6e854af77d119f0a959d1a82e1f8ca21486ab1e8db67372e6eb15f62f117e971

Analysis

max time kernel
2261558s
max time network
143s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
19/12/2023, 23:48

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6e854af77d119f0a959d1a82e1f8ca21486ab1e8db67372e6eb15f62f117e971.apk
Size

30.2MB
MD5

345d5cfbd264d4d23bcedff31b6e05a6
SHA1

5f95efb69358376d9e564288955a12612b8b8d2e
SHA256

6e854af77d119f0a959d1a82e1f8ca21486ab1e8db67372e6eb15f62f117e971
SHA512

fa7a234390a6a66eaa2ff8ec06d1b773174997971005c2806dce14b3f94dd986a4e4f2e52393d874ce59c25f387933b457afd6416ff266a0a53ca117102aaa7e
SSDEEP

786432:stbEfg2fvshg1AuHJg5+agLgmCnQosKXhOoyYTsUoaxc:2E4/Se+ffChHRZyKV+

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 6 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/data/com.xunrui.videowallpaper/.jiagu/classes.dex	4235	com.xunrui.videowallpaper
/data/data/com.xunrui.videowallpaper/.jiagu/classes.dex!classes2.dex	4235	com.xunrui.videowallpaper
/data/data/com.xunrui.videowallpaper/.jiagu/classes.dex!classes3.dex	4235	com.xunrui.videowallpaper
/data/data/com.xunrui.videowallpaper/.jiagu/tmp.dex	4235	com.xunrui.videowallpaper
/data/data/com.xunrui.videowallpaper/.jiagu/tmp.dex	4302	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xunrui.videowallpaper/.jiagu/tmp.dex --output-vdex-fd=43 --oat-fd=44 --oat-location=/data/data/com.xunrui.videowallpaper/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.xunrui.videowallpaper/.jiagu/tmp.dex	4235	com.xunrui.videowallpaper

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.xunrui.videowallpaper

com.xunrui.videowallpaper
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4235
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.xunrui.videowallpaper/.jiagu/tmp.dex --output-vdex-fd=43 --oat-fd=44 --oat-location=/data/data/com.xunrui.videowallpaper/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4302
- sh -c ps -ef
  2⤵
  PID:4407
- ps -ef
  2⤵
  PID:4407

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.xunrui.videowallpaper/.jiagu/classes.dex

Filesize
5.3MB

MD5
b63e4254c52c2474184e35cf00dfef46

SHA1
45bd2965628772a3401a854bd5f5170f53737845

SHA256
4f64c0072d08b8a0297c655cc5c69d0f9ce8cba3aa8f097b3abf639e023f824b

SHA512
28dbae2e448ca582b568ea39a45b6d3f08b99ff6899d44d225d57fc5e28bd3223baa1f42ffb656d02beef3bee466ff651fc685aa9f3b9f0b44ecd28218da756d

Download Submit
/data/data/com.xunrui.videowallpaper/.jiagu/classes.dex!classes2.dex

Filesize
6.1MB

MD5
b5e69b727b94a06abc13f07b5d7f7a78

SHA1
ad29aee6bef5c57f9adc8a4b06ef20f823354fe9

SHA256
f4fa5c33d3198d68dc6e9820c6934e48822c2c2abd42afc4db08a51aba186edc

SHA512
78e40f1c603796f9ea3e4a5a6448bfb7f2166bc64d8aaeac60c17beea1b99f8491cdc116e6e8cc37a8fa30ef906ffaa1be82b30bb195690bf448153c45137d8e

Download Submit
/data/data/com.xunrui.videowallpaper/.jiagu/classes.dex!classes3.dex

Filesize
2.3MB

MD5
54f97d41688a79d113b94294a7238a92

SHA1
602818412e975d30e86e0ece56cafc5ee9bc49aa

SHA256
ee1021ed86fe66bd43515733d835f4b2d8788437bee73e52db7112780e1f3e92

SHA512
721229d823f4d45d110f440c0a63d8c7e7bb29d8be77fa03e5283a96e747445ec8cc1ed9cc48d89dd3aec62b816b107485aa141b16f00d9ae8edaf6b2a8cb080

Download Submit
/data/data/com.xunrui.videowallpaper/.jiagu/libjiagu.so

Filesize
475KB

MD5
f0f9ef36b67807a253b5932f865eae7b

SHA1
6a8d66c6efa2750b54cb763f4ad044bba4154e0d

SHA256
646dcd8290a30e992553186392239da39ce7c8e7c2fd87b3d6a880551782db75

SHA512
e7ea65467e557e4992e746d808cae3e2d16b42187b1a94326c47c689cef9fe21a2a9d2b312c60c8ff40e128dacbde84cd6b93a191ae38496584a45fe60c04548

Download Submit
/data/data/com.xunrui.videowallpaper/.jiagu/tmp.dex

Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/com.xunrui.videowallpaper/cache/HttpCache/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.xunrui.videowallpaper/databases/MessageStore.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.xunrui.videowallpaper/databases/MessageStore.db-journal

Filesize
512B

MD5
15c5460d361ba9dcb048afa6dff17985

SHA1
706fd04ab9b1475b1b829d1fa55de628d392644e

SHA256
1579d262b6ef412ad8bf87a493766d3ca46fc52250c11e6f7b30e8da01456137

SHA512
18c906e44540739a5011c9d486654883d900da1b7ba0e89b9c4ffa3d41f2eed655d25c763ee40d6ee65c93bc1ad811ef7fbb3a4398e3bf330afb1b11e891bd2e

Download Submit
/data/data/com.xunrui.videowallpaper/databases/MessageStore.db-wal

Filesize
48KB

MD5
86e2d6c2542ebe5186cb71f5f99f0252

SHA1
3993135c2ef6bbdf19d981a0cb55f16f428369ee

SHA256
7a7be76c35db5c43d415ad68f06b93312296a3b4534afdbd57cb3fe48397ff2c

SHA512
a5f845ddef7afbc8ba930a92bc41b1aa7d7976ee42e067f652119218fc91532f3ca326c942d46a0879ae5ca4969e896e17e60d86a7698a213149575d9ecc4dbb

Download Submit
/data/data/com.xunrui.videowallpaper/databases/MsgLogStore.db-journal

Filesize
512B

MD5
a2ec831a7f41882ee062a3e16d3e4fed

SHA1
73eebf8d6986ac73e87fece9cb276e85887fe7ff

SHA256
fbb62bbd539895098466996b2aad85170150c2015d49598dec7205698349364d

SHA512
9dcdab35a697dfa5bea3f32aa3b8f5b92e7956dd3c12e21dda7fb0b19a8aa0bbbd63ac37c6116c47869087ec34e89bb8441720ca685360bca72df3013fa0e150

Download Submit
/data/data/com.xunrui.videowallpaper/databases/MsgLogStore.db-wal

Filesize
16KB

MD5
94da676222742848c565b97a66219a8b

SHA1
3476c9c4115fd10cab61aaea881f1d4a65c58b91

SHA256
9b9fc2b5abe4fc1c97f460a35925f99158b528f69b68e08ae7b7d74728e9a0fa

SHA512
04b91efb63b5790c6c6350c0c2fc83cb40bdf5444dc43dcb25da9a2a3eabef33d28fc2a1d791e6c0d161951b492910ab040b0b7888ea142dc82078555697c95e

Download Submit
/data/data/com.xunrui.videowallpaper/databases/downloader.db-journal

Filesize
512B

MD5
e817d9e91d17590af8da00a532592a2d

SHA1
4343ad0f07bd080eb6fb23df8fdf5ba26286e7a6

SHA256
dfefb039a293100850fbea110a3fab0dd351e981bab843f4e2d66bef1fcf36a5

SHA512
592a5d46db59c36aaeddb7c593e7041c9e73afd7ee8f937aafbc44031e769a20b275d9a4e6e40289d1e08d4c596dea3557128cf7becec9f8195f0bac7ed7da64

Download Submit
/data/data/com.xunrui.videowallpaper/databases/downloader.db-wal

Filesize
32KB

MD5
75c3640ff1543285c9bd1a4301878cdd

SHA1
443528f3a67c6352a0718442d6e982e0d3b0a70a

SHA256
fb68385c7aea889d7bfdb14259969bb7cdb016e42c94362dd1918e1b4c3ab500

SHA512
525a8dd0803187494169fe44e4ba8f597e447c8f68a4a9914e3dfc81cfd50ae75fffc48f51fc834b1da0e6eb5871f723427930489420b8fbdf113968648ff329

Download Submit
/data/data/com.xunrui.videowallpaper/databases/ttopensdk.db-journal

Filesize
512B

MD5
b6801598091646d6732fe6fccf70749d

SHA1
98d2cb701d7ded738f5662768c0c264467da85bc

SHA256
c957cad9677cef1454855100ba59cce6add445914403d77f867470280408c16d

SHA512
f29db21f2a5831ced3c24c3c5cc0e517c8361163d411b61b064604f94151cadc448cc052dde93a35b5427cf9aab9f612540cf037e9f5efa3445018248ea0e371

Download Submit
/data/data/com.xunrui.videowallpaper/databases/ttopensdk.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.xunrui.videowallpaper/databases/ttopensdk.db-wal

Filesize
60KB

MD5
469524f116c964189b7e7882c45d61f3

SHA1
62481c679ffc81052484a8cd5e7af33b3011f8c2

SHA256
4b9745a2e263ab74701fa5eb70a8879b2af0c16bdde9efb921c9207b32dc8472

SHA512
d8faeb24ba4f45b9d5fc63be4c3c3a875eecf7c1a3c1f62904f138f1feb55a259fd4e7078e70ef67c722cb517f7f6be08bd33dda814e95e25ba3fc154ba7d91e

Download Submit
/data/data/com.xunrui.videowallpaper/files/.jglogs/.jg.ac

Filesize
32B

MD5
5b9a04f642b61e4affc7abff6cb57384

SHA1
4b6680efd702c8898e4748ad3083e3503884ff1c

SHA256
17f40300aae2007434f3bd280dfa32f3f161e93d4568b7b681ee0b3784c2e9b2

SHA512
8fb59a5f0a15a220e5a62ec04060bbeb163df9005289dd24f09d305b633c6fe0f2734151ce03a0088ecb266dd435637e20f723be88b9e61a57f0e0b2a799d467

Download Submit
/data/data/com.xunrui.videowallpaper/files/.jglogs/.jg.ic

Filesize
32B

MD5
9105ccc6db71f29ecbe5fbb5009b8a22

SHA1
e8c46e747c0846b017da7974be26c5c9fb394e22

SHA256
10be4e83555efe2e78b9dd87b8dff42ca54fc5968d516a31d7df9079bb29ae9f

SHA512
bbd17813d4691a6bc94fc4f396dd5fd657ddf69a2b3d582ac5f002ae02c53624f64704ed4968229690f1895655e08413d09190aea6191ca3ef009070f53b586f

Download Submit
/data/data/com.xunrui.videowallpaper/files/.jglogs/.jg.rd

Filesize
73B

MD5
12c6b786871ce7093d181d65643ba173

SHA1
03fa8a16499debe4013fa1cbaf3fb79cded67582

SHA256
e4614b87c20fcd4e102021fdfaa5f4fc36e49212096ec95702f5b1fb85a745b1

SHA512
5f3c0e3bcb238312a9b74a30a48fa72ca2618736399944086c03f88ebf621932c4d955a3e2ec4e6541fdae93ae6a35bacef8a9d6e264a45b666a4d5cc3abc910

Download Submit
/data/data/com.xunrui.videowallpaper/files/.jglogs/.jg.ri

Filesize
307B

MD5
a414f3d559dbb40ea4fa9daebb40440e

SHA1
10f6708acfcfd642ee7d77923f4245e6059bf2e8

SHA256
54c3ac11d78e85c0cebe8a553ae59cbc3b366801d81a3a76cb49204669e6227f

SHA512
0ea5bba821e1bfdef5a3cb4debf89d3a32b910c51a2a5e1e6332736d5f7f428c8b627be9b65164d9cdd64dfff9b1b71f14cf47761f247c149c1f8c3d7a9dabf1

Download Submit
/data/data/com.xunrui.videowallpaper/files/.jglogs/.jg.ri

Filesize
314B

MD5
277cbb8cc3a9d9c9743368f4cc3d2476

SHA1
248bd00874e6db966e3505201641b5d058da0d1f

SHA256
4d07b197fbbaae4a9685a6c1afa2b9dea08e5e07a47d7185bd67272ce9c57cb4

SHA512
dc63161c6fb95f925cd5baf4a2c13ab7bf834d9653435f196eb05e6cdf7ff02d068bb16d8e984ced6da3993c49f5d6d5cf556e8062f4fd9ef1682a122dad5688

Download Submit
/data/data/com.xunrui.videowallpaper/files/.jglogs/.jg.store.report_pid

Filesize
32B

MD5
bd7ce58041066d6aa611c38245ce717a

SHA1
fcba5d9e58da49b8770a9e2bc51857b4b128fdd2

SHA256
d3e1fb8edcfcf22c28f260ef14ebabd65d8bb563ec75d401f114f6436563ad89

SHA512
59cba2dec88903ae49f2d1565c9ff9c91712c314aff3343a80e09f2b45561aeec625d50d3a706d85be6a6e444dc1114c8639bf2b4e2a15f622fdbc9f44778f67

Download Submit
/data/data/com.xunrui.videowallpaper/files/.jiagu.lock

Filesize
27B

MD5
460c19bbd4057fdad56b042b8eeffb6d

SHA1
12d164d22c429844dc9530429ddb280cfd438721

SHA256
e23096e301e4786a213233b6384bd631089675527667f375bb3464144fc8d00e

SHA512
c5bdf1fc18649a4e4174a1c0ccadcbcac74cfe4e946b29bb77d28c9f06f15c4774cbf436be1ceada5bfffaffef693ffb55ba217bfc44eac13ee380287679ff43

Download Submit
/storage/emulated/0/default

Filesize
18KB

MD5
4a88259c49c396a2e58065781c76f14a

SHA1
65fda138e831c40e9e03496a82e4e5f5e5679718

SHA256
6531c7403e2c3e3e8e74ad9d45f190a6e3af2a6042082b5d60308d1fe7260daa

SHA512
fe9e819937f402b81e9161d5645d291b0069b4038ce25dd1813299734eb85bd98a0fc793408c7f93c17c16eef1d8496d591623bae954aabefd4b83d8d7f7a133

Download Submit
/storage/emulated/0/xunrui/videowallpaper/log/crash_2023-12-20.txt

Filesize
1KB

MD5
a62c209ac68aba9c9ec6002031d04906

SHA1
e5dea1ebce7afd62d5f7a5d65664e618d76cb7d9

SHA256
cad9834a6e74e14f2d5435b23ba3afadaf60e6668c04d16b3d06841f11aa2199

SHA512
d2de6072605371a3894745abe0ddc972612502089fa3946ef74754b08f2c05ff41db9e5e11867f4796bd325767e8816cc7c31fd71625bdb366545091592fa216

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads