57c9c3f9a8ebd64c4e1932c1149802f48f2734c0d202b3d3431bb5ce2910c1f2

Analysis

max time kernel
149s
max time network
150s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
24/03/2025, 22:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

57c9c3f9a8ebd64c4e1932c1149802f48f2734c0d202b3d3431bb5ce2910c1f2.apk
Size

2.0MB
MD5

866cdf7f625325a5023d969ea5475688
SHA1

8525189d36bd4cda0b431c92a8823611bd6ba6b8
SHA256

57c9c3f9a8ebd64c4e1932c1149802f48f2734c0d202b3d3431bb5ce2910c1f2
SHA512

58697a6b2c736e8fe68e0f4cfd49233cd3c26cf3672389dfa17ee8f6c4fa83d6560391bc0cdcc73de7e075749701b9f5ae6e16b41baeff43eb44f6d220cb97d9
SSDEEP

49152:h1sR4zAw32B9qlKpvv9/878wRucW6SMN8o9j2qwpI:ER48/2o9/8IwRPW6SsNcI

Score

6^/10

defense_evasion discovery persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	hello.uwer.hello.hello.google.is.the.best

Checks the presence of a debugger
defense_evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	hello.uwer.hello.hello.google.is.the.best

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	hello.uwer.hello.hello.google.is.the.best

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	hello.uwer.hello.hello.google.is.the.best

hello.uwer.hello.hello.google.is.the.best
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4277

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads