f59087fac4387e70e0655ead2bccb956c232d9a2e8080969a498a4c623c91153

Analysis

max time kernel
147s
max time network
155s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
28/03/2025, 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f59087fac4387e70e0655ead2bccb956c232d9a2e8080969a498a4c623c91153.apk
Size

2.4MB
MD5

12a9f1dddf0e01d88ffd26067acf64c4
SHA1

d6b6129202614696a4c2db3958b51b9ff3b837bd
SHA256

f59087fac4387e70e0655ead2bccb956c232d9a2e8080969a498a4c623c91153
SHA512

b723ab29a57787afa2c183fe6457483433806e28165f2d653ac3f4b25d38a496889e9ca9ae20ad362f40538e0fd0ca24f5f21ed030daece4b5f1910347739df1
SSDEEP

49152:A4nglh2uJZEJnL9EnxpsfxdS/UhDOv9bnHndkwIMr:zWEJnLWnLsfnBB8NnHndkwIMr

Score

6^/10

collection discovery impact persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	ru.putisha.app

Requests changing the default SMS application. 2 TTPs 1 IoCs

collection impact

SMS Messages

T1636.004

SMS Control

T1582

description	ioc	Process
Intent action	android.provider.Telephony.ACTION_CHANGE_DEFAULT	ru.putisha.app

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	ru.putisha.app

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	ru.putisha.app

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	ru.putisha.app

ru.putisha.app
1⤵
- Queries the mobile country code (MCC)
- Requests changing the default SMS application.
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4219

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Protected User Data

T1636

SMS Messages

T1636.004

Command and Control

Exfiltration

Impact

SMS Control

T1582

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ru.putisha.app/files/profileInstalled

Filesize
24B

MD5
e1eeef1de286baadbd12603050dfbfc4

SHA1
88724db2d197afebf4a72bb582111bbb1f70b6b1

SHA256
0277633700303c9634b673b1c255cb926bc0234d5e4ccd60cda4ea2c90ec1b26

SHA512
7bc9a8dbf53357686a1ecb61c183bc43a79b93eff0f7cd43fd0d91c0f1caa154cc425312e2eeb95f50a906153b2d8c65e7b1bc88cc2ef6ebc2c1c057cc488778

Download Submit
/data/data/ru.putisha.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
b38c9e6383fb09612dea5d0d3105424b

SHA1
4416d9fdb763da468b597baeb2781139422f6e0f

SHA256
6d0b86f33ce0b332724bb655f958363979bb2f5f3c5990c457caf5e128d331c0

SHA512
5113d8901249caa87a4b26939057325e7a6f5ae9a7a1eaca06d991de7f54d9c0161ad35ace36517ac90f51e82da9767079917331de163b3864426ac48507cf28

Download Submit
/data/misc/profiles/cur/0/ru.putisha.app/primary.prof

Filesize
1KB

MD5
9929cb8e4ac5fbd2379e25ff7b4ec2c7

SHA1
dc529a7149329762b1309aeaebc9ba45de2c45da

SHA256
17e9a12a2fcc68cdeca9f93f1bb94794ada2b6c51bec97b0d9715138ab6be794

SHA512
dea5f78822b1d3bcab2794993de909072dcb32c42575317eacce0b14a1e7bea2b627b30994cf2970df0ab73dda0356827c557e3b11f8c83f7bac4abebc11e1f0

Download Submit
/data/misc/profiles/cur/0/ru.putisha.app/primary.prof

Filesize
2KB

MD5
5c191fd589ebd58352dd5a4e7907b30b

SHA1
b8493bfc46683696961e5eea378b9393dcf0500d

SHA256
d3b2ce29e40a09873b7ce9cbdabdd2f2f0fe734b8c5cdb6bebbd3aa62c106aec

SHA512
7d791b631fb6edebac5ce1ab7ca985759ef7fd321d083e38a6d4ca5cac71d96d12b02dd742c47c6b8b85e8f106763c6a0f84c8da5ffd24802808dfec857c8c86

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads