6c843108012adb472d33824a32f98be859220b2be80d88ac6948c5e31bdeb957 | Triage

Analysis

max time kernel
133s
max time network
151s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
27/03/2025, 06:46

Sharing

Report Analysis Logs

General

Target

Headshot_Hack_FF_v4.apk
Size

3.9MB
MD5

4e8bc81ffbbd2e3233b396793af97eff
SHA1

106711ad765e769d4e0bd26a8cf8379a6eee18bc
SHA256

6c843108012adb472d33824a32f98be859220b2be80d88ac6948c5e31bdeb957
SHA512

32550092cc32dd8df2df9049a486a7440bba02348c0d69f58e0c5cc5f4749adbb2329dcfed1287557f2a64494d29e43e15a9503ca24893fc028d6eeee8536813
SSDEEP

49152:JPJDwS8qek8037hbCrfKCrf5CrfjCrfShoICrf+CrfczBCrfUCrfyCrfdCrf7VgZ:Fh8030bxbAbmbjbbdbLb/b5bMb+t

Score

7^/10

discovery execution persistence

Malware Config

Signatures

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Queries information about active data network 1 TTPs 1 IoCs

System Network Connections Discovery

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.example.reverseshell2

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.example.reverseshell2

com.example.reverseshell2
1⤵
- Queries information about active data network
- Schedules tasks to execute at a specified time
PID:4494

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads