9562b63f2a35decfeff1277d31d97e62531f787760577a1deab86f506882efc9

Analysis

max time kernel
2206819s
max time network
157s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
19-12-2023 15:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5236e9578f69a043ec568f1d81732a2b.apk
Size

12.9MB
MD5

5236e9578f69a043ec568f1d81732a2b
SHA1

63a2c6ab8480a9233f9dc0bb353625d23b0f2457
SHA256

9562b63f2a35decfeff1277d31d97e62531f787760577a1deab86f506882efc9
SHA512

9433d49c7a817d7f1834292fca010cab85db3146ec3805e14cfeeec07aa9719dc1b692a66d5f432cba25db38ccd980695d8e99e704226ab0c5c7b40643207c3c
SSDEEP

393216:At/g0mFRAbz0Vne8mMzSWtbe0Yp+Mfe/Lwyv60GQ2jvo2:At/g0mvAqXZJbe0Yp5eDlv60GQf2

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 9 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/data/com.DGDSbt20190601/.jiagu/classes.dex	4249	com.DGDSbt20190601
/data/data/com.DGDSbt20190601/.jiagu/classes.dex!classes2.dex	4249	com.DGDSbt20190601
/data/data/com.DGDSbt20190601/.jiagu/tmp.dex	4249	com.DGDSbt20190601
/data/data/com.DGDSbt20190601/.jiagu/tmp.dex	4280	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.DGDSbt20190601/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.DGDSbt20190601/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.DGDSbt20190601/.jiagu/tmp.dex	4249	com.DGDSbt20190601
/data/data/com.DGDSbt20190601/.jiagu/classes.dex	4338	com.DGDSbt20190601:pushcore
/data/data/com.DGDSbt20190601/.jiagu/classes.dex!classes2.dex	4338	com.DGDSbt20190601:pushcore
/data/data/com.DGDSbt20190601/.jiagu/tmp.dex	4338	com.DGDSbt20190601:pushcore
/data/data/com.DGDSbt20190601/.jiagu/tmp.dex	4338	com.DGDSbt20190601:pushcore

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.DGDSbt20190601:pushcore

com.DGDSbt20190601
1⤵
- Loads dropped Dex/Jar
PID:4249
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.DGDSbt20190601/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.DGDSbt20190601/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4280

com.DGDSbt20190601:pushcore
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4338

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.DGDSbt20190601/.jiagu/classes.dex

Filesize
7.1MB

MD5
c5d8cdcb19d4e48912783779c0df8dcd

SHA1
e83eda287e975098d73dedc2ba4d9ad2df59690d

SHA256
fba585f716a069ae95527927155da5280122cc73aad462bbe4dcf486e1292eb9

SHA512
5daa2241c4e6f8ee287604d78d78d8a7a421b4999ec83a307a7b24b455f34ae9a77ccd6c55866f535b4c05cc42ae00c8c77efb78a5d8eb210e8a53c0e29a59aa

Download Submit
/data/data/com.DGDSbt20190601/.jiagu/classes.dex!classes2.dex

Filesize
6.8MB

MD5
7866b5a670ea87fac6ebab21b71916e6

SHA1
6e817ea1e737bf5ded715f22cc83967ba4721c60

SHA256
0e143255bf50484d845f8abd1117af018fe9ba9773f92a75dacc6829db85c628

SHA512
aba97d1e211832f18f3f2e3268e6c3fb376181b922c4215747c3e6f01936f7c6124f9bda9e5ff9f9d07d5bef6cd0956bb1d17f75159b1ce95d6380514eca2246

Download Submit
/data/data/com.DGDSbt20190601/.jiagu/libjiagu.so

Filesize
482KB

MD5
f380717bd1e3916c7b697fab8d46c5d8

SHA1
04f51f0d16097214e38be517d93be44cb0603a88

SHA256
8455632be7bacb221468c4daab2f9b5ee33739f08b22244ff81a36a02bec36cc

SHA512
b78fe11f77d2c0ec5b36850e8cc3b955661b31641405233c8842b91205e44dc16a30d7fc1ef18dde1b066c1b98959ae9c18be5472413d2b398b7ab6a6b52c07e

Download Submit
/data/data/com.DGDSbt20190601/.jiagu/tmp.dex

Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit
/data/data/com.DGDSbt20190601/app_crashrecord/1004

Filesize
227B

MD5
fc5efc2b3d4fc5c51053ec5cd6883e61

SHA1
17ba5aaca8c6d449a4b80c7987198c71b94ed91c

SHA256
4187ccf785cb6d03a207fba2d05e0c70af278e6f3cbcaa015af1e2661f8e5153

SHA512
389c8a3ec3a6035d865e9df70cf73df0a352687f78a2cd68ab47554b574db796b25e80d93764b9496f5915ba59bce4eca44a5924571f57c21410f98a6131ebfa

Download Submit
/data/data/com.DGDSbt20190601/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.DGDSbt20190601/databases/bugly_db_

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.DGDSbt20190601/databases/bugly_db_-journal

Filesize
512B

MD5
ce7e0c407af2a25be58e39ecbf1ff427

SHA1
74742d3f64618d005b0b3250f75fea2418161168

SHA256
4ade8407fb89df2d1f0ea61d287bdc95993bed08d891a1a8580e2e7070ad92d1

SHA512
b2bed0c477e8e18dcb111d6e6ceb09f6479e8fd4371116473243b3cae10c7653427bfe6df2e5852f5202683d9bbad95f5e72a545b1d3c93fbdc688f76cf0fff9

Download Submit
/data/data/com.DGDSbt20190601/databases/bugly_db_-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.DGDSbt20190601/databases/bugly_db_-wal

Filesize
16KB

MD5
3b5e1415a75308d9e98bdce26a38d116

SHA1
78c2514ff181a78ca2f7feccf0f5019380788199

SHA256
7256c45c5e107db03a6cbe2cc6e70d46a1f69cbdd86dd89b8d90bf4525c08e50

SHA512
bd90600eae4c885959399f3ea6b771aa418d6ff6121ec881fe842e36518e1a695fefb086790e5879b9633ada42e661d251c2f8685a24ab7429f88afb3a7b15dc

Download Submit
/data/data/com.DGDSbt20190601/files/.jglogs/.jg.ac

Filesize
32B

MD5
f6e7ef72acabbf7c7fe6dfe30d35ce27

SHA1
8b18ff3dc895efcce77378d7812be03ddf694936

SHA256
13ef56d8ae48d1852f3e4e6508f013ea4115356aeb4dab7e6a083637642388b5

SHA512
cb505cf25ba9b79d32ce09763786074c523cd084983d79ae0609ff9c6eb27624ab76a230e58885437b7a0c6c61e4f0d7346d3701b7e419134d2a30891f445a75

Download Submit
/data/data/com.DGDSbt20190601/files/.jglogs/.jg.di

Filesize
340B

MD5
94eaa277ce28337b08faecaff7e3d929

SHA1
c04557feff71e287735e3f283a4d8de50afc82d2

SHA256
d0a2fc0f44545106b32e3eec78a0f86c02db1634490756a7bf5c5676cd09b084

SHA512
0dcc5c5f91696e3c298e68a6b839625208a50c08ce4952eacd5d67f3d092c3be77accb9971d47744c1dcd289b91bec6ca2d9f5173a9db091ade558480103b125

Download Submit
/data/data/com.DGDSbt20190601/files/.jglogs/.jg.ic

Filesize
32B

MD5
7bf9b320902a547db56c959583c8dace

SHA1
e59c0e46fe9d0dd6ee76354dce94d028eeda4094

SHA256
609e32f2cf12e27dbbcb864d33f308d59bb67b7466904dda9ca448b6b573598b

SHA512
6ed4c119a469d238f9ca9467c5799d08a743e0d42e65fb470de52c47107765d2b415f141bb46fddb95030e820b20a706256dd9c5ca8dff6c8471e06145113d0c

Download Submit
/data/data/com.DGDSbt20190601/files/.jglogs/.jg.rd

Filesize
73B

MD5
0aa07f375061425166e82b26abcd5f87

SHA1
3187ffa42a0460d2b5947c7cdf19bf0cf7bea169

SHA256
b4645ee7a420fa3172fda893533b257b266677b6632d459e08e0b7c2d912269c

SHA512
c150ea2a8a41ae94d518f44e8cb8c728cddd1d11eca103f92e7514cae7a5200a0286140864b70d570b75778bc1360225c585811fc20a25c9176a925300af9e26

Download Submit
/data/data/com.DGDSbt20190601/files/.jglogs/.jg.ri

Filesize
314B

MD5
f3c1c3e63c0aed4e7457ea25d35cc381

SHA1
1a67e09f95ae5c0bd91d0dcfe60efb7698b6a5fc

SHA256
18488f11bf71e88e81204b007aee8fa40134ea52ab2e1681f2ee992803c80e52

SHA512
c5ba5c593b4cbf47024a75998a0925454944b7ed71766c87e4defff13a907b6f3d5f963013896294552eafb631de9b866609b0f4d236b411e989f3112c5eedbf

Download Submit
/data/data/com.DGDSbt20190601/files/.jglogs/.jg.store

Filesize
32B

MD5
448e391c59eef34ee1defbe4dee4c41f

SHA1
df1f890987371d7d8e6963c68b787856e42bc146

SHA256
55612e17689f4bb05f27e18b4f6d06ffef92a6a8893a5cfdd3d5b99a6028b549

SHA512
ce336ce895ba861dda7da27e8869dea065eb3c3403cac55cdf1935409e5ebc95b495370f87ed7416af20af533b15615472e333ae9f2fd2713040f526835399b7

Download Submit
/data/data/com.DGDSbt20190601/files/.jiagu.lock

Filesize
27B

MD5
0edba4728454abcc0c2e2e25ba56e0a9

SHA1
727d8b4f95adedd3e3723a6f1d2ef6a3180088dc

SHA256
07c0f78c275be8fe5b6b64115e6fb765c3f3761f01ffd5df56d415edff5e5502

SHA512
9c0c9566ce407e5e28424c7a3b7b17afd0df4941c2cd78cbf02ae8e9bb9e3e41e1adc289589b85c6bbbb4947d39361095e968994c3a356280174d5105968f408

Download Submit
/data/data/com.DGDSbt20190601/files/jpush_stat_history_pushcore/normal/nowrap/bb2ad96d-b599-4ccb-9b69-9784d9888ab2

Filesize
202B

MD5
d16eb1344def218f91589693a0e36c17

SHA1
24fd503c7e842c6f3df9bfcac1316325be5fe500

SHA256
2a4f83e2f0f10223eef0e32c9e6fc6ae8deeec1184a0c9e895d4d721eafb8176

SHA512
f1433a9f8c11a945948a2521beb2f6965e02d42cf98dd0002313d78e0014567ec0df55c878c8764d2eedac193053df729758eb9a6a87fe7342bddbeb040deca6

Download Submit
/storage/emulated/0/360/.deviceId

Filesize
48B

MD5
1d8d16c4e3b19ebf18988530d9b9a757

SHA1
bc94c1cce05cd848a53271ecb9c5311e27ffebf5

SHA256
abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

SHA512
4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

Download Submit
/storage/emulated/0/360/.iddata

Filesize
32B

MD5
59c529f6be09edec6c71c81359ea2952

SHA1
316d1e7f1d8fef4509cb11b9a83824cdf96a13cd

SHA256
c6433f19d583fdff4a08d01531451add561bc74d393e3f12aa92e97615c60a1a

SHA512
b3cea394b9b619bc12f9303ebe0024908f4dcbd65e1ffc7c42b898d70dab6a4f037a1463d92296e89a191fcd2b53f232d24e0cee66a9f29b279fe5338670ebe8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads