cd5670a1f934f65acb6b973d40a1feac3effc8e038374f7f244d50f7c7adab9f

Analysis

max time kernel
5s
max time network
151s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
27/03/2025, 08:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cd5670a1f934f65acb6b973d40a1feac3effc8e038374f7f244d50f7c7adab9f.apk
Size

506KB
MD5

1225ebfc2dcd343671c4e7812423aa3a
SHA1

faf56d8d4a1e8fc406176d21d337dfbfd7240381
SHA256

cd5670a1f934f65acb6b973d40a1feac3effc8e038374f7f244d50f7c7adab9f
SHA512

920af65868a9b5772f5d53b0200fbf74409faf9f03860ce1f130b3e1586beb372c0f08abe339c90f72a5904a97f1be4447964ce137ac4978d51336a63ff75eec
SSDEEP

12288:IjNfteRwDoVHMT0x//h2hSAFr5ofjHbOMGVlxtRtTl1iZyVsM7iw:QNywhTU/hMSAR5oLSM0iw

Score

6^/10

defense_evasion discovery persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.intensive.sound

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

defense_evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.intensive.sound

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.intensive.sound

com.intensive.sound
1⤵
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
PID:4821

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.intensive.sound/databases/com.google.android.datatransport.events

Filesize
32KB

MD5
7daa8bf70cba1177c0aaa35143f5ff54

SHA1
4ddb8e3e373296808fd5a3832a454ea9c0c60b0a

SHA256
f02ded6053bd0f124da16cdf40849fb201797ddfac5536ab36e1feceb21564a3

SHA512
7178eae8e99b2f8b571bd333a3c6916bd088c96dc2c6d5b074ac388e58a345de6a82daceb39994019cbdc5c2d4065912eb0c52787ec50d9e1f746ba92bcee22f

Download Submit
/data/user/0/com.intensive.sound/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
5d3d0e58a44f103b40b6c5a49a156ad8

SHA1
215ec4eae191fb6e05a2765eaa4d5ffff65e559c

SHA256
bba580261898d5bf90bf9ad290eae71a0fcd6eba8fd2aa4b01275e67a9822c6b

SHA512
adf9db2150557c9f4e290f650eba4d00277a6d4c51bec5cdb13d5d7e298b990c6928f7f19c6c97ede33db2a092007da0013e4ef9bedb365191feaec62d8dbe62

Download Submit
/data/user/0/com.intensive.sound/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
40a2b692d7dd14477520983509516655

SHA1
64cc7c83b6c07e546fcdd607b5f86378bba0c410

SHA256
f39c696ca9e6bb7667fc6ebc7b7a98da1727cc81412e0799a4e4a3b4b08bace3

SHA512
5c731ba5285fe8647aa748ad695658e78db26bf590dd1171d25dad62fab8f618f9c92e795eff5f6d6e5f75b24786489f4099dbbb29303961fb7d135f0d303473

Download Submit
/data/user/0/com.intensive.sound/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
1f5f3aaebcbe550b7397c6b66f0a4cea

SHA1
4b54cf08513d532ce369a6fbb2a0b419c3dd0390

SHA256
002565d91598e11ff07e19edf4ad6fae195c50d3fe131c452e9b94f8b3ee6c0c

SHA512
e9d0df1adeb007533996e4ce287b28fc60c4da58866243afc3fae5c094474ec9a4540ad3f8a70a62639bac94ecf4690f32fdae667aea726105599f0dba2cfd36

Download Submit
/data/user/0/com.intensive.sound/files/620f3999-8f53-4cc7-ae62-492c11c7f02f.dat

Filesize
560B

MD5
858d5b09185b3d6f61ef973baea613fa

SHA1
8a43f077928a203dca934e4161c1153168b46669

SHA256
6c4070289eda35c870f0e82e62287aef96ae5b3eaa875a4a8b29b348f34c6078

SHA512
fa7b7aedb0a29b4dadf4423f92bcd407ab8519c1cf2cd179b3e1cb41fc045f00e5b3c5bb360ddc6f466b8ecc8c187988628cd865273d670516986145a27ae86c

Download Submit
/data/user/0/com.intensive.sound/files/PersistedInstallation4785677017437055263tmp

Filesize
90B

MD5
73cce5f8c7ab9a8dd31f79d13a0b4155

SHA1
042270ce4921f6fc143b18a0589eee3195912e75

SHA256
8a10e2cf86590380db6b4de97ce09710b07691ee0d9ce10306c0d48b8059d944

SHA512
a21b061e64d0733b1811f563dda3fa48d0a1d2c03498ec194bc3afe866d8ef42655d5db57e2ed2707581cd9165d081ba2dbe9149542eab01ff44f2cab811f5a3

Download Submit
/data/user/0/com.intensive.sound/files/PersistedInstallation6466471551111724460tmp

Filesize
567B

MD5
b7ae5fd9ba08c61bde12d601b43b0055

SHA1
404efc71b0c52724e2b75c89828c2eb6427933e1

SHA256
7891d76f3866bdcae8a7a8fcda8bdbcf80652daa534ac9566cda19985c3cccd3

SHA512
1d7f3604e49ab474dd90cdf7b84ee579e758c98baf4087cd0cf817eecd4f814d2fa13369c9a7b7e3051f8688ac5cd39fca31744c7d6eb8feca259bab45aee229

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads