Analysis
-
max time kernel
3058743s -
max time network
153s -
platform
android_x86 -
resource
android-x86-arm-20220621-en -
submitted
30-06-2022 19:41
Static task
static1
Behavioral task
behavioral1
Sample
428d301e0b7fdc79a290e520df41bad17ccdb3806111defec7cba3c11e7cdc17.apk
Resource
android-x86-arm-20220621-en
General
-
Target
428d301e0b7fdc79a290e520df41bad17ccdb3806111defec7cba3c11e7cdc17.apk
-
Size
1.7MB
-
MD5
b285ea9053987bc1ece7091a4ac35d86
-
SHA1
362deaf935cd6eea2ca95c7e80d501a7c4471975
-
SHA256
428d301e0b7fdc79a290e520df41bad17ccdb3806111defec7cba3c11e7cdc17
-
SHA512
66245bbb92a79a977c82bc475a3d31e8498f62cec2e30f9b3c86072d13c48d6a6a10cfeb7b959fa64fa2ce4f2cae6c695ec162ac93ffcafc56ba978489bc9333
Malware Config
Signatures
-
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.unf.jclunk/files/jie/mjkgrXy.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.unf.jclunk/files/jie/oat/x86/mjkgrXy.odex --compiler-filter=quicken --class-loader-context=&com.unf.jclunkioc pid process /data/user/0/com.unf.jclunk/files/jie/mjkgrXy.jar 4102 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.unf.jclunk/files/jie/mjkgrXy.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.unf.jclunk/files/jie/oat/x86/mjkgrXy.odex --compiler-filter=quicken --class-loader-context=& /data/user/0/com.unf.jclunk/files/jie/mjkgrXy.jar 4043 com.unf.jclunk
Processes
-
com.unf.jclunk1⤵
- Loads dropped Dex/Jar
PID:4043 -
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.unf.jclunk/files/jie/mjkgrXy.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.unf.jclunk/files/jie/oat/x86/mjkgrXy.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
PID:4102
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.unf.jclunk/files/jie/mjkgrXy.jarFilesize
774KB
MD528c339d0a0800ccb6a8c312d3d01b331
SHA16309f3a4de31e1f0bc7e4ec281df23a56670209b
SHA2569b15e107441b7b0475dc6549c54e3f1e3f94ac5b82b382b77a996cc0010436ee
SHA51214ecc030784546df177770da6b3737c0f9c67a8698f2ed2e3078484319647529e86af1271f88582aea27c5d496c4109b9453b42ae2e6741af091792fbd50098c
-
/data/user/0/com.unf.jclunk/files/jie/mjkgrXy.jarFilesize
1.8MB
MD5d88db2192769bc08069d2fe40e15e5fa
SHA1c6c6072d08d4253ac7eca7933b6c6d57852ab097
SHA2569d287594783d910440b474c37c422cbe4c9350277951bef66852131382163ed8
SHA512acfccbabd07bac01d40f937208a2e42980f77330710934c8167e6ab8eb28abe3f4f04c5de598ae97ae48b8d6ddc5c869c90b0e93b794c68b03c62b40d4c1af7b
-
/data/user/0/com.unf.jclunk/files/jie/mjkgrXy.jarFilesize
1.8MB
MD597413a40c359b2d34ab3fa57b316ef4e
SHA13856055c07476710be4a0686dc59e90c5466a06f
SHA25614eb33fc544c8a2e525a3e52dd306ebbaff242d9426f01d2b26db82c83355b16
SHA51231f24aa6d522ea71b2591ddb2b924419610cb1a7ae136bea24f8ffe1fa7aa205f76320cf742e6f10f3fa92381c208a865d6f2dfc8ddd20d5502c87b49c7480af
-
/data/user/0/com.unf.jclunk/files/jie/mjkgrXy.jar.x86.flockMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.unf.jclunk/files/jie/oat/mjkgrXy.jar.cur.profMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.unf.jclunk/files/jie/oat/x86/mjkgrXy.odexMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.unf.jclunk/files/jie/oat/x86/mjkgrXy.vdexMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e