2609dbe83514b307adda1e13f3eadede9d66b89a7b05959a08bb5bfbbac8cb03

Analysis

max time kernel
143s
max time network
150s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
25/03/2025, 13:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bc850c692e84f67ec59c08e6e893e479b6b1a24a5b4097dfa3c70396c9bb9b40.apk
Size

254KB
MD5

241c0118347f7af0a76b6d868526e896
SHA1

c34f1f3911a04513e69a6ff042fc1fb619459f81
SHA256

bc850c692e84f67ec59c08e6e893e479b6b1a24a5b4097dfa3c70396c9bb9b40
SHA512

f5fb725f19ebfa69f04e3dcd311d1d8e7f7b5ca5f1c83a38ff5a8f266ca6620ee7b06dac3b943a1ca1c912e177b88e773bc1f5abb4145447bb9e9042df52a20e
SSDEEP

6144:oyxr4i5JBuB6SdsQN8zmnDbAYWDz3X7OdcibM/ub881Fn87JGcC:JmyJBuBsID0YWn3X7O+ubpnWJGb

Score

6^/10

discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	net.droidjack.server

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	net.droidjack.server

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.droidjack.server

net.droidjack.server
1⤵
- Acquires the wake lock
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5065

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
ab9b76032f3671e636504f620ed4d205

SHA1
21e1e3ef5f95af48acdd224ef1f40ff12467521d

SHA256
4da0f7c511a540be366bd92014b6279194cf5da3c47ddb8acb48526f1ad967ab

SHA512
9e133dfb122855076eec7967f0e73fef6f8cdd655b32f9ee5d8cc7de1114212d10764839359b38b63e73772517910662109d87336a8507a99ca1085758841725

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
21cc619a1a864ee67061805e7c2212fd

SHA1
9e7f72def852059017b649e9ca81ecb022b7fe65

SHA256
42d8efcb7f308fa14dd407336f6032418452c0989687ab41f4010ed5b2499240

SHA512
46850b69e173021667efc89981c77819ff253dba429447a1279637d343d30116f865f1753fa1664ff3e7ae1395efb52086886e6fff240dd91d004443e1ee3bf5

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database

Filesize
16KB

MD5
30c5534cc8e193d6d44d7f88cf958b70

SHA1
0bd575b2d455d6312f5c03d66f1c98c1636481f4

SHA256
d9053d1f628d3c65bf30ce45e82d2c0bec1fdc1506537b9d9903ac881707054c

SHA512
3223db8fa8f50069c5ac9d223c9c2a881c308cbbbbf62ab0329beeb693171995e4752aaa0e755a6352ee2152689cd361220dba4900154e57e4f0a1f3958a5330

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
512B

MD5
8fc48bbb677d9716d61cfb9d40e4f572

SHA1
c8a2a4c19998d493f818074852e52256c3b5b1b8

SHA256
f8e89cd07997b61a7e953a9f6b6a4c9b945f026b7403b5443971b8226df12681

SHA512
269efcafc41c07d898e873449d2942c9c70fd034a6df1fbb5a400fb3ea41f3be46af5ec58be56285ff7ef4267ad5ace873cde5d639b4a6b5c53ed597f3a48acf

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
119f9e469affca8e69157e8338d39f7b

SHA1
ce9f68390f7fb9c4a9c3c067d166019489276d5d

SHA256
1d71df532c22e053d3c8529ffe02c7b71f7f5dac8788bc28786e7572ef33155a

SHA512
e078c5b3847cebd5ffaee92a58972caff815771b0af5ffe7ca982dd02a5464d6e5db4a072184d362f17150d82d385b61bc72a93d38d4587a94054cc68fee7626

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
2ab3bc365ad1283be9822adbd9d588cb

SHA1
151b2f7265953da4b9ba398bccd5446e5940f133

SHA256
7f2856a149b5bdb0b2d21c1be5e57139fdb6ed6f28fc46ab905ad56e75ca23ba

SHA512
32bc8e197eee556755c4b3465c4059f1b4184b3d65668fd94b9db8d9d7bd79d1ed434afd50541befbbde5c2b7b61abe46577c44e0926059ba690d8cb5248c1c0

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
c1ab7ab91b42e80977f3e79151d616e4

SHA1
aa2e4d5b54d2101939cd266e7ea6d2ea1c0d9fe8

SHA256
242ea374af1b3743dfd068d3a095c2ace2d1745f2389293904ad4607bfd2a8e7

SHA512
c6c608f8cbc38a72e68589495a5e73307b31f05b0a1886002aa10d63bb14ee4e44afc688565e41e3597737505e7b9adfb809bf3bbb083542808d3ef381204ac1

Download Submit
/data/data/net.droidjack.server/databases/SandroRat_Configuration_Database-journal

Filesize
8KB

MD5
dd58cd222db25b46a5dcf642ca426a97

SHA1
9bd43e757090b43f19a97843780a9b2275da3522

SHA256
dc563d69563cf68783d21572e2c0f68fbcb4a6adc57a581f0ec1ebf3291a2c64

SHA512
2cb865d3ab7a3a06e2ad42e6c1c99c27c3bf2b60b5ee4441dd629200a507c4c8ddb0a460396c2cef5c2893d26d17f475680c3b5610e2f0543a4942eca3c5c505

Download Submit