Overview

overview

8

Static

static

7

dd9ff075e0...b1.apk

android-9-x86

8

Analysis

  • max time kernel
    3126297s
  • max time network
    16s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    27/11/2022, 00:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    dd9ff075e080ce14259671bd1a9361f052e446f1eba8353c3daed8c0180829b1.apk

  • Size

    4.2MB

  • MD5

    b0687f0f25ccf2b8389a404005cf0c2e

  • SHA1

    92b1f19255dce213c21e9031bc564fc0a2839000

  • SHA256

    dd9ff075e080ce14259671bd1a9361f052e446f1eba8353c3daed8c0180829b1

  • SHA512

    8817e7c097db6fc236f3fadb9b95ce8044ce17d0263f20148282983ddb5d5bbdcf7e282d188f297456fa05d7765b7eff9674d8b7f86a9d669ed8e3dee999186e

  • SSDEEP

    98304:X+Ua2QMMgnTPnMZDM70RMh71fKfZ3IWQoDypNKuIvTVrg:xQMdn7nMlKh7q3IZoOM9K

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Processes

  • com.ledong.mlakp
    1⤵
    • Requests cell location
    • Loads dropped Dex/Jar
    PID:4009
    • /system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_v2021.apk --output-vdex-fd=49 --oat-fd=50 --oat-location=/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/oat/x86/com.skymobi.pay.opplugin_v2021.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4170
    • /system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/user/0/com.ledong.mlakp/files/com.skymobi.appui.sole_v1001.apk --output-vdex-fd=52 --oat-fd=53 --oat-location=/data/user/0/com.ledong.mlakp/files/oat/x86/com.skymobi.appui.sole_v1001.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4218

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/user/0/com.ledong.mlakp/files/classes.dex
          Filesize

          1.0MB

          MD5

          8a23ea43bc2fc5969a23dc42a38982c7

          SHA1

          cbf6e94f578efb7da71c269729bdc93c0d52df5e

          SHA256

          eca78ab3af4ae1e4b60bf95dc7f26d099a77b7794745cd37ab9cd50c5ef30ba0

          SHA512

          55674dc85569ddd86b3fdd077a0c9ceb178f981e030494acaa78a9b7d5b471f4f942d2ce00c8aea0c0d6254a3c717a7eec8400316a2006264bdc31690dcff597

          Download Submit

        • /data/user/0/com.ledong.mlakp/files/com.skymobi.appui.sole_v1001.apk
          Filesize

          19KB

          MD5

          fe13b9ccf8bd37df573793bbb7d499dc

          SHA1

          8f4cb51dc445970c127beae0b67038d6dcd2ebcf

          SHA256

          805391041fac3fa52e9f0dd05a16babab03b5882b48d3d9d7ddc3309fab29557

          SHA512

          22eab98f4955332d12638859f4ac4b1a216e2fe0bfa3b3a80695bb882f75934f4463da5218c2f2f6b0c1c8864a52a48cc103090405192395c2f0524e4688a358

          Download Submit

        • /data/user/0/com.ledong.mlakp/files/com.skymobi.appui.sole_v1001.apk
          Filesize

          19KB

          MD5

          fe13b9ccf8bd37df573793bbb7d499dc

          SHA1

          8f4cb51dc445970c127beae0b67038d6dcd2ebcf

          SHA256

          805391041fac3fa52e9f0dd05a16babab03b5882b48d3d9d7ddc3309fab29557

          SHA512

          22eab98f4955332d12638859f4ac4b1a216e2fe0bfa3b3a80695bb882f75934f4463da5218c2f2f6b0c1c8864a52a48cc103090405192395c2f0524e4688a358

          Download Submit

        • /storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_v2021.apk
          Filesize

          386KB

          MD5

          4a1fb248e672d39457f2cf9088c17880

          SHA1

          b500b2528ed6cee5929603b862b14a18655ac06d

          SHA256

          b2831dae43d2dc8daffc919456c244b17f15f5453dca097d665979e7254f8c23

          SHA512

          b434ee9348e7e2717b35c4f64bc71aa58aca634741045b91ec61eea5bdb536ece7449fe8d376f724bb0006cd2bc7976c9695bc3aa47a59a26ab6c6c09096279e

          Download Submit

        • /storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_v2021.apk
          Filesize

          386KB

          MD5

          4a1fb248e672d39457f2cf9088c17880

          SHA1

          b500b2528ed6cee5929603b862b14a18655ac06d

          SHA256

          b2831dae43d2dc8daffc919456c244b17f15f5453dca097d665979e7254f8c23

          SHA512

          b434ee9348e7e2717b35c4f64bc71aa58aca634741045b91ec61eea5bdb536ece7449fe8d376f724bb0006cd2bc7976c9695bc3aa47a59a26ab6c6c09096279e

          Download Submit