Edit tour
Android
Analysis Report
Locus Map 4 Outdoor Navigation_v4.12.0_apkpure.com.xapk
Overview
General Information
Sample Name: | Locus Map 4 Outdoor Navigation_v4.12.0_apkpure.com.xapk |
Analysis ID: | 715054 |
MD5: | 7d1e9e34c72e9a2dd619ce04f59b6f1a |
SHA1: | 3c9658cd706ced7e53d89b408cfe1eac4e532780 |
SHA256: | 36e896d31814d4a7a26144c0064d9ed072070b88b9a9f2a8ba42f04f27a5e572 |
Infos: | |
Errors
|
Detection
Score: | 0 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Classification
⊘No yara matches
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Classification label: |
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | 1 Encrypted Channel | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | 1 Application Layer Protocol | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Joe Sandbox Version: | 36.0.0 Rainbow Opal |
Analysis ID: | 715054 |
Start date and time: | 2022-10-03 15:43:17 +02:00 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 1m 26s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | Locus Map 4 Outdoor Navigation_v4.12.0_apkpure.com.xapk |
Cookbook file name: | defaultandroidfilecookbook.jbs |
Analysis system description: | Android 9 (Pie) |
Run name: | No or little behavior, retry without instrumentation |
Analysis Mode: | default |
APK Instrumentation enabled: | true |
Detection: | CLEAN |
Classification: | clean0.andXAPK@0/0@0/0 |
- Setup command "_JBInstrumentAPK" failed: Invalid APK
- No dynamic data available
- Static analyzation failed: null
- VT rate limit hit for: Locus Map 4 Outdoor Navigation_v4.12.0_apkpure.com.xapk
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 7.616420158694971 |
TrID: |
|
File name: | Locus Map 4 Outdoor Navigation_v4.12.0_apkpure.com.xapk |
File size: | 42912763 |
MD5: | 7d1e9e34c72e9a2dd619ce04f59b6f1a |
SHA1: | 3c9658cd706ced7e53d89b408cfe1eac4e532780 |
SHA256: | 36e896d31814d4a7a26144c0064d9ed072070b88b9a9f2a8ba42f04f27a5e572 |
SHA512: | 6a931c2772fc39718557fa1031fed34db3f28be9fb6c695fc1d1782b0f4847a9a86257e3977ef51c7704c995679f866a45c3420077e47927a230d7a81432088c |
SSDEEP: | 786432:epdKdgSbNonBCqB4ewVSjAoYIBXiUC9Jf48/Q7XcKLOa8am4h:EKdgOmCqeewVkAvR9hggaz |
TLSH: | 6F97F207FE0C582AD5BB647D4BCA8221F0225E416E41CBD37065B21E76B7AE4CB663F1 |
File Content Preview: | PK............................menion.android.locus.apkPK........!.!..A)^.B...*......AndroidManifest.xml....Ue.............2 .....#3.83,....s..8.....;"...........?3#.BC2333333323#3....|....g.3..L.._...s...>.~....h.=-h.........>F.......B..!.8h"4.:....A..".. |
Label: | |
Version Code: | |
Version Name: | |
Package Name: | |
Is Activity: | |
Is Receiver: | |
Is Service: | |
Requests System Level Permissions: | |
Play Store Compatible: |
Name: | |
Issuer: | |
Subject: |
Name | Type | Size |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 3, 2022 15:43:36.543329954 CEST | 50458 | 443 | 192.168.2.30 | 216.58.212.170 |
Oct 3, 2022 15:43:36.671384096 CEST | 39602 | 443 | 192.168.2.30 | 142.250.186.163 |