Overview

overview

10

Static

static

6

CapCut_Premium.apk

android-9-x86

7

CapCut_Premium.apk

android-10-x64

7

CapCut_Premium.apk

android-11-x64

7

deper.apk

android-9-x86

10

deper.apk

android-10-x64

10

deper.apk

android-11-x64

10

Analysis

  • max time kernel
    70s
  • max time network
    117s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    23/02/2025, 23:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CapCut_Premium.apk

  • Size

    10.9MB

  • MD5

    548ede0959d30a22484ae452f535a0db

  • SHA1

    7b34fc3a7d4f2d6ce38f3f0de08df80ed4859e27

  • SHA256

    aba8466f8162846c8adc7be242bb78a346775804de2c14a978d69649b0639c6d

  • SHA512

    564feb15f3ff884fee96e3a54793379d969c49d97163d9214707e6c77e50dfe6c61be04dcdb8a444f86ed96844f82a4691093d51f05654ad28ac9c1ad9b618d7

  • SSDEEP

    196608:3XeOWRtCAvekoDLWGxXfyzTn9P3m5AC+FX6JagEQVZxkpUSlPJn:3OX/3xYLpxXfyzjtd3FX61PVZx8USlPp

Score
7/10
evasion

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 4 IoCs
  • Looks up external IP address via web service 2 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Requests dangerous framework permissions 22 IoCs

Processes

  • tfskbi.ztdwnc.yfprwh
    1⤵
    • Loads dropped Dex/Jar
    PID:4928

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/tfskbi.ztdwnc.yfprwh/app_veteran/iox.json
    Filesize

    573KB

    MD5

    66733db48d9cba8a319e7e1451336263

    SHA1

    f74be1920661841d7eee576f4be0b8ae2ba028f3

    SHA256

    dfb28b0b140228245af52b34aa9d09cff2925fff9d3d342a741580b75698e091

    SHA512

    4b5f0d8b1421fd8934dcd154ecdaa46f86b157c9973dac5f0808b591195d3a7f061e4ccf0d90942d43921e7178a2161fb07bbb73b4e2b535a5fcaf9472c795a0

    Download Submit

  • /data/data/tfskbi.ztdwnc.yfprwh/app_veteran/iox.json
    Filesize

    573KB

    MD5

    c491f888e98327a6a43588598dabd1b6

    SHA1

    4afdb7524284f7195ddf37ba5e8d1daf0c0b2801

    SHA256

    d0569859013122e742a96e170860862eb814ae93c9aa689db0e0afe4c4084848

    SHA512

    2a1436a153ba0532ea5fab3506fa3c4da30e256b9627bdbaf9d63b6f8298865b6d850e3d990ceb47046b44440bf3b8997937c9f5bc8c4e9ed65f2322a8607a3d

    Download Submit

  • /data/data/tfskbi.ztdwnc.yfprwh/cache/deper.apk
    Filesize

    7.3MB

    MD5

    c59b52822aa4d008e2b29372ca143179

    SHA1

    9adc650d28dd99e8413c3546de9195fa42aefcd5

    SHA256

    fb6a726e3888842c21f274ccbd64a30962e1cd12d2472aa8c088fb052819b503

    SHA512

    f93c04b9ac5dbf45ef7f4dc1dfd588d45d1a0d5b5959647ab0995d83dbff433d798f84cf9d17e0336a8132a2c5b29b290c5024db2bd641a491c981c9d923a4e2

    Download Submit

  • /data/user/0/tfskbi.ztdwnc.yfprwh/app_veteran/iox.json
    Filesize

    1.2MB

    MD5

    d83f3b2e9163dbfcf3f0b85d4c8ffda7

    SHA1

    43bd3678f168a0f0da2413d4f0de6788c88d34c3

    SHA256

    4b81c2ee643d0f68b2b47733c310b24f47827e01f41aedd8153f449900c4ded3

    SHA512

    a4e8b017d92b827f6ec27b7d13325b353322712b55c925fefdb3869a4558c921c5016c9f87601f544c1a89c4b2137c8aef8be5eebab7277a1f07724efa39dacc

    Download Submit