fbf03b43724bc39fa1fdd28e15f7ca1556d9c561dcf2cc7dd25a3f13aaab47d5

Analysis

max time kernel
2207285s
max time network
134s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
19/12/2023, 15:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

55b815c4fbf2d56d0b1179b5375fe4cf.apk
Size

7.3MB
MD5

55b815c4fbf2d56d0b1179b5375fe4cf
SHA1

07a7871921c263f1b1724229ec24e968bffecd70
SHA256

fbf03b43724bc39fa1fdd28e15f7ca1556d9c561dcf2cc7dd25a3f13aaab47d5
SHA512

90d16a92a91f36104df733ed0204bbc46734130c377dc86982c02efcfc96a8d84a1f67a6b99fac383aaa973e223248b9914f8dbbbc645103c1450cb869244cf6
SSDEEP

196608:oSsLa3DUbszu1DYBBzGW3BAWQpR3r679a3SCzo1Eqy5nz8+CGudk:0nIu1U1xBqpl+79YoTGrCGudk

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.annlover.ch.core/files/__pasys_remote_banner.jar	4321	/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/user/0/com.annlover.ch.core/files/__pasys_remote_banner.jar --output-vdex-fd=77 --oat-fd=78 --oat-location=/data/user/0/com.annlover.ch.core/files/oat/x86/__pasys_remote_banner.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.annlover.ch.core/files/__pasys_remote_banner.jar	4245	com.annlover.ch.core

Reads information about phone network operator.

com.annlover.ch.core
1⤵
- Loads dropped Dex/Jar
PID:4245
- /system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/user/0/com.annlover.ch.core/files/__pasys_remote_banner.jar --output-vdex-fd=77 --oat-fd=78 --oat-location=/data/user/0/com.annlover.ch.core/files/oat/x86/__pasys_remote_banner.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4321

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.annlover.ch.core/databases/com.annlover.app.missions

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.annlover.ch.core/databases/com.annlover.app.missions-journal

Filesize
512B

MD5
832714036c1ab40c67522daf9e07a551

SHA1
82b51401671972ddcf62787f0390b9292cef3ea7

SHA256
562f18b12ef54a6bf62e6d8eb2ab9c1142cbeab759bed7b2ce8cec0c7ff1c09a

SHA512
f181f46f3ccd338c35398fe3967ef7eaa59c710567f9be33e8d2c23aa838acd7e720ac4a09e8b5b8b7dad95af8ec794cfc70147c6c4d2a208417c5d3ae1797c2

Download Submit
/data/data/com.annlover.ch.core/databases/com.annlover.app.missions-wal

Filesize
88KB

MD5
4f956ba7a5e3f0d5fb2c80d51ba0eaa2

SHA1
522b2dbd4e070bca9598daacb41ec1db4b9a2e16

SHA256
0df4011599ef907e1d84c2806f9103aa50fa4a1e77f248d5b7d9387799260b50

SHA512
3d13cd673c80fb8fda1b527429b6739a9e8924425c3dd633622597a5956cf188405ce70d9435bd54ca69f228fa5c38c39f950706c82f0f9d98e1c43376857b76

Download Submit
/data/data/com.annlover.ch.core/files/__pasys_remote_banner.tmp.jar

Filesize
248KB

MD5
c31999f04bd8f06eb46463d6377ced9e

SHA1
ebf3f0520b2869d35b0a9e51a293f748dbcadd98

SHA256
fc9323eb899f392d38dee1e26e29d3e3d41b0f61fae809be9aba1c8be7b9c004

SHA512
4fb1a002f4c75b59274921fc9c2c1153019eee4ec6111b473aaf64ef5dd0fff6b26c744ea5583e41205e4d24cb3a8e8e9c58c0dc07bd8736dee8e14940660f91

Download Submit
/data/data/com.annlover.ch.core/files/mobclick_agent_cached_com.annlover.ch.core

Filesize
120B

MD5
88319f8a6b1a4680f091f3339e363b7a

SHA1
79b23299db936e7d1b2d113085104f0dae296f25

SHA256
2c21da95f54130d9002f1d85cf87bcaa7c98a7eb94df011eefd662c509068fa2

SHA512
ab740797c71bab593f9bedc2db140589aae9f4eaa386a955b0c729684c6c5599ebbed9a08fef0cef2c630443008569cdc4125b06b067f2ca4a8fc2f95f2dd35e

Download Submit
/data/user/0/com.annlover.ch.core/files/__pasys_remote_banner.jar

Filesize
375KB

MD5
fec2de346cfb5ce2347d36e1a3e51680

SHA1
7fd2106ad90c290e9dfdf8f67a64ce7a094ca4a6

SHA256
1a02b6d581357bef05f833d94ecc92c8bbc411956ff7076fe4a703d63b54b004

SHA512
7d091a36e9a09bcf15b73361ef72eba4f9eff7e0d881109b757e2843dd18f13e71e48a64dcc2336695b538dfddc0927ea8f4b0b63a30cc55d27eff3f55b06da7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads