6f77ec9fc29c990cd4afb2db556529bde69d35c7a1a3a494a53b759ffbdf505e

Analysis

max time kernel
2259126s
max time network
148s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
19-12-2023 23:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6f77ec9fc29c990cd4afb2db556529bde69d35c7a1a3a494a53b759ffbdf505e.apk
Size

15.2MB
MD5

7c70e49d23db69d220ce4e33e77482db
SHA1

2c7acdf6b90f7149cc42815eb903de7e1e012f5c
SHA256

6f77ec9fc29c990cd4afb2db556529bde69d35c7a1a3a494a53b759ffbdf505e
SHA512

396f71cc9be581ab2548863ba44d1c4a372a82e3ad5479b47639f13bd00696eb001f9c72c5700105862d34c26f1dc4ca52a6dd338b43e5c6d2e7b9bca337b1d5
SSDEEP

393216:MxV91KlhcOZS6K3xwuKxAJfKkYzzYAMmg9GoD67lkXrs7NOg:SV9Yl6MjK3xZJ1096GoA84Z9

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/data/com.che30s/mix.dex	4987	com.che30s
/data/data/com.che30s/mix.dex	4987	com.che30s

Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.che30s

com.che30s
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4987

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.che30s/app_bugly/rqd_record.eup

Filesize
329B

MD5
998314c8a1d330373137cd4dab72776d

SHA1
58e430de3a5eafeab6658950fd4799517e1f1e11

SHA256
542e84d3cb53b2c4911658ebc95bf5342a1ce002d4438806d7178fb4d4c27d1a

SHA512
9ffbff1427348610c85ad3b263de259a8cb6c3b712a32fcb04b5b9c2bdde4380ca9bc6a355f0ab5bfa29f6c588683ad60906dd1b3d4c5856f7e99e89e8e5057b

Download Submit
/data/data/com.che30s/app_bugly/rqd_record.eup

Filesize
1KB

MD5
637aebcbe92a18685661cf342b3bb2d6

SHA1
a48a4bf100e2f2defe916f071caf074c6c8061a4

SHA256
3e00a0dadefa43a03e46c05a63309d733013eae9537f757d8310c48245c9bbf9

SHA512
2d23fd4cf66bb34058ea07704d0e804fd7612b8aaa2a0fe3248b08de4cf218168d998cc4e30af65324fcf855f72cb4fb8d3a9e184231517082b1d477fc56920d

Download Submit
/data/data/com.che30s/app_bugly/tomb_170306616830.txt

Filesize
56B

MD5
bd0f8f8f3ad93fa07623422ec6e72003

SHA1
c3589295e7a4ddcf35bcd7a2c13bfd381783821a

SHA256
7fe875398dea7537a57a77c5275cbc8647aaf63ab6fd9148443b65df2e1d0647

SHA512
2ec3e073321262b667afbf98fe4e9f51e4c0c58baaad506b120239031f10699d699b94470bef13007bd6199df3d3b03f1eaf147c0cba5178aee7e267072b1c0b

Download Submit
/data/data/com.che30s/databases/bugly_db_legu

Filesize
60KB

MD5
48d6ae68dc96326f43a5709f1861dbeb

SHA1
4e00cb7e8371e9c7dec396b3d01f7898029995eb

SHA256
7382186f33ae7258a19cc924563a049c5ca1ce8490ac929188525031fa1bc809

SHA512
7bb5e2fc0d111eeeea048acb41b105f2a285a3afc48ab6c01ce90097605dd46bf187c1c7e962b16e1f23cb04f19bf936782f083fef44ed2978757c93f59662ac

Download Submit
/data/data/com.che30s/databases/bugly_db_legu-journal

Filesize
12KB

MD5
f34a2afa75c802684410ff6c5279506f

SHA1
8d8fe1a8a8f36fb35855f9bea72559d34a77bb26

SHA256
cacb05c232a3020fd3a9e5d0f2f8648dc83f74cee3f617c0af273f22f4c46329

SHA512
9151bd77f78eb06fc1d19471317e42ee8265bf1efd7d854229a190ba0ee0f44abfdd706ae83db4d0b39409484b16432390492a91b5b9fb1c1871c60362b4b96e

Download Submit
/data/data/com.che30s/databases/bugly_db_legu-journal

Filesize
512B

MD5
5749faa28cc09b27eb19e7e106c084cf

SHA1
61aaa4824ea686af5c9fb4537ffe472fd2853f29

SHA256
81f03f0e11f35c5386a5077c414729704c4b5cfe41f7f2f88018ecd850a87983

SHA512
d439014135344bbd2acdfd2a67978ff35c0d6e9e1a2a7d82cfbebd20bfa688eda36d922e235d255e1628b8b3f005fa0dd4033de394e1b12af6f9b9dc8cd25c2c

Download Submit
/data/data/com.che30s/databases/bugly_db_legu-journal

Filesize
8KB

MD5
c2d32282b5b16381602410aa210c2744

SHA1
ef0375bd13b455a6faba2e1e2dfeeea7ac85bd85

SHA256
51adf6b037ad94868423063025cbf756f931cf5d7bdb9b23d95c78c6d9682401

SHA512
ce3b793fcfeb12c5fe1712065d8acbcc880b6a468bfff32822411b06726ba4abc6af43ed40cd9b027406c5d77f90c76a65872535609b1d5fcb13783d40d9a0b0

Download Submit
/data/data/com.che30s/databases/bugly_db_legu-journal

Filesize
8KB

MD5
900e040b7c5968921b0714a8f1075f75

SHA1
7433138bd3bfe737f6d62db5538ca5e063622b8c

SHA256
80597c636eefd24f7e02c5ab191dddb81041f718a174ab10c5ff311a9bcbdc6e

SHA512
a2617a5eca2981cbb741ae01d32253669ae71a914bb8c53c5e13c7382a02c1f4358e7dc9fe4466f7ede2462312c3e9e383ff512ec87294e518f9c11d13e97b7b

Download Submit
/data/data/com.che30s/databases/bugly_db_legu-journal

Filesize
8KB

MD5
fb1503b6c7773d306c440704f740278b

SHA1
b39535e54a70770d792c036cf9ebd7671900f34c

SHA256
dc70b8d522604b7af9d0c2eef83c17039fe9fc2b453c9f7cb314a6086e0b4ba2

SHA512
68cd951a806a963f67248975da43ba096a17cf75eb2dc993ef645e6f39e50ed35c69f32ca384c8c9238e3088553202f66e9c1d0afe17036b1c747c611d0ce5de

Download Submit
/data/data/com.che30s/databases/bugly_db_legu-journal

Filesize
12KB

MD5
b2f3b3ef5d224935d228220a5ee5967f

SHA1
3558f94161658806acb032e902a9508b955ce930

SHA256
c4ed1d08c655070929959ac39e15c789b6dd59392c78b623599007205e3ab3bf

SHA512
ec7f73cf3d18168ab403151ebf4aa45c5734cca71c3f5fb2b7232bce57f8cc20beac16d6fbf021bb3991f637868892925a8be61686a37c479cc2c3a3d0036d93

Download Submit
/data/data/com.che30s/mix.dex

Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads