d4f5730188d3e9bb6ccd428ca36c934e6a83fffb45afd717d9f1d7a2aa866235

Analysis

max time kernel
45s
max time network
150s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
21/03/2025, 19:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d4f5730188d3e9bb6ccd428ca36c934e6a83fffb45afd717d9f1d7a2aa866235.apk
Size

11.6MB
MD5

429076ed77ff71d34def00f2a8f8e59d
SHA1

3dc9b3095d33ee27f3abb7883ee061d86f941a94
SHA256

d4f5730188d3e9bb6ccd428ca36c934e6a83fffb45afd717d9f1d7a2aa866235
SHA512

421368282569d882b152b8b70263deaa12ba8f302dbbf040a7350eb0cc35ce405003070ee485de375443dbf917e8a3d8ca82f69214f54c93913914d0c0ad1d46
SSDEEP

196608:gG//dDvCiDORp/LnSZlFAU/dL4QW7nVXx9L2RfoRRgkkwABYYZDkO8xbo0QPbs13:gK9qiDOP/LKlmU1LKBx+fongkkVYwsoG

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/xefiyh.tvlnyc.cucgdg/app_noise/ky.json	5095	xefiyh.tvlnyc.cucgdg

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
13	api.ipify.org
16	api.ipify.org

xefiyh.tvlnyc.cucgdg
1⤵
- Loads dropped Dex/Jar
PID:5095

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/xefiyh.tvlnyc.cucgdg/app_noise/ky.json

Filesize
573KB

MD5
b5fba21308a783dd0608e1025a1ba233

SHA1
e8ebd21e8fd7740b3f8692da8d4b84ddb1901cab

SHA256
b764b94294114b8ac4dd8fff47b56a9320f7bb932ec47bdd1fa0e7e0d9ad86d5

SHA512
bb9215f46bd5e0f61416adb60c1588bd3dce09f7a1385405928723f507e195d60bc946090a4ca4b96d2d087634817bce0e4cfd7e37dae4d0ea05317e7ea3ba9d

Download Submit
/data/data/xefiyh.tvlnyc.cucgdg/app_noise/ky.json

Filesize
573KB

MD5
b591716e348bc5415dcc65d1926afd58

SHA1
18fdedfb55c77b84b875c3c03f4a03cb73a50aad

SHA256
444d691635624d31a3670d9f7ccf97dd87a28088a249706e05adc028551490d3

SHA512
5328ab985be02dba3a68e3a1b9e95e1b57a02bfe5d3c98dfc4cb9b39e1a3f93b848d0592efb7cbb4722832aad165f5d8e2bb4335ce14b934295e23d2a99aa4fd

Download Submit
/data/data/xefiyh.tvlnyc.cucgdg/app_noise/oat/ky.json.cur.prof

Filesize
1KB

MD5
40ec97a7daeb2293b8f0875c852c7850

SHA1
d04460253571d3f893dd33990488324dfc25acab

SHA256
f59aba43b1780e0aa14d404d147e32ae56142b66d7b98035e2c9b8cacec6ae71

SHA512
0a80dd4e9c946b1fb5d63c88e37a5c33f1379db77e471df2c030c525e3f05893a2752cf979c52c98c93163c838e1a2e1521c8d9e0f8aef4cc1c50063cb85b07a

Download Submit
/data/user/0/xefiyh.tvlnyc.cucgdg/app_noise/ky.json

Filesize
1.2MB

MD5
0969012e802ac22f424c436a89bda67b

SHA1
2bbd1699e8697a3f89180faacc2e8fef9ef46e80

SHA256
571d2d1e539e7339a75d172e9e500cb30c944112f762826adafc401af2096cfa

SHA512
521b064ce87579117d7b4eae1df5e233a8268ff71010a9cb01887446b6cfad6af853ceb9601e9fdcf1e9172952e976954b7349cc58175e19878ca5eb1ab1e9d8

Download Submit