78be786558cb7de0b0379d3edf9de5ac37a3dce6f3ccc809abc3b74f9f82830d

Analysis

max time kernel
226816s
max time network
166s
platform
android_x64
resource
android-x64-arm64
submitted
15-06-2021 02:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fab7bb800a9fca77cd354e47ef568d9dc1cbc229bb0755f7d0a2a6d7436aff17.apk
Size

2.7MB
MD5

a12c36a82245533a4a4b9ff567da0107
SHA1

a5c056954f1bd5205c337bce3f6ce3f5a4b95fb6
SHA256

fab7bb800a9fca77cd354e47ef568d9dc1cbc229bb0755f7d0a2a6d7436aff17
SHA512

03734d1a2cae4babf99e1ce2bfde2e90e881ed5ca91e5b46277f9e99d168447f7555e0bb8c485e615d32a0d0a7e2a91d30f29c92c2b4dcec7aeb78a274c94ae0

Score

3^/10

obfuscation

Malware Config

Signatures

Uses reflection 24 IoCs

obfuscation

Processes:

com.ploh.wxdc

description	pid	process
Invokes method dalvik.system.CloseGuard.get	3951	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3951	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.get	3951	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3951	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.get	3951	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3951	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.get	3951	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3951	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.get	3951	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3951	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.get	3951	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3951	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3951	com.ploh.wxdc

com.ploh.wxdc
1⤵
- Uses reflection
PID:3951

com.ploh.wxdc:resident
1⤵
PID:4010

com.ploh.wxdc:assist1
1⤵
PID:4090

com.ploh.wxdc:assist2
1⤵
PID:4119

com.ploh.wxdc:daemon
1⤵
PID:4150

com.ploh.wxdc:assist1
1⤵
PID:5603

com.ploh.wxdc:daemon
1⤵
PID:6071

com.ploh.wxdc:assist1
1⤵
PID:6980

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.ploh.wxdc/app_crashrecord/1004

MD5
3d5b04e279bfdc60f8eb82b78ae73124

SHA1
cd6f93be98201cf67c83d7c6ae8b8dd65baad5e7

SHA256
5ece3f5fd0681b26d0b64b13995294b2b849c5ec709a25cf9a8497d96a562ebd

SHA512
4c84c26aab3236a1d4c9677e511afb8d8c55209eee2469d596fea00705f6eca90ca403b710bf2425cbdd25d3c063fbdb8b547049cde495cd66da1c26a9c19cdf

Download Submit
/data/user/0/com.ploh.wxdc/databases/bugly_db_

MD5
fbf511ea44c28f7e52875435a1315f91

SHA1
5092bc69febe3b0dad56da1122bcc6d6b845cf0c

SHA256
ba8ca04f24a8b765d3acde652a28cce38908ee562e2042796859dc7cc99b2d50

SHA512
356679bd919baa582c6cbf35b4543152d4f520e2dc55473a3fadb821be18004e3f39e5b36077e9e6e0f49bd7557167f4fcbbadeef41b56786c8d04ac694c788d

Download Submit
/data/user/0/com.ploh.wxdc/databases/bugly_db_-journal

MD5
56a6e24d8f02deb017bc30d05d34e11f

SHA1
1244517419ac29fe24a9709c1760c941d8fa0fe9

SHA256
b6ad2da73bda965a4053a349a847ab74d6e20bb2578360e2ebbfefcb9d0aa9fe

SHA512
03e062a923bda9242799d06ec055fdcbe827b8bacab34f9084cf9c48b287274d33e8adfb9e57ee37c4aafad8a51b38c7fad2e4ec8931bd7b261ada753a818e67

Download Submit
/data/user/0/com.ploh.wxdc/files/local_crash_lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.ploh.wxdc/files/native_record_lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.ploh.wxdc/shared_prefs/BUGLY_COMMON_VALUES.xml

MD5
2a1caf0f3428e82c84d37aba951e46c1

SHA1
73470b13dbc4e9bca8f39d06ea7565d3ff5c671f

SHA256
57ca488691f01839c474179195be8aa708432c4cd43cb928a1ab2872b240141b

SHA512
571ec500c4d0069aee4fdb9451300af85e05edf533243dd10a357a9024b69449cf37e09669843f01eed9d418ed8a87a4a870b286e3f1ff6c1ae0b5268eb28bd4

Download Submit
/data/user/0/com.ploh.wxdc/shared_prefs/com.ploh.wxdc_preferences.xml

MD5
4c430d78db9ae1dd52767725a61c2304

SHA1
082a64cd6114eb9f90493c85156741a4d18f6d52

SHA256
5c90b439be6cf4454bf3d1b860565756482dae196f4e31bca6821a8b5cebc424

SHA512
d7d23a1ec96488c734c9eb5907bb4950da3f3a693aa4a82dc026d700bc6cb201e0348621479026f1611142f48f5b18aa72460ad869a0ad075448abbc0168d64c

Download Submit
/data/user/0/com.ploh.wxdc/shared_prefs/com.ploh.wxdc_preferences.xml

MD5
597e748c2dc45db041fe54096b10bd6c

SHA1
d1a212cfa3150af4c9bcf3931e6f8ae48e173c0e

SHA256
9167cd0adb02f930ad28b24fb0c638644feb6ea73f9ea84be5d89a4d46c24fa1

SHA512
fb2deae7d632d67ea12b359de113507cd62f1b787363ca39b3f22b4f25ce81e9d08a6c327a860c97f054259601198cb14600361e07c84a2bb18b9c92109feee2

Download Submit
/data/user/0/com.ploh.wxdc/shared_prefs/com.ploh.wxdc_preferences.xml

MD5
5ad2a9f6b8e0ce0d307ed3b0f39ccf91

SHA1
0b0fc906fd69337f4cd4fe05e050271854521005

SHA256
b928c7a2b1f3f5f203de887af47af2ffd305dc7d3eadd0756df338191059b96e

SHA512
9b8f52c7636b58fa95cf04efc8eea0c08afacb4e6e06937580788f8485e23040cd78696949d15361d96d15bf7bf531eeff9ebb390aad29674c5b503bab7bc0f0

Download Submit
/data/user/0/com.ploh.wxdc/shared_prefs/crashrecord.xml

MD5
278d03a8589879b3978279484d1a6abb

SHA1
b6bc06c0e6999383678df0cd0f509ad22e66074e

SHA256
07e52d733695cb3e532635c5b4fe89496517369853c0c2b3e3387f0da71caf63

SHA512
ea74a1001127e8351c5da23bf8c4ee11ee9180fae70bc97ec3723225e808cb8df17ce680207537b64c3c053ad452732b13cd4061b23abb5ee719113b2cd8d848

Download Submit