9133e4470d7f1c8375faa4a5584121bcd30f4b6716da6c39280d25083d8a71e3

Analysis

max time kernel
2843172s
max time network
159s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
24-11-2022 07:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9133e4470d7f1c8375faa4a5584121bcd30f4b6716da6c39280d25083d8a71e3.apk
Size

3.6MB
MD5

86927fcd1511ca96fa5630d3df0a2195
SHA1

ee1dcc6265962b312eba0935444d108f27a13e66
SHA256

9133e4470d7f1c8375faa4a5584121bcd30f4b6716da6c39280d25083d8a71e3
SHA512

2dfc2fe75e376c1bcd254a1ee4d7a1b37b9a446fcd7b7ab5931693992cd413fef2b0e0dd35d0785e3269da2ff44a7c9b0df6092c18682dfecd230e826b938c70
SSDEEP

98304:fLOZH/SJ4+bqWcGS/mr4kx4Ew2Jr1/cS2D4BFlz:z4fSJBbqWcGSOr4s4EwIS4BFlz

Score

8^/10

Malware Config

Signatures

Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.

Processes:

com.poxiao.standalone.llk

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.poxiao.standalone.llk
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.poxiao.standalone.llk

ioc pid process

/data/user/0/com.poxiao.standalone.llk/app_skypush/plugins/com.skymobi.pay.sprpush.apk 4647 com.poxiao.standalone.llk
Reads information about phone network operator.

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.poxiao.standalone.llk

ioc	pid	process
/data/user/0/com.poxiao.standalone.llk/app_skypush/plugins/com.skymobi.pay.sprpush.apk	4647	com.poxiao.standalone.llk

com.poxiao.standalone.llk
1⤵
- Requests cell location
- Loads dropped Dex/Jar
PID:4647

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.poxiao.standalone.llk/app_skypush/plugins/com.skymobi.pay.sprpush.apk

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.poxiao.standalone.llk/app_skypush/plugins/com.skymobi.pay.sprpush.apk

Filesize
98KB

MD5
f1f3db1e81a2c9dc79f63913042a40ed

SHA1
86832d3f54586153c4fa3d6fcfc0a2984611b8da

SHA256
1377c3c99bacaee770e0cbc07d04d39d797b5c2f82758e50db4013f90ea55ed4

SHA512
f715a814d97c06c6e2412c0753f52ecdd0b01f7348a91c3bde496bcea7ade98d6c2389c8ebafc89119d6f6794df1c5aba72b000a45a609282d8f9f5e008f2eef

Download Submit
/data/user/0/com.poxiao.standalone.llk/app_skypush/plugins/oat/com.skymobi.pay.sprpush.apk.cur.prof

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.poxiao.standalone.llk/cache/CommandCache/4be5e35a37034dfc474557c0c32e4c8c

Filesize
1KB

MD5
1f6398a53381944cae6e709e8891e6d6

SHA1
690b81116c5bf2ea6bcefcdc674b0af79611004c

SHA256
614cc7045d89ff0add2e091bf0b30b43e376df53fd78a849d0cbf153c2d9a192

SHA512
19a9313da552c358ccbcb9fd7567c675e2a73b267263d9e42748f4c65fb19c3c913bd01b54fbb1354d50deb531856dd58495c17cce63cb670d73d050a672a49e

Download Submit
/data/user/0/com.poxiao.standalone.llk/cache/CommandCache/5871bfdf3b6cafdf319c62373801ea97

Filesize
770B

MD5
f35b113fc666f0438dcf39b664e510fc

SHA1
ec0eb5973c8575a07a08036d847943116a3b7876

SHA256
bcf973a17976de568f85342e5cf88eab075702efae78ec9235304e3175ab9179

SHA512
a382032d38babd9d0578502bcc6d02715b01ffa62d111364bca9ae750a822dd8814787fa8bb485305b481c615e9f6e02c9a8b0360b793a088c90cd1700c080a1

Download Submit
/data/user/0/com.poxiao.standalone.llk/databases/PushData_Spr.db

Filesize
32KB

MD5
cdb22d4c87ac710535fe107545fac87c

SHA1
f067b6d826d6ee223aab73944bbb718ed75ca7f5

SHA256
33b3ca87efd2aed5273b150f223f16e042af143e97dfc919aa8f92d1b24fbd6c

SHA512
03e5361a142678d9917e636b37ea738ee6b0643969d14ffdac9d19ce804f4154a85338d9a1303b746a43af93488169b6109d231d8cfffe80c2cf6fc6350b90fb

Download Submit
/data/user/0/com.poxiao.standalone.llk/databases/PushData_Spr.db-journal

Filesize
524B

MD5
e697b17e9d7b8d6f8de1a688abcb2027

SHA1
88c08ec0d8b91e937cd08c1ee46b6bd5d30fc5d4

SHA256
747489d35fdebc446a434e26b0a3da5c233e11b3729d9fd82a1508863093d14c

SHA512
e05d350ab18148bafe3bc78eceea5c576a186a84de745158b75d282a2c5dec5af9af034062af9d4dde9c46ac89c79461d77b402a75c8aa16c043a21d03b6684d

Download Submit
/data/user/0/com.poxiao.standalone.llk/files/com.skymobi.pay.opplugin_V2009.apk

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.poxiao.standalone.llk/files/installation

Filesize
1KB

MD5
9b408c46f4ea2a661fa0d46b3c1b036d

SHA1
a0f62dfa8ac874101bcf4d4b2e069e8a42d0c0e6

SHA256
eb066200cfd24fcb25162964fc57bc51d6bd8730c532cff4c121d699f198c057

SHA512
5fa5f6372cb6ea45f3599d62194a0fc34bbd55622336b28cb2dada0632a568efa7550f4ce47c27f318540b18e8a12dd0bd9913ebf0b528d64aac124faa510209

Download Submit
/data/user/0/com.poxiao.standalone.llk/shared_prefs/AVOSCloud-SDK.xml

Filesize
117B

MD5
6dc79ab0f87a05bf7567abe519743486

SHA1
d29301cc1f46d5d1612626517465ea8071879bb5

SHA256
9e0e964eb0a3c34f5b6c0f9aa545953f222332eac6ed841bf7c147c5d1cc7aef

SHA512
9d8bb4fcdc1cf5a00118d449ea7e0cd825ba1c5ab9f49195f65defc608764b994e28882938c63ec112e29a8c8d051a21af4bf1fb45e10a04874a5bf37d2f6910

Download Submit
/data/user/0/com.poxiao.standalone.llk/shared_prefs/AV_CLOUD_API_VERSION_KEY_ZONE.xml

Filesize
123B

MD5
f3e930fd6f61a69a9720c35e282db1bd

SHA1
747d9ec1e652c30d152976da101680a86f18dd33

SHA256
e0c70ec0883b85cf892440de5d4dc3b58bb192eea1ac6412e66bcaf78a4f862b

SHA512
c0d29beec0648eb2efeb88353b1576dfb40082af781d45b5027ec65630ddfb10c4f0be73d9612d2800418590c41973982b357ba9ae97c8825f36eddbd93b4a28

Download Submit
/data/user/0/com.poxiao.standalone.llk/shared_prefs/AV_PUSH_SERVICE_APP_DATA.xml

Filesize
205B

MD5
7fb8b1ccfb3db73d65f121bf465c4e1c

SHA1
3529d9bc1df91ec13963b35b8d0397475da29adb

SHA256
40c0c64fbf5fa4073ced01c54536db56f0d7e5667b7f278312cda9ce7f248162

SHA512
e3081a2e6506771b0ccdbfe5d4d38b8eb7339ce9ed6441af3fa261084ec3e2bc4aa59a0b9dede8746ec2dd05277f44e19ca7dea03933dbf3898e404465ffe5a4

Download Submit
/data/user/0/com.poxiao.standalone.llk/shared_prefs/AV_PUSH_SERVICE_APP_DATA.xml

Filesize
298B

MD5
3f2412708b5a4eae077d03a0d81378f6

SHA1
2b567d111cd4636024d974c886371dd4104a842c

SHA256
c2eeba12bd2cb3ede04008158508b548af38bed2a9c0858362166ed5bc3fcd1c

SHA512
0f54da73bc6bb90bc982f9cc94aea3ab1e5b7d815a73de1302837f2d1a15cb0d7b3797307222af96b036b8c7b1fd690460713e2e924692f5cd5c4a5f5bfd99bd

Download Submit
/data/user/0/com.poxiao.standalone.llk/shared_prefs/AV_PUSH_SERVICE_SETTINGS_KEY.xml

Filesize
125B

MD5
8c354d1eb89a4242473c45152022e49e

SHA1
bbb255ab482691ff501e109e7cfd872e437725e5

SHA256
d36266379c0c281ee4e812dfbf04468e8bb363fa551513d95f4083c7cc0468ce

SHA512
10f4900385a65cf6a7f576e496b0edb239aa75baadf9c7a504712cf29d1b60e0888920f1c4e07c54056c6c9154cd4cb7afe8ad8a179118355227043e5d5f307a

Download Submit
/data/user/0/com.poxiao.standalone.llk/shared_prefs/llk_game_info.xml

Filesize
109B

MD5
73c1638708ab6587cfb51e000eb69edf

SHA1
588d6884813235a11bdc13f9e46c29e3be74f72e

SHA256
dd4df47dc02e987f027fd0b0af6c4857449432582c9960c8582c1f5ed88316dd

SHA512
f09dec6df861685af558f733b76fbe154dc1207e28fc0534d1d5eedab641ad73a1cb9afac8c3fb4b933d8cdfc016e4bcfa9499837fce840ad572943d31ab2a66

Download Submit
/data/user/0/com.poxiao.standalone.llk/shared_prefs/llk_game_info.xml

Filesize
151B

MD5
01284d9322c737253ac8431f65711456

SHA1
f9250e602eb0ca7c775e22906e29790ed86c4e5a

SHA256
96992448ceb7a8a445cae266b7aec284699fe5662b8e2f57d03c8177dd1a9926

SHA512
d7b113463f5e2f28d9392a06622473b89cde15dc22df7357d5c3ff52b698a82e58670dc86674c79879200e13d1444c231bd457e9ce36c57772b95f2096507c07

Download Submit
/data/user/0/com.poxiao.standalone.llk/shared_prefs/llk_game_info.xml

Filesize
194B

MD5
c172c631bc13667236f937851290fd90

SHA1
0f0ba0ff353aaf98c91f4fa824b503bc5f225b4d

SHA256
fffc0df00da093107a219d79ed5164fe0aaa97a31a57ebcc8b7f4345ddaf1d45

SHA512
ea544ea25052adf2bbe182ca6224dd3027fb3aa7f27a1b95cb6fc8da4930ca7ca1fc2430401b6f6cdcf2ae67b66569819a1c06e4b83a9fd41492e0dc3499ba65

Download Submit
/data/user/0/com.poxiao.standalone.llk/shared_prefs/px_cloud.xml

Filesize
110B

MD5
dfa6fa31acd3b4a52d84db0ed5fbcc41

SHA1
4bb5c5b088b196833bc8139f866d09b610e5333f

SHA256
bf50ac24c4b4ec3edb5de5a6f1a2f505e4bf889d0f6b19714ee8a18dbfd6598b

SHA512
c70f0a5e0ba5678d2d8b8174814535378b3ef163fba3ef304e6afbd9487341a0c686d4411c4c409b13132df5deacf6a2893de1cfe57e8882a0d62bf39c12b989

Download Submit
/data/user/0/com.poxiao.standalone.llk/shared_prefs/px_cloud.xml

Filesize
152B

MD5
edfc9a572c7cda18aa1e66c688c52b8e

SHA1
16d9a1242754ce9227c5bef5ec70f7065a7d6e77

SHA256
8a952b4c6fbb16473312ea0722d7bd180af462e356746398008f75a98de730d3

SHA512
90c9ac1b068619314361859982b7b7aec28fa5d3c180ab8866b4ef0f2c16767e0bc5a7c0b5d2b032a04199ef3dffd0bfc826694e7a5b617db40ed26949977918

Download Submit
/data/user/0/com.poxiao.standalone.llk/shared_prefs/px_cloud.xml

Filesize
209B

MD5
4521bcb35f4c2c8f3619f4bd77dd309a

SHA1
cbb2584cae85ae595c77461817d3af3c42074d1e

SHA256
d88ab477b22d7a3f0e8fec6ba81ea0442d33ba96ebab6cccb7d979fe90e944d2

SHA512
14e7110c92105779534b4c5b9e4d14f45ae31c97017a0cd37daec139db5e4b5f7282e3dfe590f16796b06fba730c28f41699f054aa600dd6fbeac7c6b879af9e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads