e362a037e70517565d28ab85959e6c9d231b2baf0c2df3b87dfaa1451278e80c | Triage

Analysis

max time kernel
149s
max time network
150s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
27/03/2025, 14:06

Sharing

Report Analysis Logs

General

Target

e362a037e70517565d28ab85959e6c9d231b2baf0c2df3b87dfaa1451278e80c.apk
Size

230KB
MD5

cbd1c2db9ffc6b67cea46d271594c2ae
SHA1

a65f80a623269307067416225ce2a6cfc0557ac4
SHA256

e362a037e70517565d28ab85959e6c9d231b2baf0c2df3b87dfaa1451278e80c
SHA512

a24795269af017df635f5ff742e9dc3a5c5389ede70890b575aac41a5a12215ddd2f2750080018a345171dfa7ddd2fbe8fb85a6e894ba45ad47800a96acf19fa
SSDEEP

6144:QhU7h0EKLlHx46Qbzu0rspN/8EgZwL1uahIxs:iwWdx46mPrSJuCI6

Score

8^/10

evasion impact persistence stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 2 IoCs

stealth trojan evasion

Suppress Application Icon

pid	Process
4336	it.phonetre.androidv1
4336	it.phonetre.androidv1

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Broadcast Receivers

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	it.phonetre.androidv1

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	it.phonetre.androidv1

it.phonetre.androidv1
1⤵
- Removes its main activity from the application launcher
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4336

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

Suppress Application Icon

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/data/__android.data

Filesize
10.0MB

MD5
f1c9645dbc14efddc7d8a322685f26eb

SHA1
8c206a1a87599f532ce68675536f0b1546900d7a

SHA256
e5b844cc57f57094ea4585e235f36c78c1cd222262bb89d53c94dcb4d6b3e55d

SHA512
868d3a190f2723758d1a64498a4ac1f14b0297e16e731a0eec3a446b775c65cb8428ab33140cee13ef51e7bb3764b5ff1900cfb342a3dbf3fcc41dd6cdd9fcea

Download Submit
/storage/emulated/0/Android/data/com.google.android.app/idservice

Filesize
720B

MD5
6307a9cf21d3f4d2c9dde37f21076e11

SHA1
324d9406c6b358dd4188089efd8529ffc21d96c6

SHA256
7c4d6c3c4642c21f7156fd55a75da9d0c0a70259c29bf2bfba74e297e3cfc198

SHA512
a80ac4ab3151f9d0cab8e62a37d5dd26f6adf40a3023d0562f1b3726acf121d06f916dcc28284893d77a7e7ab8ff42d08fda39e5abdf7ce51af255d7156be141

Download Submit
/storage/emulated/0/Android/data/com.google.android.app/trf/83c54f5f-c1c2-4aee-a250-26fc46600448_2025.03.27_14.06.38__9000--999

Filesize
1KB

MD5
4043401db12d2acf1eb5d847a163dac0

SHA1
5c61638699c9fc18186df383df0005dc54bc69cf

SHA256
2379211a123c0d2d0d612904430a4bec61fbaf994102e9c95869868c231b4f44

SHA512
573777c2d19522668de1396aa5312c0ca351a83d9e4bef98deffbc782f909a5a308c2acb2744fbad3663fb312047c132b5332b62894e6f3f2f6e9eb0b20e9a7b

Download Submit
/storage/emulated/0/Android/data/com.google.android.app/trf/83c54f5f-c1c2-4aee-a250-26fc46600448_2025.03.27_14.06.38__9000--999.trf

Filesize
808B

MD5
d63ce422fde5bbbf3c646c8290dd20bd

SHA1
a5fc3c9b1dc8dd1bd6d8a007f1ddbd724a61b8b2

SHA256
3ef653321cd37636ded4455a74d0e6b460ee6dcfddece696b2ddefeb0b6d073c

SHA512
b3f727f7123cdccc23b4cc50d47494f0a14d5d3ec06e7d4a6ef41980449af01f7c3391d421254cd3a85e35f96051913f866f094a152cf8a4c551d89d9c2ccfce

Download Submit
/storage/emulated/0/Android/data/com.google.android.app/trf/83c54f5f-c1c2-4aee-a250-26fc46600448_2025.03.27_14.06.38__9999--999.trf

Filesize
628B

MD5
29e5737edb6acd0db8de93b8a3e0320c

SHA1
d502fb8d2003dcb273052cf2d603623e8a13e7af

SHA256
b6d28ef2fa78f4a9db837fb28d4249dcf8fce3764710996e344b060a4f1ca5e8

SHA512
3ba2d317aff907067986b101c9cea6dde0dccdaabfccb5da3d5c4632c4dba845d9429f6a0ede6f67c5509be71803d08466aae271b3bd835a9022ce25df72f875

Download Submit
/storage/emulated/0/Android/data/com.google.android.app/trf/b97653bb-347c-4e5c-bcf6-48909547f52d.HH

Filesize
491B

MD5
f68595a448efd536736ee3ab0a970811

SHA1
8ab1ecfcad803a7931b22fa0e5a191af78616e63

SHA256
bd52e8c47725eb49c8dbc681eac5bcf7e3550105ec4be248ced6036642cf8740

SHA512
c0e4d701c4ac6b289db89398b3ca9ffe1b4956e8afd32d529641e5cee758facd93fc942279f3b8ba4c5cc3856b5ab1d3cc7e7b6069eea747c4e236262f35ca18

Download Submit