700feb6516b2b9070283a3e818abc7c1735e08ca750ff6b522737f2ab3cd77c8

Resubmissions

28/02/2025, 19:01

250228-xn824avqs3 10

28/02/2025, 18:56

250228-xls8vsvpv9 10

Analysis

max time kernel
5s
max time network
167s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
28/02/2025, 18:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

3.5MB
MD5

adc5d16499c92152a1b96f97edecf63d
SHA1

35f9c75df79fbd36e89e65e99463bccc62988426
SHA256

8e5051ee23cb01c25f0adcee6475f4fbd4cff15edaf08c7a81676ced4bfbbd39
SHA512

fd57f7d4e43bcb38469980b8b23a1e38122f3634e461cc2b50a187cd7e5e3560e55fa8c2e7f74625ca9bb59730121889b439cc03206126c9334164c5cf36e80b
SSDEEP

49152:pgWoVs7LxArmZtZqKD0LSNGUNog3SFI80X6Qpd2x6x8MbsCnJMzvvS9jz0o/nq:I67LxA+DqKD1G2FxNAx6x8vrLYjQt

Score

7^/10

defense_evasion discovery

Malware Config

Signatures

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

defense_evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	com.example.mysoul
/dev/qemu_pipe	com.example.mysoul

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.example.mysoul

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.example.mysoul
1⤵
- Checks known Qemu pipes.
- Queries information about running processes on the device
PID:4777

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.example.mysoul/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.example.mysoul/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
016bcd52dbb89dd93d378a180ab48b89

SHA1
b8ac20cdf7c0413e1e6e2463a4ddfc1e5d5edee3

SHA256
390752669b94476ca8d6402f016e728cb99f113db6a6a97e8176c07b864f87b1

SHA512
f5e2d90f2e3d3295a7d4747276f5445efe3ac84cdef1a6cfb8a57d751a6c61c0f3fba4391a7aa88006f27fde3a13d9fa442ea57613cd608c0731b1893a3f28ca

Download Submit
/data/data/com.example.mysoul/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.example.mysoul/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
ac275d1726e1a8c11211f6c1f5ccba9e

SHA1
5d16325acbb3f6ec5cb9ae10d59ea5423f1a645f

SHA256
01ea87a521e8230bca811f94157459a2f4f0a16baf838f287e8937a328e4b686

SHA512
c21ea9fdd9aebf7c57b8b03bf173daa5cf9cefb0d9e9f588024490ee5dda44c27ced320476948da3ed28d8e6b8015314bf83fd77975bbcae46aeed4133e7c001

Download Submit
/data/data/com.example.mysoul/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
67dbe81dbe542b675bebe6269264f553

SHA1
0a40fb584059629d1d684165d7d81ba2955894b5

SHA256
2b5e363e3247c752e9472cd91dc458b0f505133d915cfab29cfab1b174c5df75

SHA512
c1a5e46e0cb9532ae01734129d9d0db66cf02f36bf162bf9cf2f49654258bb12855c51951daebbc3adda180e3c7d1e39ecf74a25d4682979f5b49945a086026f

Download Submit