2b6bbdaf18c1648a05137e4a0d6b44ba4c895ffd5824c986e639edd289a72b77

Analysis

max time kernel
4168087s
max time network
91s
platform
android_x64
resource
android-x64-20231023.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20231023.1-enlocale:en-usos:android-10-x64system
submitted
22/11/2023, 19:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

bilibili-弹幕动画直播高清视频_3.18.0_Apkpure.apk
Size

192.9MB
MD5

722bcf06caa62e7ca550e260c7785ab2
SHA1

5153591c03927979adb343c3ffa68473c9eb8b11
SHA256

2b6bbdaf18c1648a05137e4a0d6b44ba4c895ffd5824c986e639edd289a72b77
SHA512

b778c59077c6d92c749d9f6afbd52932f64bd43195813a303376bbeec7891940927102f11d205bdf64265ac94a94952c49f704a9f6c377952d3d4b56fb5602e1
SSDEEP

6291456:pn8YCjXg/RWYknLPzTgrAt5vgtVeXgAEybh7Wv:pUjQ87HlsogJyYv

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.bilibili.app.in

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/apex/com.android.runtime/javalib/core-oj.jar	5085	com.bilibili.app.in

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data). 4 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.bilibili.app.in
Framework API call	javax.crypto.Cipher.doFinal	com.bilibili.app.in:pushservice
Framework API call	javax.crypto.Cipher.doFinal	com.bilibili.app.in:pushservice
Framework API call	javax.crypto.Cipher.doFinal	com.bilibili.app.in:pushservice

com.bilibili.app.in
1⤵
- Acquires the wake lock.
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:5085

com.bilibili.app.in:pushservice
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:5376

com.bilibili.app.in:pushservice
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:5726

com.bilibili.app.in:pushservice
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:5901

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/apex/com.android.runtime/javalib/core-oj.jar

Filesize
4.7MB

MD5
7e343cbc45b618d05182d74bd61826b2

SHA1
02ee96263b3b967e570e8ddb1fa36cb21032b71b

SHA256
324b5af2ec2d78bb57b1552f429af51ac8d65f7fa277217ae8d4371ab14178d1

SHA512
48cbd8a5b246cf9d6ec16558ab12af131439837094c63a64046de384da933593459fb1aec126393bbe3b2b8ca19437f38b68364c9f158023a7b1a35e6901c705

Download Submit
/data/data/com.bilibili.app.in/app_blog_v3/2023-11-22-pushservice.blog

Filesize
1KB

MD5
d7557774bfe5eaf17dd08f09a5e9ef08

SHA1
94c609cf7a1d4e9bd38b9241700ab046d47ba17a

SHA256
3976df7a2520b319b4f4cac043c8f9f2d52f6c38902e5b5001032c248089757b

SHA512
a5b84ffc0cf5193833bebc5bececec0a30c363b26b5069b6051709ed84a741f4e2f03aa4e30ae660236f775ca18c41cce01b4e6091cef12aedf612209b1b3361

Download Submit
/data/data/com.bilibili.app.in/app_blog_v3/2023-11-22-pushservice.blog

Filesize
2KB

MD5
4a87aa10798b204618fd9aeedb7639fd

SHA1
32822692a1712a6e70112661c1c7e64a91b929bb

SHA256
59414b34c49da58386338f46d5641c52f660b720ed2ba5567ee33875c5374eb6

SHA512
bccc3caf6665e2c6e6934cd2d0b11eceae73990baa699ae22e62a00f45b4d7dfe4fe13952bd8015299a47bb9bf4b7d67cf831c4fbd582de752e0fee7870897ea

Download Submit
/data/data/com.bilibili.app.in/app_lib/libbili.so

Filesize
673KB

MD5
782d202a457ce47c3562f520b5a7008d

SHA1
47bca4ae93d2e35a10c8459fbcc99da060582b2b

SHA256
fa302d0244052c9492107e81b178e1ad3d2bba76eb5e9c24cb9a55c746e5136f

SHA512
d297cbe5c5c4a8f144fa882f6939b51551017cf6f894d80c453464db46a582ec1aa6813abeffacf48e71fc09746811d1f8045929502695edaf883f3c4af847d9

Download Submit
/data/data/com.bilibili.app.in/databases/BiliGameDataCache.db

Filesize
24KB

MD5
880024a6ccfb36795a42bf1166d80398

SHA1
2117c6a46ec3d617f1b7051b7cfe30c086682286

SHA256
8769fe0d51717423efb24cee5aac4b0ba262889915b995ec221b4d1d7ffc0d86

SHA512
c1f6e92414a083fb6a8378d4045e4cbf68758034d2e51e44ca5da87c59cca8dd8514ac694097534c4c2e36161a592c8f26df1fbc79eb3796cbaafbfffed831a0

Download Submit
/data/data/com.bilibili.app.in/databases/BiliGameDataCache.db-journal

Filesize
8KB

MD5
6558d34b2155efc9ed964b4b5443ff61

SHA1
c86901bc47a9ce985cff7b3da2c3a01558912f3e

SHA256
a5e0b8d5167b76a78bca6d3059c6f4d8a0ce4e83455a32d5e6ec3df090f00693

SHA512
d3344b8102ad5309e7bcb383181530ff50de0b271ede1916ad603ce0902ebe25f51cd665a5c15970679fd3424068390e2e3826af4e542bef8bdec2614a5c450a

Download Submit
/data/data/com.bilibili.app.in/databases/BiliGameDataCache.db-journal

Filesize
8KB

MD5
1566fcd926a2eefd43be259cf35dd642

SHA1
6d60bde97016ed8cce17cfa46e95dee13997c6ef

SHA256
7e43bd39ce9aba546f89bcfb911756bdf87992038891e88b5ae3c3f37bd6167a

SHA512
6d20885a381eeae00b0cb854f5ad794f9d95cf4d9d2b8e70537b524ec4905707e83b29027c98321d33d3fb7efa202f8877617e7ac1eb83b2418d6ed9c912ca38

Download Submit
/data/data/com.bilibili.app.in/databases/BiliGameDataCache.db-journal

Filesize
4KB

MD5
03d5f4dbe69784cdd8082bc8bd823658

SHA1
68d01c465ef7f5ea2e6cb071541f51ff3740fb82

SHA256
88d5929e45c073e44335669ef43257c1f24d7b4593ac00306cf3eddcc20365c6

SHA512
7e4eb1403ac1421aff25c35f684ad31fd411928fa9f80400e681d939bdcbbb550dd9b460365c4285e0a7a801277f6d27a3efee1cec4b3cddef64f273d5dcce0e

Download Submit
/data/data/com.bilibili.app.in/databases/BiliGameDataCache.db-journal

Filesize
8KB

MD5
58f3d96bf490a2749ba0fce080bade69

SHA1
c684180f18fa54c7a1cc142e00274e8503a4c383

SHA256
6f6b749b4d71bec26848ae5c14b4173c8aae3f0eaf6447b6526df61dc3c6e5e8

SHA512
3522d796533627609f3f610231269eae4a313660fd96ffb314f2e465061fa5530a0395b99933db25adc9d6c5d134022890698092561d4420479e5f1ab662e1e0

Download Submit
/data/data/com.bilibili.app.in/databases/com.google.android.datatransport.events

Filesize
40KB

MD5
15d5b92dcbda7ef7f9ca327a903e46e4

SHA1
ca153b66028a58d90346ff8abadbdf01b95c37b1

SHA256
e802fdc1ccd833b91d80bb1d8f54cab2b585393e6a07622c4d9feaab07633370

SHA512
2352f167ee5aa37cb3438a0a7df8f632771a1d019c5cd120fe62313fb73aed6d0e09186a9bf306a564371b846a8da020f6acd7aede0cc47ca50701611fa84aca

Download Submit
/data/data/com.bilibili.app.in/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
8ad7b59238deeae93dd1f1e9933ee115

SHA1
c8855498231f04920d311ca498889a1ecb03a738

SHA256
2859f2cc98e367d9b657fb5db2b7947a3fff10e9d254b71974e07fbdbb232e05

SHA512
74c4d9d2a55b34d5fa49ee3e1d138849f8b3d522744fe74f6ec7279dff8d0d2c4195d06744c3f782759bcc33c0e927ea6f711faa4c36b5edea18a2895bb54fb6

Download Submit
/data/data/com.bilibili.app.in/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
a05c3f9352c8d45f7f65b530c22dd892

SHA1
7de37333763a4e28474935da958512004d40294d

SHA256
ba676f7baee6a2330599fcd4c99e614dc20e5aebf9aa9d0cd060eb1390a573a6

SHA512
344294fa607f0eda0173a3b1a4387b3e29bac482c2f601cb11151036ef71bd10975c7bb28e170e92d6efbd5c21458179c157386faccb623d6a6343876ea1bc2b

Download Submit
/data/data/com.bilibili.app.in/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
356a7f34e8621e1368e5e42f2ba88d2a

SHA1
bb4ff46008afa6485e0af1dbdda6a0aee833fb45

SHA256
7eded4fde4a49a6c6dff58c6b5d4292dab59a5627bc4aea2242240bf8f97ac14

SHA512
dffe1439278141ec2ab807089ba93f97db7c9a365b0b9d47641f227d1aa66445e6b319753fc0ba115c46f3c39d2bea051c41a9a08c77d9bf4ba76ace411e5db8

Download Submit
/data/data/com.bilibili.app.in/databases/freedata.db

Filesize
12KB

MD5
ea628e04765adaf4238a5dcdff4bbd51

SHA1
a801947619ea8c368efe9c006a324dc6339ac60b

SHA256
885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

SHA512
c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

Download Submit
/data/data/com.bilibili.app.in/databases/freedata.db-journal

Filesize
512B

MD5
f5eaa1f58f69c65127c6b539c01fbf4a

SHA1
e59ea1c443510701278d18b8143361d82d877a7f

SHA256
977850c8c50d478779875f008e1fa27fb20c6fb48dbedac20ced20907322edde

SHA512
4e36cd142d746317caf53f22279813553dfd0abf2566cc930346999268f871222eece53de344ec2dcc2d1dcd0620800a28e38b19b9d305f537f186380a22cebe

Download Submit
/data/data/com.bilibili.app.in/databases/freedata.db-journal

Filesize
8KB

MD5
488930487a9a0ed8d230cab536129df6

SHA1
37e6af81c5617c9480ff0a3eea76a602a43214cc

SHA256
b64114b3ac62afc371c7369c2185fec7930e2b35b7beba9bee5a21a5ba1fbdd4

SHA512
6f20fd45b38fe173e3fb86269b3fc695430b0aec5b9b366dab38d3be3d9b613258684f761b817d25f2672dd0cd8c50a599af12f8cf1e3effb2c9377fd9618f19

Download Submit
/data/data/com.bilibili.app.in/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.bilibili.app.in/databases/google_app_measurement_local.db

Filesize
16KB

MD5
63d2b6e229d819d6102400131976d131

SHA1
9f8f4f5b3c70fbe2a3280dc29f70bc4c139b0169

SHA256
742da30a516707e30e8a65e8c7a2ca6f49cf6fe0bede0370866313fd64040981

SHA512
b236a45aedc91524b8084da797e523d185e6f975c158cdb4d2c2c5a880cf3e98bfd1a58af13ac0c94647a2b0eed40e73cd17f98f73a5aa2d088fec022c179e01

Download Submit
/data/data/com.bilibili.app.in/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
9d6378f7b55e7e9b065d00910f9d775b

SHA1
91f73b48a2f8645ec63279b6b65ba07fab37e24f

SHA256
0254ab992068729145a510d934e468903839c9afbbb015540b6c6b42d430e6fb

SHA512
905917ba40475ffa18bab1e9d0f20d137126427ebdf1ff84e7c1981ac9841f98754b8803dc931be03052fa5721fcffe8f7035de5c0bfdd889fc478e2f3c48e06

Download Submit
/data/data/com.bilibili.app.in/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b60cf83f5bf3692ee42b5e0aff135743

SHA1
849b882d7e9e0a92185b1aa6890a5f518985692f

SHA256
224ef7dc248ae55bc55f68634e83da558cf73fd465e44cc8c28a61c4b39297af

SHA512
97c4e2872fe28cff4952a8035f4344cfc6432dc971db4a6a9647bbdd06c20e61472ea39ec4b2c0fd3daaa0976c94fcf1abb4657b39ba01551164a18ecc0ef01a

Download Submit
/data/data/com.bilibili.app.in/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
82f3aed3ce26f41788449ec1386a2321

SHA1
37293bb08e7a4b46caa8693c6606a29a79cc8516

SHA256
5542a1f013c5728388d2cf41bb14dca8892b3fe3193b45e522164f9e15f45a3c

SHA512
b508ca9099673694a06d5f6317c091b6889aee057d953a7bbc0430a20fe9a74f5e5f7b7e82902fa1dc86335ed6162f0dc8f8f01a7183310e34fb22b64ca4680b

Download Submit
/data/data/com.bilibili.app.in/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
dc8ccacd5a2655acb1f34be6de7d0d59

SHA1
cf8ac0f088b36d18f8de634679775c8f045d22f2

SHA256
a72d20c454b141401ef15d5ffc66dc63454c3d88cff85ee5f573246a45c03bd5

SHA512
3b0ee9963bcf22430070cbf27a86cacd247ae137ebf9ba0e032394e9bdbc635faa455065a48270d3904e58c83bb9cc9f6dd2715b8afebfd3963732b5f8e3e14a

Download Submit
/data/data/com.bilibili.app.in/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0f84998202534384471928987141431e

SHA1
6cacb4b66b30adaea60013ab6522a4b42bb1bfcd

SHA256
cd1e22eabf94305a388612932c4260c63d218d3f6afbac1472e5498c52f2711e

SHA512
8e88ff47e22c66302f000d6ac90f0a1f6219ffb89fb40c37b0770cb6c4becdfdcb06d2e3199e5c8e8c30d9a20af73de36e1f5cfc56e6456861c94e26ddb8125b

Download Submit
/data/data/com.bilibili.app.in/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b24c74451e3cd4cf95c9b46c420bff4a

SHA1
38c74e30b377e163f06ac6a9062c6e0ca991cabb

SHA256
a15f191a1b89d81c9cc30ed33429c5ca981e5de79bb0246567046238f785344f

SHA512
90802acf71a42d53af11b4ad6772e986a69acd475bfedd2a2defcf24ec6ceb7f0ec17bf9f2235ca2a463dfc706b7acda4fdd8c232ddfedd905b3f3d3df265fd4

Download Submit
/data/data/com.bilibili.app.in/databases/infoeyes.db

Filesize
32KB

MD5
eb003a803888f9da46484f48c8d144f1

SHA1
f58ef05422362f7bc77204b4d86a81e9b92e6045

SHA256
8607a450bc1b8a7c456a651ec37630d6c6e92d4529d278a83430ee47bcf5d719

SHA512
cbc99c45bd31bf798a348bf5e4120767a3eea777bff614b6d4c97d2cfdc355a35caa605c91510bf03a6b6e55c4af7d59c8132e263c3a6e675f7084164e744b7f

Download Submit
/data/data/com.bilibili.app.in/databases/infoeyes.db-journal

Filesize
512B

MD5
6d97c2e1d3d30fda6dde1f0a56aa6f31

SHA1
f706143df6b5cffc1ea91a51f13fb343c7f23d21

SHA256
7281a54b2fa418b47febd31672648d57a07754885360f5dcba55aeb8de64b22e

SHA512
8dbdf25d614095c1de7391c1fe188096d00d3e39da11553edf4199800d12f3e09cb22cc55fa9d0a1628614c355377ea04a711a591017664f405ce0d8d802723e

Download Submit
/data/data/com.bilibili.app.in/databases/infoeyes.db-journal

Filesize
24KB

MD5
880024a6ccfb36795a42bf1166d80398

SHA1
2117c6a46ec3d617f1b7051b7cfe30c086682286

SHA256
8769fe0d51717423efb24cee5aac4b0ba262889915b995ec221b4d1d7ffc0d86

SHA512
c1f6e92414a083fb6a8378d4045e4cbf68758034d2e51e44ca5da87c59cca8dd8514ac694097534c4c2e36161a592c8f26df1fbc79eb3796cbaafbfffed831a0

Download Submit
/data/data/com.bilibili.app.in/databases/infoeyes.db-journal

Filesize
8KB

MD5
6558d34b2155efc9ed964b4b5443ff61

SHA1
c86901bc47a9ce985cff7b3da2c3a01558912f3e

SHA256
a5e0b8d5167b76a78bca6d3059c6f4d8a0ce4e83455a32d5e6ec3df090f00693

SHA512
d3344b8102ad5309e7bcb383181530ff50de0b271ede1916ad603ce0902ebe25f51cd665a5c15970679fd3424068390e2e3826af4e542bef8bdec2614a5c450a

Download Submit
/data/data/com.bilibili.app.in/files/PersistedInstallation6121562152146009770tmp

Filesize
512B

MD5
6d97c2e1d3d30fda6dde1f0a56aa6f31

SHA1
f706143df6b5cffc1ea91a51f13fb343c7f23d21

SHA256
7281a54b2fa418b47febd31672648d57a07754885360f5dcba55aeb8de64b22e

SHA512
8dbdf25d614095c1de7391c1fe188096d00d3e39da11553edf4199800d12f3e09cb22cc55fa9d0a1628614c355377ea04a711a591017664f405ce0d8d802723e

Download Submit
/data/data/com.bilibili.app.in/lib-main/dso_deps

Filesize
1KB

MD5
d7557774bfe5eaf17dd08f09a5e9ef08

SHA1
94c609cf7a1d4e9bd38b9241700ab046d47ba17a

SHA256
3976df7a2520b319b4f4cac043c8f9f2d52f6c38902e5b5001032c248089757b

SHA512
a5b84ffc0cf5193833bebc5bececec0a30c363b26b5069b6051709ed84a741f4e2f03aa4e30ae660236f775ca18c41cce01b4e6091cef12aedf612209b1b3361

Download Submit
/data/data/com.bilibili.app.in/lib-main/dso_manifest

Filesize
5B

MD5
c06857e9ea338f3f3a24bb78f8fbdf6f

SHA1
c5a0a2529d2deb60fec041b4fbd722a2ebe31702

SHA256
957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

SHA512
29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

Download Submit
/data/data/com.bilibili.app.in/lib-main/dso_state

Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/data/com.bilibili.app.in/lib-main/dso_state

Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit