e73c31a10b32131a83bad3e23154054515ed3e156f5c4a5de82a71f148667150 | Triage

Analysis

max time kernel
11s
max time network
27s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
28/03/2025, 22:55

Sharing

Report Analysis Logs

General

Target

app-release.apk
Size

39.2MB
MD5

7cef8d8d863b780d36ae13f7135dbe3e
SHA1

d5ec572ea501abd71dce40b1514a33c6fac1c30e
SHA256

e73c31a10b32131a83bad3e23154054515ed3e156f5c4a5de82a71f148667150
SHA512

a0bed3dfd9322a8ac30566b315f81edd160c8d9feb80e42d712cb0873c267d5c77ff9f0506adff65008572e2c702bef670c216a800f65e2ffcc64506ea50ea60
SSDEEP

786432:Y4CVVfYWXnnyRdGSQ8L3TpQksmLzxjTHfSZ/M+4yde68RCQ94qRJifF9h:YFVfYWXCskhx/HMrx/7aJifFH

Score

7^/10

evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

Download New Code at Runtime

ioc	pid	Process
/system_ext/framework/androidx.window.extensions.jar	4507	com.opennutritracker.ont.opennutritracker
/system_ext/framework/androidx.window.extensions.jar	4507	com.opennutritracker.ont.opennutritracker
/system_ext/framework/androidx.window.sidecar.jar	4507	com.opennutritracker.ont.opennutritracker
/system_ext/framework/androidx.window.sidecar.jar	4507	com.opennutritracker.ont.opennutritracker

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Data Encrypted for Impact

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.opennutritracker.ont.opennutritracker

Checks CPU information 2 TTPs 1 IoCs

System Checks

System Information Discovery

description	ioc	Process
File opened for read	/proc/cpuinfo	com.opennutritracker.ont.opennutritracker

com.opennutritracker.ont.opennutritracker
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4507

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.opennutritracker.ont.opennutritracker/app_flutter/configbox.hive

Filesize
67B

MD5
6c1082eb9205fbef133ed7cea603442d

SHA1
e528d8181ad2d88a641bd041fd9f43adef815629

SHA256
b0814d10fa6dbbcc660b08c328479fcd9f17b3219a853a17e87a2305ecb65b2a

SHA512
b3386a25c37fb7875a347688954e2cfccfe2c2dd40ae634b5df6460e146661da2cd133a97ea15b38690a681ee7f6340430d5b291e582c64a02941847a57ad05d

Download Submit
/data/data/com.opennutritracker.ont.opennutritracker/code_cache/flutter_engine/cb4b5fff73850b2e42bd4de7cb9a4310a78ac40d/skia/6062afaa505bf7e6c727a20cafe4c7bee0f02df8/335d278417743125ac05dc26032e6cf4a19c0ace.temp

Filesize
1KB

MD5
1dd9838987c64694f0bb7ac9fc43b2cd

SHA1
c59cfe779446c7261d9f08f356e15106554f6d47

SHA256
5b55398a921a4425501eff76bc84c65225c632954555a2c4e29e510c4a74ac72

SHA512
69a3409cb6c1029ace78968949596b348677d7b0d691dc3732abb8c1f4d50bf03ecc873434119e8d68c1959cbb769d5ff777a19317878aed00a5dfbfe1c81fea

Download Submit
/data/data/com.opennutritracker.ont.opennutritracker/code_cache/flutter_engine/cb4b5fff73850b2e42bd4de7cb9a4310a78ac40d/skia/6062afaa505bf7e6c727a20cafe4c7bee0f02df8/5a551daf3d51192724478ed516c3602fe7474765.temp

Filesize
1KB

MD5
c0444e5a1bac2d7079e77b09d49f5057

SHA1
79dbda0a4c58cb8b7c1dc44041b445e8046d4880

SHA256
6a5435b57acc6d5dc467a341d8d283957d2ef380a4c47d1abd9ba2962eafbaf6

SHA512
2511d379c314224d7d2759cbc21cad190f60abae55af95728a8a9b5025eae2970a35e18950d712a92aaeed81941ff0585e2af312d7285ed2916808f486caa3ef

Download Submit
/data/data/com.opennutritracker.ont.opennutritracker/code_cache/flutter_engine/cb4b5fff73850b2e42bd4de7cb9a4310a78ac40d/skia/6062afaa505bf7e6c727a20cafe4c7bee0f02df8/f17ec4e6286c3fb2ab7c368367a730d9712a1a4d.temp

Filesize
1KB

MD5
e078d70cd2cb3dc0a09bb4ad40709902

SHA1
1683b4eb6b7acf5f27ae01aed83d7e7d885ba645

SHA256
372d64f4d7ab1d05af0be19f534f76613714da33af2077b01e2bbe6dbb139ccd

SHA512
361cb6b8c5094e138d96fa94c55d4aeac6a9ffeb193b5c1fce3af0bf9e17ec413513381e50e14bff3be0a5d7ae9f08d4278c4f6fb958cebfd0f5ab81d51e1526

Download Submit
/data/data/com.opennutritracker.ont.opennutritracker/files/profileInstalled

Filesize
24B

MD5
2e3723ff337c9d771bc3dbb6020c58e7

SHA1
28ec9fe4da578f185355ed8fe762c565eee119ae

SHA256
63713c77274f1283dabfd5c76e3d08feff1488ae6bc942aa5ae2a84391d20c6a

SHA512
babeb165df564dd2360827bcb3d2fbaed53780cbb208966acf341f11099e1e1e51aa6d10367b3dfc2c31a3cec16e6d5f8882920980f1823f777084f60c13c2c0

Download Submit
/data/data/com.opennutritracker.ont.opennutritracker/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
00090c5342f12f9886a4abf04d67d14a

SHA1
b417486d134854faf851d54bda1dc1b00f3520df

SHA256
177a1d679f3f1aeae24e339ab26e0b4031ae59bd1cdb046548b79ff7f5ee06e5

SHA512
aaa4ddb7f328cffce3a89fb9a5a13e01b51471ffb208a887f1119c091b82d8758fb5a93a7b055cbf02a731a02d57240b31742aaf7ad301bcd1fd2d56c0904357

Download Submit
/data/misc/profiles/cur/0/com.opennutritracker.ont.opennutritracker/primary.prof

Filesize
596B

MD5
3911153d01238cf4852f6d1adb0e4eb1

SHA1
e0d4938d44e0acb15207921f00a1354a2afdd770

SHA256
efa0069b5ac24aff03b5b92d1e5ca3b7a0f5e1cad9d217a1ba154c8f938743b6

SHA512
38ad749d1b12193d3ff49431905063279297e5d3a28dd948c50535e85f983ad0303db13d99105434ea8d920a516278ab06b07b642dfba036e0684f916b3db010

Download Submit
/system_ext/framework/androidx.window.extensions.jar

Filesize
123KB

MD5
3056e1bdb7d4e19789d0319eff484bd0

SHA1
6791ae47aa9466fe0bca27ad6643f846853bbee4

SHA256
8e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0

SHA512
c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
25KB

MD5
29469324e59dfcc052f24b5af4e7b2c4

SHA1
10c1e17ac6f598037bb51baa07945663645de4eb

SHA256
9195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a

SHA512
5e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2

Download Submit