2609dbe83514b307adda1e13f3eadede9d66b89a7b05959a08bb5bfbbac8cb03

Analysis

max time kernel
143s
max time network
150s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
25/03/2025, 13:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bc850c692e84f67ec59c08e6e893e479b6b1a24a5b4097dfa3c70396c9bb9b40.apk
Size

254KB
MD5

241c0118347f7af0a76b6d868526e896
SHA1

c34f1f3911a04513e69a6ff042fc1fb619459f81
SHA256

bc850c692e84f67ec59c08e6e893e479b6b1a24a5b4097dfa3c70396c9bb9b40
SHA512

f5fb725f19ebfa69f04e3dcd311d1d8e7f7b5ca5f1c83a38ff5a8f266ca6620ee7b06dac3b943a1ca1c912e177b88e773bc1f5abb4145447bb9e9042df52a20e
SSDEEP

6144:oyxr4i5JBuB6SdsQN8zmnDbAYWDz3X7OdcibM/ub881Fn87JGcC:JmyJBuBsID0YWn3X7O+ubpnWJGb

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	net.droidjack.server

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.droidjack.server

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.droidjack.server

net.droidjack.server
1⤵
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4365

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
f553d76d0e3fd64242b0834f349ef2fe

SHA1
26ebf0fbe2ee1bc0e6ee3b3f3381a2bf4b90144d

SHA256
2e41ce5542acec52b8e568ffb9bbce1dbc00ef5c3d2acddf2a316072fca59985

SHA512
af168732def9efd1c5323cb8b8fb869ef90f5718bced01f04c9bf86d581f06880d5ffb4d89c26092f3c250aeb81ac3dc6c60a445e6bbc7215160da2d30088f58

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
366dcd0101303feb8e6d3b5f30a6e02a

SHA1
057d117b04ecfe1bba14df1e1283eae319047d16

SHA256
82cd3095d30a0499fe732a916c2d661a3ed16027c8986ca83119eaa3bd43476c

SHA512
c54eb01d949e2a19a34fb5017fb8927138436a6887010cd986d3a6dabe4860c77e26322854af2094710d728d2c3061fce67ed0f491d9f34df925be12123b8940

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
225ff2943f069280fb3c94a1da4d2783

SHA1
f147f4c474f61b5033314e9e2628c87b857b40d2

SHA256
1330a0185f0ce94f7458d214932319612b0ffd4e6824dfcd749b037f585e8d5f

SHA512
4dbfb833e9127ceb9d5d00cb5cf4eb1dc15daa687a60a04de427824e88dd2e76f38df972967b2c2ec31dff0efa1bafbd92f74e931336e883e23a86315b60799b

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
512B

MD5
55fd03ca897806f9703cc73f5a65e253

SHA1
912527b97ca70e4c8199329d467298b37fac7e54

SHA256
f1ff23e3dd582195cc157fc94a0b9865e702bc6159c76b831de65a4fd422c30d

SHA512
22660e73233fa3278c518691365f9c10a5eeee77f6a17c4e801eef289d9cbb19dd42483ed83e70f310123501f852f41f4e1e497cdb8ed5b71dcf9f0c78c2f70a

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-wal

Filesize
28KB

MD5
c974048599cbf4bed7242f9d9e270f8b

SHA1
90abb6fb7c8bfde6034b9e36408b999d5b9540fc

SHA256
55657398d2b7fe94f1724dfeb12439fc479725ed833130655ac6549d80b434ff

SHA512
f9aaa099e850324272916554588a1ebe292b8aafa122d5d43434df8b2e383c545a87ec4f25b1d5e63f54345c22302f7b67578a78a7d955a744f4279320670981

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-wal

Filesize
4KB

MD5
15a9fbcd4f76d5c4a60b871d4de067ab

SHA1
67e820908c08b81bd3dfc920bce52c13127d4a0b

SHA256
918f4c3d8d660abe297cb14150c2ae707695194bbd645c69219a128ae9b23fef

SHA512
3b5a85ade1e354a0a9b846c07780aaad5c4c158e0d07ee36eceb3200f88c3c99ac348cb1160c65c94e3f7f4a901d85ee1a77424e844c75984f933c8f9a081ab1

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-wal

Filesize
4KB

MD5
b2e157dcda49e6b0270a7e018134df73

SHA1
23ce2337b740b3efb2d261a9f2b0b1956316fda0

SHA256
2bea2bf9cc710f89bfb86724fafdf29eefcbef94cad8a0e5302e3d8cb12e3cf9

SHA512
a459e04dbcbf48e63913840da5f7bc8a8447e5e157feadd260e897292b52512585a1c538ec507ec72a13b061f95ff538f41acfd7b3475bfb315152a53d69361c

Download Submit