b8bfc0680e4608232b12e06fd01e18d6bb4181771767f49b328020af5ae90f31

Analysis

max time kernel
138s
max time network
152s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
28/03/2025, 22:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b8bfc0680e4608232b12e06fd01e18d6bb4181771767f49b328020af5ae90f31.apk
Size

2.3MB
MD5

05bd877ec1d21da60024e84607c6397b
SHA1

bc835deea814c7d4c0da177bb99a7511df58540c
SHA256

b8bfc0680e4608232b12e06fd01e18d6bb4181771767f49b328020af5ae90f31
SHA512

f7e431139c863e0c70dcbe2ec3f8b44b1f4c17e2c3ed13a0d456e584ddb0233e1ddac5d0549452fb1b457f02abc55c45f6fada784260bc10759291cd6f81f8a2
SSDEEP

49152:YnglhgoTYr7hiEP+NWa1fxdS/UhDOv9dHdf:UoTYr7hvPKT1fnBB8fHdf

Score

6^/10

collection discovery impact persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	ru.putisha.app

Requests changing the default SMS application. 2 TTPs 1 IoCs

collection impact

SMS Messages

T1636.004

SMS Control

T1582

description	ioc	Process
Intent action	android.provider.Telephony.ACTION_CHANGE_DEFAULT	ru.putisha.app

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	ru.putisha.app

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	ru.putisha.app

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	ru.putisha.app

ru.putisha.app
1⤵
- Queries the mobile country code (MCC)
- Requests changing the default SMS application.
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4341

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Protected User Data

T1636

SMS Messages

T1636.004

Command and Control

Exfiltration

Impact

SMS Control

T1582

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ru.putisha.app/files/profileInstalled

Filesize
24B

MD5
b2e9f50de7f4909c6700b4334551b62e

SHA1
227c08d3025c9d5ef7e9bf778140a70ff4faa22c

SHA256
bd385fbd67052309e019c6758b498c6b60dec5b76acc2cca63899535f93098de

SHA512
9b2dfecc394e311b4b0b0b217efe2f050899025249174b095d19f339cb6c0b26aeb6846c534587db2c3cf48e1f07fe0c309df114a8ed6a62f366039414ea909b

Download Submit
/data/data/ru.putisha.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
45ad54f49a87d08f8d8ac03ad97906d6

SHA1
f20734f24256b4c0ec045d583b52d0dcfd1f14e5

SHA256
bce98c6491735e2e13338fc6a16ffe887218f44d2acfedb27e48281bcedc55a8

SHA512
00d1d449e413cbf237c67c8c6e79e9abff50d61bab219f073c59ae49a0ea9f5cff1072287c62d358f1f7b4c10792c8a8c919cc55be1c5e878e84a6003c2b17e2

Download Submit
/data/misc/profiles/cur/0/ru.putisha.app/primary.prof

Filesize
1KB

MD5
9929cb8e4ac5fbd2379e25ff7b4ec2c7

SHA1
dc529a7149329762b1309aeaebc9ba45de2c45da

SHA256
17e9a12a2fcc68cdeca9f93f1bb94794ada2b6c51bec97b0d9715138ab6be794

SHA512
dea5f78822b1d3bcab2794993de909072dcb32c42575317eacce0b14a1e7bea2b627b30994cf2970df0ab73dda0356827c557e3b11f8c83f7bac4abebc11e1f0

Download Submit
/data/misc/profiles/cur/0/ru.putisha.app/primary.prof

Filesize
2KB

MD5
c250764493ae33b9b2ca546587d1315c

SHA1
d6e153c9cc333c16b4afac9b388c032a84ff4a61

SHA256
4363ae98ff451742b7907f96630bd3446eb2985396093ca2fb805f9ed429a0a9

SHA512
217adde0f447a4e4614f29222cd765f08fb90c6ad6de3f68dd4a3b31abe6acdf75cfa63ca9d652d3aac662ef67bcdde6ed990337503e4a44a0d696fec2a94f76

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads