0565fea51c45e4b963ca3a728c0f80c0bb7f3a86aa8fd89d3cd09356d8f8c1b3

Resubmissions

24-09-2022 04:28

220924-e3s1babhej 8

23-09-2022 06:47

220923-hj7wxaddd8 8

Analysis

max time kernel
1763453s
max time network
164s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
23-09-2022 06:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0565fea51c45e4b963ca3a728c0f80c0bb7f3a86aa8fd89d3cd09356d8f8c1b3.apk
Size

20.6MB
MD5

310de0009c04ff6b1cefd99a5941f0dc
SHA1

e1440b9d5df0e715bf23035a5b3c9d1126f48b8a
SHA256

0565fea51c45e4b963ca3a728c0f80c0bb7f3a86aa8fd89d3cd09356d8f8c1b3
SHA512

2d013ba87a0d5ffb6e6d223ad2959ecfd40106d86d043cf208953e1fecf8920eeb9f405810eb8b6e70c4f601bd4ca5ba45e6d8821d27381c3848e61225516d25
SSDEEP

393216:aHQrtsJA35z7A79L+3Gl1mbgafiubcRZfb9T9i/zVN2I+TXnNUKpPbNiRSKcsPJU:GJA35z7c5jjmbBffcHfPi/zVN2IkXmWh

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

qvehs.sybcbhh

ioc	pid	process
/data/user/0/qvehs.sybcbhh/Anonymous-DexFile@4148597691.jar	4763	qvehs.sybcbhh
/data/user/0/qvehs.sybcbhh/Anonymous-DexFile@4253453775.jar	4763	qvehs.sybcbhh

Reads information about phone network operator.

qvehs.sybcbhh
1⤵
- Loads dropped Dex/Jar
PID:4763

su
2⤵
PID:5105

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/qvehs.sybcbhh/Anonymous-DexFile@4148597691.jar
Filesize
2.6MB

MD5
1a20619bf7e857b97baeb20cc46e788c

SHA1
1d9fc09fa4508d4d96fd5953fd22f3b095a45d2d

SHA256
b05aa20b04b1c0c8f060e3eb6cb8e7bf70d605111b22f69e9c84a40c265b1c20

SHA512
1556bb63dedf6e48b95177eb845c4ffb1ab0355f67dd03bcd59b6eb74134a98e00a3a6de81a9d0e076a32bd1aa233f586555538e2334e13d22c4681b1cfbe4a8

Download Submit
/data/user/0/qvehs.sybcbhh/Anonymous-DexFile@4253453775.jar
Filesize
1.2MB

MD5
7966b622501444be4717bccbf53e2a02

SHA1
fcdc15d13ac100549004ee331bf051f3bb5b4521

SHA256
57ecfa98026ceed713a4c437bacbed2f2f3716ecf36c44f122e1d6c06ab58ae0

SHA512
67357f5c472d7a750f21cd908196bb6fb76b6fd8989c2d8a2bb55306f5dcd2b6a820273d3814c0e87d9f0d8c59ea8b7dad697bd6b748e499caec3ac47954e8ba

Download Submit
/data/user/0/qvehs.sybcbhh/databases/SettingsDB
Filesize
920KB

MD5
f9e0041bd50aeb2aff54cd0ccb2ae81e

SHA1
f11d99e764c3eea5c3572369985d16d007a5b8ac

SHA256
2cb11628da017aa7f8f8e6e7fc653ca0ecb1a0bf362b3f0c6bd008e321aad796

SHA512
c9fee27c4b799dbfd5f539efa18b429e5025bf46a1f775faa92ee6b74341435d0ba5a82a8febee6e1d814d26e75ca75d64f65ae2410c4dc8c62e54cea94404ec

Download Submit
/data/user/0/qvehs.sybcbhh/databases/SettingsDB-journal
Filesize
1KB

MD5
719bb66bd97c69fe17a9cc8610144a5a

SHA1
8527739f53bc4560afc6acf97ab6c4b1477827a9

SHA256
ae1edf31e22bf71fed4a27c424f9b6312333e772e3422c69d07027fac2526c3c

SHA512
11819e351ab3cb3aa8c720852bbcb2d1ee67113219f5e85acd3e116c86baa61c03280b30f251bb322bc1749714422ed114f5c231026baae20ebb08a820241e38

Download Submit
/storage/emulated/0/.am/dm/md/main.md
Filesize
2.6MB

MD5
c33da90c6e6bd2508e92e3aa3625b54d

SHA1
7e866ad01fa9eb67b0ab9fea30577f17a0cde60b

SHA256
0f511d6b026c51fde3627f5a3279f30586c25ed4a00a17cfac291091f20f4af0

SHA512
97b6a0a2435253ca67a547637d1ace271c187db5d463cff1410ba46fb6f10238896f5a914fc4c009488d588211dee2f6141d7003f58daed35c41133838f3f18e

Download Submit
/storage/emulated/0/.am/dm/md/main_tools.md
Filesize
1.2MB

MD5
e294a13036c08d9699255b1443bd22bb

SHA1
4dcf9b92ddfa02eea32f3284b2e6a26df13630e4

SHA256
b5e949d3d4389e472dc0f5b089dd7c1ff996c1cd3c5ab5c18b269c42c57e5542

SHA512
6f945cac9ad0387b3fd6462487ec6021b8dc95446133e0f2eda913960e138c0c430339371d4e0d299a1e20cd1b55a2c1037d5702fa4395e7d50f05f189ec6872

Download Submit
/storage/emulated/0/.am/log.txt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/.am/log.txt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/.am/log_.txt
Filesize
47KB

MD5
a4f09a3effb7e63c69db94d64beb923c

SHA1
b1c66bbed9704df3791891c1b6711eb6515d543b

SHA256
f460da180e2101b25e72e5bf377a8c6366b3aad56bc39d8b421fff182a398f53

SHA512
04e650e8588f2c9d2286c31a092e0b72b3a75fd40bf44b54e1d7135b47ab08f8872a144e4a7b35dee403445f6d4835b08d39a500e5de4c6438114e192a852e79

Download Submit
/storage/emulated/0/.am/log_.txt.zip
Filesize
6KB

MD5
20ad4bb40926ccd477c98bd879e4d7e9

SHA1
ebb0c83e612b0a75073ca5bdfb66d7ce3bdb66e6

SHA256
87e5824f75a05ac159655a96c145a370cb540facbd4b1abc173cac50d057ab73

SHA512
f00a88e6f3b048b80eb9cca6138d306eb7e468270b4d9576fce342e1f5ebeffb907b349df4b278c6f9bcc3539371180a4c12e4bbebf28be4d7c81b73ac1eff33

Download Submit
/storage/emulated/0/.am/log_1663915654324.txt.zip
Filesize
217B

MD5
8d84a9a58e800e634aff5c13263564f6

SHA1
b45ac1ab8fea34010e5d1c12a22265ea8e6ee006

SHA256
4ad1864b62690b0794fc75221d4f70937d84abe44f9bc3051ec23289b92eaba5

SHA512
079c093d2e011f5dc1e2671ee55faba51650bda139e89cf5cdfe57fbea97cc55353dcda4cb4b9402c96e2d0b0badcf39c29683645406019f20725c27b97cca67

Download Submit
/storage/emulated/0/.am/prog_class.name
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit