6e1b307c219f133e5551328439ac48ed9e3f846bdde43cc7950a4fce6fb0cbb5

Analysis

max time kernel
2303428s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
19/12/2023, 23:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6e1b307c219f133e5551328439ac48ed9e3f846bdde43cc7950a4fce6fb0cbb5.apk
Size

2.5MB
MD5

d04b8b4841ee377b907681b220358155
SHA1

67ebf978139e6b1c2e0fea8af7c6a33015318bcc
SHA256

6e1b307c219f133e5551328439ac48ed9e3f846bdde43cc7950a4fce6fb0cbb5
SHA512

1cf189579ec71f49b7ce799a57976446061d881f5ef1ef31bf07627cba5dd3afabdecdb9de357c8560246d68b6b0a048a1ae12c70468311a25c8cbfed053a0c4
SSDEEP

49152:NSxsB2KNjNHmLlbrty23odJk5lXlivV3C4PqPbjfEbj7wKNvsz3aIe3oeYUcunYE:NDTNjZ8rA23omOC4P8fS2z33X3ziCG

Score

8^/10

evasion infostealer

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.ssssdd.dddd

Reads the content of SMS inbox messages. 1 IoCs

infostealer

description	ioc	Process
URI accessed for read	content://sms/inbox	com.ssssdd.dddd

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.ssssdd.dddd

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ssssdd.dddd

com.ssssdd.dddd
1⤵
- Requests cell location
- Reads the content of SMS inbox messages.
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4247

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ssssdd.dddd/app_jar/lpdf.jar

Filesize
35KB

MD5
e1ab911d4b585a26aae02d8540575013

SHA1
ac148f7bdf95edddc97d9224ff51a771f1070520

SHA256
8a71fab57b4a03f0b37095daa2eaa086ec6ed6c1c6166ca67c0e0a9e14cc85ca

SHA512
983ec12cde3cbfaffb414b8c8eb17c793bee558eb51b9d5e630f9bd5f312e0ce55622719aad6097a799286c25001212b26d7053e7e110a4918beace33d3bcbc4

Download Submit
/data/data/com.ssssdd.dddd/files/jiepayplugin.apk

Filesize
27KB

MD5
c67ff641314b7710fa8a4607f5c54cf2

SHA1
b1939b0230910611673ca286bb26b307afd0db30

SHA256
6715a6084c989c42dbc007f21084c4c907ebc78355f9b31c1071756eaf61625e

SHA512
9586077b529ea80cb546c342a5916e16fe8982aafad7eaddee0a6c1d1582a16962042133f617f48947e99fa10e1c0d9364d04dcdc60cd35ae3652dcfde44bf14

Download Submit
/data/data/com.ssssdd.dddd/files/yypyda.apk

Filesize
38KB

MD5
cc860a00cae01d4f2e88cfcbf05f06ff

SHA1
87778550a32109a679a2d28dec9ca4e6c0ca19fc

SHA256
494a419030f286fb05789ded096c05326a44fe2ff6708a0ad2e2c862c5d8d347

SHA512
dbe68454e053ff4d494ebf60daa52b856f64b393d37f89a8f91a0239c4ae799f51621b5bb791a497d93ff7b2e8194acfccd82994399f20166596275ccbb10057

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
5ce2b2607db695f19af7df34027ceee7

SHA1
abcd6ac52e47d99a7feca077ebe034858c051ec5

SHA256
62eeeda527bc94d0f143675c127cb0dcdc93e169594cd3d7ac3e90dd277f5390

SHA512
4cead14e9c07e34a6aecc436dc4fa50bdcc345c6312a259d215c75850a44cc59b73fd2a9839e2024a7baddd8c11e3eeef147cfce4328eaafd5c6ae9a9f06ee96

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
ba44db0e19c53dd5f87b2dd70d32d2a2

SHA1
d165977e5a18ae3300fc000c973149e0706e47b4

SHA256
2843acab7521100cfa5daea4df5ffd238fecd66e730ceecd866d617e65a2e54e

SHA512
0dda5722663223605d7ee7f10484a8a6ed3b55ebae4c9e3dc37846b08754045f9eb3b78fe3352742dd4c01973b9f39855bbc18ab514a67c62e0d8186ccb7361a

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
4ac62045455108edf05ad089d83b9204

SHA1
8afb19069645767fd020a0ba474c12724faa632c

SHA256
1b1779bdda9b5271d56ec174b374040d9d53f877c1c36d11892da48fff0cff3f

SHA512
307481717f55605bf1b362948ff6eed391ed1c2ad077598dffb9e9b57eba2cc8999fc463fc477bbce900ab4b95b74ea3a0d1af91e20c38763c56d6dae835e2c0

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
e723baddc4534e58048b2f86140c838a

SHA1
cd4cfea41b6de33753fa91f709c751e55459263c

SHA256
ab83cf78c8cf741df2dad9aec694dc03437a2b178c0222851b1f06e0d512f52d

SHA512
fe7b3b7a200cd6a9d46417b09ced8b1978c9660a8a5f53b9999a21bbfedbd32508afd5a8c61446de9e2b370a293b92b315585c4047f0578087cc7b751d8055e4

Download Submit