1b012fb5f2c973f9c2cd5e6614be43fb88b60c63494b897cdf54d3ff8baa4469

Analysis

max time kernel
39s
max time network
150s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
28/03/2025, 15:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

pokedialer-2-0-8.apk
Size

11.2MB
MD5

f30282fe545913561c7146ec997e157f
SHA1

700ef1ffde81cfb7b3fbc1433c267d9464928802
SHA256

1b012fb5f2c973f9c2cd5e6614be43fb88b60c63494b897cdf54d3ff8baa4469
SHA512

2b65ab4037f8dd4355089d903764c387c03917ffec94fcbbaab5dfb50af0e561c92e4f65f2db7d351497e6655a32413dc3f4fb6c28aa6c0bd0ede11da08b0cb4
SSDEEP

196608:O8y6/qDN/HJ91+EeLyFL4bj4sKFKmwI7CI8bx3pvWBnk9q6vN5ntsQlltojAVq:ORrZfJX+ELIJmZCpNlWJk5l7lltojAY

Score

8^/10

defense_evasion discovery execution persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

defense_evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.ajamalen.pokedialer
/system/xbin/su	com.ajamalen.pokedialer

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ajamalen.pokedialer

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.ajamalen.pokedialer

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ajamalen.pokedialer

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
defense_evasion

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.ajamalen.pokedialer

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ajamalen.pokedialer

com.ajamalen.pokedialer
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Schedules tasks to execute at a specified time
- Checks memory information
PID:4782

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ajamalen.pokedialer/databases/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.ajamalen.pokedialer/databases/androidx.work.workdb-journal

Filesize
512B

MD5
c40c44c6dec4b635925ecd1376ed5d7e

SHA1
dddc682793217e1349949d3763bed96fe6d61988

SHA256
e6c79991f2978a5c97c6d1366a6a7700795fd17662df21b49259355d4c5ea6a6

SHA512
8264c6ae866ae0c758ed9905a4736da713130f896d6c7422306d8015cc347679a65954fc0e14d5c6853a32a1cdac7a8da2237680cbb51f5a3f10ac5b7bf0df6c

Download Submit
/data/data/com.ajamalen.pokedialer/databases/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.ajamalen.pokedialer/databases/androidx.work.workdb-wal

Filesize
16KB

MD5
9aa63a6a422d196fc4c798a591b060a3

SHA1
6d668a3df97db52d54f339f3938f0c9d938ddfdc

SHA256
c8b1d16c5ab7fa721543d4a4486cf0314a717836c4626e7d7783fe068e98c12d

SHA512
f2d27d35d874a0b4ccd367589130322207f8661a7f93b63f818f7f75ce0877021699b2d41db91186a8d4ac045ca51c4cbe3116135ede4f9ef2517624a5890e7f

Download Submit
/data/data/com.ajamalen.pokedialer/databases/androidx.work.workdb-wal

Filesize
88KB

MD5
0462bd6ec07536ed10901a457a2e9a82

SHA1
9e39ae41b6c83d113e0909c1cf7ed2a3a5bd14a2

SHA256
81c83a42d3e172b225f4a9e19b8f3926817d76697d5942d02010800b8e5178a8

SHA512
5339f3dbf9307088a238737ec6e4ea8247f7e3e9717dcffd69c88ed5b1202287bfbb584dc333c534941f62b64653ba6cc911262e0fb839caa29f9907811b67d0

Download Submit
/data/data/com.ajamalen.pokedialer/databases/com.google.android.datatransport.events

Filesize
40KB

MD5
3277916c6f536b29c5c5ae977709721a

SHA1
1c29ed5e0ca7cf571b2428ab629b97d3b9974805

SHA256
eb46afb42838a14cb5aa2ca285d2fe10aa91ec5c54996d6853fba839f79ff394

SHA512
377fe548fb78ceee63e4d592f1db038104ee4706b8b4ca7a8b628bc3b77a9f2f8998c089aae9bd91c8a790c4c1b82cd1970de415fb55678e1d454a69a8e7218f

Download Submit
/data/data/com.ajamalen.pokedialer/databases/com.google.android.datatransport.events-journal

Filesize
24KB

MD5
68bf00fafab3288671b2f7eb4567e4f2

SHA1
3fc239271cb9b37982f9968f9024afd361a61116

SHA256
0b9f583a52b9f2c7c7fc2016c86e1d480dad3b8b15a2da25480d7fca5e021a6a

SHA512
3e8de984859b462e493548c154daf62e6e23be91ce99739da1d6451fd436375f5af18d449528dc9ba4d2f614d1e492aaddc9fd3fe916b313eb60098460778d4a

Download Submit
/data/data/com.ajamalen.pokedialer/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
5e6a3d559cdc1c357e8bfb27052bfbb0

SHA1
53769dfadd843133e93bdc05ec40be7bd2656d7f

SHA256
e77f0afe2d076de13b9e28a49b9140c68f00278622c3c60bd1788e49db4e1882

SHA512
31f46eefffc0d34059f21f7beb679b7affb3a75984f78c4ea51522f1014c70eeb1ae0b819e3da2636736d678719327fbb98648671d3b60d2ce97eebff0662624

Download Submit
/data/data/com.ajamalen.pokedialer/databases/com.google.android.datatransport.events-journal

Filesize
20KB

MD5
9af7ceb02cd35a88219ab966bfdc2880

SHA1
078d4b961bc707c1637cf0ba08dca6d69e74871b

SHA256
d205942db5fce9364f7389b74942783b291a8c744ef6a1fbe41f997328d5efa4

SHA512
857d29b84134c314b824d5fff7be15cc6903726d5c3f4438fd8c3cbe653c77ae7a1bf36475e1ccfabffba44505f4e3270008f35d3cd12c7e1ca53f3f841a9f87

Download Submit
/data/data/com.ajamalen.pokedialer/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
e193404d5200707d42701800c8188aa0

SHA1
6bfd8d82da64183dc32279230bc8fb0081e6e291

SHA256
86869dec3caf3a51dde361ee08b8fd3693de7a5b96cd5aad6ece028cb03c7c28

SHA512
34c454dc7108cce0b428bb562c9650429b4a7628519a89b3769d2428f12a37e04467f5475426aa166753e0cfddecc2dafbbaa00cff9f5178d8f9bed57877f07a

Download Submit
/data/data/com.ajamalen.pokedialer/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
0789c498c20343f67ef5a116e6367f18

SHA1
605334120b0f9148c9e26f0143e3b8df67461c40

SHA256
5ca3bd1e88c1e791df019e9cb7e654a6f8512027b0cf2c7281ee2d79726cdcee

SHA512
0a8d3c97a812fd4b485de85cc4620f2a9cf021d0548aee17751bac70f752f0d5555c39281913c85e2f2ddb7401aaacd609a059b6608dcfe880a9d47cac001e95

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f0146094e5d1d8a21211085e50f0d532

SHA1
538e04a46a0e97c2db5f23242c9428bf43925a23

SHA256
2d7efac7da80a4528c1668a604e5cb7a60f4da03234d2208b5c062f6cbc0032e

SHA512
f0405154c7fff87dbdfe1b4daf81b56da84a132c71f0166200560568e08a01535d34853fc57f7fe4496d04c79670db92362cbcf7e3c06c3a21cd438ca67e5dfd

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db

Filesize
16KB

MD5
53f40182f6fcf3b996bb8789da096ec9

SHA1
5ac1b345bad9cd99beb2d35bfb412fc19406af8c

SHA256
56b03fb8ee74338b78d250908b9574e538021e86149e15a575934d56afa467d5

SHA512
f3f1917213bfb9147fac8c496e32c01ca5e28ddf685d531ffa458bbdc11118adab43dca69eaf3e57526d0e0908f061e65a6b5cb3ca8ab46073ea0d2d4c13353e

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bddc08c02fc83a57b0df41ba30e26226

SHA1
3f3eff21a28a33e7b1ed1b28894e57cbf5e9f1ad

SHA256
98ff682eb3557230345c68ad71fc792ae2443d4b9ee12c2ebcdd1c8a0b2ade03

SHA512
7ce22976c3dc79529b9c25344582a6b7eca23a6b4d587e7cdb864fe4587265835725b6d5d33f4a5adcb568aee4d6c9385fc5f8533f3c9114a88d79b407017fc8

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6d9699f03a7e3eb26c6a95017712b347

SHA1
a98dcfd504934240dfe4032d1ef83b45185bc5c8

SHA256
8b03d7f888b067ae7e2fee6365750554be25ae6eeb05ed7852a39cca2ca45319

SHA512
98789d6ed3aadb790e130b5eb50bca5b1fa9f76d56480d9acedec47a06999218745c55b150c24af959bb1a40273fc8502c4541a82f69b77c5764cc79fe2dd657

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bb4bb9007ab7e9463b2a4474e22eb5da

SHA1
70b19344ab36414c50e5638d2f2e1c6409b93ebf

SHA256
819c28064dd81fcbe76a08c692eac1912d453a17945f2ee717079d9fcda47994

SHA512
0ef1ab9627c522843e077ca56ddf45a722f1c5856e8965b5aff6bcf7300092ce0b230b6a3a803c7e465ddda04be33002a324dcc21368f0f3157ed33dc8b8f371

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ce2110cf9a28b4f4564067399b3d1d7c

SHA1
792277407b4e34964384126fa08703e7f2edc5a8

SHA256
79b34603df1b33462713b9dfc4385be79cd7715995cfd0a95f9d68bc08670e40

SHA512
9d3bef1a7894901bdd6e8ba3bc35b14f883b3920dfc5b2a6a9f905aac4063eb2901d652dacc3d490c6a80e71ec475d4aee95e8fd446bbcf447d7be154c268099

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
74310e17f975043a5b58bd7d32bda5a4

SHA1
c81cba7421d4e4abee09bf289f6c1e8232a09af4

SHA256
9d231e536c4500e294316e3b838e9e2f7c7c910b97045e10d7bff8dea247e44e

SHA512
7f77eb0f11fd8d1d3d7d6641ff8ee6972ff8441e1345d329e7ea1a0d2f244c25388149cd1156b8ddcfb1fce4db5ec573b6ccfe3effd1ef2317713490cf02a584

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
868f9f3385ecc456f129c38102de9d7a

SHA1
6bdea0b5a1eef67b20a5c915a0d2e3614c283ca3

SHA256
a55a0819828cc3ed6f59107b1289eaaba062187f0fa6ea814afee0c30b1530b4

SHA512
2ea7d8749bffd82894b74c2582d4d5f1893f75edb54b6d82a2ff12b5c19f02de9bc92005bffd5d97a473f447ad2377d66b6e8836efed9198fb68683f3813f463

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
68c1c5cf3135245d422dbd58d19c05d5

SHA1
23c728c8f51a2f3612e0c434661a99020c1365c9

SHA256
f13f614f88521b76cc8d38fecf3bd5ea166149cb326bd5da96bd94df73f811da

SHA512
40784f47f963fce848daafd324170ca18296d63acd2684bba29a018f7498765f8c3e6fa1b621e47bee6b72112eccf8a20a5513d372948aa1bbc3e53986b72d5c

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
551ff4b15addf2956cfbd9a9ade5fa32

SHA1
13fcff33775a7cf42d735c0a98ca435948cceb16

SHA256
8a4e4e25a594d866132301fe2a48b97ca6fa2a78f77947596516247156355fee

SHA512
cadebf5f908db59d1a0ab43bb1c5862a3b543c1e2010ce1618d4c810680a83c0860dbf8a793ee72de49960cfaea764a85d0f3403bee406964428377d9408906d

Download Submit
/data/data/com.ajamalen.pokedialer/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e1581e1da16e0bc3740f47bfad5aafcf

SHA1
7da78636c8a90cd56f1a7b8418c906a76d2d6607

SHA256
2a4f1a2957fa329567bf0cbfaf03576e845ba063fa2e9305fc8f1dfa5caa3e21

SHA512
41103234dafa208ed01a2f7f08e88cac048b4ba0f1aad465c2f22fde0fb2048cb508efcca5af9418a51d29c755077ffb8d054b25701f1cc417692805abc6201f

Download Submit
/data/data/com.ajamalen.pokedialer/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
772B

MD5
79f716c15abe0265918c5bbb50305731

SHA1
1ce797fc03e956fef5a7a8b7ccfd37f7e108b9a9

SHA256
4a46e8095f6bc3d49f7ade4f1d605bacadf15f9b2326da68b22e0ce100dcfee5

SHA512
c93220c9d894add119b993fe3962efaf24ea76779441e14c9ddafffd41d125f9b7c8f848f2501965b461569d8f3624ea8d30c119ef9ca9ed4339794f6b6be2d0

Download Submit
/data/data/com.ajamalen.pokedialer/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-67E6BD2100CC000112AE5A7AD9190027.temp

Filesize
199B

MD5
0f8d18b0d3e90d3b2040ec75a5278879

SHA1
ab4e9c7c3128150afa6e5f8cbb5c3c074a9ba675

SHA256
65c078758e6cb338d7d7210a5acaf90efb4400dd1278c7d469dc9f2851c2ea00

SHA512
b32f509217474b94d499e032e0d4357962f609fa6114b199750ae0b9eb7896ab8eab52d5a571b8436b70ef33984099781c1dec6533a661cd8d57ad2476cc561a

Download Submit
/data/data/com.ajamalen.pokedialer/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-67E6BD2100CC000112AE5A7AD9190027.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.ajamalen.pokedialer/files/.com.google.firebase.crashlytics/report-persistence/sessions/67E6BD2100CC000112AE5A7AD9190027/report

Filesize
747B

MD5
0f906bf884bec7f2a7f1aa4756215c1e

SHA1
62cd195df947abafe004ca9f064a1c13c26023bd

SHA256
373fdf483bc7eccb308125ef7afd3a63d252ed5926ee4aee82d6325910c2a9bc

SHA512
0e2c9ce3e0b4f4a34e0c17b05a562d1520dab3dbe227a324f79335b5758e53f5d40d474f3359d654f081ea899feb18551e3acffcf0e8a98041419bf8a33632ad

Download Submit
/data/data/com.ajamalen.pokedialer/files/PersistedInstallation1014179683872526476tmp

Filesize
567B

MD5
727696de3b56ced6bf300e947635fd88

SHA1
93fa8bf4c7b4547165f598f5876c7fda2c51a7ed

SHA256
8b26159c39702651d6d33b331952d5a6de99c19e772a93590d3b792a6eeb5161

SHA512
d2e15f7638dc39c5e29ed0c1e8ac57353e509a5dad7bf45f98804de9e94058d62a68d9aa83f0c88bd9f8f04e13ebff2d8470362fddd338b3c2e848d0da43ef32

Download Submit
/data/data/com.ajamalen.pokedialer/files/PersistedInstallation7003774746153530257tmp

Filesize
90B

MD5
bb2af15a75822f1616d70221cbe450ed

SHA1
23991495306c53395b571ec1b326876694f6aa32

SHA256
c5617b96e9b7344815e788a8696c39a43a9556a70d8d50cf02bfea5288d9406d

SHA512
c71e74dda60a73347b905aed969a602326b2e12d09fb00770862da576147c8f3d4b0fe2db815fb564e3d7ea92012f67f2aa2733bf603d4c34f83f3b601961925

Download Submit
/data/data/com.ajamalen.pokedialer/files/frc_1:70350103318:android:1306184a011483b4642637_firebase_defaults.json

Filesize
253B

MD5
87f828c007929698809abc555e630d7b

SHA1
aea976c8f983d51e805d050ffd6708d2e804429e

SHA256
d7b2f42b45878366778884cf47fa12c86b5d91d51255a478217a69e5d1b22a87

SHA512
819a3ac90fda0cccf5bb4096c3043174d6a509c9c06d1729e2cf58d22c13e3283aba91973eda2903aa8f6b0ce8d60bc3d7873221296f937364645177684eaed1

Download Submit
/data/data/com.ajamalen.pokedialer/files/frc_1:70350103318:android:1306184a011483b4642637_firebase_fetch.json

Filesize
398B

MD5
56916ef83dfab80454e50bfc855b589c

SHA1
db460482f0d2a2b226f841f48bdf855089ffcdc7

SHA256
5bfcf648c2f4aa635389b7c44a95cb0b9d35d7aabb83be31363e4a1af72dae44

SHA512
63d6c3c4b4a076bc48d5572c32135f6fbe5a44660c4fa86118dbedf6bf24bc30f83263e70e203da97b5e87b9d0c314f16dccc92ce919aa4b8f3388a185a9d57c

Download Submit
/data/data/com.ajamalen.pokedialer/files/frc_1:70350103318:android:1306184a011483b4642637_fireperf_fetch.json

Filesize
1KB

MD5
f1a0d147174937563703a523e5ba79b0

SHA1
d815053ef6db4d1bf30fe76423e02604030820ef

SHA256
7d01b4acf5ffe4cf4c3e482effe07b443408cd05d1a575ed921f3fd54b015bfa

SHA512
c38f1643a702b4d85d2b46e46bf376a1b15fa30ac723eea94a363a92cd3562dc9bc18cd77c74f169510f737363963044509b52b7083b1578af6f426bc4727dfe

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads