3c8cbc0eee561d10f00ed1ccf41bd5362a30f7a5dd86671fd6e2747e3ca6850a

Resubmissions

09-08-2021 13:40

210809-fg395etqkn 8

09-08-2021 13:28

210809-1c1pq6ena6 8

Analysis

max time kernel
724065s
platform
android_x86
resource
android-x86-arm
submitted
09-08-2021 13:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Kurulum.apk
Size

1.5MB
MD5

4c4a54f5d332a62263fb6f43baa3dc47
SHA1

5c17330d240a4dd100521fd034bbef19e531468a
SHA256

3c8cbc0eee561d10f00ed1ccf41bd5362a30f7a5dd86671fd6e2747e3ca6850a
SHA512

fa3cacaf6de88cd349d1ec6d528f261a566f8b3fd951045be1202b1a93ce8d25f9de038b144b1413f12db0430bbf27496ad8d51a8d927f550f4f0ae6acd20e03

Score

7^/10

obfuscation

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatcom.xjgwim.lrhgxozg

ioc	pid	process
/data/user/0/com.xjgwim.lrhgxozg/code_cache/secondary-dexes/base.apk.classes1.zip	4728	/system/bin/dex2oat
/data/user/0/com.xjgwim.lrhgxozg/code_cache/secondary-dexes/base.apk.classes1.zip	4680	com.xjgwim.lrhgxozg

Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.xjgwim.lrhgxozg

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.xjgwim.lrhgxozg
Uses reflection 1 IoCs
obfuscation

Processes:

com.xjgwim.lrhgxozg

description pid process

Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 4680 com.xjgwim.lrhgxozg

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.xjgwim.lrhgxozg

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	4680	com.xjgwim.lrhgxozg

com.xjgwim.lrhgxozg
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:4680

com.xjgwim.lrhgxozg
2⤵
PID:4728

/system/bin/dex2oat
2⤵
- Loads dropped Dex/Jar
PID:4728

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.xjgwim.lrhgxozg/code_cache/secondary-dexes/MultiDex.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xjgwim.lrhgxozg/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
fe62e6ce26a8b7127ee76c5f34a9c770

SHA1
95483b0b31212cae9f1481fabff3577eb7342310

SHA256
183eb311a4242a218b3b305102439726d3fdcd344a8d6e3a186599c8426e06bf

SHA512
d7361035684609a78e09f6b1db13d3802b5568d0f745612ad278a5e6643ab3dd24d3d12da6eeceb10dc165431ad47fe4d5ee2d36e37ffc7734c95645628374d8

Download Submit
/data/user/0/com.xjgwim.lrhgxozg/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xjgwim.lrhgxozg/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xjgwim.lrhgxozg/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex
MD5
491a0d9fd4106098f0435669fd5544ee

SHA1
20000165041cafa6c6e25432fce1074395d85855

SHA256
78c93bbc4835cff0ce954afbd04a672107cf0aca3e1a0a08ce93c03c4d92bbbe

SHA512
c1c1114482deedb6a953651da7c6e063123d8803886ed6948cc267b003554677823b409cce60c36107728a5eaad6f786341149ee2d0bed912a1685fc94f86109

Download Submit
/data/user/0/com.xjgwim.lrhgxozg/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex
MD5
af15de709c4bec0120a6bb45d24bdc95

SHA1
3663f1481c15dca5ee165d35bfe66afe26a3fb71

SHA256
c235713d5c9b502d0df5366c3723263bffc2631e2539504152d320c1aa6e94ec

SHA512
feab8533b097de47825663993da82125252caeff3618260834c184a37f8766c27db7def1518d074f6858ae566eb2748c6b662c601463b63dc88a733336e55d3e

Download Submit
/data/user/0/com.xjgwim.lrhgxozg/code_cache/secondary-dexes/tmp-base.apk.classes3623363015388290579.zip
MD5
a9a4b3000ad53d97a21efe8843e4a5cd

SHA1
2363062f4881d199f1fe3169ef25c1cf8961e504

SHA256
bdab261b791dbd2b1d489f64756c510c4580f94e92038c7b4b863386ef675272

SHA512
eb2502b924e895a9622e6c9fd98b92068eac3242bef290bf04f68a7140ad4c10c54152151cf90aee4c538a6c1c7b5c2468a7ae60d6398e3f17cb5d8194ad2c6e

Download Submit
/data/user/0/com.xjgwim.lrhgxozg/shared_prefs/com.xjgwim.lrhgxozg.xml
MD5
51c50bca55d911d35882f810c8d378aa

SHA1
0f44f972af079b4c150a01d69967074c4ab6f1c2

SHA256
e476b0e193afd05723ac19ca30a3ebbed2dc9ea4bb81e455afa47855c6a14ea8

SHA512
0337434a905bb444ddfce0c7c467a3a77b4b264fbe34e1b365c23a0044a2b471eea7852cf3a22556e421a8e6d3d9b7b8b34c7f77b2e43d956f136ad1bff20ce4

Download Submit
/data/user/0/com.xjgwim.lrhgxozg/shared_prefs/com.xjgwim.lrhgxozg.xml
MD5
c97663b07c755f5e712ee9199ac92060

SHA1
4ac9b58ec4193b8dc6a716e863b422022fc47ed9

SHA256
53a6c6c75e65241b3bc5a641f837bc84e1160cdcfce16911272e2dce85b4c4ed

SHA512
48f92188b96adec8f6eda0fa0402712509c5837a0e6ce9f854b637c308b3dc070ade6dafdf49fafb5bdf26229248416cae736f5d533b63f051e1f39794e92fb9

Download Submit
/data/user/0/com.xjgwim.lrhgxozg/shared_prefs/com.xjgwim.lrhgxozg.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xjgwim.lrhgxozg/shared_prefs/com.xjgwim.lrhgxozg.xml
MD5
27acd7cc6b5e20b5bce0d45b21abfe3a

SHA1
3624d4c3fe3d7cec8529844a6556dc2598c54694

SHA256
d62e7322c0dc7727805dbf5f1daef20d9273e533c95c5bdde45c7aa86144e037

SHA512
331baa82dbd535299033b8824989b431680654229bd13de463336c8288550bb4092a213344311c2b13a941c850150949ecd9b3a57256d9f1a72998d5035c886a

Download Submit
/data/user/0/com.xjgwim.lrhgxozg/shared_prefs/multidex.version.xml
MD5
4c61e8c34fba7b88ff8966d6854e345b

SHA1
f4b0b761f76420770705679f81a12e300464f53f

SHA256
4d18ff29f1719befe86603b1ec9ec0abca66bdeceaddf8a108bd509e981ec626

SHA512
d198475e74c050067153afeb2438886316e07088a3fca447978d3a636e23d15d0ae75ea302bcf26864605337fc91f38ddca060dc7017a55b4db4e990275baf20

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads