f29158f85c64f08c2e5e9bc896ffc77c23f69ffa323f2276ff28e05873aeeef7

Analysis

max time kernel
3084244s
max time network
132s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
26-11-2022 16:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f29158f85c64f08c2e5e9bc896ffc77c23f69ffa323f2276ff28e05873aeeef7.apk
Size

5.7MB
MD5

23a797ba62731e195b5ef9c4e3181ac7
SHA1

0c4a40d2f298643293d72110ba16549dc7641a7c
SHA256

f29158f85c64f08c2e5e9bc896ffc77c23f69ffa323f2276ff28e05873aeeef7
SHA512

d02bfda315af583a0a04fcba3a4b15bd81b0453a15eeb06da7c12a18c276f9b8ad556e4941dbbd273251fe685ef816dd049b97394800a8c0d0323f6c93f62554
SSDEEP

98304:l5xgA1IQaDXVh+30T3wE+oEgfsf3pdQomX4S/CTuPuNMSB4Zw9cphWJr/0w5yi5K:lv01XVh60R+D7fZdQjC6mB4wc6Vr5yiQ

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/.jolopay/units/jolopay-r-510.jar --output-vdex-fd=43 --oat-fd=44 --oat-location=/storage/emulated/0/.jolopay/units/oat/x86/jolopay-r-510.odex --compiler-filter=quicken --class-loader-context=&com.jolopay.service

ioc	pid	process
/storage/emulated/0/.jolopay/units/jolopay-r-510.jar	4237	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/.jolopay/units/jolopay-r-510.jar --output-vdex-fd=43 --oat-fd=44 --oat-location=/storage/emulated/0/.jolopay/units/oat/x86/jolopay-r-510.odex --compiler-filter=quicken --class-loader-context=&
/storage/emulated/0/.jolopay/units/jolopay-r-510.jar	4166	com.jolopay.service

com.conn.gamerun2
1⤵
PID:4091

com.jolopay.service
1⤵
- Loads dropped Dex/Jar
PID:4166
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/.jolopay/units/jolopay-r-510.jar --output-vdex-fd=43 --oat-fd=44 --oat-location=/storage/emulated/0/.jolopay/units/oat/x86/jolopay-r-510.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4237

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.conn.gamerun2/files/text1.txt

Filesize
422B

MD5
f2652ba37381b92f3215f5eb78f6cd9c

SHA1
5d6e99e06919d4f3e17da14a117151720209a899

SHA256
3cfb236dce5a1959c747cb504b9d268a06c57bc23e18d4c5f543e44b3a79d83e

SHA512
a9013441855dd181d27bda135a864f1d8f95e935f60d79ba4df2b802f4fdf155ee7ba73aee557624c407c60690d7d49ec4f69301fadbbad21943a50bef01244b

Download Submit
/data/user/0/com.conn.gamerun2/files/text2.txt

Filesize
422B

MD5
6b4679c9cc0e5d2689514ba5aac92efd

SHA1
9c9fd2f458c6d1061943553042caf8de4a8c4733

SHA256
a51306e7ef1427507c59ad4fb2dd0f980a8f21ddc02410fa1ecda92e8e3d5e30

SHA512
fe136258a75fab3fb380cf054964367d2f26843359e6cb06975fcdc2eca8768ddea5e0c5f27ae9d86c7e5fc922a28c77f1d5c06c9cd5e4cf4d249e9345b8e9c5

Download Submit
/data/user/0/com.conn.gamerun2/files/text3.txt

Filesize
422B

MD5
6ca9fc3af5a2149a4259d94e22bd7117

SHA1
669ca0c7a718d05ea6d95d99e9afda22ba3cbc46

SHA256
213dcb651dcd3d3f428aee9ae0e0aad101366e508a38838748c9c3c79dfcf240

SHA512
976f7c0fba63cf6126c224973153f063ee2d988f6f091c07ec19450d8514f69219945ee2f8f7718b3eb9b64a8fc76cada2045d530445b0044b015dc077f86b0a

Download Submit
/data/user/0/com.conn.gamerun2/files/text4.txt

Filesize
419B

MD5
d7351d351493afeaa24bd79bdc8da8c7

SHA1
05f33365e04aeb7bde3bea8dcaa449d46891b47c

SHA256
b3387e24b42f001004d4ee04c3b337a28ce3e6846bf124437645024b64a15cc0

SHA512
28ebd343d3c07bb9af335831b569e80cb927c43ceb8769283c6eb439ef8f502b936800f858f305b4f231d0f6a77a9e88a19479a688616983f43c2e4fb48f3f87

Download Submit
/data/user/0/com.conn.gamerun2/files/text5.txt

Filesize
419B

MD5
70c341cdc501d4d1c204fa38b02e7790

SHA1
2bf7a7aa86af076f0de403090b44458d9df83a55

SHA256
a3db27331a0e2f85e3ffb056f3fdacb8ebc171571c802733a2d31135e77fed4b

SHA512
878d82b89157cd62c104025cda343f0fd372c5b0ca9b34fc83c68ec44dea206fb8e29620b76dfa38df308dacd1bb72b04f84e4ef08c8b83484f924f39417443f

Download Submit
/data/user/0/com.conn.gamerun2/files/text6.txt

Filesize
572B

MD5
b4fd7e22054ef5c564a47a71d4dcaaa5

SHA1
00412ee40d660ba1159c75378ad1e8897fab421f

SHA256
0214adb5aa58467add4f88a10dd05936b89e8e6e0b0a3f126579bcfc4b1483af

SHA512
acdaadce285be95395dcd5800129d6f3ffdc3777043523ef8571c2f94607a788dd8abab2d281a5ce35c37f78fbb6cefaec4a5a8af2685d7a4cc334fe863fbe2c

Download Submit
/data/user/0/com.conn.gamerun2/files/text7.txt

Filesize
392B

MD5
03de22a1e5db60c1ad62b06b9bebf0b7

SHA1
5a43e54ab54dad8a994d8e1b48ab23ea640c0e22

SHA256
d83af79effb221f32ae7f4583e74e1ba452596de28a8ae8ea2da28460e186de5

SHA512
28be9c11ede342df5f6a85b7331c6326349cd760a737efc046814a39c6ec274231b8e15991cedda3063b2971defee679296d905edb140814da414c04ad5ba8eb

Download Submit
/data/user/0/com.conn.gamerun2/files/text8.txt

Filesize
467B

MD5
9dfc3b7ce0726fa7d23e95c9fe2af60f

SHA1
a565478245980301d82a504e458e0ec26f15fc30

SHA256
62065ae296763ee3a2c70bc7bc7d1724177275b6e0c42672f7e7553fa978bcc2

SHA512
d11bfeb448b0f36b0482e495712983036719f52737d3d37797e029a82767f819786f0d5ec0ffb73e94e315fc49f32b1d46869d49d29a67a13834146582327925

Download Submit
/data/user/0/com.conn.gamerun2/shared_prefs/APP_START_TIMER_INFO.xml

Filesize
117B

MD5
ad599badf3f425eab1129806bd6cbbbd

SHA1
e880189bdd3a64b43e55216592de7a37503bc58b

SHA256
5fc07b1533c7e4ba78e1e84ab910fac6fc8005b6bb1b29811dccff60c2620a39

SHA512
8ea2dad757323b0b70e6aa1a7b8139256ecd9535abe9214b2084637fe1920fba43ee634e01c3c844cc5b598be0affaf49450d0f888309308b4ba203a25c55919

Download Submit
/data/user/0/com.conn.gamerun2/shared_prefs/APP_START_TIMER_INFO.xml

Filesize
117B

MD5
fa64a866a7d0036c26902870838af64d

SHA1
1a3ed07575496d84970a3377aacb171a85c9d730

SHA256
8bad7d4dcd785229a925f4fb35de47619aaec0e81645cf65298ef745402dd489

SHA512
e646196dc9336623da2731eba480a90212405dd3d37b3121b5c7ca9537e2c20cd80f6168a73c45b91d12abf350ece01c1a8fac20dcd09dfc5467797da261c723

Download Submit
/data/user/0/com.conn.gamerun2/shared_prefs/and.engine.MainActivity.xml

Filesize
126B

MD5
cbdfff7f77baaee11f8f8024941dfd3f

SHA1
167d5df1226fd737287c8ea0d5a0a2542fc34fea

SHA256
037941b80edb8177714c370078d4544f0a4478fba6f052213eadb144c6e4c3c0

SHA512
df2bc365f4a208d487f4283d6bfc05cc48280d5ebba9c05c9da74385b5d0dcd29449bde9a246959dabb933ab2199d31e6a1deb9205ae2f81612d8461bc45a92a

Download Submit
/storage/emulated/0/.jolopay/jolopay.sdk.log

Filesize
86B

MD5
9a769aedae857643f56172f644345986

SHA1
4e308eff9caa30e5df8722c1a07d5bf3c95134e6

SHA256
3bfa4a3376672535323846e0f676dccac052530181e45fd14beccd8152177426

SHA512
f229593e9ee11775b829cd19578de6c3d59a84ecb6a9fab881dfd1c4ab5bfad7e8c79a2cef2f3ccea2895c5066dec65b7e658de524279cf93b2fb73c3a6fe522

Download Submit
/storage/emulated/0/.jolopay/units/jolopay-r-510.jar

Filesize
37KB

MD5
642e7c262700e484f24031cc80795280

SHA1
6cd21398f4d01ef06146e6b5cbe0d0677e640fd4

SHA256
67b27d88ca8503a017b4e23e56bfe8333bd469fb53985e71a02e5a8159a0f739

SHA512
e9267dd46b3d91e1efe5061ddb8ab31fabe6713ef25d52a1ea80c271b34700ac190d75e0b396eb3b54bdb4cebc4260e0b0bd7e41fa3d608c584c09386eea25a1

Download Submit
/storage/emulated/0/.jolopay/units/jolopay-r-510.jar

Filesize
67KB

MD5
3c41e78af99785090dcd519c9bfe2fc6

SHA1
516b6934bef11d836a9489464f7cadae919a673f

SHA256
d6b6447ede5fd017a623def5214c8bd7fb3c8658544083871e59db1383790207

SHA512
c69096438207c18084480820a68f5553ed23cefe4bedec97c0d11d4b91dc7ca0df53c6797c6a34139cf6c091cbeb4cbbb98087b845b8eef29dd7eb3958ae6190

Download Submit
/storage/emulated/0/.jolopay/units/jolopay-r-510.jar

Filesize
67KB

MD5
164e43b74358721bfe73568854a98062

SHA1
6635874aeb04b9296234185557438a1eb21d17ab

SHA256
4ff219589b33de93842c29175306765bf6a64f0b8fb56d52318a9a83385f1b73

SHA512
9fdb8d4b5b1219eeaae3fcf53d7fda0bbf5e31bba81137cf549af46b39d150b2849c4d4dbbbbc80a5de81a6b0830fb57503b39c31647684da88b67b7da5ee51f

Download Submit
/storage/emulated/0/.jolopay/units/jolopay-r-510.jar.x86.flock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/.jolopay/units/oat/x86/jolopay-r-510.odex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/.jolopay/units/oat/x86/jolopay-r-510.vdex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_V2006.apk

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_V2006.apk

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit