16a2a064241f34c103d5903d8afd0a8d90f12646ffffe1ceb0d4393cb9797a4b

Analysis

max time kernel
3517848s
max time network
81s
platform
android_x64
resource
android-x64-20230621-en
resource tags

androidarch:x64arch:x86image:android-x64-20230621-enlocale:en-usos:android-10-x64system
submitted
07/08/2023, 20:26

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

16a2a064241f34c103d5903d8afd0a8d90f12646ffffe1ceb0d4393cb9797a4b.apk
Size

1.1MB
MD5

72ffdb5ca77496a9147449a1a7fae0b5
SHA1

1d7fdfdd31edc3d49831f93ff62eb051f3b10172
SHA256

16a2a064241f34c103d5903d8afd0a8d90f12646ffffe1ceb0d4393cb9797a4b
SHA512

4bebc2d063124152318c814f975b8f6cb30fe4fb549722f14d431033893833d6c33d6b8ce33f2b03e844449f629ce22290a8c15d642aeb818ba0ecdce9883255
SSDEEP

24576:Cy9beV7TLZpYQDnOAnhkxNB3GtuaX6hNHjZ84r9Xk:Cyt8ZpYcnO+Wxj8/XENHjR9k

Score

7^/10

Malware Config

Signatures

Checks known Qemu pipes. 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

ioc	Process
/dev/qemu_pipe	com.zvozlqawx.vbnwjvqkqza
/dev/socket/qemud	com.zvozlqawx.vbnwjvqkqza

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.zvozlqawx.vbnwjvqkqza/app_files/yneaplc.jar	5060	com.zvozlqawx.vbnwjvqkqza

com.zvozlqawx.vbnwjvqkqza
1⤵
- Checks known Qemu pipes.
- Loads dropped Dex/Jar
PID:5060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.zvozlqawx.vbnwjvqkqza/app_files/yneaplc.jar

Filesize
482KB

MD5
73097b1bb8e9d65cc5f9fcdaeffec385

SHA1
1e68478929d8665ca1ff693eabcb48ff64b6f10a

SHA256
0ece8ae459b8df4a0e7173121a6a33fd47c61894856324b5b2477aa23ea033b0

SHA512
9bc0a90f73e45c880a70221a9b5d65646cc097aac28270c799c9e1b2b1f96d3f4f6248bea4b2da8fafd6571c4596c24b50cd3548f4725889380b60b204932ca1

Download Submit
/data/user/0/com.zvozlqawx.vbnwjvqkqza/app_files/yneaplc.jar

Filesize
1.1MB

MD5
fc4a2a130ff1c5ef71652bc2f60ee123

SHA1
320f63a11d8d15f691facc63038e9fdb7ce38660

SHA256
8f5d5d8419a4832d175a6028c9e7d445f1e99fdc12170db257df79831c69ae4e

SHA512
bc00843b8e832a4bcaf68c7fb453bed877566346e54206cab456f26496da7806cc32f7d870fa670fee4475caf6726b3e3d1789346c84c46a87609485caaea3d9

Download Submit
/data/user/0/com.zvozlqawx.vbnwjvqkqza/shared_prefs/0227873f8b5111d9e4cdcf19e147bf59.xml

Filesize
168B

MD5
180d5c15a9fd8783575959b3d956fd7d

SHA1
ddd7a9355b5376ec64be72f6172f6746738ecc03

SHA256
cfe91d30deda2d58e7421c6a9ae78008f2ce31724a4fc46c93c3ee0f6174940f

SHA512
d2a8677b5d3ccab523b6da3f11356d1c2352e874237473c062f170fc0404af34e357a512c6dcf2dd7b4f74129de6f8e96856e542e7178aab7f815ccfe8d50c9a

Download Submit
/data/user/0/com.zvozlqawx.vbnwjvqkqza/shared_prefs/0227873f8b5111d9e4cdcf19e147bf59.xml

Filesize
238B

MD5
0f0eec90062df3ebb096ffe1c6ea17ad

SHA1
1adec855152ef3ddef15f7d95d5ccdad124b18d6

SHA256
5be22a820cc3d4384354bb6597cf9489ca89526ce0ba5d01d234f958a5291905

SHA512
873d3f07c1edaf320a3c846b5651843b5c556cbb0979ac050fd218e640fecb265407deb7c4d4888e5775800a1e76a25f274cc13d7d6954056eda24bcbc582afc

Download Submit
/data/user/0/com.zvozlqawx.vbnwjvqkqza/shared_prefs/main_prefs.xml

Filesize
114B

MD5
455c3696936dff5650602bf73ffc25b0

SHA1
e962e7cc389f483caab939c77e0a7fe2dec6c379

SHA256
4531a9f2204ae282463e15bca2dd88f410fda61a57af8ec03385d1b05434e31f

SHA512
78e69afe2ddb8d41fc8e05c251e9cc14e6040aebcd7b354287667894567066518c25fce4c3a435fbafeba122fd080d7c70076dcf20e837950e71a6c0a0bc615b

Download Submit
/data/user/0/com.zvozlqawx.vbnwjvqkqza/shared_prefs/main_prefs.xml

Filesize
163B

MD5
d5626652368be4c991f3725ab5763a27

SHA1
4acf29658392a9ee64b2df410f6ee0dd680f5161

SHA256
1ca03656b9a514ff66b26c3938fa8bc3fdefe3e7b250e11764112c84b5510c2c

SHA512
1a787b626eded9fe161f79b44bcdf9d78fc825eef0442a306d22716e4aa94c9d279b5bdb6153033e80f92cc7131b2fb826df9bb62377c50b322776afb6615659

Download Submit