453c506378fa71efc871a8f4442b49b6d59a513def153bfec9813856d6d93a1b

Analysis

max time kernel
148s
max time network
152s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
23/03/2025, 15:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

adcc3a2f7cef4a20d5985f7d6c2290a0.apk
Size

6.7MB
MD5

adcc3a2f7cef4a20d5985f7d6c2290a0
SHA1

49cc48340ee2397c09f0484805e49e223e92b3e4
SHA256

3d1e6b84b50e9dbcfdc6b609aa57d28fa06f78e1f3cd9285e07ba8e39f419bfb
SHA512

52720c88b187718e7b3a4e557782a4794f2e98cbd15a14de04d80921ff8d3c9eb0cd5b8bc0c4705c867f81347f941e8fff9d14b1b850e432307e9da4c81369a7
SSDEEP

98304:1TOGZpDDsRB06CE3BFEi0c0Sll0pkQt8w1PGDdfnVBwvnBFWGm6pMn5fm+PSpKJ:1TvDDsRB0TE3BD70Cw1ODdWRcxqKJ

Score

8^/10

collection credential_access defense_evasion discovery impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 8 IoCs

defense_evasion

System Information Discovery

T1426

ioc	Process
/data/local/xbin/su	amoungus.among.us.free.online.game
/system/bin/su	amoungus.among.us.free.online.game
/system/sd/xbin/su	amoungus.among.us.free.online.game
/data/local/bin/su	amoungus.among.us.free.online.game
/sbin/su	amoungus.among.us.free.online.game
/system/bin/failsafe/su	amoungus.among.us.free.online.game
/system/xbin/su	amoungus.among.us.free.online.game
/data/local/su	amoungus.among.us.free.online.game

Checks Android system properties for emulator presence. 1 TTPs 2 IoCs

defense_evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.product.device	amoungus.among.us.free.online.game
Accessed system property	key: ro.product.name	amoungus.among.us.free.online.game

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

defense_evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	amoungus.among.us.free.online.game
/dev/qemu_pipe	amoungus.among.us.free.online.game

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	amoungus.among.us.free.online.game

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	amoungus.among.us.free.online.game

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	amoungus.among.us.free.online.game

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	amoungus.among.us.free.online.game

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	amoungus.among.us.free.online.game

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Requests cell location 1 TTPs 1 IoCs

Uses Android APIs to to get current cell information.

collection discovery

Location Tracking

T1430

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	amoungus.among.us.free.online.game

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	amoungus.among.us.free.online.game

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	amoungus.among.us.free.online.game

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	amoungus.among.us.free.online.game

amoungus.among.us.free.online.game
1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Checks known Qemu pipes.
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Requests cell location
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5050

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Location Tracking

T1430

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b51632d96a42450b64a25ed113753e3b

SHA1
6fbc4b39e7f2028f33f3e2ada14033888f0bcb6a

SHA256
8111356d9c6bba06b344f0019f1a8e021514174075703693ef60bfcdc838e375

SHA512
7344085ca03c8efd24e07363c3e277346f341555d97e6d53c98c1d80fc55c37d9af78366386020bfdbd5edfcf0f56525b26e1212b691273ef3b35967346b3af3

Download Submit
/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e79ef62b9c4bb7d2eaf97df503f695c3

SHA1
9394d66a4b5693df8a9141fb00f37cf524ccd724

SHA256
1b59398e1acd019b5e2a15f9d9a29f81c7c027937e90c1da1a9a252a6ffc7a91

SHA512
4b75769d30c052ccded199cd88c7950da6ce472dac99870d574cd73eba24a187aa890ff2071cae3b320df50d23f94200ebf8536a05730c806c191a9aa9657aeb

Download Submit
/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2392f86ee25879eb7626424a02331448

SHA1
a6827e763f105cc2fce85f894dbff117d48d84d6

SHA256
394afcb1e44ca2172c802b4e9edf520c5bae8af4a441731bb7e8d5add8a3b591

SHA512
1f3bb50cbf02c7bdcd354079574709403ef2adc4b8f6f6752709158296fc31ac479f820c40d2e441270f06a5545801eb0c4715e0ea48e50f9416a54f1b3d178a

Download Submit
/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b38301df66fe44855c7162f4e8673849

SHA1
e985def483cc67ec2870d13064a2ac60ef499687

SHA256
2069d2435715e93ef41096f617c15ce0a34666bee128be388982e91215262d90

SHA512
618acad33d9fba0afee0386f04075ec2de55527dea60ea61e3ed1046fc07e700f4a673e7f83fdd360d9396d580e9db63579ddf638777443ea926bb3ac1d6e5e9

Download Submit
/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6392cb770c0c8acbe820c299a4535d39

SHA1
f7e188bfcc53d345942d0668b467bf4a3102e21e

SHA256
c594af445419f90e3e4b2aef8ecfee846c69ac946630ce7cff5d7e4f90e0dabe

SHA512
4f3b90a552fdffa2d27f0b879ed1e48cb6ae33ce88c6041f3df47d4731762f7980328d64f20ddb2904e5cffb34068d9a502365378ae68375b6f4059d1a66b8d2

Download Submit
/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
3db052623d0e27034afb58bcdecd8620

SHA1
a6393fdf2c4fc443b388634f0b3bf45fc037b0d7

SHA256
ea7873d99ca8ce78893392399b21ff2d6636226c64ac2fba06069a7f053e5ea2

SHA512
a56d7df787f75688d6850cf6fdaad6b2999b75943d263b7a8162f0e36dfa9a9f57b80ecf0237d38e7e50dba451c9c92d499438d630e97399c8ff8aa077a91b8c

Download Submit
/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
23bf04cfd025687d0c992d2c8d359ffd

SHA1
e22aae61a37ce71204d92fb39c52a7b62ea3b2ad

SHA256
d01465fe141ca31f99acc5722cd08f2840359d9b71d2a8a0456195171392a0c9

SHA512
f3104affc500c93324e5f49e68c609726188763a609bde5f2141352a55928a36b9f32db67a4dc6cd9409d294e73e4fb0de921a2a6168823f2db77ace30467e17

Download Submit
/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
86e9648adb382e4efa8770992ef08d16

SHA1
79f6f32f9c614228923c09c6bc031b0d75b39d4b

SHA256
aaeb99affad9a0c9f564f975a8e27e3ca35a432c3ce4b859dd13f957ea9ae596

SHA512
cf392262107b6fbfde0578586eacdc73846542fbb09df0ca4c3cac38041723ba0658297db9d9f4baf98be28902a5794ebfa098377e48e82a788dc41c1066eaf2

Download Submit
/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
73f28e72b7bfe049c1559e79a150e182

SHA1
293e5d972909661560defde19fbdab931ce32afb

SHA256
46a3aee546da6428a133e6bd9cd394b6a1064c977cf96315a36fac069fe39e35

SHA512
6f618458c92da425d7b58f2da5ba6aa10b29cead0d9a1b7b0904d909baece431b40531af7418900d9d22f56d7505300530adb77fe77cd25d7160e054b06079a0

Download Submit
/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
228a7d17b8070414c3c4e29176306138

SHA1
aad416f30f87e31f561e1c653b46fd0b15435131

SHA256
7954df3146255bbe65d562ec93bc85a52da7a495edeac5394f55b7f20b61d32a

SHA512
23d02b3d102e4e52c877ddf1a5cfe2a24f633b2de4076d0a499966ad7f1a7296939f94cf321c131ea1bb4ddb0dd9eb7c6383acdd301c603e653f716281f4e72d

Download Submit
/data/data/amoungus.among.us.free.online.game/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
1ba62207c3d52021b2d80dbe9bd69440

SHA1
859b69aa0601285638d2f3b6f32a24c5d202b84c

SHA256
7bace3af761687905d76f301db8c6e976a9cefa3ac354530aa7bee9e4a081d4e

SHA512
1d5bf68ca409f0c95724d31686676ad8982aed8219607c98ccf0999b94b88b0c712973e62da24f0bca3642347eec329cdff3bf9b9ad586fc70105475cf27f5e4

Download Submit
/data/data/amoungus.among.us.free.online.game/files/shared_prefs_sdk_ad_prefs

Filesize
153B

MD5
65026ee778e1372d9f4aed742772e893

SHA1
5a5f1c821d7639424f3c75a44468ab5f7dd4e8cc

SHA256
15070f52136d5a8332f8d70f790bd7bb04cd6a99b386d40e0abedc40c42caa3c

SHA512
589c4a12c6b6ec1a1cca957da758aaa900e68a23b4bc2f42524b0e8dd34f6c5378541d9293eae1ae8d478bf5b5229ce4218c058fc3b399eb5756afeb05c68616

Download Submit
/data/data/amoungus.among.us.free.online.game/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
4918fbf652a51508b7ee76b94f5d439a

SHA1
ee556ab71590d3a1484c20c963468886eb956e91

SHA256
c7f3e97893878d1695f637ad17c0fa36183019e9ab78e3fb97f489074e1adbdd

SHA512
ea10638f51421fab59fefa576ca0747d73889effd87b9f363babad9079d5bc1b39ba29cd7e466b27fea03d4cd489bbf7a558cc0f9fe936e54ea11321bb93a4e0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads