098919ca74e2c202af60b542677bdbeb4fe199adbc0edb7d1edd131c33ac7173

Analysis

max time kernel
3151053s
max time network
18s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
27-11-2022 05:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

098919ca74e2c202af60b542677bdbeb4fe199adbc0edb7d1edd131c33ac7173.apk
Size

5.2MB
MD5

9edd2236317d1c90f206a9befcc48408
SHA1

802de5c86506a56c6df31921731e771b81dbf794
SHA256

098919ca74e2c202af60b542677bdbeb4fe199adbc0edb7d1edd131c33ac7173
SHA512

6d7f38acb3b7686a8418c001c82e73f14095f48fcb52c746ad68befad1e200cfbec3b5c771e4f9e1145a52f37f8dab57aad4f8e80de21e5d56f42b60df8d3a7c
SSDEEP

98304:y/rUPLrNsdWjW4n5L2/mJe2qjEukr5XLNgiwsAoFtlpX6iCVH5V9UvAwJ:RCS5L2/mJe28Eu6aiB9Ct5V9UvAwJ

Score

8^/10

banker

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	cn.tintogame.bubble.zimon

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/cn.tintogame.bubble.zimon/files/com.skymobi.pay.opplugin_v2021.apk	4359	cn.tintogame.bubble.zimon
/data/user/0/cn.tintogame.bubble.zimon/files/com.skymobi.appui.sole_v1005.apk	4359	cn.tintogame.bubble.zimon

cn.tintogame.bubble.zimon
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Loads dropped Dex/Jar
PID:4359

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/cn.tintogame.bubble.zimon/databases/TDGAtcagentgame.db

Filesize
52KB

MD5
df44e991f51af580d69e76dcd649ae86

SHA1
78c5c5b039497fac421b2deb13863b80071b926f

SHA256
2cba70c276154da9063286128463c6cb613c8897cf238aeb151b63019d6edabd

SHA512
a40a5043264f13300c1f070b0bfb92d551330a4e06e2c49132d671a9578f3c3edcc06a1055a302747939f0039661d2c5a2153f9554bfc39c9840222b82402795

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/databases/TDGAtcagentgame.db-journal

Filesize
524B

MD5
9d2bba8f03c8393189e40f05e15bfd9d

SHA1
4a39418c8678c8a5465d82fa3ee4a1da147d4a99

SHA256
12e2ce93a3f1a7e751180d27de78e0dddba37ee1e8d17ca96e62f85eb486dc29

SHA512
3bb8b8aa92a2f582160cd3864d38dbe5a1440a0b5d46f64e591ec58313d6c8057272ec8e42c9de4e3014186497d5395cbfa503324d20b3a1d5d346899e6b59c2

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/files/classes.dex

Filesize
300KB

MD5
74a0dcfffffe001761f0e939fad77f5a

SHA1
488856abad29dd06c0a050c2d4ac197aabd474f3

SHA256
326ab7a66cd33740c51b23ec7c8bfa94422d8647a0f7cef0702d57e95db1b777

SHA512
5a69f72a34e7be59e3589b3005b06cd7bdbe0513865a43e1702bcbff4550830076825fe5ad441c8d95588f692269dd08489400c738f527c139c467e5078152fd

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/files/com.skymobi.appui.sole_v1005.apk

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/files/com.skymobi.appui.sole_v1005.apk

Filesize
16KB

MD5
d6c66b579608370341b3a3a5622eebb6

SHA1
5b35efecb5e005f76d05017b6091d32b6af2fe5c

SHA256
004d86c8de0b921e4961c0cf9ad347616e122fb8f9491bc435892d1a49198d30

SHA512
5e813e326bfc94d7560b74dcf5a891fc21156a3651fc7c74d347b0906c872afba95c98741584bd426ce1daa47ae966835b7170c768d48e1ae9fc21dbca81d565

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/files/com.skymobi.pay.opplugin_v2021.apk

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/files/com.skymobi.pay.opplugin_v2021.apk

Filesize
386KB

MD5
4a1fb248e672d39457f2cf9088c17880

SHA1
b500b2528ed6cee5929603b862b14a18655ac06d

SHA256
b2831dae43d2dc8daffc919456c244b17f15f5453dca097d665979e7254f8c23

SHA512
b434ee9348e7e2717b35c4f64bc71aa58aca634741045b91ec61eea5bdb536ece7449fe8d376f724bb0006cd2bc7976c9695bc3aa47a59a26ab6c6c09096279e

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/files/oat/com.skymobi.appui.sole_v1005.apk.cur.prof

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/files/oat/com.skymobi.pay.opplugin_v2021.apk.cur.prof

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/shared_prefs/APP_START_TIMER_INFO.xml

Filesize
117B

MD5
9803083fe3c8456b02e20b7fbe4dc999

SHA1
4ca7d5df1a4e5062b1701cc4f025e4ad44844064

SHA256
ec45006c2db1407440aa6c178aaebfc27327cdf81b56f8300f5a8ccb6f88d13c

SHA512
65cdd56488aa6d3c3ebe4f8d82cb0bd82799b8316e37749f01816e86f1c5835102bf84612a5254ae66710cf26b138c1aee35d1110a4b43fd15bd5bbc4b4fc4e3

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/shared_prefs/preferences.xml

Filesize
4KB

MD5
8b6c73daa93d8378054fab8ee9784b67

SHA1
ea6ab2775acb490d953db6867b9c5ecb4904b8fd

SHA256
42793c731fa773300e051345053f3d9f960af47b686537492ab2a333e4196f0f

SHA512
d2593735be7b07a49a6ddc465279dbda4dddaac6257991b642f25796f960c3c0be4abd9633c2bd7ecdb71fbabfbd49e025e954eb834ed43fab21dec78cf76d71

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/shared_prefs/preferences.xml

Filesize
818B

MD5
046e6d37d138481ea65bb693f857aba4

SHA1
de282ca613ff5a081ef1d573fb10445a44de4988

SHA256
5cfb10e9d9f690b186a8bd45137a1e85a17e0443907b54d9d149f3cf28bc41bb

SHA512
f41667356071abb785b3a3d441e3b5e3f0e20064aa118954c76f4534859cdf7ccee5b52aab0ac26fd110ac21fd4bcf878b74bb650bb4cf6ca7339ca675c0f2d7

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/shared_prefs/preferences.xml

Filesize
4KB

MD5
721ec98458aefdf06164775c2d279acc

SHA1
0d23f1f0cae93b0660daf6d4b731f12802f9b4a8

SHA256
6229838cbfa5d9342efd21eb5b77ec3777ffcf198f27d96f0fb39a6d1e8524b1

SHA512
82c9472246a3984d087fd91b26d427ae2b16985d657a0aa5d8783cbaacd220cb7ba2676be753de9a3739762f6553a20a1e9ed01e9bf1b8ec291e8f551b12fdd1

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/shared_prefs/preferences.xml

Filesize
4KB

MD5
c64c0b4efc345f6542c94f10f2f4254b

SHA1
7258897f21cefd6dfb3c288c392b89a4db047415

SHA256
e334028b5a420935f6022fd1be88509358c079973cd5f3073c9df7a4736a87da

SHA512
ef72cf8e344ccdce502b6d0f1409087fe6a67ef71e6cea35978c5ea8c302b31260e436adf03a8fc2826b595fbe971367beb4ca0432226f585154e89dca2a138e

Download Submit
/data/user/0/cn.tintogame.bubble.zimon/shared_prefs/preferences.xml

Filesize
4KB

MD5
847d8fb2e115a7b4eea404daae383d93

SHA1
6d5c41c2bc6b5142c8625b3d6b578e5f1fa834d5

SHA256
203491191c94407e9d1f23b458e996b55261204941a0eb73ae03e430eae4807e

SHA512
d831f94200af337650d43d963a45ec55b932c0f7d7cb306f2d5a79af23131579ee1120f9e97d9726f92d9e07038b170742db9bd32081d2f02dc27e89e6542a35

Download Submit