Overview

overview

8

Static

static

6

6cd83a19a7...21.apk

android-9-x86

8

6cd83a19a7...21.apk

android-10-x64

8

6cd83a19a7...21.apk

android-11-x64

8

__pasys_re...er.apk

android-9-x86

__pasys_re...er.apk

android-10-x64

__pasys_re...er.apk

android-11-x64

Analysis

  • max time kernel
    2294963s
  • max time network
    158s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    19/12/2023, 23:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6cd83a19a7d38869502c2b13d5466532c2c5d9b67a38000584f363c4bee35821.apk

  • Size

    251KB

  • MD5

    decb0f410ed9f9571ed8beb653f5316a

  • SHA1

    f4626dbcfe10665cf19a7a27d99bf6fef779ee8a

  • SHA256

    6cd83a19a7d38869502c2b13d5466532c2c5d9b67a38000584f363c4bee35821

  • SHA512

    d722e249cf56bade59c69e7c059410a59a96060ab51eb2e6d02de2734f67d9ee80c7876a73f9239bc71f9e29c439ca01d8b3d778dd52d90fa121528dca8bdbfe

  • SSDEEP

    6144:EdekT3wDjUpH9Hk8TP91Fc+Zj8Z5eAs2S714XyWmuHb0:w0D4pdE8l9t2SmX5Hb0

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • kaixin.fanyi2
    1⤵
    • Requests cell location
    • Loads dropped Dex/Jar
    • Acquires the wake lock
    PID:4981

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/kaixin.fanyi2/files/__pasys_remote_banner.tmp.jar
    Filesize

    114KB

    MD5

    2ad9fb4b2d9b333883b7e38f61c2fd2f

    SHA1

    5b85041452d173ed0d81d25b9ca78608a998e328

    SHA256

    b9310a99f1b60959f6b725eea74623dc491adec55da740c17e8c7e02f35818f5

    SHA512

    6fc04e1e22ebf8920b4928a8086cf3e0814d155f79f80d71622916f6a0911262382710e5ee2acea653db4b387730e201134592cb9992b14f3aef8b09d83bda90

    Download Submit

  • /data/data/kaixin.fanyi2/files/oat/__pasys_remote_banner.jar.cur.prof
    Filesize

    379B

    MD5

    c89634c44fd067bf75b53a4d6b94e354

    SHA1

    8d5d4386b5e140134fb2cb855f5de081545a8284

    SHA256

    e4c437a456bee1c8fcd32ae317017e63e052f0f4de7c6193adcda11ad98e7617

    SHA512

    e16f85431a155984b33bc6341c7c55d9361a97f0f04f9c1f6eb581bff9f172f571a0c571e998ef3ad635596dc2c489a3268fda7e8fb3f36aaff7b77f67998e06

    Download Submit

  • /data/user/0/kaixin.fanyi2/files/__pasys_remote_banner.jar
    Filesize

    231KB

    MD5

    c601107d24f96646ae86f74b0fea880c

    SHA1

    8a8ce84fe5b6e186ddcd69c8757de4fb1aae7ed1

    SHA256

    939120d702d97dc47c6963d98dc1d2694e0fae5f5d5199c0755f54741a3c2a16

    SHA512

    b573a0d74ea8c6e99c3ebad4ac7b42ce46940231f8a90c9b19c887c6c20356235241068d187aab2bae9914c3df84cbe80bca13b5b6d070247353f5e5eb282f33

    Download Submit