Overview

overview

10

Static

static

10

52139d9957...28.apk

android-9-x86

7

52139d9957...28.apk

android-10-x64

7

52139d9957...28.apk

android-11-x64

7

Analysis

  • max time kernel
    101s
  • max time network
    151s
  • platform
    android-9_x86
  • resource
    android-x86-arm-20240910-en
  • resource tags

    arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
  • submitted
    08/04/2025, 22:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    52139d9957e9ecc9d2103961c9439f586c95e6d76493dcb86c80fe27d7e63b28.apk

  • Size

    3.5MB

  • MD5

    bff08912ebe878e1316cb9c325aafeca

  • SHA1

    6bd081db16eeadbaf8a2c8c2e287f877d46f505c

  • SHA256

    52139d9957e9ecc9d2103961c9439f586c95e6d76493dcb86c80fe27d7e63b28

  • SHA512

    50c088af4b0063095c5667db4f2d1c12f88ed14c316e968b3713ddbdd44c15131923fc80f09201e8961872a7c443f4349b4d0b9a17dcd099b9f9463a12eb76ce

  • SSDEEP

    98304:k1y80ZJA3w9bR+OwHE/dPrPv5eCVLSZDyR:Ay80rA3w9XW2RpeC1SZuR

Score
7/10
collectioncredential_accessdefense_evasiondiscovery

Malware Config

Signatures

  • Checks known Qemu pipes. 1 TTPs 12 IoCs

    Checks for known pipes used by the Android emulator to communicate with the host.

    defense_evasion
  • Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectiondefense_evasioncredential_access
  • Queries information about running processes on the device 1 TTPs 6 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Checks CPU information 2 TTPs 3 IoCs

Processes

  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Queries information about running processes on the device
    PID:4308
    • /system/bin/cat /proc/cpuinfo
      2⤵
      • Checks CPU information
      PID:4337
  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Makes use of the framework's Accessibility service
    • Queries information about running processes on the device
    PID:4411
    • /system/bin/cat /proc/cpuinfo
      2⤵
      • Checks CPU information
      PID:4472
  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Makes use of the framework's Accessibility service
    • Queries information about running processes on the device
    PID:4497
  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Queries information about running processes on the device
    PID:4554
  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Queries information about running processes on the device
    PID:4625
  • com.example.mysoul
    1⤵
    • Checks known Qemu pipes.
    • Queries information about running processes on the device
    PID:4736
    • /system/bin/cat /proc/cpuinfo
      2⤵
      • Checks CPU information
      PID:4764

Network

MITRE ATT&CK Mobile v16

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.example.mysoul/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.example.mysoul/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    616574abb7d917512e6db5e18e2aa187

    SHA1

    58785cd2f554908c62ea00cc6b3bf1e61042e387

    SHA256

    d244f8ff7c3da08cc75d871de2bf48ea6fc4812853f9e492a942e92bcf143e26

    SHA512

    98a7193142c209429c6d4c97b6cfdf1fc53bbe4089ca3023b0cdc108eee83bd084dab07c3cb8db228769cc3829e8c44955dc7b766486036451a44560eb5a5c97

    Download Submit

  • /data/data/com.example.mysoul/no_backup/androidx.work.workdb-shm
    Filesize

    108KB

    MD5

    07364a7187c5a33608f8725a0dc3d5a2

    SHA1

    5a2a76a9d75d39d2b961debccddbc924cbd4f133

    SHA256

    5eee46b4e92a86a54b0ca3411eeb6664a14288e3fd43886cca2990f82dd9321d

    SHA512

    86b2ab9d1049b116c9978eabfdf4f57474b9dc103cc29230671a3af513e4aa18a79f8f2877a1240a178cc5716739944268bc52ff4d87f1c1836ff66165797859

    Download Submit

  • /data/data/com.example.mysoul/no_backup/androidx.work.workdb-wal
    Filesize

    28KB

    MD5

    caaef41765d228d9b651cfd0c810293e

    SHA1

    ad03bfd2929c8aa54190dda452e8472416e004f1

    SHA256

    8690a3126777bc63b846b8d6ab523fdd347005694daf935fd5757ef99b289ea3

    SHA512

    7d424d7fc0e0d6f67170a052c64da0477dbd17fc7eaf897474d8b048d62ab2b89dee1e79e00de4aaa54ab26ca932fa2314a62416153c6c70790194b01a7ad8d9

    Download Submit