d588fa6445658d0efb0eb9aeaceda48472ea81da762f94d3d48564e033ad60aa

Analysis

max time kernel
24s
max time network
153s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
22/03/2025, 22:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

شات العراق العظيم ❤️_9.8.7_APKPure.apk
Size

10.2MB
MD5

593140f9f7914ee990b96819c6435a20
SHA1

13a1b7746e4b43d1d63bdbd745a02dd05ec031ee
SHA256

d588fa6445658d0efb0eb9aeaceda48472ea81da762f94d3d48564e033ad60aa
SHA512

1767217695b713cbfa833b7c3a150dd7f40f89addd2fa1ea2f233f0e46b818ef498c019fb56d689c071c6e82bc2704af3c0df7ae13392ff9e255450716d46b1d
SSDEEP

196608:7d7pyOZTZ27Emt7w3ZaOh4YeGHkGhWr8naMuuls+DycZlBEQ+ep5:B7E4tZmt7w3Z1vbRYnMuqs+l

Score

8^/10

collection credential_access defense_evasion discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 8 IoCs

defense_evasion

System Information Discovery

T1426

ioc	Process
/data/local/xbin/su	aplic1423116.muo
/sbin/su	aplic1423116.muo
/system/bin/su	aplic1423116.muo
/system/sd/xbin/su	aplic1423116.muo
/system/xbin/su	aplic1423116.muo
/data/local/su	aplic1423116.muo
/data/local/bin/su	aplic1423116.muo
/system/bin/failsafe/su	aplic1423116.muo

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

defense_evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	aplic1423116.muo
/dev/qemu_pipe	aplic1423116.muo

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/aplic1423116.muo/[email protected]	4787	aplic1423116.muo

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	aplic1423116.muo

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	aplic1423116.muo

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	aplic1423116.muo

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	aplic1423116.muo

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	aplic1423116.muo

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	aplic1423116.muo

aplic1423116.muo
1⤵
- Checks if the Android device is rooted.
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4787

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/aplic1423116.muo/databases/StartApp-d6864f2502af7851

Filesize
16KB

MD5
06ee996a65e3fb7eee14fa07c888ee5c

SHA1
ca1443f57ba620c6ea753a0a1114b71dcbfc71c7

SHA256
b6c90e0f9ad5bd2a4ac366e563c56c696b081128befc0b015bcb50e6a9047b5c

SHA512
e46a1974b43eca2ef6334cecf9608171a3c89dcabfb02940405157c2ec17d0f456026a04af0b21c6adef0ffe3b2b66fe34de617c8f07d9b0787da8ca2e56aed5

Download Submit
/data/data/aplic1423116.muo/databases/StartApp-d6864f2502af7851-journal

Filesize
512B

MD5
a16fdc3e4f2566e14916263f8eb79f76

SHA1
e0e169232adec01a54655860fca686ad392b65c1

SHA256
3ce72618ed4101b0ce37b4f4dbce07dc5f4c17002ef64a5d3648e689b9c035ad

SHA512
f200a17094283a17182e3e1c2942fde29dee6fd29d8a3dd9a3fd1d0a11db1ab5b0dede334cb14e9a0744a18fc71904cea47bfb187195b5c46565f813ec4dc029

Download Submit
/data/data/aplic1423116.muo/databases/StartApp-d6864f2502af7851-journal

Filesize
8KB

MD5
f66434f388fd54c32f5616f69dc28e2d

SHA1
083ff355775c3a22919900393594aec00d6337d6

SHA256
80c8fcf8ff45c117208049f522b5b8ec3fd63117cc985d8fa36362e04e1c8a2e

SHA512
6082eb124c0e31a0704f82643e16b3dfa2feeadb352210ef4e4f0e168cb725ce755bc57b43638273eb5d4f5f8c95ac6687c02a5e7bfbf21f87c72d0b75340206

Download Submit
/data/data/aplic1423116.muo/databases/StartApp-d6864f2502af7851-journal

Filesize
8KB

MD5
bbae4f37df6e0879001a7e1f1c173e92

SHA1
00ae2ece587aaa0c4edb94c5f744baab5e2fe79b

SHA256
a4f6bece24b17d1c8e995953e2cbe26c47b7c3ddd285cf083f36c5027ca8ad63

SHA512
15b5e92de73298584590a375aeafccf46b3022a8fe5128bd12492b89c1bad99d620d9bf2acdb5c490a402c9e60d0c554823da4f9132f46f62e73b530d7ed7e80

Download Submit
/data/data/aplic1423116.muo/databases/StartApp-d6864f2502af7851-journal

Filesize
8KB

MD5
a6109895391539311752564ae7a7401e

SHA1
2076c99e7440391e95d0839a57df325cfca54a3e

SHA256
64a38d48376bedd94fab6f6c062a6ff84acb2082089b327064320eb41ddf3a69

SHA512
92de29f174a7d7d9d58704aa6ca6c331734e3752153d1f66bc4033f408b2ec6e51c34f82d3d3fc627bdb37f2a16fdd5df9a8bae35af744079f1c166997d10334

Download Submit
/data/data/aplic1423116.muo/databases/StartApp-d6864f2502af7851-journal

Filesize
8KB

MD5
aa39592ba2a1c0401c928f8760e04cf6

SHA1
ec50bb775d3dc0658c8e50764eef6e43a1f26cc3

SHA256
240fda396e175bad04b767c478be6cf7c899fd570f26b8dc6153c8baa51fad3e

SHA512
475d58c18e7e6c9aa1e7fda709bdfee712a2a40b24a871fe33cdd0927c0370de308f09686c2ec24a6fdbf4447d9433579cea65389e45d5068d014087c2466556

Download Submit
/data/data/aplic1423116.muo/databases/StartApp-d6864f2502af7851-journal

Filesize
8KB

MD5
d723f1d25c3e52e2a4b9bcff26a3d783

SHA1
492f07a5ab88b425987e94a0622f5e708f159856

SHA256
22e86fdb29cbb1adcc5e312ce19b85558f7b9fa00b8124498c24cac3f2f50820

SHA512
fd8deac6b4e4993ed29e5142a7afe02d62acee781ea825fc62b08ea35b98f01baa33bb0a2ef6eb2b6ab6a6a60f13b1f6556e229dfef335d969d028267f2693e6

Download Submit
/data/data/aplic1423116.muo/databases/appnext_dbs472

Filesize
36KB

MD5
71e8f7c2c6076fe23bc2d327c36b6741

SHA1
b41546ba5c52491383b0085c6369271e2b477c6b

SHA256
c5853d8ac738f52a04ccca77cf25a04ddc9934c3ebe3fbf40b76802ac9875c59

SHA512
aa797426cdf6468002a73e69ae254a2d71dc893618bc333c2ebde4c4f1427c6a6be9e9599b01750f5042579d61f55cc544a3db9aea3bfca1ab1deec5abba1961

Download Submit
/data/data/aplic1423116.muo/databases/appnext_dbs472

Filesize
20KB

MD5
c0823340c0c1f3b5f13559ede3304f84

SHA1
83e5a79be1fc2c95015dcec4b0f9ec514dab6bdb

SHA256
4d32298ba6862bc72764559d30fcec7c0cac2e89a7f5bcafbe6371604879ec94

SHA512
8763791a1266b363e65155744c6c2fee06f02befe15fdc54d9f3438e91e9ab5764045fbeeeea06b41921e66187d76699ba8a8ac5f1bc78b4267d8d9773d44e8e

Download Submit
/data/data/aplic1423116.muo/databases/appnext_dbs472

Filesize
20KB

MD5
6be2ed1d052d530787b76477603a9478

SHA1
80b780832d182c9d2e570373b986ad147136ec7f

SHA256
426ba2aece661b919abeab7bdd114873c47b3045deab01aea5d5859e172f5096

SHA512
5614c1f09914ca758069895566f5e822d8e08933fc45df25129a676ff331123d4b5e335ca0334422d4c777e20329b07c9b1de8dfb556683e72acf3c59373c6ff

Download Submit
/data/data/aplic1423116.muo/databases/appnext_dbs472-journal

Filesize
512B

MD5
6eb4c3d6c8a0fa14d52ffb27dbff9973

SHA1
2453229d2baa260d4342a73f595c0708cfb931ff

SHA256
6a88782bb1a05a9bf9640cc4fd48b7237b3abe732811bed6510417be6e161955

SHA512
851d338bd1dec714f88e7b0f589b40dcb6d16a822f614a99b4a2c55c6a5e5df23e931767cb4b6a1b923a71f6b3e2938e502d6c5e170f7bac94a80b424433612c

Download Submit
/data/data/aplic1423116.muo/databases/appnext_dbs472-journal

Filesize
8KB

MD5
16aa802186aaa5ef003d3427d9aa9129

SHA1
9471949fe790b678b3c0d2a51e244fc07f2565f9

SHA256
b83ea306cc3e22d2ddca09637808d394774a5e3d585f6c810f02e1a55011ccb9

SHA512
b6b919ad5651fad7d37d317f5702bca954615d52c44beddc44a2e4d2327d09e5f550c2576dcff8c9a6a3f9a81aace899a7a4a51b554fd6674993bb15d0ccdf26

Download Submit
/data/data/aplic1423116.muo/databases/appnext_dbs472-journal

Filesize
8KB

MD5
8bee5c003926df28d201b4c4d5a1c322

SHA1
17c83384fe4f33db650afc0510c710af67344360

SHA256
e2e7309ad7b69e952cef76c6e473c204b99c229edecda51c72331ddcf672f59d

SHA512
65472caae7a5239b043b4dc06118f7e9f7c9855d683b765705c90c1cc7c1ec04573026053ebb2ea79d67af59a009126be16d5784505f8e97d2748e85a5e09a51

Download Submit
/data/data/aplic1423116.muo/databases/appnext_dbs472-journal

Filesize
8KB

MD5
e5bf490c830fc23689b11d9c5150fc0a

SHA1
3e18a53d8d91ea7d008034bd5616436fb1fcbd5c

SHA256
b617e19547b19a24bdeb0c54b86f3daba15ee4005c9641504759cf6e7472849e

SHA512
4d421ea73dd3650a66dab9eb0e4d29d920f6584990d17dc6b8ac9d202bf60d39cfe1c4e4ad22643444e32a0e2e5116a2b061a979f40a657a3d46ebb2fd5d0c95

Download Submit
/data/data/aplic1423116.muo/databases/appnext_dbs472-journal

Filesize
8KB

MD5
739a1e3e75cada67f14dd7a9a43c7d10

SHA1
6ade11cc450e65202219870671ef158bbf5a807c

SHA256
13889789b5e11e1bafaaebe507ac61cc55c9bc73b1553faf230ea328a72f9b9a

SHA512
5afa9c9cb66be487492772fbfe925ded8678eeceec31b6a715a64388bed884cc0921673f3da4aac6fe76dd9dd8ca020ff4e9838e7daf470859561b008e5c282f

Download Submit
/data/data/aplic1423116.muo/databases/google_app_measurement_local.db

Filesize
16KB

MD5
dd86ba8ca8332be839abe05662eeffdc

SHA1
f424ed2fbda9913bce3cebfecb4df0862f4cf370

SHA256
ed3420372ecf7ae52236d827997f5614aae367f27c3d8331a0a7eedd532e8ddf

SHA512
f8d93163e71a6091e90443a3e9d940f9086529133e46b1b7a9dfe89a5f0bbe2498e87fc68fc6d3da607529bfdb570e570183e6d4dc7ffec1cd7c95879538d692

Download Submit
/data/data/aplic1423116.muo/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f3871d847d2f54c4c04661dfa3afaf15

SHA1
0a522d2839341e259a24397e416d1b6aa30c612e

SHA256
397caa11b24704e98ee082cc4549c8961ee596c40b633567d78fc0c17bfc58f6

SHA512
f9b85c6da57dd0a724ec933e0d322f3c878a121d8a4a1f62c23e5c5df376eb1c1f80dd52d75d7e26de63c29dfeaf2ebbbb47e53d0d3b1ef7a9a5744a32a47e56

Download Submit
/data/data/aplic1423116.muo/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
dbe08d9188aa7bc483e3130251bca93e

SHA1
b09f1a7099f0587587b03d75a99fb14a5cabe5b8

SHA256
efdae78253db5d33a594adb8cab41352b63c03f27ec8b2ea3c706d1c1cabd508

SHA512
fe21e221e762cf1bee3504bcc5329a8988bd19c7c23a979983f4195a01f371f04ffb9cafe7ea31e0ee76b024a80fe8cc5d4b93d27f2923b906215137c4ff9e90

Download Submit
/data/data/aplic1423116.muo/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0107c6ef83887dd3e37c3cebfe2c2839

SHA1
e0a947aa325ccf5fd270c311d1d6ea39bd155c79

SHA256
79777c4369fbcde7ffeac55c38f347fd868c9fcb89a8bbb85c04c1e5710dee14

SHA512
f5557227333a776ff81067a9693143ab54b2c9411362128e7310a7493cc3135ad1d34224c7f9bc6cec6bd8a8c2865575f6b33f06670c17e776949e1fe4469781

Download Submit
/data/data/aplic1423116.muo/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
8c2ed68bd877a20d6b60c4818673e150

SHA1
cd7093b85923e1461b4fe626af7d04bafec4d47a

SHA256
3569855d7713c4af7ce70146792488cc90e016d01f0990ec2ab7fdd9da913964

SHA512
7cc6bdf813acc18f90b648f9418027520260a999bcd47ed1a0a946a1395d4b2c656f651527b6a79c7e8206ef1feb75fd2061625909564a0fc45adfba772a6535

Download Submit
/data/data/aplic1423116.muo/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
1cb4eb046ace8504c1fa11b41b4a4668

SHA1
d6028c68c6fb8f525a727e66bc6fca6914be714f

SHA256
0b4f26f5799890397dca3c398e22a2c2e98e376d1d2c1dd63e71e04ba02e0bbe

SHA512
c560806f423854b3d00c2364e420adc052dd497e63cda056f1db5321389062e8fec7949c61645b54bda58d305539deb07cbb27c739277c2147e2d0e96e9d1b63

Download Submit
/data/data/aplic1423116.muo/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
edb7d9a635cae464854ac1abe51e8bcf

SHA1
7c6d504bd63b0584525c888722b12223cd1e931e

SHA256
388b367a09c430a9422788d3d05c09c42cb25993459a7e16c227e9c90a85cbd1

SHA512
ea6f3463d3afb7f13b306e936fe7cc6ae2fe2bfa19be6ec2997d334173c25e558110de533dba4deddefc6e36b961e5e3067a18c0f4d3f8f5c593ec03f242003e

Download Submit
/data/data/aplic1423116.muo/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0909a1f12cc41b78c77ea38d4d2412bd

SHA1
2a303b8a9cd49ad4c66751d51feba5b653400477

SHA256
acc54cc41fb74c760b8b29d5d19a73068eb967b91900b607fa489b372a289c60

SHA512
ffa09ed21d8693eb0deaa12fad851e18a250e257e26de7bbb8455d7a5fef6ebfb1dd9bdc38b850d2ab1b5a2432e7f4712216417a87cfce84d04e14484165d92b

Download Submit
/data/data/aplic1423116.muo/files/StartappAdInfoMetadata

Filesize
1KB

MD5
4a7488e2e090d6072c1a15a207950581

SHA1
71765ad6cdad2df964d04c480d5be32ddcff3924

SHA256
3a277027f649114519e5b67c9c3d1e7b08b268c73c13a053438beb6f9164899a

SHA512
d4034c4e504adc6f613d7e6c21de15ae999fc11d12e4c1fad3538a7a7119f9d0d7e655f5d8bededd55abd0e7319eabede609b8b29c4dfeb9a20fe2eb78ab11fe

Download Submit
/data/data/aplic1423116.muo/files/StartappAdsMetadata

Filesize
2KB

MD5
02d28ac2d17fe30a954942fb6fa47657

SHA1
a738a7d3a1fbb396a5387819b8106011bfbd35a0

SHA256
75e40d68562700c230e7c6ad2bd89d8304d6baaf1a37eb82bcfa8f05439c4a91

SHA512
a061b0074781ae0d97f1351fd955342a852b7fe893a9fe992461c044be73fec04336d8508704801573aef6afdf7d356f6e4274f15d7642db8d3103467f884420

Download Submit
/data/data/aplic1423116.muo/files/StartappBannerMetadata

Filesize
719B

MD5
008ad37c8d89f1f02004d2b63a20fdbb

SHA1
62536b74feba7abaa70b7b0c7d304abcdf623308

SHA256
248c48a58bcd53389c33ef11839900915e7a50deb9747c1ed258b2a8e2a415fc

SHA512
3782948b8c629005d360bb1170d157ef09d0d1b0fe64eb067144f20673e37e619074f880b07dd3ffed023c80176b9f99328ded0b7a6b61a1479d32d124e717a8

Download Submit
/data/data/aplic1423116.muo/files/StartappCacheMetadata

Filesize
785B

MD5
1cc961a176032fc935e671957856ddcb

SHA1
818562479af03f2cc3c1936bff5c7b13f5a6ca6f

SHA256
e6e9d42a25a60b9a933ac266abcad0f2575f3b7e7ff39f880b0845b7e4e4b0df

SHA512
c6761d342ce60ec7d7f8fe47f51503dd4ef7cce2d3dd399de9a9683477e70f17659edf35516f33ba107f8fe8088f8a1424e02a377bfe2909f590074aa7e6391c

Download Submit
/data/data/aplic1423116.muo/files/StartappSplashMetadata

Filesize
1KB

MD5
073c7ef86a8c46426bcdfc022b4864b8

SHA1
fff5caa9d344b3f739176f4d16d02ab14f29fb63

SHA256
a240f4dd3cfaefc86fe977ef410dcd2d85cd2854ec2c8071393836a84399549c

SHA512
c504dae6e299f507a3cf6c7ec372505df5e3ee9fd5e0daf808868d2204aa538c874c3de4393bc256a044cc5edbd6964c34e1922822e4e6d5485d23839d019954

Download Submit
/data/data/aplic1423116.muo/files/shared_prefs_sdk_ad_prefs

Filesize
153B

MD5
65026ee778e1372d9f4aed742772e893

SHA1
5a5f1c821d7639424f3c75a44468ab5f7dd4e8cc

SHA256
15070f52136d5a8332f8d70f790bd7bb04cd6a99b386d40e0abedc40c42caa3c

SHA512
589c4a12c6b6ec1a1cca957da758aaa900e68a23b4bc2f42524b0e8dd34f6c5378541d9293eae1ae8d478bf5b5229ce4218c058fc3b399eb5756afeb05c68616

Download Submit
/data/data/aplic1423116.muo/files/vinebre_ac.txt

Filesize
19B

MD5
9e7ccb9729228b87b2e5446ebdfa3d98

SHA1
2d56acb5e76ff49845e1b1a220ca9a619bb80186

SHA256
f8462a88c01e07ed8ab634891d2f4c836f4fa8b4b577250d082a5c02c06fea0f

SHA512
ca30bd13d0690ced47844ea41b143f83204a3923e3b0a40c456919510ee0833cac908ac71a8913fb1241c5f40e31a302989a4f08faedb4c31e4a847f7cfbbdf9

Download Submit
/data/data/aplic1423116.muo/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
003f01acfad56d6006bca1e0b28cb237

SHA1
625f0ed16dc33506c8f1f651dc16cf52b3f774d7

SHA256
5f7ab047a54fee19c372977ecda4bb20c7493d380ea340da6eae665020e564d4

SHA512
9eb7e8da272c31259212481ffbb46c54e37de08454195a815d123db6c8b30a773304a53f66b1222e0d0fe23d068541425d5f5d29deac58090a6f54ec7d3e78a1

Download Submit
/data/data/aplic1423116.muo/oat/x86_64/[email protected]

Filesize
515B

MD5
eb4db99dcb00bb9baac134f8a24a95d0

SHA1
239113a70fc870d99c3f7a91bf5bfe7bc38a8275

SHA256
acd825a8ba221b646af18f5cb8a9e0d1081971ab21a1644badc45b2e04cb0261

SHA512
b0cd10080f0d2d9acca8b93e605b0f7f7673ef01e214f4c8617719f11a70e5fab69282676d8577c84f9ea93e9750966c97e60bd567287abd6a4e32f92d6392d8

Download Submit
/data/user/0/aplic1423116.muo/[email protected]

Filesize
3.2MB

MD5
69cf159b893eefff9a8106cc3ee37e03

SHA1
165207adfe8c6047ce9f3dd38aed50796c1660d1

SHA256
26fb1a790377e11135bf8bfa7552cc2797d351df60154ea032ceeb4463776fdf

SHA512
379960366739517c1c856834227aaa1a30a20a9bab730d4229f200192f2c643b69a3e2e114dbdd743a69577e0b7b477c0d14e71c31ee491e137ec405f79e71aa

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads