6e93e8faae6a697350e44748481ab1ff2ae975e3fb38dba4b97f630d1021623a

Analysis

max time kernel
2309928s
max time network
139s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
19/12/2023, 23:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6e93e8faae6a697350e44748481ab1ff2ae975e3fb38dba4b97f630d1021623a.apk
Size

5.5MB
MD5

6993e6412374417fb366a3154c0a0c39
SHA1

1c2672c647a4e9482cebdd06db1a133595356c7b
SHA256

6e93e8faae6a697350e44748481ab1ff2ae975e3fb38dba4b97f630d1021623a
SHA512

8d769c65b5f58faba1303150344db1dc6412f8f8f1e0bf1c795dfa0c832bd2a8f99ce76a8143de2d4aa126e2ef9a3d5c49b3f078cc19768666199da887be3fd4
SSDEEP

98304:i8bQMoio3ghHewXtvi0BQ0aHRNr3Kvb+wt0IHwe4Z6cpMGEH0zlPLj7t61yDBDtk:icQsjhHe051aHRl3K/0Uwe4Z6sVxPLjQ

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/data/cc.m04.minglu/mix.dex	4251	cc.m04.minglu
/data/data/cc.m04.minglu/mix.dex	4318	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/cc.m04.minglu/mix.dex --output-vdex-fd=57 --oat-fd=58 --oat-location=/data/data/cc.m04.minglu/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
/data/data/cc.m04.minglu/mix.dex	4251	cc.m04.minglu

Reads information about phone network operator.
Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	cc.m04.minglu

cc.m04.minglu
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4251
- sh -c getprop ro.yunos.version
  2⤵
  PID:4294
- getprop ro.yunos.version
  2⤵
  PID:4294
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/cc.m04.minglu/mix.dex --output-vdex-fd=57 --oat-fd=58 --oat-location=/data/data/cc.m04.minglu/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4318

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cc.m04.minglu/databases/bugly_db_legu

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/cc.m04.minglu/databases/bugly_db_legu-journal

Filesize
512B

MD5
0bfbbd82a2dc4c45f06638fa190d0633

SHA1
60c93839a8fbff21771e96419d113a4d74ca7f53

SHA256
23f75fe16f2ee63e16690273e62a9abe9ec3da20579b05bcf062dd871c1a1719

SHA512
243f19892f4c084c54437ce7bf07ca5a8cf8ce44128686675f756146acef0f11f01e6a8fd79476476b48c1a1467dceb02b6884f5a2cf1f63c0994e623254c506

Download Submit
/data/data/cc.m04.minglu/databases/bugly_db_legu-wal

Filesize
16KB

MD5
59c567fa9750dcf05d1f6f8294759c47

SHA1
c9193ac3470a7b645168e5a733bcfdaf874c0d84

SHA256
fa311cb8428e7088295d0e4fd86f9b6bdf071f14c96616bd31fd0629a1cf50a6

SHA512
1f94268688141bada3a351d846e4606211af76f6df8c37014286f55783059527d4b2ed059f533fa11e9fa1fc876eba932e4562dc6da38c55daed2595c334229a

Download Submit
/data/data/cc.m04.minglu/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/cc.m04.minglu/databases/cc/cc.db-journal

Filesize
512B

MD5
45dcc12d6fef80cf77ba4220bb3b44e8

SHA1
8c91f2babe58e9412dcdd3681d93dd5d3eb8e0a8

SHA256
a3173cfed4a724034188d0702b740b3fe35e2f9252666c2b1c0a8a217e97a33f

SHA512
9e29553cf68b574a8cd4227e260ae7653f792791b9f42b9170190f1b023a92b32ce13f814634f4e3c7299d055e924a73ffc69e514867ef2f03dcd300f3e9e203

Download Submit
/data/data/cc.m04.minglu/databases/cc/cc.db-wal

Filesize
16KB

MD5
3c0319ea82d1c3820529298e657159c3

SHA1
b2402a570c56734daaee46c9b8c6f5ad2ffea10a

SHA256
b557b5beee6ba492095ea7e8c22dfa9c5ad7849dcb90865ff166b65bea484ec4

SHA512
b5a690a0cfa73ac19cbf57a13701a4638d933ca35605ec73337b66de7afb52787f80ba8d48c6f5c23278067a754a3cc863ee8d90848da6748d00dc01b160b46a

Download Submit
/data/data/cc.m04.minglu/files/.imprint

Filesize
999B

MD5
c0dacd76ec77f1fa7c9e9bafaef43192

SHA1
34470754699ab168756a5b9bd90eec6bc264bd42

SHA256
ee80332423b5c46c8ba3dd46c5fd2cc44ca1e3a0eaccc9b552cbdbf661bed8af

SHA512
f1698e28f28a4b5a00021cb070e1e18a6237d7e8d3e39431080d546c12a903e683bb7dc2e4cbca3835e0e447e76be8a3a60351a9f21a6d8a9ef713c391757083

Download Submit
/data/data/cc.m04.minglu/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
57c5209b429c0acd254f11d5a2587cb5

SHA1
88dafe9c131dc80f96cbc036cc9d9764b9f57add

SHA256
782371f38a3e07e8038d1af3ce676e3206b24407a6b8dbd534669063662a46bc

SHA512
d5731ae90b2c399fa4482647b3ce510c60a2b38b67609c6089be55b80dac1bd6a7336b6a421c16c26c8aa57b22ac392ccb64b2da257e02643dbc73e033fc2c7a

Download Submit
/data/data/cc.m04.minglu/files/cnc3ejE6/eje3cnc

Filesize
335B

MD5
585839d66722cfd02e40cb740cccb633

SHA1
374c19200fee201b26d0153487a281a934615884

SHA256
86a9bb4985cca6c9636c4fd071bef4b70ba7b3a5eb51af869a1299dc2b1574a8

SHA512
09bbe1bf1455861fd4732f2d1945c84bac34090906ac2fab75d144c22ffcf6bc585c8209e94a2b1919c8402df53966081a1af2993e12261ae4c4ac5568667d88

Download Submit
/data/data/cc.m04.minglu/files/umeng_it.cache

Filesize
498B

MD5
62fb7b3a6036a030e85e3226194decac

SHA1
8e9a49c05c167fcbd878840219bb7f92d7444f40

SHA256
6ff31a2af19955bb8f4c8c414c2e7f88b293377645ef552d0cbb6eb10b60a0a1

SHA512
6e4ca959d95e07bcda8a3966d22e4bd41708f5abfa5e2fb4bc33b80cc8d5e42b63c174f6e09dddc1b9f520312b5e8184eb29c54b74718af7e9a9a055423a1668

Download Submit
/data/data/cc.m04.minglu/files/umeng_it.cache

Filesize
253B

MD5
dae86e8ef031aac7b5881ae953adba18

SHA1
07cffc021909d65f972af94588e1eb91469fd38c

SHA256
cf92f18af7b7917706ed19a37ece0d8d1b79f733304e1f46c3d1c8c218e64943

SHA512
a27c5ceda0552ce38f90346413b1e66c3fce35bbfa8a0f882a621c54f7496c4ea62be06b0b4665aac5f57b14cec88747655026a72ddc2d470fb715ebe07aaa8f

Download Submit
/data/data/cc.m04.minglu/mix.dex

Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit
/data/data/cc.m04.minglu/shared_prefs_ext/test_app

Filesize
24B

MD5
e017b0ae5c487e9a645187295d65415f

SHA1
e1c377ac64a63bd4ae5a084fe4bb1302c93237d6

SHA256
d8c26cd4cbd5fc8f87e29ff123fb63b12768af639082ae98f0af7ff6c491e355

SHA512
93f05f1a95fcfe1bb012fa809a24e494828e13cb9eba05dde90acc8b72e76aa9265adedcd191c0179b4171526784997aadb948103a4fa633fab9f3bd9b59965b

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
54c88ad17c093187329de479094dec0c

SHA1
bf405a893f75ca20544a264226c83e9d800bdade

SHA256
dc8d1f9d7473078bfd6af94a78fba697e9c55298c0baf2bca105bf239cbb0de2

SHA512
0a0412360e537f4070a248ee2c11b28d722b11d4e9791a96da1e875faa70ead02c140f4c98043d60609171869f8d284c27dffb78adc7f44ffef1a23684d1d593

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
381B

MD5
7630c795f687c208548bff1475f3093b

SHA1
9a34032078ef27d1b8951485b51a2645b79b9bcf

SHA256
f7a74ed1f68663e8099f066233e28481919f536f423a9086bd8483b2422dc09f

SHA512
0420dfea7e312bf93c0245ac4fc1073afd69538b721ce12d79386ecd97eab0599c32ea0f4a939a6aeb6ae649ce4b522e7e9ed5cbe44b0f50eb88e0725e2be8fb

Download Submit
/storage/emulated/0/.imei.txt

Filesize
32B

MD5
c343277557881f7c44a1c6d7a1001638

SHA1
75e2354d0472a9929c6f1abd4747aebfd95cf096

SHA256
2ddcc06809817bf1e30988448f7b02d59f5e93bef8905cc2c67a1e97f793884a

SHA512
d64fe2712f3f6d60c12d049d70f8d261ec0be5b0b0bc6e38ba254921df538d556b88c42c48498210282e4350c955bad82bfdd1a47e0fb6caa187263e104c1cfe

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads