52193b90058911302dd3763eb68c59c4f9b818aaab0b7c38a31a0f305a93552b

Analysis

max time kernel
263493s
platform
android_x86
resource
android-x86-arm
submitted
04-08-2021 05:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Download(1).apk
Size

2.0MB
MD5

896114639cc1c4a141bc58dd4ed2c7df
SHA1

2e41a07fa0ef4b44b3d494846481fef2efe0e5c1
SHA256

52193b90058911302dd3763eb68c59c4f9b818aaab0b7c38a31a0f305a93552b
SHA512

758f60f2a8def6c395f8e92c6e2d39027df7d6c7ad334c573a71519ccb3ce352acc98ea9adc46723de9c6327ebff5f475f52d2a16774be10b1309ad711204d68

Score

7^/10

obfuscation

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatjsn.naturephotoframe

ioc	pid	process
/data/user/0/jsn.naturephotoframe/files/498bdbf2.dex	4931	/system/bin/dex2oat
/data/user/0/jsn.naturephotoframe/files/498bdbf2.dex	4895	jsn.naturephotoframe

Uses reflection 4 IoCs

obfuscation

Processes:

jsn.naturephotoframe

description	pid	process
Invokes method dalvik.system.CloseGuard.get	4895	jsn.naturephotoframe
Invokes method dalvik.system.CloseGuard.open	4895	jsn.naturephotoframe
Invokes method dalvik.system.CloseGuard.get	4895	jsn.naturephotoframe
Invokes method dalvik.system.CloseGuard.open	4895	jsn.naturephotoframe

jsn.naturephotoframe
1⤵
- Loads dropped Dex/Jar
- Uses reflection
PID:4895

jsn.naturephotoframe
2⤵
PID:4931

/system/bin/dex2oat
2⤵
- Loads dropped Dex/Jar
PID:4931

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/jsn.naturephotoframe/app_webview/Web Data
MD5
5168d8c4556ac22decc2362ce61ddafb

SHA1
664cb3c7b0b5b13c3b915c28354793bcc0afd408

SHA256
5057cf5dab27589d93f7d55ffa505ea8249c213b79fd8c85ac39423c135c5db6

SHA512
81cefa22b3b1d30acf590b44b97a47b68c265a15b3725ff348ac0256faae0aa76b6a9bedece897c912bbcc86623c3a20c193ff131d9a25d0ee8e315394ae332d

Download Submit
/data/user/0/jsn.naturephotoframe/app_webview/Web Data-journal
MD5
46821777cc92ebd7040a51c2106ea192

SHA1
4b152e55ab5b08eff019de5c64340d350302acf9

SHA256
8a2d48cbd6169938bcf3995bc92302a6ffda424dae260ad33f7a025168b2fe4d

SHA512
6069dd3c96527d2752caae55f69a446eb2bb9655f04eb10748fff16a95a18644b4dfa7d312f0679cf406a4dbe5fe667245c45b2e33ced591802049a9267c8978

Download Submit
/data/user/0/jsn.naturephotoframe/app_webview/metrics_guid
MD5
4fc23f494bf5a102f872cd699396ca6b

SHA1
e4f8fc570f1e35879ab64c3d3500b1b4baf460d8

SHA256
22979b69c7c45c307f69bc9512d2924b4661835b933529813ba9d766933670ea

SHA512
1bcef0aaaa6317b71d77ac0fbb29ef4454fc0ac735818094e62bd4b902b8fb1fd63cc8664f7a905b4207f45733dc72305f36e9d9ffaa30016cb615e04d7f0489

Download Submit
/data/user/0/jsn.naturephotoframe/app_webview/metrics_guid
MD5
4fc23f494bf5a102f872cd699396ca6b

SHA1
e4f8fc570f1e35879ab64c3d3500b1b4baf460d8

SHA256
22979b69c7c45c307f69bc9512d2924b4661835b933529813ba9d766933670ea

SHA512
1bcef0aaaa6317b71d77ac0fbb29ef4454fc0ac735818094e62bd4b902b8fb1fd63cc8664f7a905b4207f45733dc72305f36e9d9ffaa30016cb615e04d7f0489

Download Submit
/data/user/0/jsn.naturephotoframe/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/jsn.naturephotoframe/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/jsn.naturephotoframe/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/jsn.naturephotoframe/files/498bdbf2.dex
MD5
022e62b9d5b891ada38ba51113b28e9a

SHA1
06c894a59c15b6926342e26e782de75efa9f5144

SHA256
750949ac8e4623b55d5b94ec4dade89b0baecb3540d82524582d7ad04d29378d

SHA512
235b8ab8c953e274e9f1c30c49ea5a42152c549daf60290cf0f856f1e884d657490545fb703cc7945ae8438141c5e2f821e80196f4ad258e28c747bb8f3e9830

Download Submit
/data/user/0/jsn.naturephotoframe/files/498bdbf2.dex
MD5
4021ca384efb8d7a690e5ba7aa1e4f47

SHA1
30ebc6aa45b8140dc41fde53fe8cd11d3d9dfc41

SHA256
b9d39323c178215de60affa8ccce9fe6e4df214691c057ff32cdef8691819691

SHA512
4ce11acd3b4f27647e291804c0b51d362752e475169ce331bf74604d88f3df8fdbf9696f9e31259af8ff6d1136d461e2c990fbcfb755f47ad7e99ab3ef9bc209

Download Submit
/data/user/0/jsn.naturephotoframe/files/498bdbf2.dex
MD5
e7a81823e9812b2e203a45764497e093

SHA1
b8cfec3ba6c116a5568409dce03d66f8727b0513

SHA256
d0fe1e276882c905d4b94fa7a14f166d51e55a858d4263c74a95115692ac5812

SHA512
2237671585b74b9d9ab8df1cb47281c671d709b42a2fd0c63c9dad812359d0b933637b5760761ecbae2ca5a2e326b902f29136f2de6a027d0964a27b50c7c088

Download Submit
/data/user/0/jsn.naturephotoframe/files/498bdbf2.dex.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/jsn.naturephotoframe/files/BGEaUZrY
MD5
27ba19805d52e788ce7ee21d6f82137c

SHA1
36bd2c6b725254b966fb8fef828b4f6f9e41d283

SHA256
c4fb4c4feb09b15b40b6334bccfac10657db63fc94b0043b35cc7173b43993bd

SHA512
c35fe911c13605de5441b5829a925e433bdd8b64c4d076562b07c8d3d6f2ed8bd72273fa7eecb17b946d4ef2584d550d4ac67871822b986f7529c014b0def34c

Download Submit
/data/user/0/jsn.naturephotoframe/files/TrPJFdsN
MD5
d149b404bdce7f3290353a853676815d

SHA1
cbb0d08d05a63b1efa6e2927ae792034b3d9f93d

SHA256
fbe5100533e4ecfc346987c9df2db3def95099608f54aa2212977b775d518bee

SHA512
b35df5c84c096885aacff612490890c87c56e11dbc6a792ba2bb983f64193f277bc53adf103360e3353dde5f31ff8bc3bc3bba2a4d469349aafeafc4f2826c0c

Download Submit
/data/user/0/jsn.naturephotoframe/files/oat/x86/498bdbf2.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/jsn.naturephotoframe/files/oat/x86/498bdbf2.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/jsn.naturephotoframe/no_backup/com.google.InstanceId.properties
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/jsn.naturephotoframe/no_backup/com.google.android.gms.appid-no-backup
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/jsn.naturephotoframe/shared_prefs/WebViewChromiumPrefs.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/jsn.naturephotoframe/shared_prefs/com.google.android.gms.appid.xml
MD5
ccbab13b94f6210e6de62844f8bee72a

SHA1
9717a0eabf87e7ca6fece2a0309a7f88ff7b721d

SHA256
7c6644f9d4e886e2725169d29e07a592a5c0e7e1587698f4e840450afbecbf0b

SHA512
c50621789ad592940ba217785769a8e63ef08c7c03d9f553efce7118b82ea993d47b37725d45514036c3d2eb412dcb6f439dc486af2a083da84172fc2192f103

Download Submit
/data/user/0/jsn.naturephotoframe/shared_prefs/jsn.naturephotoframe_preferences.xml
MD5
a8f21e3da37bc4c468ae9d303bba3daa

SHA1
d65276bf8cc81b03b431ff78f94c5db8fc275c3b

SHA256
56eb6155aa79d112d09c33c504e7a1d8bfcce43ad482d4ffe46d8801f196e121

SHA512
d83fdaf002400b414f0f447c5feb338a233c50f67fc5fb3decda7752bb04df5d75743648d2b44863e63c223a1ed52def22406adeb3517ef467b0deb6cc1fa019

Download Submit
/data/user/0/jsn.naturephotoframe/shared_prefs/jsn.naturephotoframe_preferences.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit