fbfe68952ac2abb9b4eb2b2e354717f91ba74716227ed46a58db7728f896a57dca7f67ca6f894509f0fb2e6106c592ddf15acf97268de599e6a525f7b

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
ac26a375d5d673c2a7b39bbe42efacaa

SHA1
a7384db83f153cce2cdd67a97a20df068f6ecd67

SHA256
001ea8b38280af72e70a8168524cfb2b07a711040948397d36fcace03b593716

SHA512
45e1842b55ebab067e53fb3c6ab880c0a652a951f26c1cae5363f429207db5f1aa56c821e89973612b73f9c0d186561221b6129db22e447ccd421b40342dd6bf

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db-journal

Filesize
512B

MD5
65b338143e3d430b0779b91d70ba0cac

SHA1
abba0504529c86ec54447109efa8678bac31063f

SHA256
86fd0823965d0699e654db61ca557c56c317772d0c36f49e4639c2fbba7e209b

SHA512
686c080c7c9671ab0669ccfc2a16089a0aa77def256d1c086accac17ce87e9bd8d69332f5342f3d17ddc37c6388d9cd62293f2f2dd10577af4ba8a85ed6dd8e0

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
cb7385f004f4d68ee67af2db7acb4fd8

SHA1
c284a77ac9e1131248fe8b19bf949e51a416ca9a

SHA256
d71dc38312988ebde9f3c0afd91c06162fdb82c0d46ba190f7854e9ad833ddda

SHA512
4cdadb10b0a3bf196e7af5a173de699d96949045afa36531c608b1b564f418860888bed94f56439149e5d7ef56da96b81b430a80ee30b6540c3595bce432b783

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db-wal

Filesize
32KB

MD5
3bc77e487562a4c7b73cff57c497311d

SHA1
2efad7934456b60724189b45f369aab2100b6ba3

SHA256
0d54be79d8648cdbf2374a0d45cac0189a046c22a6049bdd852261a81c022178

SHA512
39dcbc7b2afeaf59f79b331b61d4b0a331438e169a378e2c6aadb4fda16e5adfcf995dd98a6d53e3fa6c4cf2a0128dfd5ff7bbcd51232e559405f501bdd94e67

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
1ed34e4cc4720897bf4143c54fb5e266

SHA1
974f2f78214a2e8808a8cef0efe42334ddc96e06

SHA256
c10e6b94d2956b63b687daea3d93778fa753f468f706bc58d21f003919976b9d

SHA512
10ea4b237338ed3f3b18151ced5012d55d374e8dbd75f4c7abeb33bd020a969e234ff2d9f32dbbe001adaaffb7c97869e1f540ab824f701965426eb17f1a4a57

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads