e8d99733f81c3a20cb51b89c57ba6ebfbd0d420a36c1494fba394ea7419d4878

Analysis

max time kernel
146s
max time network
151s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
27/03/2025, 15:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

38ff459a46e9ea6d63a83c1eddb640626fef562cd1bcb0ab3823c4770d07d0fb.apk
Size

2.7MB
MD5

4778aca48d170d67aabe89fddc783249
SHA1

c07cdfc9f349b323fbc4309ad907e0d9b4295a7a
SHA256

38ff459a46e9ea6d63a83c1eddb640626fef562cd1bcb0ab3823c4770d07d0fb
SHA512

8c8b1b8a37c07981dc7544f0800bede98186c843b3ce63a17f30005e404fc2af2edd694eafb70e11441272a68119fc86b705572ed20337c7e1c083ad213d7fac
SSDEEP

49152:fFSORq9FCJL/kX/hnHje2wN6RN/eeJIPPbLRX+Hfr2f4du1e:NRqCJL8XJIoFeeJI7gHfr2f9Q

Score

6^/10

defense_evasion persistence

Malware Config

Signatures

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

defense_evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.ru.dhl

com.ru.dhl
1⤵
- Makes use of the framework's foreground persistence service
PID:4287

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ru.dhl/databases/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.ru.dhl/databases/androidx.work.workdb-journal

Filesize
512B

MD5
4159244f24964c478e61b2534853937d

SHA1
980c2a77ab26412342c848f21a9dd8df212a3d5d

SHA256
d60bcf5f5c398ef347e30f3b4100ebeef4abf4c13599b8699c03d8fc87f0a36a

SHA512
e27eeda29fe8e4b5c04d437f599248593ad71de99a0c4ca7fcdbe2f43764d60736eee27da9a89cd8c9486863ed126dc32f4cd46d429e894f475b8858fa2f934f

Download Submit
/data/data/com.ru.dhl/databases/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.ru.dhl/databases/androidx.work.workdb-wal

Filesize
16KB

MD5
11a817d2565e70f9d0b6b295141ace9a

SHA1
d1401446d047b20282d714eb45ffbb6b023b842e

SHA256
e0ec537c7a941fdbaafe27ab69be73a66e4a7356aa0577e3181531f802535163

SHA512
a143504b9b19d23dd30234e34ed6c518750a3e190fdbf357c82a0dbe437fecedcaa84ac074c0fc32adcba7f70d3ce69cec7cf2c7a53ff110084a1f55b98efde5

Download Submit
/data/data/com.ru.dhl/databases/androidx.work.workdb-wal

Filesize
88KB

MD5
de9166d1434a874375e0825e8d5d90af

SHA1
6ff08fa69c01376fddf6acaae829d67b5c46053a

SHA256
6ce246b1c005ff4da3941fe5730d1fd47963ee74c5deddf3fb28e88081b815f5

SHA512
3c96b6af68844f52d5f1ac84c590e826464671d7d298c7a3347bc2740b6cc9551854140390465d20e1f72396a88bb67a1d8fe9a20ef6f12c9e2899f185117fa4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads