d4f5730188d3e9bb6ccd428ca36c934e6a83fffb45afd717d9f1d7a2aa866235

Analysis

max time kernel
6s
max time network
24s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
21/03/2025, 18:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d4f5730188d3e9bb6ccd428ca36c934e6a83fffb45afd717d9f1d7a2aa866235.apk
Size

11.6MB
MD5

429076ed77ff71d34def00f2a8f8e59d
SHA1

3dc9b3095d33ee27f3abb7883ee061d86f941a94
SHA256

d4f5730188d3e9bb6ccd428ca36c934e6a83fffb45afd717d9f1d7a2aa866235
SHA512

421368282569d882b152b8b70263deaa12ba8f302dbbf040a7350eb0cc35ce405003070ee485de375443dbf917e8a3d8ca82f69214f54c93913914d0c0ad1d46
SSDEEP

196608:gG//dDvCiDORp/LnSZlFAU/dL4QW7nVXx9L2RfoRRgkkwABYYZDkO8xbo0QPbs13:gK9qiDOP/LKlmU1LKBx+fongkkVYwsoG

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/xefiyh.tvlnyc.cucgdg/app_noise/ky.json	4496	xefiyh.tvlnyc.cucgdg

Looks up external IP address via web service 1 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
3	api.ipify.org

xefiyh.tvlnyc.cucgdg
1⤵
- Loads dropped Dex/Jar
PID:4496

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/xefiyh.tvlnyc.cucgdg/app_noise/ky.json

Filesize
573KB

MD5
b5fba21308a783dd0608e1025a1ba233

SHA1
e8ebd21e8fd7740b3f8692da8d4b84ddb1901cab

SHA256
b764b94294114b8ac4dd8fff47b56a9320f7bb932ec47bdd1fa0e7e0d9ad86d5

SHA512
bb9215f46bd5e0f61416adb60c1588bd3dce09f7a1385405928723f507e195d60bc946090a4ca4b96d2d087634817bce0e4cfd7e37dae4d0ea05317e7ea3ba9d

Download Submit
/data/user/0/xefiyh.tvlnyc.cucgdg/app_noise/ky.json

Filesize
573KB

MD5
b591716e348bc5415dcc65d1926afd58

SHA1
18fdedfb55c77b84b875c3c03f4a03cb73a50aad

SHA256
444d691635624d31a3670d9f7ccf97dd87a28088a249706e05adc028551490d3

SHA512
5328ab985be02dba3a68e3a1b9e95e1b57a02bfe5d3c98dfc4cb9b39e1a3f93b848d0592efb7cbb4722832aad165f5d8e2bb4335ce14b934295e23d2a99aa4fd

Download Submit
/data/user/0/xefiyh.tvlnyc.cucgdg/app_noise/ky.json

Filesize
1.2MB

MD5
0969012e802ac22f424c436a89bda67b

SHA1
2bbd1699e8697a3f89180faacc2e8fef9ef46e80

SHA256
571d2d1e539e7339a75d172e9e500cb30c944112f762826adafc401af2096cfa

SHA512
521b064ce87579117d7b4eae1df5e233a8268ff71010a9cb01887446b6cfad6af853ceb9601e9fdcf1e9172952e976954b7349cc58175e19878ca5eb1ab1e9d8

Download Submit
/data/user/0/xefiyh.tvlnyc.cucgdg/app_noise/oat/x86_64/ky.vdex

Filesize
29KB

MD5
9c10596d30ac03c1807a5f4a4a29f4bb

SHA1
9d84756d84b6e68ab2703dab41070049c2c21ecb

SHA256
fd7bcb808860ab482b3fca0898e451634419fb0f904575250cee995ca73d6f60

SHA512
29d55b221c555b995faec92c54c91bc123af30bdcd110ccfd297b2f5f64d58759fece7e341709e3a0ae59d773458e1ca3aea2a2611eae6f9168dc614d85e9d23

Download Submit