7b03b91887dfed7fbbd931f8ccea337926b8d55e675f4d15edfec6f0c7b960aa

Analysis

max time kernel
149s
max time network
160s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
23/02/2025, 13:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

11.1MB
MD5

d396e3957d97f614588e8feab010802d
SHA1

44b2ac18cc6a684a2ee04dc608ebd9cfbbe54ff8
SHA256

21c78356d6f0385f18846e62fb1b19d5eea93079344273d386c147e6bba974ae
SHA512

45dff9a9dd9141efa330a342f8a80a2fd7b62ae8d53e97df2400273b365c04d9a4f3b5040b0558c4bb4ba3eed1337bd64c2543793e42da42693751313b261fe4
SSDEEP

196608:l9xdCvDmAcrzSt/M6QZSDjim26Vbl3sEJbv0JzNkop1hg3:RsriSt/gZSDjn3Hxv0JzNp1hS

Score

6^/10

defense_evasion persistence

Malware Config

Signatures

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

defense_evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.rewards.mycardnows

com.rewards.mycardnows
1⤵
- Makes use of the framework's foreground persistence service
PID:4329

com.rewards.mycardnows:my_process
1⤵
PID:4411

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d67dcc17c456dfa79383e48abefa7c57

SHA1
233d1befadf423c71868a148a24944dc8e23bd93

SHA256
18b421ae1bced6818c6931c2a0c198dda8ddb5a6382ca5de657a340246af0e68

SHA512
1847b15cf72646b046f46b3281c197c554f3376923b29444f89f096186e4ca3244b14f898fefbc162920adbe1d1406119fda3e0d3604330fbb8165c460027755

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c716a7c2e18dec9328b5baea7bd5675a

SHA1
56574e8c80794189b8176f67bff9c4ed3069e12f

SHA256
51881704b897e1d76e669da017c21ad187eb39f81271436e459950a6374049fc

SHA512
1d8a0a3ee3aa4bcccdb69417adbb4d7a1292f961d33e107569b4092309c411c1da146d307d9e8f8d942f2dc262f1ca90df37e95320d25d2aa1d426c69055e907

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
117a5063099eff4553906d8797379341

SHA1
04a880729e3d511627c04b532d160273021c9598

SHA256
a76ed84da9df94d0e46126faa9871ae7bb7f1781b4752e0d48ac6c9c0760f12a

SHA512
d840503cf35a9ceb79c3bf8dd97332090210a9d2796d7b44341e75952eff1b88e730fcd5e842805399f65c621e562b6bdb2cd2cfa55771ecf62fedcf60d25bbe

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2694d97b11746eb31951c534b84977d9

SHA1
f85dbbea77e9863d613729acd8656694d02d3fda

SHA256
58c31ca53e0f5a1cde1b60e3e5aacded0fa1a79755447d37405254f874186163

SHA512
bb156b7db722d9af6658f8d68b648870f37043a5c7b153f252cffb7d0f006fdead054985339d1dcaa717b3f9bad56af67285e9640fb35dd0b18c4418e0601de2

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
30d69b725234ccb7ade4214346687799

SHA1
602ce026b4d955951ec2674afbb0afeb463c90e7

SHA256
a9afd660030162e080aff81b57082b276a76316e7216ee522fc4948e0f9bc140

SHA512
ec60016046539d38c79e5bc97886696e32f1998d406d2c842a7144852a8d4388c8ac52b5a3fbd379a85a7f6859c1bcace2d0d02d799bf8585362893235b33c4c

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4eaf761f055e89ae2833b7061e4d65f4

SHA1
ff8dc054013f2e5fd47735b9c1bc5f75b662e4a4

SHA256
8db8e2f687f337b46be1cb080b96a1b8730432bff333071bf3da869efe198803

SHA512
d1c86213756d639b47530d2cb9d0e73aa0fd4f023bc4c67efe847f9a4dd3836da0e5cfb23041fa92a8e8f93354e53cf473e2985bdc7a84d1b3b36f1ff61a97a8

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c7bcae5629ab958082ef6fae98eb5ad1

SHA1
dcfdcec990c99b3a1056063b508875ff712c3335

SHA256
94529cf3198ccad21d5b6816effc27fb9b7fcc1390535b5c96f5b7b186b6378c

SHA512
1cf20451a38b21e20b30f0e6902d7e662730eb0b2a911014ab685f588359712640785c6e37f6b1bba7d2cf5e1e40bc00e333536f7a380dcedb2f9b5d8d65e606

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f6bf6b17b40ddd48e1f85b89bfacae8c

SHA1
9544c2bac80394c2b3857024e9b5bdd9b5177c1c

SHA256
53683e35879a06705f06f2fd15491b6fa05f94be00e96cd993132d985e2d6fab

SHA512
c9664569766366cf09b46f1b914e7b028d0023e3b58b4f701b7cd7a0b5c4d95bcd196b56c9f1e820a52e86faf606c652ee4c4393901519794a33761f3fb66f4f

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
3ca08d08d3a689421425556aaa4e64c4

SHA1
00e2528c4052c8c2c09c2ff659c03754a20df5ed

SHA256
49b8c281d8db2d1615f7c9e13887aa137e7447486faf44eae9f28b89dd53e698

SHA512
0a19ac67e1c620a93d3da81462f4f22e66fada9cedd749f6328ed42c6ee37dbb69a1c5a479f97bf6e66673dc34a6120ac875a47080139afe7e4fa41cd8513000

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
a3c88104884d1f1853f9161e8baf37bd

SHA1
95bb62632faace699ce6cdb25c74dda2329caa68

SHA256
fe5c28806bde792e448625991ef95c52862f5da88a40d4d024da92f2d19b2f82

SHA512
19894c9d0a663608ccdd71378318c32051874294827986066d84e77e611625df2fcdb0cf2e9d56e9bcd1443ee7c0a970397e12d8f911782db33b2a0cc0e6a272

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9116ddb61f389c62eea73bb65834a5ff

SHA1
05d7feaa0b57fee6edfb0ec084e34ed7e0acdd47

SHA256
94a63e4ef52d15f27e07735177069af40f23099d17fe86347147fa7a2209418d

SHA512
4b4c0fdba2c3af2cc5982170f0a700edd1e8c0c86d1da2103c01bad5e2afe097020756730c5313c1d181fe2f71a35bd3edebf238925bd2d03ab1d50b50377274

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
f2822c1562b6c98787967490b5f803b6

SHA1
f721c324daf0fba8d0a7e8726b7de7c7f675974b

SHA256
a034587a3cd156289bf4a29a7489e9a16dbef7a0b7b9f67aa24847c6cd49ff3b

SHA512
6dd9d04c0609a2d296f0663b6b0ac178c84e7af53d6657ac6d2e368e5e20a348808a37dffbaccf273255f434f9cf807a159f1d12965e4239a7c3621590f9f73c

Download Submit
/data/data/com.rewards.mycardnows/files/PersistedInstallation2044807993003274135tmp

Filesize
90B

MD5
311bb06b0fdcc7feb21bc4bb964d20f2

SHA1
0d7aff9465366b7c404ed473c0b6044b0209d7fd

SHA256
17e51fb111dfb8e7fa75088e1bf2ba05d9dba6c7887c0d9faec1127f2b1b687f

SHA512
4eabce0a53f99ffe97966e031086f9be3b34f8241b591502000b59903250efcc14c906bda4892aeabe2a6411d4cad3eb1bb0c95177b2e391554a8466a8cd5790

Download Submit
/data/data/com.rewards.mycardnows/files/PersistedInstallation5998163755604407117tmp

Filesize
566B

MD5
6f4845926ff67c27fe9937d9a3cc4a78

SHA1
4e5d8e67bad0b62a76d806720197cd662b07f5ba

SHA256
f52f4a5cb015b95ef27464b200718f2f24cf9d0c653bf20bc377cc6343830d10

SHA512
755e46b12ed55b8423142ebe94bdcc5968cd798f21836d92d0ce91c9aa928cc62f7399b1de4b0dbdc308b2a2e0dd32ac24ac788dfa012e9a2d0ab02bc6207c0a

Download Submit
/data/data/com.rewards.mycardnows/files/profileInstalled

Filesize
24B

MD5
bcfc5f688cca106ed774b3111915784d

SHA1
38a2a4068b29c5bec636e9b674d52a53733e15a3

SHA256
6bda506d7777db6854cf9f06720ae0dd6ac3a1f01440aba7b84be40fcc037111

SHA512
4b130ae1df6fa45cc798907a898b8eb52774e396defad52c28047dfe86a1d37d64ccff6a32d9a6518d4d5241fb81993b2d892ad4ba0416393bf37a1687d949f0

Download Submit
/data/data/com.rewards.mycardnows/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
0ce2546f5f7b78776986f378ef182239

SHA1
a19e313ab76a6b2f27e21b6d307f4130a2aa7b03

SHA256
fd92eeeca8a95f074e8e4080e57ac31a41f6d4eaefcddc1966e5c064f901a28c

SHA512
00d6617d4a11ef89bbfe02562d5b67fbd39ebc2529bd3362182ce9a59232f95aa06f873e83167c6d25d2949bb49a13315cf8740a12bd4bc34a4971d133ca3988

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
925dfc8215ee3baa0a211f3380e8ada2

SHA1
c06b2a469974ffa129af153f34a4a14cfea4294e

SHA256
90e76d0d3523b556f3d13dce0219c509c3612567ed1de4f7c367b63f52b51ff7

SHA512
e10d0aca0b1f920c63d8ea46e7f3db246ce5269ce32a4d22b2813a3e14299b908f602a578df0f0d6002ebd2ef4f641ba3f5b46afe74f3dc917c2be1029b5ba78

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
3f468dd67f02f32e8c0360c2a25734c2

SHA1
c6e1af63f30345c4f5ffde113ea5a42268325387

SHA256
8630e88203dcbc73d3f7aa8882520d87952f9bc1f34c9b523c58cc23336b044b

SHA512
c9923a72d9e8f202909c4acb44b782e940bd73a0aad4190684f8d298559f7727b022c835a6916341c76d6c8fcd6e91c525c016465dcd169ae9e8a8a9aea2c274

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
cc7b424025da00f607c19a2752179017

SHA1
586b35cae58eca45eb207c049303281ee1764eb2

SHA256
81d0d15e4b802c945b0397ca1460b9e8460d36ba2e829441c2f1f19d051b7fc9

SHA512
5d8cd42fcf97afd3297729e94617936d1cc7ceafa4db428d3c3959a98ca65a9ce7ce44fb2398cd147229bce55c69cf2def750548162dc355e5450ea1e898947e

Download Submit
/data/misc/profiles/cur/0/com.rewards.mycardnows/primary.prof

Filesize
2KB

MD5
d753c16b296b24b7b2b0a08c64a2239f

SHA1
d7881da382811633bdaf2d413a2ad0f0a2678305

SHA256
ea0110c8afed41a7fee1261442826003ed9bbca2c9511d854e0673ec4da4c6d9

SHA512
8e708cae98660fec75e89452561638692cbcc884fed93543a627bbce002570259fd58aa41fd959b28c44e32a25282d005c2fdd277b62b4788333887a067ab52f

Download Submit
/data/misc/profiles/cur/0/com.rewards.mycardnows/primary.prof

Filesize
9KB

MD5
f8318d4c3e4af131a2db8e3dc84b0bb2

SHA1
2ba967edd1d52c6f665e8bf487dd659101d73928

SHA256
2c1fdf2823167ac51768f5d619fee82efa3c3987f88214a1eda035fb67a4b40c

SHA512
055eb1db1e56e6d7ce68e0ee74ae0d82e04b352a57b768656dfadca6bcde3382f205817fede6f9f42900727a77f42048b5a4686281867d2469bf085b989f90e1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads