5743b6b5dc7285aa0cec153ea9a8f0745f361312a80e1c07fba2be5c3b40b7e5

Analysis

max time kernel
2201767s
platform
android_x86
resource
android-x86-arm
submitted
15-10-2021 09:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5743b6b5dc7285aa0cec153ea9a8f0745f361312a80e1c07fba2be5c3b40b7e5.apk
Size

6.6MB
MD5

dda4d01b8986aa0e22d01f8e8202d5e2
SHA1

fdca55f17935e75785943e9fd2f9bd69e4df5c1d
SHA256

5743b6b5dc7285aa0cec153ea9a8f0745f361312a80e1c07fba2be5c3b40b7e5
SHA512

38a13f7a73526b79b30160f70dfdbc13ad405459de8726be06b25e708580eed132e794c1d177e1bfb98a97b44a68ee7478500e776f6a21aeebd9f85755792501

Score

7^/10

obfuscation

Malware Config

Signatures

Loads dropped Dex/Jar 4 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatcom.fzbnyenirzcfjy.ckqijaw.brt/system/bin/dex2oat

ioc	pid	process
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/base.apk.classes1.zip	4980	/system/bin/dex2oat
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/base.apk.classes1.zip	4842	com.fzbnyenirzcfjy.ckqijaw.brt
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/base.apk.classes2.zip	5005	/system/bin/dex2oat
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/base.apk.classes2.zip	4842	com.fzbnyenirzcfjy.ckqijaw.brt

Uses reflection 16 IoCs

obfuscation

Processes:

com.fzbnyenirzcfjy.ckqijaw.brt

description	pid	process
Acesses field dalvik.system.BaseDexClassLoader.pathList	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Invokes method dalvik.system.DexPathList.makePathElements	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Acesses field dalvik.system.DexPathList.dexElements	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Acesses field dalvik.system.DexPathList.dexElements	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Invokes method android.app.ActivityThread.currentActivityThread	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Acesses field android.app.ActivityThread.mBoundApplication	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Acesses field android.app.ActivityThread$AppBindData.info	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Acesses field android.app.LoadedApk.mApplication	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Acesses field android.app.ActivityThread.mInitialApplication	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Acesses field android.app.ActivityThread.mAllApplications	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Acesses field android.app.LoadedApk.mApplicationInfo	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Acesses field android.app.ActivityThread$AppBindData.appInfo	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Invokes method android.app.LoadedApk.makeApplication	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Acesses field android.app.ActivityThread.mInitialApplication	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Invokes method dalvik.system.CloseGuard.get	4842	com.fzbnyenirzcfjy.ckqijaw.brt
Invokes method dalvik.system.CloseGuard.open	4842	com.fzbnyenirzcfjy.ckqijaw.brt

com.fzbnyenirzcfjy.ckqijaw.brt
1⤵
- Loads dropped Dex/Jar
- Uses reflection
PID:4842

com.fzbnyenirzcfjy.ckqijaw.brt
2⤵
PID:4980

/system/bin/dex2oat
2⤵
- Loads dropped Dex/Jar
PID:4980

com.fzbnyenirzcfjy.ckqijaw.brt
2⤵
PID:5005

/system/bin/dex2oat
2⤵
- Loads dropped Dex/Jar
PID:5005

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/MultiDex.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
3236306254c3f685f8291b569eb13664

SHA1
a899040ed74f22d07087de6e619aa5adeeda774d

SHA256
019126f14746d4ab75ed6b080b2ee43eb58a4801db4e8820c082410270ff5bae

SHA512
eaf8e006cd17c8500533ff24cb0134f8cc008462766951b138e823cde26ec88367b6e273defb16c3c146988e818c3d4603bc3f3e76be3927ce4c708eb6f49fc6

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/base.apk.classes1.zip
MD5
d391ae37799cec333014b1da50a70d9f

SHA1
ce7846d945679813861c166fcaa781b065e692e5

SHA256
5d009dd52d5e8128063b8f7e32c7c92a0a0141b94befa5ba4bf9257013eda375

SHA512
a70c25deea1b6e6b8f215666ed6005744aa2dca800876cce36925e71f4e6a0ccc54a0a4866e12e8dc33329dd7435424e54ba2bf2bd8cfa47f328afe716b74754

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/base.apk.classes2.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/base.apk.classes2.zip
MD5
1b1e986a6d064ab43004b1eddbcadfe2

SHA1
d7718e1eda901fac9784ec4b57eb94fc812ca33e

SHA256
72cb043e5f4c4dc63b45fb350e66ba812d79622eb821f0b10759e759bb5cb107

SHA512
7889b106ecb746b89f8589f36dfe01c466c48e5c9ebf5bfae0e112e6859e9e72683b4fb78223d93cca7d2cc488b76dd7fe0d4a8cb089af955cd93b01bc837b2c

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/base.apk.classes2.zip.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/oat/x86/base.apk.classes2.odex
MD5
316c67770105c792ade8573b3f46da10

SHA1
32665e75e42da7e96b6a545f1f145e061aebc774

SHA256
9d55ae1f3de6a3daa5a898b05f2332face6e9ef64dfed61c37b6a3c3170faab4

SHA512
38e8ea827a9c237af2d1da69cd799589932301715d27a2bfb777c5a75ad16dd76707dd7a28a1823fb20672e64ceb405ffcbc07f88de45d8b0a67b8a3b7dd303e

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/oat/x86/base.apk.classes2.vdex
MD5
5a8aef1a44bfad488146f2002695141d

SHA1
c2ce502ca208dad6f2b085c0c78db02571457efc

SHA256
834298c9c609e7e22b95e77ad8abc021839ebeef6dd7c99d434fe14ce3fb7160

SHA512
8c873635c76dd5453a0d68dbab2803408004e59d8669d7193673a2c8e694a7dd128860aac6cf895ee196e59795b3632530dbf0e88c4a521fa0ad09b0ef3a5bcf

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/tmp-base.apk.classes8507600672220195429.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/code_cache/secondary-dexes/tmp-base.apk.classes8816906142142587450.zip
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.fzbnyenirzcfjy.ckqijaw.brt/shared_prefs/multidex.version.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit