0e3f6025d4dc20c6789378fb8f7d8a3dab5c12d4be6810037b1c49c30283146c

Analysis

max time kernel
1652033s
platform
android_x86
resource
android-x86-arm
submitted
01-07-2021 14:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0e3f6025d4dc20c6789378fb8f7d8a3dab5c12d4be6810037b1c49c30283146c.apk
Size

2.6MB
MD5

2354fe8737784349221b56c269c51029
SHA1

291f37724c301d93345442b2f291a90f603f7fcc
SHA256

0e3f6025d4dc20c6789378fb8f7d8a3dab5c12d4be6810037b1c49c30283146c
SHA512

bab58071777895cc9566d75b9776ba03fc7cec51b2995cdb8b2bbbb285efa4e3fa8df753e4ac5ef32a44c35f1c3e0c4ee060375119d1f505f7c76f0431bd1cd2

Score

7^/10

obfuscation

Malware Config

Signatures

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.onij.dzuluth/system/bin/dex2oat

ioc	pid	process
/data/user/0/com.onij.dzuluth/app_apkprotector_dex/6BkIzmrn.sy	4716	com.onij.dzuluth
/data/user/0/com.onij.dzuluth/app_apkprotector_dex/6BkIzmrn.sy	4753	/system/bin/dex2oat
/data/user/0/com.onij.dzuluth/app_apkprotector_dex/6BkIzmrn.sy	4716	com.onij.dzuluth

Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.onij.dzuluth

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.onij.dzuluth

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.onij.dzuluth

Uses reflection 2 IoCs

obfuscation

Processes:

com.onij.dzuluth

description	pid	process
Invokes method android.content.pm.PackageManager.isInstantApp	4716	com.onij.dzuluth
Invokes method android.os.SystemProperties.get	4716	com.onij.dzuluth

com.onij.dzuluth
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:4716

com.onij.dzuluth
2⤵
PID:4753

/system/bin/dex2oat
2⤵
- Loads dropped Dex/Jar
PID:4753

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.onij.dzuluth/app_apkprotector_dex/6BkIzmrn.sy
MD5
7537c59ec64fd113685350df31999b92

SHA1
3a6eeff35d18999a6723eb0fa72bf1d533c9c6d8

SHA256
5faecf24f5e0280ca767fc5be7b5e9db50d800bcd8158af7d255a01ca4407a6b

SHA512
2a0fa4d504ef53f2e4aedac77c21aac792ad209569737071db5cd5614e90101d038c00b4654a864785b5b03574ab63e78fcabab6e7e0a3de8d521c24e3b7a349

Download Submit
/data/user/0/com.onij.dzuluth/app_apkprotector_dex/6BkIzmrn.sy
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.onij.dzuluth/app_apkprotector_dex/6BkIzmrn.sy
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.onij.dzuluth/app_apkprotector_dex/6BkIzmrn.sy
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.onij.dzuluth/app_apkprotector_dex/6BkIzmrn.sy.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.onij.dzuluth/app_apkprotector_dex/oat/x86/6BkIzmrn.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.onij.dzuluth/app_apkprotector_dex/oat/x86/6BkIzmrn.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.onij.dzuluth/app_webview/GPUCache/index
MD5
93027d42b314432c4216e6cfca48b384

SHA1
43448dd8102979c3926828182579691945eedd4e

SHA256
3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

SHA512
a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

Download Submit
/data/user/0/com.onij.dzuluth/app_webview/GPUCache/index-dir/temp-index
MD5
f1ad28eeba3be53fbb5ac45bfa1194fd

SHA1
5c017626764422bd0271edbe991827b798e665ea

SHA256
c7a7417cbabb96c751161f3fdb10503c825638ef128fc62023b31687141866af

SHA512
5f6a7cb0f00986a2b208173de40e83cc5640a5ba3dbbb359a82772280ff15463c5a04a373b205bc17a33821b62c718bd90ec3166cb742d6adb4d4647335b5b0e

Download Submit
/data/user/0/com.onij.dzuluth/app_webview/GPUCache/index-dir/temp-index
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.onij.dzuluth/app_webview/Web Data
MD5
5168d8c4556ac22decc2362ce61ddafb

SHA1
664cb3c7b0b5b13c3b915c28354793bcc0afd408

SHA256
5057cf5dab27589d93f7d55ffa505ea8249c213b79fd8c85ac39423c135c5db6

SHA512
81cefa22b3b1d30acf590b44b97a47b68c265a15b3725ff348ac0256faae0aa76b6a9bedece897c912bbcc86623c3a20c193ff131d9a25d0ee8e315394ae332d

Download Submit
/data/user/0/com.onij.dzuluth/app_webview/Web Data-journal
MD5
83a3e057917a31336181d13afc577881

SHA1
8516183dff1027a472bd1ff34e1d7272abe246bb

SHA256
4b3f99b9dac6d8d81499dafe55ab58eb890e9b3405863fffec966256eb4d421f

SHA512
e7daf0f163357e64a7056406ea77437a6cc1584b70b617e0abdfaa2098f30e809497265185e46e3e02977731e3a74fd714401791bdb5d451596f7621c86c94d3

Download Submit
/data/user/0/com.onij.dzuluth/app_webview/metrics_guid
MD5
9361ba4148631a6916c6387c0838bf37

SHA1
178e3dbc18baaa5b830e11f93fc65350ba7c604a

SHA256
16cbad28668c94eb2c5d4b0d2dd9f27c014f8538acf4e48ae8fa825c1bdf017f

SHA512
e6d0e730fc71acbd3f42531a13165410f5bdedb47300f150717c1ad3a66d668134a8e0ec2190566cb6af8b14d3f226e2ed09eaf2993f47eaba037bad58b48129

Download Submit
/data/user/0/com.onij.dzuluth/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.onij.dzuluth/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.onij.dzuluth/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.onij.dzuluth/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.onij.dzuluth/shared_prefs/WebViewChromiumPrefs.xml
MD5
21223e9184445fe043476484cd8cb1f9

SHA1
2b4813f849121d60ba35eb0889080668bb62c778

SHA256
bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

SHA512
be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

Download Submit
/data/user/0/com.onij.dzuluth/shared_prefs/config.xml
MD5
10788cf4d0231229d3be02049c0a24f5

SHA1
d601b238f5357cf869413c6d2393e486214373f0

SHA256
a46885e6e24e9a295dd626cd855c169f76539b0545176ea50a1c23b4dd6a7b67

SHA512
508f60b7dda2e77a51da8451f20162b566e27b193c333280439e2d6980d0a8709898f8f40bc99e73061928c7af3b6c1ba383d464251424e96c663d6308a9cc5a

Download Submit
/data/user/0/com.onij.dzuluth/shared_prefs/config.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit