Analysis
-
max time kernel
22s -
max time network
23s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
-
submitted
28/03/2025, 17:07 UTC
General
-
Target
Mistressmode.apk
-
Size
16.9MB
-
MD5
08e872ae24bd9d0c468841cb8ee98b2f
-
SHA1
0836ad17e4eae507a4f7e75383c109cad366f420
-
SHA256
5b4e517c0f1f07ee7cc6037b42d31bf9404944c34f0ff3a5484aa665ba336b37
-
SHA512
f6e4f946c51762624a8e3d8a3a350842bb74683f1d3f155761aca35d6115fae22ec5dd138a183aec483475fa1a0df759fca45327624c73dfe12522bdf3e4b57d
-
SSDEEP
393216:c8vIgDOPWYkgJCtfe7iepFNAssNEltJ5eMQIo1gGHkGPjE7Tu:wW/YtgtfgNAXWtlQRLHbPsTu
Score
7/10
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
-
Acquires the wake lock 1 IoCs
Processes
-
com.send2yuki.mistressmode1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
Network
-
DNSandroid.apis.google.comRemote address:1.1.1.1:53Requestandroid.apis.google.comIN AResponseandroid.apis.google.comIN CNAMEclients.l.google.comclients.l.google.comIN A172.217.16.238 -
DNSwww.youtube.comRemote address:1.1.1.1:53Requestwww.youtube.comIN AResponsewww.youtube.comIN CNAMEyoutube-ui.l.google.comyoutube-ui.l.google.comIN A172.217.169.78youtube-ui.l.google.comIN A216.58.213.14youtube-ui.l.google.comIN A216.58.204.78youtube-ui.l.google.comIN A216.58.201.110youtube-ui.l.google.comIN A142.250.178.14youtube-ui.l.google.comIN A142.250.180.14youtube-ui.l.google.comIN A216.58.212.206youtube-ui.l.google.comIN A216.58.212.238youtube-ui.l.google.comIN A142.250.187.238youtube-ui.l.google.comIN A142.250.187.206youtube-ui.l.google.comIN A142.250.200.46youtube-ui.l.google.comIN A142.250.179.238youtube-ui.l.google.comIN A172.217.16.238youtube-ui.l.google.comIN A172.217.169.14youtube-ui.l.google.comIN A142.250.200.14
-
DNSssl.google-analytics.comRemote address:1.1.1.1:53Requestssl.google-analytics.comIN AResponsessl.google-analytics.comIN A142.250.187.232
-
142.250.187.206:443tls, https -
172.217.16.238:443android.apis.google.comtls
-
172.217.169.78:443www.youtube.comtls
-
172.217.16.238:443android.apis.google.comtls
-
216.239.32.223:443tls, https -
142.250.187.232:443ssl.google-analytics.comtls
-
224.0.0.251:5353 -
1.1.1.1:53android.apis.google.comdns
DNS Request
android.apis.google.com
DNS Response
172.217.16.238
-
1.1.1.1:53www.youtube.comdns
DNS Request
www.youtube.com
DNS Response
172.217.169.78216.58.213.14216.58.204.78216.58.201.110142.250.178.14142.250.180.14216.58.212.206216.58.212.238142.250.187.238142.250.187.206142.250.200.46142.250.179.238172.217.16.238172.217.169.14142.250.200.14
-
172.217.169.78:443www.youtube.comhttps
-
1.1.1.1:53ssl.google-analytics.comdns
DNS Request
ssl.google-analytics.com
DNS Response
142.250.187.232
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
12KB
MD5bdf3529e80318eb14e53a5bf3720c10d
SHA125c9ace4b1af6e80ebb2572345972c56505969ba
SHA256bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b
SHA51248b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b