5c8c709cf8902859edf69ff3999a13277668869fcd5efe020e1e520a2d099623

Analysis

max time kernel
94s
max time network
596s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
28/03/2025, 17:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

tpa.apk
Size

11.4MB
MD5

f298aaadbd4176baaa62ab84f8268685
SHA1

55c04a5a2f5937ac58c8627186f69d2d237bafe0
SHA256

5c8c709cf8902859edf69ff3999a13277668869fcd5efe020e1e520a2d099623
SHA512

2729a2aa057dbf9792139faed30bb2ec0d9749c2606c59b181ec28f9e524c3acb74b364a521f1cb169a0cacda6fa7dec6618215a673d36cdc4b492e1d9b5cadd
SSDEEP

196608:b4WDPHQgvI4N8DDtoQtm3O2PgZPD9VlvOcggldJb9eXKHpc7m5WfBQq65w:b4+HQgvbOtoQtxy4b9vOGjJb9Q7Yq6u

Score

8^/10

collection credential_access defense_evasion discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

defense_evasion

System Information Discovery

T1426

ioc	Process
/sbin/su	webviewgold.myappname
/system/bin/su	webviewgold.myappname

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/webviewgold.myappname/files/audience_network.dex	4503	webviewgold.myappname

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	webviewgold.myappname

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	webviewgold.myappname

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	webviewgold.myappname

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	webviewgold.myappname

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	webviewgold.myappname

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	webviewgold.myappname

webviewgold.myappname
1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4503

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/webviewgold.myappname/databases/OneSignal.db

Filesize
52KB

MD5
c524dee8e5034f1e190b36d65b4b0969

SHA1
3559430ef8ae60e46091c23098e92f4e06c4a96b

SHA256
8413c63e50eefd69ccafc07a38585e7c4827fa7c978b3e21d06104cd5ea5f97a

SHA512
19938804f8540f9fc7f4f057fa1b2fee8591d8272019aef523f3ff8efd362951b9c2d78e9d282059e2191d219e2b5d983b9b07fd641b745f45d7f1f1271cbb57

Download Submit
/data/data/webviewgold.myappname/databases/OneSignal.db-journal

Filesize
512B

MD5
d3e7a3f82496c56136205461be09756b

SHA1
febf5ef004d182cf1776ecfea6ac407211dbd68e

SHA256
b161ad1566899f622520b137b38d4f57633da5e635d02f9f14a6cade2096e0fd

SHA512
016fb6a4990390bad40c4442cd5cb4ae20adeff68af44c9b9bec81e2d6ebf72b32a562496a860748767b763252f03c506ca01728a65d8a89d06645efe6c9eedf

Download Submit
/data/data/webviewgold.myappname/databases/OneSignal.db-journal

Filesize
8KB

MD5
6282db33d1d47119252d369db075190e

SHA1
b4b52c1d1d2e0c8ede99ce53930a02f6570218e7

SHA256
9355b65e94ea9f35252318a35f51054c47ac10616e69082bd0f3b64fa855afb2

SHA512
3c6f9343ac4a69aedd4f63cac711e2f4c72ffa9a999f8a3259c0ba3000b4a3970b0ec90dd1150160bad6c9414e2677c15445633d6634911766c46378801d4336

Download Submit
/data/data/webviewgold.myappname/databases/OneSignal.db-journal

Filesize
8KB

MD5
fffa30af6d16a2b94bd553814fb5080b

SHA1
1c90d5ed1a1a331f5a3bd6e7b86fef427d9a9e0a

SHA256
974b5d999e8d5cbd76a9a993e206295a7c63d6a8cdc156a4ff0cbe6d6a893f8c

SHA512
4b94c2916c1174acb17f98cba59978a6895f5248d7edcd00214c5ffc9f49b4d7569747f083d7f5e525c0740db770aee67e08d6ac127009b58e96600cab0f43ae

Download Submit
/data/data/webviewgold.myappname/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
1ec80973448fd426ca37011c5d691fee

SHA1
4dea1a6b57dd666ea884d2270a4575f852e7ed24

SHA256
a3304215b1dd17006d350a84b4235d32ed4fcd1ead9bd1347e7268e331f6d03e

SHA512
91d455168338062dfe63b2e3c63ff5e8472e828e37751c836a934a4eea8bde9bd0307c18da54a845cce303711393027b1a05535e5a743748a2baaf6be7853534

Download Submit
/data/data/webviewgold.myappname/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
5592c56dd9d27ed67489c3bc9b3f883f

SHA1
876d90defc7889d45f65666d2c2f855024d7174c

SHA256
10df41f02c4a4201739abc175b85181117d10e2a13c005ea2b258d45d7a75e02

SHA512
9bea1cee0f649c1e151f09faebc06c07778a53a160c1576fd88c1cadd7818ba112edf591715016b4e6b5e4a28dbda260d9f07939f784bea2daeda97e7c424d73

Download Submit
/data/data/webviewgold.myappname/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
0480cd61f63185847c92664b477db58d

SHA1
d87d1664cd4037f57a7c811b5a08d063f033f995

SHA256
610d4025428dd768e02077a62cc179a8d186773daf9b4d4ba2f842dcde3b1e4e

SHA512
d407bb838091ace2c7a12c1f39c08002c1792a83186ad1c43108c8a5b52e4b865a4372252675d80516d415e8e069e391e1a676918debd7b4aaed00ac12f20849

Download Submit
/data/data/webviewgold.myappname/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
4df5950cc10c8f32a3d11a605257deb4

SHA1
ee4400946899938f2ed02d5ad1c02ae751c81f96

SHA256
d5dbd92f2a9f3e630c8224f1dcf687d343243803a7907850e037f7760012c02f

SHA512
2f50c599a44238c625528973ae57edd3eebab8bf09ef531651fcc069f024487f287674e7b73390e7a77192fe51539126869af247e661ba2a346957c5ec5860d8

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db

Filesize
16KB

MD5
67b6174d30aae045189fda630322832b

SHA1
303c361261ad36de87a41732fd6832d202fcd261

SHA256
3e5ce63d3f8ec51c989188d4ff5c35b4cca1eece0c89646c02370a24e272539d

SHA512
7a952bfa5fc5b90d67b5189fc2507c9a3d8ece6385940a6cd4dd2c3dfedc57432dc94c26fafcebee9a2f6967c44ef9b721f9ef817e34cf2e7754476c15ba5f67

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db

Filesize
16KB

MD5
26fb10fd4b64f63397c6a50d55827600

SHA1
97c63ea1420cb44d6f781eaeef28246e1bc9351b

SHA256
e7c47916375f9c8ea8c6825190a6176896f7f5a9c746d7649ccdd7ec29e08d12

SHA512
9d1d8758a6f727fb8a8d25d0ec214fa833f940125a951e5e341140f982f2bf7c113f737fd99c9e7f29b2963abfa08dea3e222aba051153d6a4974e6bd3fa3692

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db

Filesize
16KB

MD5
360b8e0721280f147d7d3628ec28044e

SHA1
ddfe2aca839aa52b6c9f9744a9ce06e21b94c97a

SHA256
69794f454252c173cc4ee7e2c6e9044f26f34f77473dfec728ba155828b4413a

SHA512
480139d819d321a87bf8784122ac43b7c486c25b955c10a333ed9c5683b9a1b4d32fc16789a8eceea0ac30667502467825f7e905f025cad1702b077b7d1691b6

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db

Filesize
16KB

MD5
61a75ac71273386034dd641889271735

SHA1
c4bb9f971b6aa1d3fa7b879d072d4c35eb5da2e5

SHA256
dc9994e5597ab658fb424f0c9cc7de6527ffbac3e13cb931c3d2716b33d92907

SHA512
ea6a9afb03380f2c289169d9447dae2ce49cdd08610af15e2ae1d0929b98211cded90e33de12c8e3d10ff6136d3e45625cb8a5cf574be905b502ee63d07108e9

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9219a1357c3148dccd7dd32071a24d56

SHA1
e34cc4faef447a478fc7f23263c4204f65dcbbeb

SHA256
6ec4acd16f67c928ede3ea9cbaa539bbbe705f1c7f992259eb8fc8919394f5f0

SHA512
8db98a2cf6df8b09cac9c2c3fac26018029db96508d45ecd2ebddd9656e09481b69396655f2892b4b8d7695db0ce8292d168b915381f78803b1737f9c597f518

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ca8b28d858004895b1b317d6d4f54e93

SHA1
ab03a20b8991d168294b7455ec60b46fa556e78c

SHA256
841b973832a3856d174e3aa912c8b4077fe01dd81a0b4a836baa06f7401acfbb

SHA512
7a091f6f44bf2298d0a2241ca9c1d7d774f21d45ef6ff2abf4bd0ebcdae280707e465eab8f06b6fcc532e6b206cad878870fafaac4f90cfd6064b6ab7c347650

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
875e7dcdd1ae78fd4823776ce23bac78

SHA1
ae52f668708120758252ef9ccf40f3f79b6a4a64

SHA256
d18d38d214e9e26d8b69613fd1e9e8a7998ef2694139132181576655673bd5a2

SHA512
a991ddd37d772c054beaf576f1dd149f6070d37c811e7a22930c3122c1d0f2685aa41089a5999ccf582d7d7917e49827e8559952382df80fe8e93cd085aef28d

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
0f78fe96736f5f69dbb2806769db6772

SHA1
d0fc7713a6d1109340462097bda57941c6334d32

SHA256
5deb3454e1b0e35a1520ab30ce8162754a3125ad4ad12db1a1c061b0af4265ff

SHA512
f572afe209ac97e6d492a551eb93926502f6f96a751751ab746ee7eaffa155cd90e3e26767b8ea4970bea57ab6148ff026f43095c66ebca2011de62f2a6d0d00

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
fa6e7f9058bb6b68ead603b3e3848d25

SHA1
f735f965ed521f745697f9484f9bbd78407e75f3

SHA256
2450400c4868df233dca28f5558821fa850eebb8f5d7bc655461231018473067

SHA512
fa7b326bbd8f34e9a272c12a36f5467ce5b05a98fa1ce471b3246ed3e7f94363299956bc0478b1519fefc1535a557a37ecbe9bb0bc79d029419dbd38c1b75cb7

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
10a0aec6f3d56c72fe9692a8c8525479

SHA1
e985b58f6119fef67a9460a12693f8f6082927b3

SHA256
0496146c326d1846c435180e7229102862ab7e14afdb978eb800aa8fbf40ef46

SHA512
d12dbf6e6ca0b77d63ae24f12b2976119b948991653feebe78bd650124150a8798d6c66d9cb2d25585cf531ab6587ca7dce6294ea08017da55e6dceb0578bf21

Download Submit
/data/data/webviewgold.myappname/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f56de0a08f3ce7cfe85a4c55a8b4a162

SHA1
d38154b073bcf1120da547947c23a68518361cf6

SHA256
25d89f4dbded864e4e9e1f78ddd24f442fa04131a8db610d529243d681abcc0f

SHA512
bdcd7d65321e8c91e2f4d038a2d05d81738a7f7dc9fd65397523fbb1be47deeec4ac8ce5964855927f3935df0043cba9dc849d6f7187efff405eb7266ed28411

Download Submit
/data/data/webviewgold.myappname/files/audience_network.dex

Filesize
3.1MB

MD5
d8a79a805f183fb920f9d9675d1179f6

SHA1
14aee4b270afd3e28540a06dd735137f61cdacba

SHA256
3aedaba6f25a7fd04b16f68bb7ca12f71c5a464346556cbce78ebdb490df0362

SHA512
9aabd947827fd6bc9bd6ecbf7a9a30996ff5d4df6739f2f12d6a9ba13cd71a19b08eebe4f9e6226b73790bf62edce6e4ab15c875a6a68d83fdb0ab836fad13ae

Download Submit
/data/data/webviewgold.myappname/files/oat/audience_network.dex.cur.prof

Filesize
682B

MD5
5d404f51f244cbf530c3bc34606d653e

SHA1
a080f8e4cec7a179648959029fbcf60fbf1db2d5

SHA256
4a3f5190efb3c5db901683a60bbb8a38cfb2475eb2d9b7bf01e0ce69989540e9

SHA512
257bce2697623187f7da7ceaadbe0b882d36a2e6b4d63309d20983eb36b164d5fd75dcfe72a19a6d9b2c4765f902293779b867f24d6021d83b69a139eeb6953a

Download Submit
/data/data/webviewgold.myappname/no_backup/androidx.work.workdb

Filesize
100KB

MD5
1c701276308e75a1a15842bfc279e49e

SHA1
017605195afb0ef424b990cc2678592c86ad7efb

SHA256
1cb215f3770f3647f7d2ba7eaf450d463961c5392b531082d804f7889d9614c2

SHA512
244e5b95f4d6dffd8bf24116b9c62a275b65dbf466a5ca0d2893b3139d4901237201a236dd86612ddc020c768f556b9a16111934d990bdcd5a3a8e47eca83d5f

Download Submit
/data/data/webviewgold.myappname/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
60ac779bee0b5b0a78ff4ca8cd329379

SHA1
9acac949576cd459b305b9b8debaa9f42af9493e

SHA256
628b1f84dea0b2b1fbe4a072ca957ce1df4eddf93f6d6dc5f5eff4a191b2402b

SHA512
e756008705a88944e39298b1dfe4b20fb1623431c6fe57e15bac457c7f9af4a12243027e7dbb489ac6649798239d1cc7ed5894585982a3d69d9473ac34353896

Download Submit
/data/data/webviewgold.myappname/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/webviewgold.myappname/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
ecf5cc5b410c7ecb565e21b20deeb664

SHA1
9f6f45888a8b310dc58336d8e51764c414e2433d

SHA256
5b6b99e8134ad17180d25aa783fb541acb90be9a51c9073a7a063e33a7ebb89d

SHA512
ed664abe913fc795de58fab0e8a379d9f8239a1c569535a436fb900e21ef3b16f1e1013ef1eb3e804364f8a957849caa02eb34497956186bfcc57adcf1759144

Download Submit
/data/data/webviewgold.myappname/no_backup/androidx.work.workdb-wal

Filesize
112KB

MD5
02c3c8e495dda0e4367af176cddec1dc

SHA1
afbcd0cc006dcd3cc681f4297a6e16e5b7f92fb8

SHA256
9b01c8df2eedb0d039ede09de7afc19ba87559fa2d842200927d986672cd3122

SHA512
ae66df3ebf89977c21924b7998be029a7f6c1c3c6efa94a46decaf2549bb68d67a2fbb787b9059a1560f9083a13f2fe855f493491601305236d056d21c8ba396

Download Submit
/data/data/webviewgold.myappname/no_backup/androidx.work.workdb-wal

Filesize
406KB

MD5
4c983315686091fee9690b966848863a

SHA1
d8c4760236cd1e0e7f3ab3daa93efb7f6ce3802f

SHA256
9ef80e07e66ee7201fd94ea0b2394b7a2706179680b098be8fb90404a2f04f9f

SHA512
4085b3879c5c9014f48805b5b74bc0359787c9aa23b3772d0e6924c80107cbfae2555a5bb9fc3d909e271810da0fa112213489abe8b99486540b00f30e8e4f29

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads