21c78356d6f0385f18846e62fb1b19d5eea93079344273d386c147e6bba974ae

Analysis

max time kernel
149s
max time network
159s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
23/02/2025, 14:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d396e3957d97f614588e8feab010802d.apk
Size

11.1MB
MD5

d396e3957d97f614588e8feab010802d
SHA1

44b2ac18cc6a684a2ee04dc608ebd9cfbbe54ff8
SHA256

21c78356d6f0385f18846e62fb1b19d5eea93079344273d386c147e6bba974ae
SHA512

45dff9a9dd9141efa330a342f8a80a2fd7b62ae8d53e97df2400273b365c04d9a4f3b5040b0558c4bb4ba3eed1337bd64c2543793e42da42693751313b261fe4
SSDEEP

196608:l9xdCvDmAcrzSt/M6QZSDjim26Vbl3sEJbv0JzNkop1hg3:RsriSt/gZSDjn3Hxv0JzNp1hS

Score

6^/10

defense_evasion persistence

Malware Config

Signatures

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

defense_evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.rewards.mycardnows

com.rewards.mycardnows
1⤵
- Makes use of the framework's foreground persistence service
PID:4507

com.rewards.mycardnows:my_process
1⤵
PID:4595

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
478b4d087b7d0aa8eb6b7ae7b21e626a

SHA1
f9d9655c6724585c4a645b8be14956ec69aa49ce

SHA256
f291b2918c96f31d03ad88ba6ea3bd5dd0489cb54c80707fbcf57f66f91a983d

SHA512
8e5ebd205537cf104be7b4521f0aa0c838d72d9b28c4f3337ab51defe5ac668ac2b317b2579c4fe063e187cdec869d988377c3a38978c993ff7c0a56284f17b3

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8cde7400adcfaebf755cec959a76c7e9

SHA1
29260260682428aa60fa1c3e6bb4fb77ba094c3f

SHA256
3d00116321c2c4352dd54c7b42593fc612f3f9beecea08eb0338647b33063ff5

SHA512
ba0f0fd9a9868dc1bd9a222d5c1f9b8537dd416dc21ca8a9a8c872cb012b5b1419ae11ab2377c357b0ba9b7db08158e473e9b7fe43e82437bcc5f28261052196

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
00187dcec1301b4abb37bc095d13e4b8

SHA1
fd01c681f54d734e719e77a4020d1fad88453163

SHA256
40502214f75c9453234fd9d5666b307e746c06f12b73b0ee956062ecb59de942

SHA512
3caa7fbb5a2287bb8730124e9164db5ece5e2c2bfdeda4334ddc9ce8302aa6534318f81c2eecce74b842c7ffb3987165657643c46eb449520ce5e74ffa0bdddc

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
070a46d2d5db912f512c096ee569436f

SHA1
8a6aafc783e0c8ffe19dfdd40db7fd10bb6c6286

SHA256
def3bfb47380016075008370811f25480431f6898841afd025e486417ff9468d

SHA512
cb8dfc2978768b77ec8cca8e78ea4e86ad19f06717505c8f1541540a5f462f3ed01bc289601be54003f1725a2ded145f532d93a67d12cd792b3aa0f84f204e92

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
69c941a47739350865e6e413019a953f

SHA1
993e27987031de9f50c2967516706a879825806f

SHA256
1990e82d4e9b9a8b843872e45c3e255520e0767c7918ae1501102e866221cfa3

SHA512
4ff0a7473c762f08dacdc829dfa76c97e6df6a3f5dc55069e9775c17162722bfa2aa36bc5678f29cc6d40a9928fc77dee5230e98e53d4bcd3832c471347656e8

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a91dbf79eff64db3db0bcdc6a99955de

SHA1
db203c5223301b95506d695453d86a1c17812a81

SHA256
28dbf8a03e11f52d61848341fe78396416d8daabdc49935dfc863cbe3452ccb6

SHA512
b83bc959c7959aaf3b575fdd67253ad0c65ce091610bb0cddf22cc991df8ee2c075fe5e057557eb96b3b1a86fe659f37b546811c7102ce29fa89c27232545500

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
4b60f82c1b545de505219696c7664823

SHA1
38fa85fb0e5a54e07637834f35d68e5b5082db23

SHA256
49a5d2ac82c348f6ccc408213e4eaade6338c1392a9afa54e36a9bda72ad802e

SHA512
0dc49b9416253142391122d65a75be91ddcd9196b8373f89bb6d9379e33908aad446e925397a303f0d1e3aabb52f62e00d04b61d6a49e02f1212ef36cdbcbc00

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
00bfaa2023380504864bbc3ebad22810

SHA1
040861a171dad834c2bdaea0af0a6a475e0b197a

SHA256
f5307b96bf86beb5ced58089299df030f9ce75b3c33d84ef6bed6f911a1bd4fc

SHA512
defca525e8724a4b7d7472a716fdc41be24b90b583ab12943ae1b7285569b9c5ab1f26ca4c8727e965935afc37737e2b879daddaac0739d2e3d734661fdfb3a0

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a5e34a07dcfe7a3d1d88c52dc822ef25

SHA1
28d92e500c94da55b4bd3ec9a46ab61bfb2409bf

SHA256
7fcb8dac73d042a8a289f74cb2d1a7d9b0c35840fe8d7fc8b5a4b4759542c782

SHA512
ab825b3bfdedca2a4d4b81c915ca03f9cc4670cbff4f9fc5794c5ec3f5fd593165a9c163b64f96fc5fc543e0b42c399bd9a706b7794b08fc6d9ba559588fb492

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
1f5f92a85395535386cb1195193a6af5

SHA1
d55979922ac7daad93301a711ebab08edf62bb42

SHA256
a30c0296b0aa336b212cb0d3958f4dcf6a5ebae73794d11bb095b02c9246fac9

SHA512
3234560d50e01f74704bb6ee750ae71df143772691c2b863d929281673f24078ee5f70ff5699d98d2d32b0d1e2785a9eef57b16b2e22f171d99190c5e127a9b0

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b04ebeafbdf01c41e743f33e34d80615

SHA1
a90e2d1e90da558f0d133192bb65e8cdfac90988

SHA256
ec7b775f40c7972487876601b709adc5cd504aa30d28fa9627c5c9340766da55

SHA512
8865dbcb97081521a3ff19d9975f7c34df182ae9acb4c90dda162c3843ee6ea467de6cfb2688475188409228210bb1355943f9bd8721bed844eb4736c1982403

Download Submit
/data/data/com.rewards.mycardnows/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
2c4374b2a882ffa3b640d63b4972416e

SHA1
f4e65527dab1ce41f2c77231bb9365b7e3c21123

SHA256
3650a5759c40bcc5e7f26ba44d20078a91c6343acc7c8705085f7a6d8cd5956b

SHA512
7b292aa2115d3ce3531cc95828408fef3aae7dc2f91e190c1e6ab2938c13d635e9db6ef9ff2c23b694053494ec486077723eb15a908e656fff19986e113ddd50

Download Submit
/data/data/com.rewards.mycardnows/files/PersistedInstallation250610991791876411tmp

Filesize
569B

MD5
590d575190d816043e96035b48e8a978

SHA1
95434911d0d1f1f55cd0f76a0f1dfa63799812b4

SHA256
14160b6c6811eee4fe82ede2038abf1598d04d1a916d5c5cf276e58a075df1d2

SHA512
05a05b2eb147addc0d92d2dc48546b0d292722854ff956d5814a480e7d97dab5a80cc9e5b431f4f2854acbdcccf33fafbe32c2648451b02080a3c149e3ebeddd

Download Submit
/data/data/com.rewards.mycardnows/files/PersistedInstallation5977592525958501769tmp

Filesize
90B

MD5
a33a4831a13cb6a25986114cef8ea98a

SHA1
3927f23bdbda2d3738c52afa93f05dd1d6494fdc

SHA256
603b57f33d2f4d73ec3eecc006ced7e8004de190b4cc762171e40151059b96ba

SHA512
3ed16735d53a493da5bc1e70e67be71498ca021194de0c43c845290382401f7c0cb8a14c69bd2750ba20da7e74bb2cf1527c9bdd63738a00845c54506c129579

Download Submit
/data/data/com.rewards.mycardnows/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
a4ba5ebebfacd49ae6f00199decefbaa

SHA1
07740eb4449205fd3af8a323eaa45925982c09cb

SHA256
ae31150914043001d0f2ce8f4cf55c19fcedcd271c731dfcb7fc23fe3d611c0e

SHA512
c6a5754cd108c20584cd981e304cfe6cc77ab3ed85d2d18de792a144f22d9d7de5bfef4645865b9623e34fb44e411629eb60c1d4da942e340d9ae3ce2561fabe

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
c1340ef3857b6da157286759b34d749f

SHA1
760254f992b0f03aa06e13e1cb0ac924c9736298

SHA256
c22a4ec04c23217a826489106af014e90004c25d0e01114f927940a62afebe63

SHA512
f9291394a709eb14c2686cf5759ec128a89dfbaf3264626ae00dc0b8941c3367af5a1fb61888797d8bc7ab614a1fe37d609bb5a76bed9c4922a680e3b9caf1d2

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
33b9d0abebd084fb8f1fcebefe6328f2

SHA1
3a57d47fc7c857c67a63a28d6e070fdfa0a012dd

SHA256
004a9fb81dae9195a0fe3ea338be831199786eb6fa0b6dcbebd9a3b3acf69bb9

SHA512
e71dbb384fa38cfac75657b02a6eeed7d479609dfb46dc77f9521a6a51162cd891c58e07dab49e9d19886ab6c732a27431492912e184aa07228a64ba5eee7f4c

Download Submit
/data/data/com.rewards.mycardnows/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
74909fa47bd70a81a30ce9c7cf98cdc5

SHA1
f4ccf844909d82c0bbc5647360ac75897488ceab

SHA256
6cf44722fdcde82572a976094f3bcb0edd0d1772d3fe3b48485fdddf31bc270a

SHA512
445e840eecd56e81f73ce943d952eb0df06581deb058c4394dafde5f3bf672309fe128765433edda0c6fe7154750a3331840d6ca279f63f38f32ab934b552892

Download Submit
/data/misc/profiles/cur/0/com.rewards.mycardnows/primary.prof

Filesize
2KB

MD5
b52af5f6e884232dfc5b88be454a1cd4

SHA1
54561c213c2988b83db6de487b405f42147adfa6

SHA256
f981d2ec41e6ab1264328221ae16b68ee323067e2b95b1b0055052748041009f

SHA512
8dd9dd498a11ab885e5db5b9d45daede69910ef5c810d904407d253e132225a1ca542497d2d6a66dbf0938096d1c733ac5b73e7761a86efc557ba760e28ea88c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads