c9d8629070d5cefc3aac5438218e9c1c63a4353b3026ffd8738e34e92060101a

Analysis

max time kernel
10s
max time network
213s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
01-07-2024 03:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app-projz-20240512.apk
Size

360.3MB
MD5

19aa1c8d4738b33b51889886cb4a4d27
SHA1

aa9c122aa5a67f5a2454b70377be4ecbaaa4292c
SHA256

c9d8629070d5cefc3aac5438218e9c1c63a4353b3026ffd8738e34e92060101a
SHA512

512fd08f2be3d22fd8ae6e35c94f118c80795f384e9f218effdce948b225f14f30ec220673073bc9be6e75f7982582cc40a35a92f72dbbb687ba1841c8be6785
SSDEEP

6291456:wgYxYkeW/qtUW0Pfh9H6OLF50Juvt65pU/CNpYHTa:wJeGVpGJYUpU/CSHTa

Score

8^/10

discovery evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

com.projz.z.android

ioc process

/system/app/Superuser.apk com.projz.z.android
/system/xbin/su com.projz.z.android
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.projz.z.android

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.projz.z.android
Acquires the wake lock 1 IoCs

Processes:

com.projz.z.android

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.projz.z.android
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.projz.z.android

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.projz.z.android
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.projz.z.android

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.projz.z.android
Reads information about phone network operator. 1 TTPs
discovery

T1422
Checks the presence of a debugger
evasion
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.projz.z.android

description ioc process

File opened for read /proc/meminfo com.projz.z.android

ioc	process
/system/app/Superuser.apk	com.projz.z.android
/system/xbin/su	com.projz.z.android

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.projz.z.android

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.projz.z.android

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.projz.z.android

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.projz.z.android

description	ioc	process
File opened for read	/proc/meminfo	com.projz.z.android

com.projz.z.android
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Checks memory information
PID:4522

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.projz.z.android/databases/com.google.android.datatransport.events
Filesize
56KB

MD5
28eed8162381b7b6bb2e847c298d4de3

SHA1
0c72c097fa0ab2d589e32ac89d24bbb2b7ee1746

SHA256
5de2237a23737073255e9642784a236f5d31fb6be634363147c74ba630ec7829

SHA512
b33b5ed898b56021d502faa9eaab28255a0888131e13d61d4b76c203b7cedeae802be447975b65ba8b39f8c0bb613db77312904091b38463998cb5d68377138d

Download Submit
/data/data/com.projz.z.android/databases/com.google.android.datatransport.events-journal
Filesize
512B

MD5
471e50ec5e90b890ee111cb36798b8cb

SHA1
978e7c403e8c2a925bdfb8192fc2ecb2660b4a84

SHA256
2a1e4ea2adc9b169050f2b9b9aaa38bd98db9c8e9fbd5d2d910a1273760654e2

SHA512
7717294822edc4e46e8ae472fbc7ecd016fda2cf8bb3f32f2f556ec66774f752192e56be0e3822964e822c2ddfd84e7c52802019957dc65a36ef8eb885efd000

Download Submit
/data/data/com.projz.z.android/databases/com.google.android.datatransport.events-journal
Filesize
8KB

MD5
0af2b4bec4ec3258d4934cc0425d6ece

SHA1
a7a7a619f030bb2dc50e1bf6ae380c7b2c56f376

SHA256
b23bb5c50333dddf9250d37557fb1c0b82a956c5b04e38c7fd87bf8b60314eb6

SHA512
68b66de256a5ae7e4362aab1221ac64924d78dc147cd6a4656db86d304a07dcbf8e1db30a082b06f109f8ff4d3a7c2e6f01ec8a441ab7c7335b375c9bf3c5368

Download Submit
/data/data/com.projz.z.android/databases/com.google.android.datatransport.events-journal
Filesize
8KB

MD5
dc1ab6563b1f37889ac619264724755a

SHA1
3fa8f338ae592acccf4320e3456e7dac3c0388f4

SHA256
89aad720be257da1ccc3bfc86f8eeb554919acffb90a0d47ea2738b448b9b85f

SHA512
c6e0108be5d6fbaff05f9f3370022ce9c430a8cbd5c444210fdc31515aa32a9fdc8e300d8a9162a778f002a1b6b0132661c773d511af1458a82f818d3c0a59a8

Download Submit
/data/data/com.projz.z.android/databases/thinkingdata
Filesize
24KB

MD5
9193e854fcbfae7deeea1018566f4938

SHA1
8de4dc29c57a8c1b981183fc867ab3559bb8e64c

SHA256
70c053cfcdc2ccd10326256dc26407e52d41a3b0625fd4567b837aa72a3defc7

SHA512
0c1aea1abb259932d17b0e4b0d091a8ff686b28eafc1e1f23cc30ed8833d72d94ec45faeab40f6fcf92d4ed9cd1735fdd55c82a0d102dd7c44c41c88e6b04231

Download Submit
/data/data/com.projz.z.android/databases/thinkingdata-journal
Filesize
512B

MD5
cf77aa36666a40a3361a47f0ecc25338

SHA1
ab8fcb2f57d6e3da50a1907872e3b33eb3498355

SHA256
16d615b579a6482ff9df231601f29e015fad924780cb83fb924f859ad81c6e64

SHA512
8b27877caa63e2d1a16a68005f1dab62f314045b139ad46e1568cdcdd4f5e6f95be4d8781de4eea0ca55e76026310b8e8b90a11b65e04a95ca3d91d17dca08af

Download Submit
/data/data/com.projz.z.android/databases/thinkingdata-journal
Filesize
8KB

MD5
a5fca47fab5b217e09f47a95a079a0c3

SHA1
623bbda679c746d45d46bf4848f15d3480d12e94

SHA256
c427875c041383300f3690bebb9c887a3ce897ff1fe1cf8cab18fd1b321c33db

SHA512
97e2003cd03423dcbb41fbd3e3c98e0e47c63e016fc0a6a749008ea504cdc823d41cd2f9a5f37bc22583c7fb5f24c8041c8262fd760eb5a14da42da7350f79af

Download Submit
/data/data/com.projz.z.android/databases/thinkingdata-journal
Filesize
8KB

MD5
591a7fd997c095ee41cbc942d35e54b7

SHA1
7dc639286fdca54fe0fdd098be81444e98373d63

SHA256
36570f075a8d918ef59ed79fa086197d9eea8380dc61eff6b7c1e27112c647f7

SHA512
37ff062ec8210e2a95a20ada5eca06a37afe4d8ebaa2780fe5342cb0480891ae282775504dccbc73019fcf01f6e28b1aae0e49e65e63a6e6eaa6998f88c8c727

Download Submit
/data/data/com.projz.z.android/files/.com.google.firebase.crashlytics.files.v2:com.projz.z.android/com.crashlytics.settings.json
Filesize
715B

MD5
39f0abde358274b6dd22dd8a35dde8f1

SHA1
2558a9680eb16c4e4a34f25227020fa0be62b47c

SHA256
b5ee2c179e8e25e12075434f4eef79c98437029fe993f2daf6fddf107949ab3e

SHA512
724d9effb73eacb309720a0c128318533102ae4eebb9bd4966852b46df63ac31c83edb473ece948d7522634ac6cbc8c19850ef64774f1f373f0219749776338f

Download Submit
/data/data/com.projz.z.android/files/.com.google.firebase.crashlytics.files.v2:com.projz.z.android/open-sessions/668228A2018C000111AA29A2C9027E8E/report
Filesize
751B

MD5
1574c63620d06bfa0866385a3988ce7a

SHA1
0925951389c70abf37478d045b9184e5aad02390

SHA256
e426cba2cb587b2e8a9ba27eb754d1f37aa866d93fd7c1a5b421721b947fc56f

SHA512
2a1eac6772a17f830f426d2bfb96202058391b5735e499ca5e0d212254a1666cecd5e38628975a67dcf8b867b76c46567a53812a5968e8d4bf3f78a45190e38e

Download Submit
/data/data/com.projz.z.android/files/.com.google.firebase.crashlytics.files.v2:com.projz.z.android/open-sessions/668228A2018C000111AA29A2C9027E8E/userlog
Filesize
131B

MD5
3093aa3d96238f24d6891914a738202f

SHA1
32ba94681634455ec4b19188d59869a9fd80c6fb

SHA256
2dc52aada9f36d4a208d29a18bf2bd4ed753cb4d90a2629884ce2b45b68bef18

SHA512
1cc89675fec0ceeea1fa3d019133fd49a39f2d814deebba73fc76d79c07404a0317a07ac127b2225f27df66f30d29e321e57ebc61eeb5533a92dde6f5edd5de0

Download Submit
/data/data/com.projz.z.android/files/.com.google.firebase.crashlytics.files.v2:com.projz.z.android/open-sessions/668228A2018C000111AA29A2C9027E8E/userlog.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.projz.z.android/files/INSTALLATION
Filesize
36B

MD5
883a38a03a6de4c4db0b7ef372ad0357

SHA1
aaf620c3b9780532f7f839c66d2b9a9db44c358d

SHA256
070199fd54f6a002b9dc31e9f2d3481e45b08b5cd33b25d3a6535c16aeb2a998

SHA512
85e7f7849093dabe299cd8b32453879e6ee3a7e2adf72255a4bdce47941fc503e33d4e06f4d9741fd3c6120aa523b34c7cfecd8802d4da99f54c507f63d42ca3

Download Submit
/data/data/com.projz.z.android/files/PersistedInstallation6752538966077265541tmp
Filesize
90B

MD5
992ef5c984807903c5012dbd1db7debd

SHA1
34686ebefe20a61094ed2accf5b06af19f75ed8d

SHA256
6f96d0b252c1942f2163f935e1e513b137020be81d64e919c318a4b3bf7ce5c0

SHA512
5a4bab9e0eb5b14178219bf3d139dc7e0ad7fbdcb81768475ce3f3fafda6b110453e7075a8625bb1fa0532759b0fe82bc7f674840f6be709f4cf4ce65602baf4

Download Submit
/data/data/com.projz.z.android/files/PersistedInstallation7488309238319470090tmp
Filesize
567B

MD5
6a1dac5cbcbd84a2d3cc2d56d90556a4

SHA1
c0f2a73428c8ddc113bd2a8d875655122211d86b

SHA256
7b5e553b9dbd4be6faa5428701a7b3c52f0fc5c9f6514be095fc0a9062de1073

SHA512
40d971f98cc3fe4fa6932b058b2d8fcb48d73d4053bad6a623d0d36dfd8466afa5c61f083e5fab82405239624cca571592eae702a27e2f55f1aeb9fe964daa55

Download Submit
/data/data/com.projz.z.android/lib-main/dso_state
Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/data/com.projz.z.android/lib-main/libByteVC1_dec.so
Filesize
397KB

MD5
0830994e688d671da2051d6e851d9681

SHA1
fa8f1e8292cdead781affe2b7e7792e7ccb4bc8a

SHA256
cec165c68cba994befa1380e2f188b5df28fed4cbfbcb800b6a68672035024da

SHA512
8b9ea62f73ecd7374d77b9e82c008bc4801d7c36cd982253d95e94ecb46fbd959e021c55c489ed9e3c3cb57cc8c14ffdee87e7423d927c69077f78d275a4f88c

Download Submit
/data/data/com.projz.z.android/lib-main/libEncryptorP.so
Filesize
78KB

MD5
5eaaf17d5d7d5e793ee52281df25a6af

SHA1
6bd89a77ea1d0fd38169aa47e1882d791cb00ce2

SHA256
77939943e800087922b4f4be7f90c66105f50bc0f2217ceecab5abc5b42f8058

SHA512
7c23b55929ff7079b7c958a2e7438a5e121dbdb6d60a02111a1ab35cfb1c1d25c23d87a1d7cb2a22b3af9cb47c6602b0595e535d94cfb57880b13f1cf7047990

Download Submit
/data/data/com.projz.z.android/lib-main/libRSSupport.so
Filesize
1.4MB

MD5
5cc4b4b4b24a228b75ae00a9ca5a0ad4

SHA1
3efe9f4a0007c46f42ce53c2c3bf96189276b506

SHA256
a43ac04876be490e0380c52ec2b701fa444ff6a10ba3fc6f9e1a3d6152a0a5e6

SHA512
658f8b029f08e299f894fc5cfc6224248caf07782aad8877cd244c0045347f9ad5bc9fe2392db09752bbadc38756db3bcd61283d6a1112dd59947c095a3c64ed

Download Submit
/data/data/com.projz.z.android/lib-main/libanimtool_jni.so
Filesize
1.3MB

MD5
008a973c29f023f4ff8ff1cef1125b3f

SHA1
62639bd4dc23fca7305dcff6b655e3153a25a0a1

SHA256
8a2e68ac8b53c791aa18e13cd125b44e647b6d8fb24d990c219aa7c7e804ccc1

SHA512
66313f67badc55a766efc1d37be834e9579b382cd11f19f853f74d27d07b01114d3f508255f0519beec77e7bc7ecc6b3457f202f8c26eae281124c09398a27b7

Download Submit
/data/data/com.projz.z.android/lib-main/libapminsighta.so
Filesize
98KB

MD5
7af4e0d21f52a7fe8c298c2b00798b0f

SHA1
80619d4f77d1d9e9cc08824ab348818a32f19bcb

SHA256
9d4f369ce105731d03eee2ff4397b908521997acbc44c6e553c44abbaef76058

SHA512
53bab761345408477fafd0e7fb4e2cbd341176d2cfe77ff1c56029f7b0b74273ece7fcc13aa77334ef54297e8aa627d151d516ededc7935cc4962b54306895a3

Download Submit
/data/data/com.projz.z.android/lib-main/libapminsightb.so
Filesize
114KB

MD5
524ef6712f1503eb9758382cd7d2969c

SHA1
568f4cabba720eaaefb1420cea2c6d9afaab32b8

SHA256
211de97eaa219b64beeacc6798959c427e24def09f52cbe2a1ff50cb7fb4f822

SHA512
3eb7c7950d06ed3df3373befd9a6608b0a1c7db52dbf5c0995d3eca4e884648c5e10abaa59004bc003a03a998145fdf0f88df2d97622025352b692e4f61ec09a

Download Submit
/data/data/com.projz.z.android/lib-main/libavcodec.so
Filesize
2.7MB

MD5
b8dc601cb60c403bc4f4aa22e79bea56

SHA1
1092145c3aa1c2db1361ff7cf2df1c9b96aac1b8

SHA256
049db57e05bb035cb965f47e258a202c44211fd66c4ade51e87d40d8f4b5ec2b

SHA512
7e80eff78f98552e31e530760b4ca927356b2df380096828316c51705b73f54c87b6c46a1e30ddf9d5dfea333f5ddecf67bd7e48dcb04f6f750fc763944e5e2a

Download Submit
/data/data/com.projz.z.android/no_backup/androidx.work.workdb
Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.projz.z.android/no_backup/androidx.work.workdb-journal
Filesize
512B

MD5
e5797fe5e6de936efb38ef13d2cc8411

SHA1
2510ec072e7fb18a821f0403b47893a5ae4e1ebc

SHA256
ee0f08913270b3ee75fe51608a4a786e82279720e322f5d4be15115ee5902c4b

SHA512
c425d6ff45a043e49ab1b9ee1af79e6acfc97e71fd9dce814b14904fd571ed08827fbf5d135cd1692fbb17a135280ba4ae59d2f70d91660804b8787ddc1fbea6

Download Submit
/data/data/com.projz.z.android/no_backup/androidx.work.workdb-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.projz.z.android/no_backup/androidx.work.workdb-wal
Filesize
16KB

MD5
118cae96bebc85380ed316444c4c8dc7

SHA1
ccd3bd3b1e5cb3c64ce2fa2833ac780e21e8b48d

SHA256
023fd87934be4b58c095500f3ba41298c891b0e15f00ed3f90cdfee07364be10

SHA512
09043f9a7f1f00d9bc280730916ff38decddbbffdaa78462730a53788bfab68f2c6853b86fe5ae9b57b222034d210e177687410408a56a42bb87b7b635d874cf

Download Submit
/data/data/com.projz.z.android/no_backup/androidx.work.workdb-wal
Filesize
108KB

MD5
6b6866261889150c1fc5710fd1b18a11

SHA1
a70ad2427c09f13b443fb16eb878ce61e4120f86

SHA256
286077774169bc76317f2221ae93165bb12780f85a75acd5516872e9930f8743

SHA512
c96c2ece8b815a0199165f68012c7e196e821898b5ba9229add17df3fdc1e8dd8472ca845b01fa8de33ccf7cf0608be6029f720446b5321a654ddccda154bb06

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads