178ab6fa22c3c09b51f2fbc63da79503cfff129306726dc54a0f3f53b4cd26f6

Analysis

max time kernel
3058659s
max time network
13s
platform
android_x86
resource
android-x86-arm-20220621-en
submitted
30-06-2022 19:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

178ab6fa22c3c09b51f2fbc63da79503cfff129306726dc54a0f3f53b4cd26f6.apk
Size

10.8MB
MD5

07c83f10f3551167e344be567df3af28
SHA1

bb06c48fab54ce945231e9753772a163e80b64ab
SHA256

178ab6fa22c3c09b51f2fbc63da79503cfff129306726dc54a0f3f53b4cd26f6
SHA512

4f3d589de1a119458ad5f4ae3f69f18cebc3278ad2fa423914341326676322bc48423116ec53cbdd8c7b352dd30275ba4a498bde56944e6a8bd0895234550ac0

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 5 IoCs

Runs executable file dropped to the device during analysis.

Processes:

cn.lieying.app.readbook/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/cn.lieying.app.readbook/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/cn.lieying.app.readbook/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&

ioc	pid	process
/data/data/cn.lieying.app.readbook/.jiagu/classes.dex	4044	cn.lieying.app.readbook
/data/data/cn.lieying.app.readbook/.jiagu/classes.dex!classes2.dex	4044	cn.lieying.app.readbook
/data/data/cn.lieying.app.readbook/.jiagu/tmp.dex	4044	cn.lieying.app.readbook
/data/data/cn.lieying.app.readbook/.jiagu/tmp.dex	4164	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/cn.lieying.app.readbook/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/cn.lieying.app.readbook/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
/data/data/cn.lieying.app.readbook/.jiagu/tmp.dex	4044	cn.lieying.app.readbook

Reads information about phone network operator.

cn.lieying.app.readbook
1⤵
- Loads dropped Dex/Jar
PID:4044

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/cn.lieying.app.readbook/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/cn.lieying.app.readbook/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4164

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cn.lieying.app.readbook/.jiagu/classes.dex
Filesize
5.9MB

MD5
1a4881d393c7e00030be9d52b73d02db

SHA1
1391247e1fa9635c5d4e5f648b295cbfd9eefb4e

SHA256
c36cbda4f8b210415fd80af421aa8f866f9f6692b8f4e9067dfb659c3addb98d

SHA512
67e931fbdea6dd70ec0aaba9f4b8a48d350f098a77693e1bbef1e182184c2feb681ca0f5c385625b63d00159aca3345292e9a8ac9c36af7415c4db37f4e5d75f

Download Submit
/data/data/cn.lieying.app.readbook/.jiagu/classes.dex!classes2.dex
Filesize
2.9MB

MD5
7aaa6490bc94e75e068d430200e1a11e

SHA1
c66d938178cdbec4ec725a632a8166772af87462

SHA256
c1d8ef3152651fe1ed06063d9be6ca83197e4c9fe70cab2d98971223acc3c1e8

SHA512
9b8059e886eada2851d15b7d62c2afcf53b7537fffa222a3723428e30e4f6f8ac494ca95080189324db184e38ec2e4742655a75cb5810a2705520cfa39336307

Download Submit
/data/data/cn.lieying.app.readbook/.jiagu/libjiagu.so
Filesize
475KB

MD5
5aea02f4e4c77fbf2e7a27f7ca9cc06b

SHA1
522db1748608e9173547b29b7aa82ddc3542c534

SHA256
5a1c513b347e2a929769e2be67552c1d591704f08f7b5590282b66cc2c7d7bd2

SHA512
5c979a11f5e896829db906f533756efc1cf3c5a7e35ecc9e376a0aae818f2dada013441649feac2e188bd51affbbf35156e32fdc6552e185bddbc547f3850316

Download Submit
/data/data/cn.lieying.app.readbook/.jiagu/oat/x86/tmp.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/data/cn.lieying.app.readbook/.jiagu/oat/x86/tmp.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/data/cn.lieying.app.readbook/.jiagu/tmp.dex
Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/cn.lieying.app.readbook/.jiagu/tmp.dex
Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/cn.lieying.app.readbook/.jiagu/tmp.dex
Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/cn.lieying.app.readbook/.jiagu/tmp.dex
Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/cn.lieying.app.readbook/.jiagu/tmp.dex.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/data/cn.lieying.app.readbook/files/.jglogs/.jg.ac
Filesize
32B

MD5
df56b5cfa253bff45776ef14c73b22f0

SHA1
f207fe2d680b947ca21ced40b70413848c07122a

SHA256
473bf295046abe1e4bddb08298ba45c30be05e8790637cbcfdc820c1a7a2c1ce

SHA512
7da9d8c03ecc6de8e53be80fb81f40ed6ac673c7d7387608393b03f3409ad15c669b00b03c317ea272b5f801a0556de4809bf4c8e68f835feec4d7449ebfebb2

Download Submit
/data/data/cn.lieying.app.readbook/files/.jglogs/.jg.ic
Filesize
32B

MD5
cbdf2fec251197b973a02050e9af5338

SHA1
cdcafada9d66aedf3e07a00b58799570f635a90f

SHA256
6b47cfe505a5d695d34c6eb9f5e0b33a75447c4195609bff4908112a70cca1ae

SHA512
732f61a3e58c5af8759d26882a09041c75ce6916e6eb2def87a6b44b9af079a6afd036461f9b9c32594ccee216def048f1d30ccfc8ec431d49f8c9b28670add9

Download Submit
/data/data/cn.lieying.app.readbook/files/.jglogs/.jg.rd
Filesize
105B

MD5
d53720c73612b1086f8317836c08b12b

SHA1
90c7e5dff84b08fd37a467fc0be0f79f8149efe4

SHA256
6fbcf883870253637e3ed61cce507e34f56f8b61c05ee64ff6d4924eaeb3bcbe

SHA512
067f829cae97a8e3ece58d86a1631147db3cc915ff928b61e8b4150412dba44498f64fed7dd57ff7e7d0d4d34708cadc796c3f1b05f1601f5c1c24e44217376c

Download Submit
/data/data/cn.lieying.app.readbook/files/.jglogs/.jg.ri
Filesize
646B

MD5
0053a87b40600fe7792564aa15cd6e23

SHA1
166c599097b1fd1c86b908e64aadfe0e0af78677

SHA256
6bcfd8f6eb7c17297b5d6105aae98dbb7ee375fcf2cc8e93559cdcd69764459e

SHA512
410bfb02ba87ba81a70eddd860bcbb6e146398cef22eeac892684acb472a905a4912ad1901b282ba961fb034fe54e2e263ace59573ad45605eef51ece56bb6a4

Download Submit
/data/data/cn.lieying.app.readbook/files/.jglogs/.jg.store.report_pid
Filesize
32B

MD5
bc6e795cda3b20b7d0b74143fb616e4d

SHA1
251d04d843f33b9c6753c6c73a82cf778b93ddd0

SHA256
f5d2ecd2265be406e90ecbb07eb8232bb88cf86db11a6966f4f62a67b8e7ba06

SHA512
4bb2c8cf063270690022bedf1baba751644926b91125e421eb956b6ab7e6780508002b855e3ff8c25bc84499ab08d04b60d7a8d6ac6bdda127b7b0fa22b4758d

Download Submit
/data/data/cn.lieying.app.readbook/files/.jiagu.lock
Filesize
38B

MD5
42a4323fe3d46fee12f4f153dffdf6c7

SHA1
7d9c7c3812ef7400b8e19f8ac893895b9ba1e67d

SHA256
184bbf0671d9ad6223606f507df9c39db3035805d3dd979b425043ecadc6ef6c

SHA512
3fb806ea9a7ce2324d0da9d2277857c323e9ee7960c523e0af4045a961ad1257967164a6811a35979b3d7490543a7c2134e137b0c74d49e6a57394e9a093b125

Download Submit
/data/user/0/cn.lieying.app.readbook/files/libcuid.so
Filesize
129B

MD5
5c5255b52854d09cbbe9e8b786cc2b31

SHA1
da9637a45f726836c38a328976c31a0e5d02b3e1

SHA256
8f8714a4cdd3bd4379dbe765d45f36ea14291abb0f41ad87b674a0e102ed87d8

SHA512
3c307cb9e7d5a514e994503deb787cc5e5eb5a5ff71dc53b8a680a91cb25c49659b72d987cbb658fbdf16fea8741a96fe2dea8ae079a65863f1d97f5c110eeda

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/PreferanceUtil.xml
Filesize
120B

MD5
cc9a89efd437686c99ea5643b3fd4d0a

SHA1
d1b57c08b77d6f127828b3fe259e5d5e905b8fb4

SHA256
45e505c35bef4f6706fca79db6b8524de0268d46a76e30e0b41a5aa293e8e3a0

SHA512
d281a88ecb72f3f30144527fa62518b5f5357af918f4fabf6ee4084a22b269341387e95c059fc1f68458f174d6436dc93180648081c100f0385558281340cac0

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/PreferanceUtil.xml
Filesize
165B

MD5
01e8a5c2f200ba11e18a9b5b3972559e

SHA1
e6c28f6f949843b631880a72be59572b5c2f06de

SHA256
79b1f940ca96d66b89aeb5adccc0775152f65421033a436a6070495ea024ef93

SHA512
b1492205aaf8e097a7ad5863fe8320aed66cc989900460bdeb5fff1cd5b81ebf9537cb7e8df39a060f0628db5f40a5708dbb9ffe5849d7237bed43468e7e4eaa

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/__Baidu_Stat_SDK_SendRem.xml
Filesize
127B

MD5
8556a96b597a5dee1a165185b7904432

SHA1
fcdfdbd8b260c4d236c1a31837cff7c9188f723c

SHA256
bf60fa554d3efac7aa66b1a320ea23324052723c51641668a023b3d704ccbd95

SHA512
e22c74dbc20e92b7bcafc39d094fcd5de02658a4d7401699b851e6a1e3073bf6ba0204ac0aeffc8a4f538046a96e780496becc6139ed9253e69c5aa32ee01655

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/__Baidu_Stat_SDK_SendRem.xml
Filesize
182B

MD5
b573b49cd5fc49ec980a3bf2225fa571

SHA1
334b0b5e32d45013acb9fa3a7f2187c9a9bba566

SHA256
844e2beaacbc56e7e6dfbe6c3d1bd30c4f697901714f26bceef37e2a45f3c47e

SHA512
a0e0238aadf41f11add73243f7a63b0c41c53b3051f3d6cdefa6f43c2b99aaaf616e331454f8927ea60753acd2b8938d6291eed988fa7b4d3fdd26ac3d669bbf

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/__Baidu_Stat_SDK_SendRem.xml
Filesize
250B

MD5
a2a8d00b69f544095ef8c9e12f0e6d5f

SHA1
15a5e5fc838b91a27c38225457363bad9fa3e173

SHA256
1fbc35172e59e8d5fc281c12cda530b9f520d1ffd4a1115cb8e21e969fbbc704

SHA512
b44bc953b2a65b0304aea33c4a05578c59a19167474853c7308d73accdbd900e6d98ef4e21c1be90d9d5b672757aa46f4c8d7d23b71496d723568a58ded25d38

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/__Baidu_Stat_SDK_SendRem.xml
Filesize
377B

MD5
0b52f26e4f98d1da46b533391e31c25e

SHA1
98c08aa1e4e709034eeffddac24acd933f3ecaa2

SHA256
9c58e2461c10dc5737f0d3ba7b24b7cf0e0bd312e2cc77660c0600362d6a1794

SHA512
9f11849057e5c363659cfb3e89616c41edb9963e4e8e178f897cf0944f2e2e5e594eeb125a1aec29435ab7e5a8db3736e45b735c1d970f6dc81266f1510ce15c

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/com.aikesi.app.DEFAULT_PREF.xml
Filesize
135B

MD5
4dcd734b22b8918ae2b52919e4a586c4

SHA1
35efb5c89affdb0435701e6bcffc0df7a24dbbf1

SHA256
1f1b6e578591ffba967b8bd98e175ee435f8f60e52b8acad12967b0ee04ffe03

SHA512
7daf974276a08fcc024d8513efc807edf34de93bcc44f8b85733531d70334dd62fd70cd218982817cfffa1c8cbb471a6057b7526cd442a80ceaf4092a399597d

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/info.xml
Filesize
400B

MD5
9a6551d98154f5fa281a97a510ea3a5d

SHA1
cd598668e528d7280fa849d12a54575e93ea77a7

SHA256
05b54a1f1bc1174ef1058fa61c094f38a6e27e9f97addecae27f0094be0a432c

SHA512
ee0e195aedfff17d5adc278a6bbe17724739e6a64c9459bb67147c49d145d338a96c912bc0a35ea61f5c2a3473773388f9a3eac9de5d960e1f8070a1d7c4dfb4

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/umeng_common_config.xml
Filesize
111B

MD5
555033e7a2421cedb3267fc69e321daa

SHA1
83fd989448c2dd4b806302662a17bc055c8e0750

SHA256
29cfe79fffb066efe615d82c5f98b68deeecf83a34f6499dda311f55964cb0ec

SHA512
a10c8ba0eacb9cca2bfd378f94c5cfbc30a9f90a83451438ba805a7e93a63e893d25fa38b501b696aabd044bf8847a923aa165eb1990f330534f3f37fd25bfee

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/umeng_common_config.xml
Filesize
171B

MD5
da94d51428cf06b6f68bd37eccfd3447

SHA1
c50ee52cfb61162c7c4936f4ca110f9b3133d52f

SHA256
9db806f7d13d8dbd59143a0f232e45d55af5e9ea393cad277aec5fc886ac86e7

SHA512
6d820e6283da5c3785c99b6493497438c4b2f55432e00d3aa16f1a874565f4e7ba1f182bfa169dafb5f9e4362e6528cf2458a7b7dcd8daaca86b8edb0f0dbcdb

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/umeng_common_config.xml
Filesize
236B

MD5
f104d954ec8206fc790959d6d4f0244d

SHA1
fcd7cf62fae96511f435bbc15cfe11763ca1bfb2

SHA256
58e3d9665a290870cdab80c5815353bd04d43bf3700aea671430b8b33a393b3a

SHA512
1138d7765a637a3270c4fd9903bff3a5ba4124f1cab812ebbc7dffbadbcf0e326885e39bbaddfe034b802f6170efde33a01b8eaa3f6ccaf2d77f3ce7b5c9c411

Download Submit
/data/user/0/cn.lieying.app.readbook/shared_prefs/umeng_common_location.xml
Filesize
390B

MD5
4fafdad6cb45deb64bf13a2b7087c272

SHA1
6f71df0d85fd48ea1d6ce395d87a7290dffd46c1

SHA256
b3e58a2d7b4ea6e49fbdff8f482f9068054c7f351d87a0c467b93590feb80065

SHA512
ab60f703ea0cc39c3b22dab383441435b12a56dea1e4a69e89c3e8a1981e1dee97b5d3cd8d139f2f7a6fb36437cb537f9f33480cf293b8e67ddb3a8a89235e90

Download Submit
/storage/emulated/0/backups/.SystemConfig/.cuid2
Filesize
129B

MD5
5c5255b52854d09cbbe9e8b786cc2b31

SHA1
da9637a45f726836c38a328976c31a0e5d02b3e1

SHA256
8f8714a4cdd3bd4379dbe765d45f36ea14291abb0f41ad87b674a0e102ed87d8

SHA512
3c307cb9e7d5a514e994503deb787cc5e5eb5a5ff71dc53b8a680a91cb25c49659b72d987cbb658fbdf16fea8741a96fe2dea8ae079a65863f1d97f5c110eeda

Download Submit
/storage/emulated/0/novel/channel-ly.txt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit