78be786558cb7de0b0379d3edf9de5ac37a3dce6f3ccc809abc3b74f9f82830d

Analysis

max time kernel
226816s
max time network
166s
platform
android_x64
resource
android-x64
submitted
15-06-2021 02:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fab7bb800a9fca77cd354e47ef568d9dc1cbc229bb0755f7d0a2a6d7436aff17.apk
Size

2.7MB
MD5

a12c36a82245533a4a4b9ff567da0107
SHA1

a5c056954f1bd5205c337bce3f6ce3f5a4b95fb6
SHA256

fab7bb800a9fca77cd354e47ef568d9dc1cbc229bb0755f7d0a2a6d7436aff17
SHA512

03734d1a2cae4babf99e1ce2bfde2e90e881ed5ca91e5b46277f9e99d168447f7555e0bb8c485e615d32a0d0a7e2a91d30f29c92c2b4dcec7aeb78a274c94ae0

Score

3^/10

obfuscation

Malware Config

Signatures

Uses reflection 28 IoCs

obfuscation

Processes:

com.ploh.wxdc

description	pid	process
Invokes method dalvik.system.CloseGuard.get	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.get	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.get	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.get	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.get	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.get	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.get	3648	com.ploh.wxdc
Invokes method dalvik.system.CloseGuard.open	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.getInstance	3648	com.ploh.wxdc
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3648	com.ploh.wxdc

com.ploh.wxdc
1⤵
- Uses reflection
PID:3648

com.ploh.wxdc:resident
1⤵
PID:3682

com.ploh.wxdc:assist1
1⤵
PID:3732

com.ploh.wxdc:daemon
1⤵
PID:3787

com.ploh.wxdc:assist2
1⤵
PID:3759

com.ploh.wxdc:assist1
1⤵
PID:3867

com.ploh.wxdc:assist2
1⤵
PID:3963

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.ploh.wxdc/app_crashrecord/1004

MD5
39ab38f26dcb8cf500a2018fe5ca9eed

SHA1
182bf62f83fec70b680bd22da9fa46b4bf5caef0

SHA256
d3c75ee1360189d5d382092ea594eac5dd386e704942837a34a2c93d5ce9199a

SHA512
0a2bb1561f052bc57a06342de9997bf936ccbe463c3d10b6f2d174a4c6b3a8d239adefc2bd78f22e7680977c84e4fd8ae77318e2900a589ab65f9106526d16f1

Download Submit
/data/user/0/com.ploh.wxdc/databases/bugly_db_

MD5
d11f7acf22fa3e20c39019ce05d8abb6

SHA1
808ce118732f5689e8b92f25058f01d93f063ebf

SHA256
4d83058901aed65811e45a6ac46b23df63c33e2c7f9e8f4df92c378182fc9eff

SHA512
0d30a4ca428e643af8c8012e1ffb719c3c522afe86f1beb7272aeb2c09172fd3dafd86ef2603bdd270b9640b038c540f471e12a50d32a644609d713659fb59ed

Download Submit
/data/user/0/com.ploh.wxdc/databases/bugly_db_-journal

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.ploh.wxdc/files/local_crash_lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.ploh.wxdc/files/native_record_lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.ploh.wxdc/shared_prefs/BUGLY_COMMON_VALUES.xml

MD5
7681921e52d3d86089b70ce5a31252e9

SHA1
f3620ee47862ba708f949808ffc8a51b829bb1d5

SHA256
4b71067f7fa9b45c207c67c0381c42cb4d06544f514e2f634acd3a78e79cefb1

SHA512
f24ee0510d62d435ee90053b98f4643585a16c39da60ddca0795270244d970f9cd1ba1bcf6721106394c89453cc74d48a557112a37dffc08ddf27c7bc112d4e2

Download Submit
/data/user/0/com.ploh.wxdc/shared_prefs/com.ploh.wxdc_preferences.xml

MD5
4c430d78db9ae1dd52767725a61c2304

SHA1
082a64cd6114eb9f90493c85156741a4d18f6d52

SHA256
5c90b439be6cf4454bf3d1b860565756482dae196f4e31bca6821a8b5cebc424

SHA512
d7d23a1ec96488c734c9eb5907bb4950da3f3a693aa4a82dc026d700bc6cb201e0348621479026f1611142f48f5b18aa72460ad869a0ad075448abbc0168d64c

Download Submit
/data/user/0/com.ploh.wxdc/shared_prefs/com.ploh.wxdc_preferences.xml

MD5
597e748c2dc45db041fe54096b10bd6c

SHA1
d1a212cfa3150af4c9bcf3931e6f8ae48e173c0e

SHA256
9167cd0adb02f930ad28b24fb0c638644feb6ea73f9ea84be5d89a4d46c24fa1

SHA512
fb2deae7d632d67ea12b359de113507cd62f1b787363ca39b3f22b4f25ce81e9d08a6c327a860c97f054259601198cb14600361e07c84a2bb18b9c92109feee2

Download Submit
/data/user/0/com.ploh.wxdc/shared_prefs/crashrecord.xml

MD5
278d03a8589879b3978279484d1a6abb

SHA1
b6bc06c0e6999383678df0cd0f509ad22e66074e

SHA256
07e52d733695cb3e532635c5b4fe89496517369853c0c2b3e3387f0da71caf63

SHA512
ea74a1001127e8351c5da23bf8c4ee11ee9180fae70bc97ec3723225e808cb8df17ce680207537b64c3c053ad452732b13cd4061b23abb5ee719113b2cd8d848

Download Submit