Overview

overview

7

Static

static

7

Cx File Ex...re.apk

android-13-x64

7

digicert_g...g2.cer

android-13-x64

exolibs.zip

android-13-x64

arm64-v8a/...exo.so

android-13-x64

arm64-v8a/...exo.so

android-13-x64

armeabi-v7...exo.so

android-13-x64

armeabi-v7...exo.so

android-13-x64

x86/libex....exo.so

android-13-x64

x86/libfm....exo.so

android-13-x64

x86_64/lib...exo.so

android-13-x64

x86_64/lib...exo.so

android-13-x64

offline.html

android-13-x64

offlinepng.png

android-13-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Cx File Explorer_2.0.9_Apkpure.apk

  • Size

    7.7MB

  • Sample

    231128-rqs6rsae55

  • MD5

    0e3649ec652fc60a8823d7508ed1112e

  • SHA1

    ee9ddd923a53eb5e0bdcbf35787bcb4757cd79f1

  • SHA256

    a0898c10f032f7290b7080727f43cea182146acfcfcdefc78d103f4dbfefedf9

  • SHA512

    d5cddb0d4977dd0065f1de0698f72ecc44770128710fede4c3ec47dec1263dacfdd5de54152ae33c1d478646897c098ae16b782b20fce38b160609ea74ad8230

  • SSDEEP

    196608:SvIul73vC+BUyOcrhJnaMPjK53me+z4Nqi6:SvI0LvBBUyNrhNa0jK53Wz4v6

Score
7/10
androidevasion

Malware Config

Targets

    • Target

      Cx File Explorer_2.0.9_Apkpure.apk

    • Size

      7.7MB

    • MD5

      0e3649ec652fc60a8823d7508ed1112e

    • SHA1

      ee9ddd923a53eb5e0bdcbf35787bcb4757cd79f1

    • SHA256

      a0898c10f032f7290b7080727f43cea182146acfcfcdefc78d103f4dbfefedf9

    • SHA512

      d5cddb0d4977dd0065f1de0698f72ecc44770128710fede4c3ec47dec1263dacfdd5de54152ae33c1d478646897c098ae16b782b20fce38b160609ea74ad8230

    • SSDEEP

      196608:SvIul73vC+BUyOcrhJnaMPjK53me+z4Nqi6:SvI0LvBBUyNrhNa0jK53Wz4v6

    Score
    7/10
    evasion

    • Acquires the wake lock.

    • Removes a system notification.

      evasion
    behavioral1

    • Target

      digicert_global_g2.cer

    • Size

      914B

    • MD5

      e4a68ac854ac5242460afd72481b2a44

    • SHA1

      df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    • SHA256

      cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    • SHA512

      5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Score
    1/10
    behavioral2

    • Target

      exolibs.zip

    • Size

      44KB

    • MD5

      879ce276bf89cdcfafe0b58dd7c3daa5

    • SHA1

      a0ec71c07556aec468203a357e20ac489ec5fffc

    • SHA256

      531d19c9b96fbe4c2682b93d560ac3693add4014aac70a92cf468ba24b6c31ea

    • SHA512

      4aac283d20ef98fb1d2acb4c0b342143a0fada48d63835745feb10524eb0972a8b1acbfeddbc4540c40e10e54457e8dad8c05673b08540e7b2e641dfa510d0c2

    • SSDEEP

      768:mMP8r9aeT8366MQPM4JxaEafvm1cpBpy9YXQeC4LBI56pEPFdXEhC6ON+Z:m08rseTUDpUmA/y9Y7lE9duCs

    Score
    1/10
    behavioral3

    • Target

      arm64-v8a/libex.ffmpeg.exo.so

    • Size

      13KB

    • MD5

      dda7fc4f165d7b439777e1d823ffd8d9

    • SHA1

      e2874d521d5e977d2dfa4bc92fbea93adf0d51cc

    • SHA256

      0d273ac8d4ecbbb06ad40636b64dd8a13d58d859d5cfa5027088d2f008992c43

    • SHA512

      7c355f7d004fb054d30a5efd8b54c6d8f45750e184f35b672ebe3567ea3d427e9212a9d2cfab7112441641a89a3cb752ff8ad124f288d28bab703c06970e6316

    • SSDEEP

      192:dykoXzpmQ6NzNIKKzfPqSfOwH1cAwhGGDNlDY28QCECpf4zQtN2:QkGpmQ6qcAwYuEA

    Score
    1/10
    behavioral4

    • Target

      arm64-v8a/libfm.ffmpeg.exo.so

    • Size

      13KB

    • MD5

      8fd2ce908ea092325e95bc5516cce1e6

    • SHA1

      0b558301fb9045233d9094cfc8d6656bc84b795b

    • SHA256

      47e18e5677bbd59204f48b95faa1f3cf3186514f4c1d9e02e2ca08400b3c3e1a

    • SHA512

      a52621a677e0b5e13a4ffd0f9974d9149ccdd9e9e2e765d8f5360bc322ca97b947b126579ca2fb0819411d0500bd6ac61f4d69c75fd7326bb8aa714531fadc27

    • SSDEEP

      192:f++dPUpACdwaN8Hj5FkJe4WKyND19CsXCJ07QiF+:f++dPUdwaqerWK61ZF+

    Score
    1/10
    behavioral5

    • Target

      armeabi-v7a/libex.ffmpeg.exo.so

    • Size

      17KB

    • MD5

      56f5a2040284acd51369eba789e6c186

    • SHA1

      c1a3b2ff778b20fcab18faad075ea8b41adc7368

    • SHA256

      5e2ca50038951df7582d70e1925751816fe726dab6d3e7bcd3929c61c3bc9507

    • SHA512

      9937c1b08a6fd4aa47fcdfbc03faeb2264eb4e9d863d18339e616495d0a38191d9b72d9490bf6b8a0c11792e7a779d190fb7d4330d5e876d995d548fec082607

    • SSDEEP

      192:eQV9ynAUOTqTJnHsVI6Ofs1MrNeXSG/ujrn4AEOZ2k/L6ttVHX9+X:HyIT6nII6crNeXSdjb+OZvLGVH

    Score
    1/10
    behavioral6

    • Target

      armeabi-v7a/libfm.ffmpeg.exo.so

    • Size

      17KB

    • MD5

      9721eb5d12a9573b70d95f38ed737002

    • SHA1

      663ea2d1f7e49463afe32bcac48bda4ec021089d

    • SHA256

      6ffd115752c7b4f1910d75818a31b46ecac83aa25c1f1556d69620229e01bbc4

    • SHA512

      59577ff8d33efd0d74f48a7457a1a48e932351c6c7047cac4237f72ea867684c7836ed560f1d2a06d5a6891ff17d6dc56037d367b8ccf95099e5f3e3b8381dee

    • SSDEEP

      192:STcJ7A/IwaEqTQsWs2VI6nfw1MNeXSG/ujrn4AETZ2k/L6ttVHWN:SwJ7qBGW9I6nNeXSdjb+TZvLGVH

    Score
    1/10
    behavioral7

    • Target

      x86/libex.ffmpeg.exo.so

    • Size

      13KB

    • MD5

      e2433122d387a047e561de0dbd98d908

    • SHA1

      acc8b986a2155d8c71b7a0e12baf90cd1eebea83

    • SHA256

      7711d9c0760908f1e47e50a38d3a6cbc2468667fafa595e21cde37b4f28aa275

    • SHA512

      c81abe0cfbf4a09d90a7d35e2ddb08fcd81a4532c839f50c3030d0afae2289f152993f7c2518d9806bf4123a0d510fc98215974521764d24ca12e0db5cc3301f

    • SSDEEP

      192:cAIj3RX3Qgc2EwW2wJ6zeO4eCbnsZtl+WiUlqgP:wggTg0zXCbns/lJ0

    Score
    1/10
    behavioral8

    • Target

      x86/libfm.ffmpeg.exo.so

    • Size

      13KB

    • MD5

      2cad1aa48c728c16a0f3725fbb8ee5b4

    • SHA1

      614b18da509094edc2529c315661521beec7b146

    • SHA256

      dd894d55c0ae336f1fe38d3a4fbf40ae56797e96a70d38df7a63e6756078b2b4

    • SHA512

      eae67aa9558dbdb464700531c2b5e0efcc3149a2ad9029de4a771a0dc0c4240f5a3923d2b3e33e8e94dbffa13d15f1db446cbc824e67f8521b6d63c73150bf16

    • SSDEEP

      192:qpyhbfX3Qgc2Ew3t1JR+KTeGix+rbnsZtl+WgJgs:FvggTLv+xx+rbns/lJc

    Score
    1/10
    behavioral9

    • Target

      x86_64/libex.ffmpeg.exo.so

    • Size

      13KB

    • MD5

      7f6563e72ea8eebaa0ff1d0d4ce9f736

    • SHA1

      cda90f838ae81ca53cda05ea065cd091615e4547

    • SHA256

      c88720c2286f4f02bdc7bd90774d2cd6303458be071e49bf50258436c3ec1144

    • SHA512

      11623246fbff409022c11fd9d0567fecabbea37e99bfefe1d15b3bb61895df037481a7f633957863ca9014d7babd464f14d24c146d358c3c083f8076c2b6daee

    • SSDEEP

      192:R7atl1pS4B12h3pudZdc+iqkLzC7+ZovZXd:ggBpU7crq8zM+ZyZ

    Score
    1/10
    behavioral10

    • Target

      x86_64/libfm.ffmpeg.exo.so

    • Size

      13KB

    • MD5

      cb7e86b7b35c8640a77724c85b36c2eb

    • SHA1

      ce2b38f80485b196524bbff867b5a64c1a2dd785

    • SHA256

      6f9daa028d864ffa23bd0ce2fb3c6870e47f54246b6affe4f0d9336a1f1b9304

    • SHA512

      0583cc8f52a6eb15ae616530f07580837e4a66e2e0701ef9e041ace7d474354440689838a9b4ecab570a02adb3b89f4350ef8a1c4b766b534944cf9114d1717f

    • SSDEEP

      192:RurYi0xadAWEkudZdc+iqkLzC7+ZovZfd:gr4kU7crq8zM+ZyZ

    Score
    1/10
    behavioral11

    • Target

      offline.html

    • Size

      184B

    • MD5

      75ccdf4c4a502c4c638a12e5071692c8

    • SHA1

      2ab7fb33537c386e91d00691e95f7bea63070380

    • SHA256

      9f9ea22cb1472cc698dfdab9cfcc6a9e688e375db93bc858b67a7d90ad63936a

    • SHA512

      0b463e46ce7957be41aa27babc7397a258cc88f307daca06afdd8c2e9c12efe937d26989ddec18cb285abf4bf83248e943ed44a0615b6a2b807c5c38e6c66791

    Score
    1/10
    behavioral12

    • Target

      offlinepng.png

    • Size

      6KB

    • MD5

      79d465df4707afe4859fc3c9c54ee62f

    • SHA1

      bc55987d63a9f3eb2f5754e3585263006a430cd6

    • SHA256

      8f1f2088b3079449c201496f142e855db68e1db512c032c1d1c8e2024ca5ed32

    • SHA512

      db0676ae9e18756bfd070456cafa621f8f8169cb2f1705d2c7e4c4485587001f3e215fe0546e23aaefbf06fead46ed055cf9e52ead870dcf6feb9634586e29aa

    • SSDEEP

      96:0Qox+38rMZpZfbW4epmG+Xbw589RGylgEDjJ1SU2MpNzR4TO710E:0zvoZpNQpeh9RdDF1SouOWE

    Score
    1/10
    behavioral13

MITRE ATT&CK Matrix

Tasks