93dc9e9017f77ecfd8d212fc4d3cd2a0aea0cda858f657f7ca271501ce81f26e

Analysis

max time kernel
0s
max time network
150s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
22/03/2025, 00:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

7.2MB
MD5

f2b62d9ca5265e0231c4967d2f954cc9
SHA1

0dccad4a8cee57b1c02705339f5508cda33939f9
SHA256

f081db526aa37f891fde022b80bc6cff8a29d4611cd3353065b6805c8568ec61
SHA512

4d1c73cb4d3f8b84c82b8a58fad55c3172bb5427ea0488bae213effa31149b3f01f8e6995cd703b88a60dd8221671653f3e24afce0a77ece58ffb4afc667188b
SSDEEP

98304:L7YaZA3XlRshOM5iSRGeWVK3C6j+e7mnffQq7ujC:L7C3XlR1MreUX7mffujC

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.ndbookmarks8privselector/app_civil/jgslOYQ.json	5127	com.ndbookmarks8privselector

com.ndbookmarks8privselector
1⤵
- Loads dropped Dex/Jar
PID:5127

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ndbookmarks8privselector/app_civil/jgslOYQ.json

Filesize
1018B

MD5
2d50ccba45aaf0ea23251b829b2b63da

SHA1
830e66da718b0218153dbcff1479b117791a300e

SHA256
849734c320de2d0756e1160da008df0234ef22c4e49ce1abbd33e352fb619d1a

SHA512
17e34c38dbbb881ac51bcae12072931fadcec762ab7bb68017347a8dc02a1e5d1b5fbeed077d6795188eeda499eaff285596208ddf8defb6e6d0a5371acd0d67

Download Submit
/data/data/com.ndbookmarks8privselector/app_civil/jgslOYQ.json

Filesize
1018B

MD5
7d1aa73da3266d3ab52c9e6400eb09a6

SHA1
984578d1f9fa62a144bd3facde192d04b67192da

SHA256
ed678bc4815f10de9681318237d5d39ee6f3ee84cce63cecc949f92f383df6c4

SHA512
3b5d0267de8cde80258a4b54e066f79d25527dafb1f7317fbd1710e13b21a02bd028954c191c1456bd54c85b37d4636d8fece80dd7eb7fd1e8ca9e0b994871ed

Download Submit
/data/user/0/com.ndbookmarks8privselector/app_civil/jgslOYQ.json

Filesize
1KB

MD5
61d2c3f2cb81bf35e095282858bc6e21

SHA1
62700e72befbea1dcb63e77ecaf6c0c9e8ec632c

SHA256
91a26c060c80de094375766eb68ac93c47d37e429439ae66cb8d3c87a3e71560

SHA512
8b733bea6ae49fda710b1130436356100385419372638b167b0928631b61d46459d6f83949e6f24edbc539697cd95a1d2eafe0d76c282f31a466dc9dd83f97fd

Download Submit