0f6ea55effb6b33bbc1bbe0a62880ff420e71803546903d51fe034b1bda7901b

Analysis

max time kernel
139s
max time network
142s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
09/04/2025, 07:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0f6ea55effb6b33bbc1bbe0a62880ff420e71803546903d51fe034b1bda7901b.apk
Size

21.5MB
MD5

d97fddcdd7034bae124dc04d25b21acc
SHA1

a4413fafd1c30e332a08a4aef47abf5d20f97800
SHA256

0f6ea55effb6b33bbc1bbe0a62880ff420e71803546903d51fe034b1bda7901b
SHA512

ee01c1bedc2af5820d0ccbab8ef18292f20867a2e2f1ac0059326d67b7acc4694a6256be3b71ba56b50f8817634ee906a27f7de3351339faad0cc44e6237c563
SSDEEP

393216:gLkcr0ncN0WdWf1uTz54UF+cp8m1OQYYOVCKZjL2NQiVW2HVRjQdiMQ:YZSG0yimXt2K1JOVCon2vT3

Score

7^/10

defense_evasion evasion persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.garden.iptvv/app_dex/classes.dex	5243	com.garden.iptvv
/data/user/0/com.garden.iptvv/app_dex/classes.dex	5243	com.garden.iptvv
/data/user/0/com.garden.iptvv/app_dex/classes2.dex	5243	com.garden.iptvv
/data/user/0/com.garden.iptvv/app_dex/classes2.dex	5243	com.garden.iptvv

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

defense_evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.garden.iptvv

com.garden.iptvv
1⤵
- Loads dropped Dex/Jar
- Makes use of the framework's foreground persistence service
PID:5243

Network

MITRE ATT&CK Mobile v16

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Foreground Persistence

T1541

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.garden.iptvv/app_dex/classes.dex

Filesize
8.8MB

MD5
83b465452f3bbb096649bc20dc140f68

SHA1
51a3d6bec13801f626d61b7f3e3782c1402b80b3

SHA256
a7acb7ea6dfb095d8a680ff6f3e65858a72dd334e93fbbb11332f93909577710

SHA512
3d8479343ce5c59ab782a2b97069ea603a52555772d561c1c179927b95b6922d747404da562252680e4616bda7e3a870be47f884558a7b0a18ffb7101e7cd48e

Download Submit
/data/data/com.garden.iptvv/app_dex/classes2.dex

Filesize
2KB

MD5
4e2f95c28abaf08f84ae37faa3d0ca2e

SHA1
f9406488efe5154b24a29d1e4c3d8f1e83da87a4

SHA256
2b2f9c8e8c5eb644955280401df8482e5ba6ac71410c3f9c433c540f56f2db1a

SHA512
36016f971dc5b26d4a0f35131bfa92d5de705a8605241d25c560cf2e8ff7ad8e048c772a846866e8b7986960975706cb27868efaf1e259248f932a432ab89249

Download Submit
/data/data/com.garden.iptvv/cache/classes.dex

Filesize
3.2MB

MD5
3cee8782840d36fb7685feb781250a09

SHA1
9d14f118fdc787d5fa13a2a2094bc9d62a6540dc

SHA256
3f12d1478088356fc59d666637b1e5bd77beb7f79e62f1cc7a63c38fd6bf44ae

SHA512
80177ced749376b2aa789443decbbf7f98223af18fe6ace9606f38ca4fb3e0b6833c8ef5ad8621f9c9aea47cfe81673a8aed80628e5911d8d62e5649a5dd2ce9

Download Submit
/data/data/com.garden.iptvv/cache/classes.zip

Filesize
3.2MB

MD5
cac9e352c1d80005f4e15c530cdd1014

SHA1
fb8fc50eec2691d94c76867d509719116c40f0a3

SHA256
6519e43cce3ee2964f890d90356b63d4d1d551e580b22bfd42c3acd3f75898fd

SHA512
66473dc2d4c00be6be08a97f0a17aed786d1ff9943e5a92affcf982a6d8402a6630ee6f9b3c1f65a5c8519cf4431ec77edb3051613a057b5c065730661280463

Download Submit
/data/data/com.garden.iptvv/cache/classes2.dex

Filesize
947B

MD5
1bd625689ca025a89428154d70cf713f

SHA1
20ec0805db8cfdbc0649d759352ccaa744dc67ba

SHA256
03e8fd54e9cfe22f1bb233223808a899ac86843ba7e5875a9983b301ecbca0e5

SHA512
a3281a2636d7544843bab459df4652e1524703975911afd029bec767fe89f8400477881aaaf899dba53adf1e0d29469d846038a3d993c85b67d2152980d2ba82

Download Submit
/data/data/com.garden.iptvv/files/profileInstalled

Filesize
24B

MD5
65378045088af27eccb2fba70e1fa26c

SHA1
480146e118f037f52e4ff87f638c9b261a062603

SHA256
98ef85985c16c6a671cab4351149e6a98329e18f21ca2c745725e561f187c32c

SHA512
042132df0d28a3810d2f3d4d4de73caaa0646c88055a97140ff8b3d149d0dfc5ea86b4c449c7b08c97d978c38c727032f04d44887b6522746e44109fc906383d

Download Submit
/data/data/com.garden.iptvv/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
04b3603a56ea505024f1c0ad71c56cc5

SHA1
8d591d19b56b93cab59d6e917a13326400aa6585

SHA256
a9cae676ff8ad4884b8c30f1baa705dad30131af1172ae35f16bdcc219a15d4d

SHA512
01d476c328559437b5f119bae10b8942e08371821ed96dfce7d87b7a2698e4c56dba7d2770b0b46114e302f63732296544ea02d57ec5f326aa857ac5e1b7faa5

Download Submit
/data/misc/profiles/cur/0/com.garden.iptvv/primary.prof

Filesize
2KB

MD5
a816bf8da1fcd1b455b16f42ea3eb9c8

SHA1
dfd293d82a2bc7b64de7ea30bced3907ac581866

SHA256
68a14e8d34f8aff2420743ecbd7d2472ab253bbcfd468ad76f19989ba4785763

SHA512
20a82a714349249299dff31adff81e5507969d20397e733efbf443cbd94a841cb685e95312e7038db9ef4635c3da1677635f6c1b1d2f41842e0e3c100d32ac1b

Download Submit
/data/misc/profiles/cur/0/com.garden.iptvv/primary.prof

Filesize
113B

MD5
80cd69efe8efd50d9c41596c260512db

SHA1
424284a494fd52a7eeca1933576844619ebaffba

SHA256
eaea1c8f85ba9af3a1070a14f6011f622fe85fddc6f5f095d80ef5499e995849

SHA512
c5c8be511b46bd6771689500a61c746521ef04bafc38433cf28956465b9aa6b7dd9aa8aa03c6d712efad1c345e637467a05354db769f0b1e34cb593c2504f268

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v16

Replay Monitor

Loading Replay Monitor...

Downloads