75d5451fc6c0368300d83fcb109408eeea2346245cb4a83e4ea76fcb8c8577cc

Analysis

max time kernel
2350992s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20/12/2023, 00:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

75d5451fc6c0368300d83fcb109408eeea2346245cb4a83e4ea76fcb8c8577cc.apk
Size

27.3MB
MD5

dc8be1292335a1afafcbde106a54d875
SHA1

b7589d06fe166c7cacda49738ea6f208521df88c
SHA256

75d5451fc6c0368300d83fcb109408eeea2346245cb4a83e4ea76fcb8c8577cc
SHA512

72989ffc57b7016fcaa28ae7d2b65bf00168e2bef6784e0bc2ef58f35a3ada8434c5e62b30cb9e38152cf28cee54fb772716e25ca515b33e239aea69a618d1e5
SSDEEP

786432:tEMy2j1t8DMMlfqgP4bEvgXATGdaAqNbr0J06:I2j1RMlC8tgXV9qNbrx6

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 5 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/data/com.organic.youyuanyoujimall.org/.jiagu/classes.dex	4252	com.organic.youyuanyoujimall.org
/data/data/com.organic.youyuanyoujimall.org/.jiagu/classes.dex!classes2.dex	4252	com.organic.youyuanyoujimall.org
/data/data/com.organic.youyuanyoujimall.org/.jiagu/tmp.dex	4252	com.organic.youyuanyoujimall.org
/data/data/com.organic.youyuanyoujimall.org/.jiagu/tmp.dex	4302	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.organic.youyuanyoujimall.org/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.organic.youyuanyoujimall.org/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.organic.youyuanyoujimall.org/.jiagu/tmp.dex	4252	com.organic.youyuanyoujimall.org

com.organic.youyuanyoujimall.org
1⤵
- Loads dropped Dex/Jar
PID:4252
- chmod 755 /data/data/com.organic.youyuanyoujimall.org/.jiagu/libjiagu.so
  2⤵
  PID:4278
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.organic.youyuanyoujimall.org/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.organic.youyuanyoujimall.org/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4302

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.organic.youyuanyoujimall.org/.jiagu/classes.dex

Filesize
3.7MB

MD5
5a1f6b7b115148bf233d8171e0150e3e

SHA1
0b2e1d7f09df3c9aa14ef67be73ae2042a95ee80

SHA256
d059b03246ecfff653b9dc471bad2b05d442519bf61693e7377cf9e692139b00

SHA512
87c7e7ecb04c553c9dba1b041c0a8965cbfc6de08f66c2e93c83b2b39d338e5f56feddf5813d86161a1cc1009088aec9f8d690f0278676483f32d6e6fc1b0473

Download Submit
/data/data/com.organic.youyuanyoujimall.org/.jiagu/classes.dex

Filesize
5.7MB

MD5
95181dc6efd5b3fc51d2ba43b9313378

SHA1
ea8b0d621149c4b11fe017a553ad6523f0b7987b

SHA256
15012c4fe911fc88ec428e55ae42d7f83fa82691accc2cdc3f33c9509c0f8a69

SHA512
975f5f3408852adb0c3596f34bc9e42f5a4b4578a0a5f2c178701559ca23fb008c299f20fb7a481101d10980b6971ae83f8deec0e4f4c50744036189ca9b8097

Download Submit
/data/data/com.organic.youyuanyoujimall.org/.jiagu/classes.dex!classes2.dex

Filesize
3.5MB

MD5
a24150bddc043feda9439acfac516f69

SHA1
75b3d33ac9da8494128b8cbd465278b7ad24ad4b

SHA256
6447f8e910bb77f9125efc9503a7af21d562722ff9f0d7393f6adfc47972032b

SHA512
3a72f4e28ddf05bbefb50707cbb57d6bf6a3bc3862b5e198f0c21138ce49dbafa3edcb8b243b76cb733fc52faa3132544c1681e823b5100e479a1bb45d89f28c

Download Submit
/data/data/com.organic.youyuanyoujimall.org/.jiagu/libjiagu.so

Filesize
455KB

MD5
e5a53000766ebc433b27d6a66ec4f555

SHA1
2c8f53f1c03aec2005bcad67d731f07261dabde0

SHA256
78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

SHA512
370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

Download Submit
/data/data/com.organic.youyuanyoujimall.org/.jiagu/tmp.dex

Filesize
284B

MD5
f1771b68f5f9b168b79ff59ae2daabe4

SHA1
0df6a835559f5c99670214a12700e7d8c28e5a42

SHA256
9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

SHA512
dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads