47e723b9e0dd52cc893fc5ca075c31b4c9ff0fb1c24d0c9786f885976ae476f1

Analysis

max time kernel
145s
max time network
148s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
17/02/2025, 12:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

47E723B9E0DD52CC893FC5CA075C31B4C9FF0FB1C24D0C9786F885976AE476F1.apk
Size

5.0MB
MD5

72ed89bdfccf705155b51f1c14c0aef0
SHA1

db81286899fdd7d81ede5f202e8ab24e75855ed6
SHA256

47e723b9e0dd52cc893fc5ca075c31b4c9ff0fb1c24d0c9786f885976ae476f1
SHA512

39ddde52723c83953c55ff3d539de9118e47c14593d5b26661c4a0c5f982c3e5bb9fa1279d329767dd58d53fb14beefb1574e940cb0b7f293dbb522d66008116
SSDEEP

98304:PfEh8RekpJiSqoUNjq0RP88iJGuvWZPtoCtaWlZw5V4pNKmvSqfGJTk/sQSSSj:PcseCiSqxq0RU8iJrvWZPtbpCV43Kisd

Score

8^/10

defense_evasion discovery execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs

defense_evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.pixel.gun3d.hack:Metrica
/sbin/su	com.pixel.gun3d.hack:Metrica
/sbin/su	com.pixel.gun3d.hack

Acquires the wake lock 2 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.pixel.gun3d.hack
Framework service call	android.os.IPowerManager.acquireWakeLock	com.pixel.gun3d.hack:Metrica

Queries information about active data network 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.pixel.gun3d.hack
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.pixel.gun3d.hack:Metrica

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.pixel.gun3d.hack:Metrica
Framework service call	android.app.IActivityManager.registerReceiver	com.pixel.gun3d.hack

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.pixel.gun3d.hack:Metrica
Framework service call	android.app.job.IJobScheduler.schedule	com.pixel.gun3d.hack

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.pixel.gun3d.hack:Metrica

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.pixel.gun3d.hack

com.pixel.gun3d.hack
1⤵
- Checks if the Android device is rooted.
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks memory information
PID:4958

com.pixel.gun3d.hack:Metrica
1⤵
- Checks if the Android device is rooted.
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:5047

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.pixel.gun3d.hack/databases/OneSignal.db

Filesize
52KB

MD5
5f95caa096ebd3fe93432163e3fd2d34

SHA1
48c9bba88699f9fbf625d27b189ab4395662ccc2

SHA256
c17b0ff6f351266dfc375282c9ee02b8263348390207cec71835d7e0956419e3

SHA512
e828b3db8d88c761426eaeb76cf836fb92a1a5063a10ae3ec75425057f7e638a17f698b4fbb8202c17ac767abc60482e7d2f702e0d340dcfa21f0a4c6380e0a2

Download Submit
/data/data/com.pixel.gun3d.hack/databases/OneSignal.db-journal

Filesize
8KB

MD5
b945170981b5c63baef248411366096a

SHA1
d248df20dd94e3d7f38de946b8af3ffc5d3d7d4f

SHA256
84479def66713043ab56979ffa5a808b4360096a8805dea5c9a6bf9ae3c80eac

SHA512
8aaa44be6c00154fe189f7974d926e3de84eb3b49359ba2e5fef450ced4542c2195427ccb1f7a1f5a31a7e7b29ba935cb94cc3a8e23af9310a02b10a649b48b5

Download Submit
/data/data/com.pixel.gun3d.hack/databases/OneSignal.db-journal

Filesize
512B

MD5
a99734a3885a2206079fdad42fc306b4

SHA1
bcdb7e06ed076a3ec0fc2f282ad38bcff7f3a905

SHA256
a5d7ee90b876047cd8d41650ccf068eebbb3a96dc847a2f46f6f0004da8f396b

SHA512
cb92a202c44c4c3cab96145306438452f323b217ea7c1f93616e4a3d281c3f450c8a0b8ee640eedf3e4c8febcc07e85113942e729fc4c2f54c13bf41c8ad4286

Download Submit
/data/data/com.pixel.gun3d.hack/databases/OneSignal.db-journal

Filesize
8KB

MD5
7ca8b9297019a799bc66024bb68a62bc

SHA1
a18d70c143a66052410bd4c4b37976bf811b3ba2

SHA256
19d8f8911226065b7a8a9724625eb0a87cfae7fe8ce521716d01a96c761daa58

SHA512
1349ecbb5f8b1e07b9d2be83b34b229708e5d1e759de5aee3bb170bfbe854fd8763aee6ebfd7ea1559509fd0d1cc5c19c9d4c420fd788c54e7e24d47b09a1962

Download Submit
/data/data/com.pixel.gun3d.hack/files/Mint-lastsavedfile

Filesize
512B

MD5
9ce9d514b44ddc62c147fd11633b310b

SHA1
79db9fe73b135b90a79212e15348601ecc88199a

SHA256
efb278b3eaf0d9fc1d16fbc3d75293d1b4ef6a78f97a74ae84fb36011ac01233

SHA512
e750f8f58d7e4e453a3d107a60e9f246b2b9065248f8e339982718206fa074c69f404d296031e40fdd6c06d1019b97925053438336a9bd240fe67dc0b8adce04

Download Submit
/data/data/com.pixel.gun3d.hack/files/Mint-lastsavedfile

Filesize
226B

MD5
4c6e753ccd83cfd26018abd0ab42726d

SHA1
83778fecc051759bd43135d6c11e98fa57f65424

SHA256
8466bfe41b66e822fad8242586d4c0220902c837877ff31cbd145eb3cf03e621

SHA512
921478091f45a2e56d3cb96f76c0dd4a168508afba1bf6089c999c42008a81463d96f078f8cecc151ad298ddc4915a2d2ef9bbf8cbe8db7adb0f024cd9a35ca7

Download Submit
/data/data/com.pixel.gun3d.hack/files/MintSavedData-1-1739796623698.json

Filesize
60KB

MD5
e06c867e7acaeab0d5367e9e4fac8256

SHA1
5ebc11e6063c8d497240b81e6d8fa939d2f19083

SHA256
80cad008c1fe06116369e4ed2dd964d29c7ec7e36993d52e5e5ae364447abe0e

SHA512
ea5633abe4c553b972f5b5d28bb0f813e924f0295720875bca862563fd18a899af0e13145aa203742ccebfa1c8354bcfe92d5c7941f290f613716b102a8305ac

Download Submit
/data/data/com.pixel.gun3d.hack/files/MintSavedData-1-1739796623698.json

Filesize
12KB

MD5
fac1b12acaf7364c784ad96575c79452

SHA1
5699729bbe37be5157f347c9c2f1b6458662232f

SHA256
70cb623f63478249760fcf418a3320a9c8188bd6cff19e0a152cd6b4ebf455ed

SHA512
7970b3f3220e3d775bd696f33d859b7f9ad7af615d9a066224cce80756d328ed1b6cd427a3d52e63cb053ae705d40483eaeac2685dd831f669c89d90b89120c5

Download Submit
/data/data/com.pixel.gun3d.hack/files/crashCounter

Filesize
12KB

MD5
038257670344ef37024aa0389a073b2c

SHA1
1d3a2cf3246be85d5ad9e336d755796a72048316

SHA256
0a0b40562a8372c5181a58f667af372c614c76dca9d9a0be29ee99551aa6a692

SHA512
218459ef19622490073005c61dc0ee2e200e1a692ee8f5caacf3416e8310f9d401264bc3f8d014b176ee22ad82ded2228f321757c67e023bddeb82d8aaea158a

Download Submit
/data/data/com.pixel.gun3d.hack/files/lastCrashID

Filesize
8KB

MD5
eff551d76cbd55f2ffcafe0a1850174e

SHA1
64dac4f094d40a338a30f96b755e7d1a04719c03

SHA256
ec3713517e24fd2f9f573fc45ab79fcca160af8092f10e0846ee6281ae45ed05

SHA512
f397e6b91fe3b0855ad8c830783f28728ee79c4241a1fff327600e21caed7c3a76c794c2f0ceebf4f88d96341508909a7d4a94ebf207d8f80220035e0d14cec9

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb

Filesize
12KB

MD5
dc82d738ab68aea118beeabf2abd12c9

SHA1
667e8500fed8d28c9c1e7278449e296274d13609

SHA256
1bd6ad536499a2c628b97a20dbe0eec33f0b09f037ce032c2bd24639368add16

SHA512
b3a8898882e7ba0b30790dd9305d73111ae5d64aad3061fd97514e66e3e26648f9c718343b49c9ab69b74950f51e633d2248b6494dac04b3e49f857f7d0619cc

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb-journal

Filesize
12KB

MD5
a0c6be5a063dd0659d0305bef4ac901a

SHA1
4ffea0f28630f2b9e5a98d553e603e5b2add30a6

SHA256
34aefbe1f1d586ac728d92aed9b66c411c7bd37c4e1be814aeeeb824b222c3b4

SHA512
93e3f989bfe91bd3eeac74b24aaba923346f6d53765c0d12a14276a66c41383af44e75509b2a6c45d20735cfa4b4d63ac86ce3cd373f19f97a94b6366ef22a54

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
9732b959467a7a635352ddedeac496b9

SHA1
d72c91bd2a81e4a7c657e28f2a2013872e9b28cd

SHA256
6a6ba0a7333d5c2b25603a2d1ef64ed6fe7e90310826d2cc29cd3f304ad04ace

SHA512
ee36a8424aa6b77dd3c2c89bcca24e4aef3765f1ee77626570e5855f1ffa56c62addc2f4b48cdeec4a2dbf487dcd32fc949f18021219455d5f4119530561b3b5

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb-wal

Filesize
84KB

MD5
d23710e07648351e92151f1609baa838

SHA1
bc3e77e284dae30b2171dca8dd5855673402579f

SHA256
b40fdb63cd66a187038060cb655bb8ae9b3d966e1f84560d36e489acd84c4e5c

SHA512
482097fa6d8a6a0f94eff62347fb60e8ecc506b611269a427df48116282efef24e54f827fae1cf41e6450d87b8b1f1e0d6b78037b40ba59f783a3fd006414529

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb-wal

Filesize
116KB

MD5
9ba058b3a2e6d5039cefd912df0eb3dd

SHA1
816df332770ce70a0b2fbcd55eeae4600b7c2579

SHA256
5bf4fcc7598e5e1db90b893e452d4b4ccb66ce1cfe2733d306eab52c9a118085

SHA512
ad79d47d1a1b545eda0f2859d8f376fb4442af0ec2dcd9e10836c27bf7b7782f883569b135145a1f16484c83822e6f617a126becca2f87f68fc7751ef8a3f69c

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb-wal

Filesize
269KB

MD5
eb0f3e217a54235ab8f73a457b2ee707

SHA1
a0c660ca4edc0bd5f4be13ca4a9ffdfe554a1eec

SHA256
df19e958dc2e92c23bc584ce53558244eec4698746c7e99c0d0d80c643bce41c

SHA512
8ee3d4594a0e8c9ccc9b56424dc0b8ee285908ae346c369cabfec7fe290cb26dc7a4f52cb1f3fbc7b147adf4f335089904b163f094917a29a142c5283b615ba0

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/androidx.work.workdb-wal

Filesize
181KB

MD5
74542d06dfa12a9db8e4f4e0965cab62

SHA1
4843288c75fd7cc4c62140342617452b7ba6cc1b

SHA256
186d884dd029a7c13cc2a3dc2ff999f726d8fed357f8103389e7cc04f332444c

SHA512
0f82da812ff28dda89f5bea5e24fcf89a6b13511e91511016eff0de129fd9b1f722be551189b0c63c61c8801b3e939000ffb29414bbb321fe33603e3fc5e9194

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/com.google.InstanceId.properties

Filesize
12KB

MD5
ed463b2f022dd84216fc4b971a6eb7ed

SHA1
76c0157b985efffae8cff7e1b954e438df9e62f9

SHA256
5b48ff095ee89de9864da8a6d6e10b44f8b9f4ae81df39fc01da8659bf2fa0df

SHA512
9d685818ffd8548e187797b2878d88498a4e3cec3941deacd2428d5d501b86368f7495862a5bab35e8fd3ce5a7dbb746bcfee49a3b48f93c16318138a5fad3aa

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/db_metrica_com.pixel.gun3d.hack-journal

Filesize
8KB

MD5
50962f01fa312deece601283c017b905

SHA1
3630f389e4b83f317d4b98f3b54fb5b2a6dc45d8

SHA256
33e00ddeac036584b9bd1e9e674ac849c41c97f8c1a2ff15ad7b5ad410ab6229

SHA512
ee10634cbbb138add2a08c26710982ecce89c4e8158851807bf38a3abb2903cd61b8c8a265cb6743d6dbb8036aa79011c3f2493420a4004000c5778edabff788

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/db_metrica_com.pixel.gun3d.hack-journal

Filesize
8KB

MD5
d1fded465981b6200aa3d2b6fa78aa40

SHA1
f1674d65f28ac4587fa8001562f2a57f85d41dfa

SHA256
8530c422df36e6ccb92fa876e1709fb4744732abd1a4aa316aa0239cbc847483

SHA512
f31412019c49ffb4f6ccc426e19782b8ba60ce98cb4a7a4feddaf4836fb90abd2615d2689b9851c933cb38b225775394adafbc139500ed78be9366677a41ea67

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/db_metrica_com.pixel.gun3d.hack-journal

Filesize
8KB

MD5
2cda6f46db8d2f56136b3aa3365617de

SHA1
5f4cf93904df8ffc0d97a0531e3abefaa542beb6

SHA256
76ac9fb3e4cc11d4dba8d72f596622f511dc05d9a5ad0cfae24b354fc27ca48b

SHA512
9c580fd2fb6e61a3af8e5dd9857d9ff7ab3f6fb45664b177f2d7771155ca0c8d6faa751ee60ad0e2bfe56a1673b621856b0cf92c0bff5770c5e74032886ce716

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/db_metrica_com.pixel.gun3d.hack_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
3813371f79fbca0d5175e6db1fd972f3

SHA1
b377d10c692b7cc539c46e111dde28e38eac5042

SHA256
1b3d4410bd61c26d5ac6337c59eac9a6ccfcc0f793e08a34caac28dff7f947bf

SHA512
1cadbcc6b0855348bccd6c12cb065fc98275845fd29dbfbf93f25dd02685c75502fb0bcd1943022d957c6a9a1b1cc90aace6288b7485be3f5e24eba1415d6eff

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/db_metrica_com.pixel.gun3d.hack_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
4ae4652f52d2b623841f17ad86fee9d7

SHA1
4d5c9c96b98a8cbd1ebe56e0d47b3ba3ed99d7f5

SHA256
87556ec07dc9f7f4f5301137d0ccc5c83ca7947a1966d22228bf06c45365af4a

SHA512
dd122e07125bd830e39b81d7db2eb5ecfcfa4ea33aaaa056fea83960a8e282ca6472910d559cbad0b74c0120e5cd87191bd27269c4ed29ebd4dcc1c9353f9de9

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/db_metrica_com.pixel.gun3d.hack_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
43e008e6c809e7b91049638843f59768

SHA1
929ca92cfd730ba483eef196b7923e7ad8d57012

SHA256
d4969510df479e142c2aac21000d4dd31a7aca1cb09362b81eedd286a93b614c

SHA512
a0b319d1036a022cbb4fc04bdbfda45e34bae6befb083d2c642a5f989598ccd39b71d4042219185d82197c23cdd4da797e9c6052cb96f864d6f4648cb0ddadb9

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
59df7a2d7f2efa406a777b7a478d7ade

SHA1
f776d81582b431e473d7e1f96a7e3f0678275710

SHA256
8526b390f12a18f9d85e04d18b0704b42b35776e6cf92be313920f835f6a3d2e

SHA512
7e99ffe60f0113fe59cbb119cb4dd61bc70090c098a08df2be26829566cb3bd14606df78a1a7a677b7aec3a1a694a43c60604fa794086e06d7c96f797eccf172

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
dd333815cc760441667d681be707c3cd

SHA1
8df82fb275832b0e897df87b3242b0f36bbc4926

SHA256
e74f8608467fd960e1124aaaad25f175b72f5a4a293b01539f41669986a82649

SHA512
766a22c0cb9d878fa03afb719ea67cae9ee6cc5480868c7450d8fdb3de700c3f36a83bb8b27d37147721322ea33fd9cb7bad3b6a886963a7837f782c6c5cabe4

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
a0a548793a510f9caed081689f935eeb

SHA1
2d1aad0213b2b86bfe52dd2485741fb00eb02f3a

SHA256
4564ec31a51694e8349f462d5ada137b3f37b7c42515a7fe34ea8ef33b5063c5

SHA512
624204c5e505d3f2822a9761109babe81079ce8552551f23b7315baa171ef7881e5b5c4eab607a53b9bf080be6cb3100ff8cedf4cc86fa6218cd18301fcdc367

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
ae2089765c2e823505df0208231c4d05

SHA1
d4712d8337a33d16d045b9e34eca071805fcfbda

SHA256
afb8f1abab9dcf35745d3c5f1b1bb2f5ebbc3cb368f57cddfbec101444cce353

SHA512
82068c0bde3388c8ae4ceffbab2a9386df7c7d1966d22a9092469b170d4041ed376e28c232645c560e0920608128a7138cbb39bf0ef881c2732c575d402822bd

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db-journal

Filesize
512B

MD5
8466af711fb110474ac0ca4b7dfc52ad

SHA1
6b75314513b71cd16bad56c1d869e5597037e691

SHA256
3349b4da8c3b6efeaa36137819247ac7433dfd2eead1aeaffc1ddf7e370ad990

SHA512
2f8fb60a856936e5758ff0d37f0bbee7400da956fde3e3ced41dffcf213fca1b7f66e3f370fe4694e28be6f916c4d6307a15b00457e5630ed846e84939190f03

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
2a2a58fca81597da77fa1374f48659e4

SHA1
b48087e47cdc2801fa8e2466fd8f2d0066479be3

SHA256
9b841dd8c7b760f1d14a2bef362781a9031d9a58db3f30cfe1d8da719159cd10

SHA512
1f8b0c240ec560929f4111ccac457e355db3c439af473c26f3e3a082857deff35a219b93e297f90b0a0025a98b665711030e60386e444077f5bc015fb38b2b61

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db-journal

Filesize
20KB

MD5
05a37ba89a1988b205e58e0b4c2b7cba

SHA1
2e7835d580ad8248d68c79e76c35f30ddba20ff4

SHA256
20006873eb324aadc01d923152f9db8871c687d69d1a79de1f8da05920cb458f

SHA512
3f08ede075382b1f340ff3fa1b1429df3178bf08ea8866b098a3e0523c8e30131034ef18ff3422012ea6cf24aae3ffd67f0610c4225cd82ff94ce7729f288e75

Download Submit
/data/data/com.pixel.gun3d.hack/no_backup/metrica_client_data.db-journal

Filesize
44KB

MD5
ae7d496d403d9c05f208f42738113422

SHA1
782fcbce7522ae9979ef5a02612226e4988f53cc

SHA256
6b19d1344677c1809dd38da37a7780cf33384de76bc55ae5a9c93d3983c7aef8

SHA512
355cf3e3c232c054500a3bde315697542b8bcfc61331b889d90f1db2212888bd2e2c7ab9a760b0a7bfaf6a01b5f1c377303a91752ce51549d1e385e655c5132f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads