Analysis Overview
SHA256
bc76d2dd80cec82bcd2f18320cf880013bd6069e6c50f22948da0adf5301fa47
Threat Level: Known bad
The file 9afaa372d732d9a920e8dc68ccc243a248f839f52dac33da41f69f2ba0941906.zip was found to be: Known bad.
Malicious Activity Summary
Hydra
Requests dangerous framework permissions
Loads dropped Dex/Jar
Uses reflection
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2021-08-17 17:02
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2021-08-17 17:02
Reported
2021-08-17 17:37
Platform
android-x86-arm
Max time kernel
1429241s
Command Line
Signatures
Hydra
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.lxqbcgkl.uzkzdvx/code_cache/secondary-dexes/base.apk.classes1.zip | N/A | N/A |
| N/A | /data/user/0/com.lxqbcgkl.uzkzdvx/code_cache/secondary-dexes/base.apk.classes1.zip | N/A | N/A |
Uses reflection
| Description | Indicator | Process | Target |
| Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE | N/A | N/A | N/A |
Processes
com.lxqbcgkl.uzkzdvx
com.lxqbcgkl.uzkzdvx
/system/bin/dex2oat
Network
Files
/data/user/0/com.lxqbcgkl.uzkzdvx/code_cache/secondary-dexes/MultiDex.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.lxqbcgkl.uzkzdvx/code_cache/secondary-dexes/tmp-base.apk.classes9081640909788358245.zip
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.lxqbcgkl.uzkzdvx/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.lxqbcgkl.uzkzdvx/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex
| MD5 | dd9eb10d80a17a96404e9dfdc7eb4896 |
| SHA1 | d9a121d4faa36786bcd04c61d4e0dd9ba40a69ae |
| SHA256 | b3739c569457ef3ac447ec1d34b7b7fe21115bd395c3fb258d19e41c1e3dccd8 |
| SHA512 | e2d8eac28e123391041279e001454dc532a992cd2fa39b3f4e3db6f4b3f7dae317226b8a610cbe6c71c135bb6d1b0006d39024767d3a26217734407f0a56a241 |
/data/user/0/com.lxqbcgkl.uzkzdvx/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex
| MD5 | 5484e11df82cd12a86a2e2e5b09adf36 |
| SHA1 | e9b6d7492b33ff49d7cec984d311e88d64ac263a |
| SHA256 | c72778ceb0dbc3ecd6bcf04feeb56920c37fdb858ef7e1ef69f20c5bd8f24855 |
| SHA512 | f30918226caaa394f9c1d854616f69c5e3f749ec29c91db044e10da62ff25b2c523d3f94be15b6c66fef9baa366d82e7825299716aee39e066133cf5c53bb944 |
/data/user/0/com.lxqbcgkl.uzkzdvx/shared_prefs/multidex.version.xml
| MD5 | cd5c64d9ebd6cb1b00cf90fb59e9fad8 |
| SHA1 | 4021e0f5704eecd3c8ab2773878661e58d7c8b57 |
| SHA256 | 8cffd9462ad043b71e44a06e883f89f89a6d3f06a48ea4a4f5008071d4fadcf2 |
| SHA512 | 1aab9d9260cb1f246629e6c57f154aa3b3500e1e40d092533e9d6c9f8ff174261fa89334788a66cdaa143d0b195db18738e478914652164fc05ffa76050de8d9 |
/data/user/0/com.lxqbcgkl.uzkzdvx/code_cache/secondary-dexes/base.apk.classes1.zip
| MD5 | 2632f6f25810c1fd6cee492757827a43 |
| SHA1 | 0e20abd06c5595b6864255ff40b2b4cff348859f |
| SHA256 | 9cfdabe0df59ff328cb595123437ce4ffc344b75a7442435ce80dfea5ee499e5 |
| SHA512 | ff341b30dee455e7342ad7b80bf8a1aea8b5e397b61082c35b1a371b7920df0b51fed4f64cc0fa1c083bbd62f2d4835f48a0d283bc0c0ac73199c1691fc7f87c |
/data/user/0/com.lxqbcgkl.uzkzdvx/code_cache/secondary-dexes/base.apk.classes1.zip
| MD5 | 7195b1299806d409d6dd8e0218f5f0ae |
| SHA1 | 773ecdbf524f3f1d25b9150907318f79702c2db9 |
| SHA256 | 669fb2a207c8c7cc76b19faa3516fccb689bd2f6fb730234aeef8b4fcdadde29 |
| SHA512 | 294d0beb255bb0ee83ce00f6839b8f7a285c0c797661a9bf5fbd96dd4c4da69fff3f46cd712dcdcdf89b60d75c09c95ab44118b8fe72c1b17d9a2baba219b577 |
/data/user/0/com.lxqbcgkl.uzkzdvx/shared_prefs/pref_name_setting.xml
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.lxqbcgkl.uzkzdvx/shared_prefs/prefs30.xml
| MD5 | 1c6b6a6a91f2ccf7ac553f9a439ad69e |
| SHA1 | 270b45bc1c3255f95fecf8bfa85f7dbfc8fb5748 |
| SHA256 | a7958ee3107cac53056bac67328f317cf9e3aaf4533e1072f0c4f0334ebbffa6 |
| SHA512 | 8a61fcab1bc82977f72af693d4a749ad41df81a9a9c6eaafee0f4ffd36a34f069a259c6b20046a8bce58a6eab526df122cb82e8d093be73cf5ff9d41e489bf8e |