bb094b74f031eacdcb83ea4c4b57d6c95d91e55e4fda8d7c2e70271e2782ab21

Analysis

max time kernel
305632s
max time network
13s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
02-02-2023 13:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e89167f48be6be17e73fb80cd9c08aeb0e70e235.apk
Size

2.9MB
MD5

d386957159b5b631037ad5580483fe17
SHA1

e89167f48be6be17e73fb80cd9c08aeb0e70e235
SHA256

bb094b74f031eacdcb83ea4c4b57d6c95d91e55e4fda8d7c2e70271e2782ab21
SHA512

2a6033f7c28e8c5c9d47fd0160b52ac65e1074b07448bc5fc888673f197b821a404114f4ce8b95536ea128965b8f862690fa66ce97ae773fe54621c3eaebbb6d
SSDEEP

49152:hqHGtSQo7ucL01jVc4P3iKYMflKLOgTTrc8QfbraSTpx0Es8pzKy1:hqB57ODLiagTvmnzLvl5

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 4 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/xo/co.zip --output-vdex-fd=42 --oat-fd=43 --oat-location=/storage/emulated/0/Android/data/xo/oat/x86/co.odex --compiler-filter=quicken --class-loader-context=&com.funnygame.twozero.exo/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/xo/n.zip --output-vdex-fd=43 --oat-fd=44 --oat-location=/storage/emulated/0/Android/data/xo/oat/x86/n.odex --compiler-filter=quicken --class-loader-context=&

ioc	pid	process
/storage/emulated/0/Android/data/xo/co.zip	4167	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/xo/co.zip --output-vdex-fd=42 --oat-fd=43 --oat-location=/storage/emulated/0/Android/data/xo/oat/x86/co.odex --compiler-filter=quicken --class-loader-context=&
/storage/emulated/0/Android/data/xo/co.zip	4121	com.funnygame.twozero.exo
/storage/emulated/0/Android/data/xo/n.zip	4215	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/xo/n.zip --output-vdex-fd=43 --oat-fd=44 --oat-location=/storage/emulated/0/Android/data/xo/oat/x86/n.odex --compiler-filter=quicken --class-loader-context=&
/storage/emulated/0/Android/data/xo/n.zip	4121	com.funnygame.twozero.exo

com.funnygame.twozero.exo
1⤵
- Loads dropped Dex/Jar
PID:4121

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/xo/co.zip --output-vdex-fd=42 --oat-fd=43 --oat-location=/storage/emulated/0/Android/data/xo/oat/x86/co.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4167

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/xo/n.zip --output-vdex-fd=43 --oat-fd=44 --oat-location=/storage/emulated/0/Android/data/xo/oat/x86/n.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4215

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.funnygame.twozero.exo/files/__pasys_remote_banner.tmp.jar
Filesize
42KB

MD5
f3dbbd28770de8d6b4d0f1c326358db4

SHA1
2bb529cff315af0f40456038f38102bd36f63bd6

SHA256
28ffa19e2c2887bb668c2fea1081d370cbc61d4bf0f5711507b96e92178878a5

SHA512
4e5dbee45c7f7e299e0314ac80921832d2cc7c8839ba578f41fec0eb4084a3f5923d0bd9c8f4a498c55b2a17911ebeddc9a9198ddc3b0350616b8d1db98f7a70

Download Submit
/data/user/0/com.funnygame.twozero.exo/shared_prefs/727B1CC2EF04634D.xml
Filesize
164B

MD5
f5b644d45f94a0bba4caa2ccc4eb79d1

SHA1
eeb97da5e640270c4cfee4575f3284bdb823d31b

SHA256
9e8dd44bde98c842531726df9a1a492b7d273350969055fe4112691cb5ee5543

SHA512
621b47bc1f51ba57e6d91e07b154ffb25dd9032085ea92fd75df5303dbe52b42059358d3a422c2b6aa72ae5576267e27ae259428df1f0699e13e9692c9392f4f

Download Submit
/data/user/0/com.funnygame.twozero.exo/shared_prefs/727B1CC2EF04634D.xml
Filesize
258B

MD5
40edc6af4dde4f254ce96d632c809f71

SHA1
4c4fb14180b21964eda3eda9b36bfaf18268ed87

SHA256
79913ab474df53e11576eb47320843579df44f6b36ebcfb8b2fcc8f09ab7c5d8

SHA512
aadbe04aeb30ddff51330623aa602b0bb0492dd41e19c3083c42c3b1678536fea80a1820781067becc55867429f92d8005f22b8719c7200c068ca6e877af3524

Download Submit
/data/user/0/com.funnygame.twozero.exo/shared_prefs/727B1CC2EF04634D.xml
Filesize
352B

MD5
b624eac78639bb253c5ef57030f6cbef

SHA1
4f40166fc52f92d5424bf8dfa38d7428d4daca98

SHA256
ca15951436b63b171e7fe3596257fef8a5abb2fce1c770b1f4c89bc779d004e7

SHA512
faee494263c1b88e77cbd171960dc83eb31be5526e45006ecdc2b8aa4acd32a4ecd81b978647bb2c89effa7764e42b0925e9553a0b76b6db5143f71dae90d6b3

Download Submit
/data/user/0/com.funnygame.twozero.exo/shared_prefs/727B1CC2EF04634D.xml
Filesize
414B

MD5
a4428cc3847276e60e70dd62e0469de4

SHA1
5c96275bfc23aacfc26243376280fd439f7c4028

SHA256
a8f37feaebac3569d42a106932ef5de12b26579425ce273a22462e189c92bb26

SHA512
0d6460d87b219ee3ece310aaffef6f02ec0e5c22f531820e203e270c54eefff313de0e6a6b20108e525aeaa4b91f7c98d52c82c450da72a9aec4bdb4b080e231

Download Submit
/data/user/0/com.funnygame.twozero.exo/shared_prefs/727B1CC2EF04634D.xml
Filesize
540B

MD5
462065862610079e2940c124daf611c4

SHA1
23d0da8dd6e142f5f3f629260b2d4509fa4a6eaa

SHA256
1355fc281c45ff334a40fa2b19e617bcd3d69184b04e380a62cc7e74bde21fc8

SHA512
09e01ce7bd839f0481c27ff6bbafd199b7d81c11834e94c6cc24b88083a0c35adcdc322a4b640af407a86c5bb1c7a31c767a9d8d9750cb7e2822e74093ce4cd2

Download Submit
/storage/emulated/0/Android/data/xo/co.zip
Filesize
283KB

MD5
f1ebe8efa52a67fd737b6b4039eda40f

SHA1
786205b4e5b48d3bb8aebd30796fadaee82721d2

SHA256
7b8d5e58e16c1cd67d2095596fe9e698c8c7ca94a12acb17f493e63b6f8d55f1

SHA512
2f2aed3ac7fc5032bbc90d2ce1e44c8e58979405613e28176f051adcb4d02386b315d4c9298a6b2c5006fc54ee23c6a01fe82df56a5de67a8de666fc49664fe5

Download Submit
/storage/emulated/0/Android/data/xo/co.zip
Filesize
18KB

MD5
7027febbdae03eab736fe8bad9b34413

SHA1
d3e257530f50ed5d1443f442654977f2c6a36838

SHA256
0eade83dd7d9c2332f02cae0a31a5ade2effe8270aebd1a2e810014be01e0e89

SHA512
b46989a546a5b62ed60b8a4d693be672b69e3e006bd54541fbc317898fbc74d5fff9d1dc4f57f1e0bde63c6773a5b437bde88704a12e73fefcf84aa4597db669

Download Submit
/storage/emulated/0/Android/data/xo/co.zip
Filesize
18KB

MD5
1e2df557ed00567c87b3c0642a7c1821

SHA1
a3a24b0325abf8ffc2d28d9760600a435d0877d0

SHA256
b144180f6b56b2d6bdeef423d0ed87325add1bb5d579125b5ad270b35351c604

SHA512
3942ac7c87c5f41f7d8196e8f0fdd896fd56e4a70bcc87ec8b142d0eeb26904fa6c3275f171c985ca0958a316bce56b5a37a56900b84c088c3959ac192c42f51

Download Submit
/storage/emulated/0/Android/data/xo/co.zip.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/xo/n.zip
Filesize
274KB

MD5
03fd70dda4b9bb8828e84af1fd09be0f

SHA1
44f3580b72f2bebec195d78d5504283f456350fe

SHA256
fecd01d815d6a327c6ccb01e4e81a9b75d2a26794112e9bb8df218318924c2ca

SHA512
4959cb0bd0ade27c8ee8086ad7bc6f161e92b742ac55d8c339ee314a0a2d0e42f1701e78151e351038a6564997e76fb48aa9dc303e22a59dba50c51aed30ef31

Download Submit
/storage/emulated/0/Android/data/xo/n.zip
Filesize
319KB

MD5
847d3ad73136602274855b41f6b0cc77

SHA1
6ebdb9a25ee9f7268712d2f07982e655f450ce17

SHA256
69764634790c957eb71e6e3fb91575030b7c8506afa564e15ca29b189c79f09d

SHA512
585196e3ba226680e465475f090ce6b5e7c59f26df6239aad823aa59389b4ea4cbb7ed896f97f508604ba51e220f817e2a0b70907be0e9214753727c19c62de4

Download Submit
/storage/emulated/0/Android/data/xo/n.zip
Filesize
319KB

MD5
fb4a6e316037107bb1b3ce4045f224ae

SHA1
030b2808f115436cd08c724e62c255df4b183b45

SHA256
75e486b233535c894f6669b856d977d2bde6bc3add76931955de5e139ebf51eb

SHA512
d394589226be3bcb2869fb9ec8aae6fae64d290bac22d6014e9ba327dd1e6692eb1a34c051365737bd5a3f2cb9c4205ce5969abd353d3fc1e28738bf5507e63c

Download Submit
/storage/emulated/0/Android/data/xo/n.zip.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/xo/oat/x86/co.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/xo/oat/x86/co.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/xo/oat/x86/n.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/xo/oat/x86/n.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/xo/tn.zip
Filesize
10KB

MD5
2610a4b9b244bf83224bbffc90bd9045

SHA1
3d6aa96f313861e814355a63705f98f25552d55f

SHA256
aa9d09cff1c8dffbcbd6217b6856d1db3bf95f02179fcdf715840472bfb357ac

SHA512
046a36960c168b37b32edb4dc81fd179f7ae2b524f1ef6b5fd8b86d74374b4b8e2fd8b1d583206822c6f9e151ad69cc8d432f731262b51779f496763b3466537

Download Submit