0d1c4bb5586301c5ebe81498a8150b12046da79ecfacb880afbd57e994c62b81

Analysis

max time kernel
3053892s
max time network
143s
platform
android_x86
resource
android-x86-arm-20220621-en
submitted
30-06-2022 18:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0d1c4bb5586301c5ebe81498a8150b12046da79ecfacb880afbd57e994c62b81.apk
Size

2.2MB
MD5

94ecf79db32c23131428073f6260568f
SHA1

0b28e791224465b1be2ca2e2ce69b3620b73f8c6
SHA256

0d1c4bb5586301c5ebe81498a8150b12046da79ecfacb880afbd57e994c62b81
SHA512

bb0d8b89a550717d2b5ec2fcc5bc42c1a0e99a7e43f735470296bf114e23890f17a9a82ef88c4ce30b8be33dddaf7b38addb433321bc634a2a6a3db68feed1d2

Score

1^/10

Malware Config

Signatures

com.dfyre.fydf.geyhe
1⤵
PID:4558
- /system/bin/sh -c getprop ro.board.platform
  2⤵
  PID:4776
- getprop ro.board.platform
  2⤵
  PID:4776
- /system/bin/sh -c type su
  2⤵
  PID:4886
- logcat -d -v threadtime
  2⤵
  PID:4942
- /system/bin/sh -c getprop ro.miui.ui.version.name
  2⤵
  PID:4967
- getprop ro.miui.ui.version.name
  2⤵
  PID:4967
- /system/bin/sh -c getprop ro.build.version.emui
  2⤵
  PID:5016
- getprop ro.build.version.emui
  2⤵
  PID:5016
- /system/bin/sh -c getprop ro.lenovo.series
  2⤵
  PID:5088
- getprop ro.lenovo.series
  2⤵
  PID:5088
- /system/bin/sh -c getprop ro.build.nubia.rom.name
  2⤵
  PID:5131
- getprop ro.build.nubia.rom.name
  2⤵
  PID:5131
- /system/bin/sh -c getprop ro.meizu.product.model
  2⤵
  PID:5171
- getprop ro.meizu.product.model
  2⤵
  PID:5171
- /system/bin/sh -c getprop ro.build.version.opporom
  2⤵
  PID:5262
- getprop ro.build.version.opporom
  2⤵
  PID:5262
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
  2⤵
  PID:5344
- getprop ro.vivo.os.build.display.id
  2⤵
  PID:5344
- /system/bin/sh -c getprop ro.aa.romver
  2⤵
  PID:5393
- getprop ro.aa.romver
  2⤵
  PID:5393
- /system/bin/sh -c getprop ro.lewa.version
  2⤵
  PID:5437
- getprop ro.lewa.version
  2⤵
  PID:5437
- /system/bin/sh -c getprop ro.gn.gnromvernumber
  2⤵
  PID:5462
- getprop ro.gn.gnromvernumber
  2⤵
  PID:5462
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:5494
- getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:5494
- /system/bin/sh -c getprop ro.build.fingerprint
  2⤵
  PID:5520
- getprop ro.build.fingerprint
  2⤵
  PID:5520
- /system/bin/sh -c getprop ro.build.rom.id
  2⤵
  PID:5544
- getprop ro.build.rom.id
  2⤵
  PID:5544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.dfyre.fydf.geyhe/databases/bugly_db_legu

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.dfyre.fydf.geyhe/databases/bugly_db_legu-journal

Filesize
524B

MD5
18858e0048cd2d531bffe657f8737aa9

SHA1
a8720007d30c3d52f9c63127f66702ba2379cfaf

SHA256
6a82169de2ce50ca577c0b826db96abfc1fad5f354f8a0b755e25bda9090ded5

SHA512
6b604fbedacbf02095cd2f6b523f0652f2858071a4c47a060698ac826843b24b35770cd843237d16eaf8a288136aeed4ab5561f29263d6655e4ca800d94dcfd4

Download Submit
/data/user/0/com.dfyre.fydf.geyhe/databases/bugly_db_legu-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.dfyre.fydf.geyhe/databases/bugly_db_legu-wal

Filesize
217KB

MD5
7be6bbc836d244c5eddd476f8ba5ddc4

SHA1
a2127a684cfd777fe79c3cfe5228b4d94ab13459

SHA256
0d84722b413ae95f5bcc23a11a075e1b6c31d6bdb6ab28c95249a21789b25380

SHA512
aa222510b3152af9ecb7d0a176e0eb6e23c801c212a553772b799a57dc869b121c3fdfb8043fad2e6154c4b683b89dcafe704edbe185cbbb01f4bc8ad07dab99

Download Submit
/data/user/0/com.dfyre.fydf.geyhe/files/local_crash_lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.dfyre.fydf.geyhe/files/native_record_lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.dfyre.fydf.geyhe/files/security_info

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.dfyre.fydf.geyhe/tx_shell/libnfix.so

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.dfyre.fydf.geyhe/tx_shell/libufix.so

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads