76308c03c030e91f4451175eedb0aa91177031e48cf079983cb2b48aeb6bacb2

Analysis

max time kernel
2321125s
max time network
148s
platform
android_x64
resource
android-33-x64-arm64-20231215-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20231215-enlocale:en-usos:android-13-x64system
submitted
20/12/2023, 00:51

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

76308c03c030e91f4451175eedb0aa91177031e48cf079983cb2b48aeb6bacb2.apk
Size

26.9MB
MD5

07b19cf73c72c834cb61106f0d15cbd6
SHA1

d37396f8ebdee6c2fb7e5a0eed8d7a02c6ebcf5e
SHA256

76308c03c030e91f4451175eedb0aa91177031e48cf079983cb2b48aeb6bacb2
SHA512

c5771e5c6cca5ae250da6636633883151d03e299fa3dde94a9b6542cacd14f867ab4a2ac1c262ab5e30c51e4558e1fe38230327f65ed2554790810db9c39ab6a
SSDEEP

786432:3+vIpRK6Zb/xo9y4JJXGhLdyruvLFP0DfpGwj6AWxS:uvWh5oy4JqR5vBPIfQwuq

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.xinmang.camera.measure.altimeter

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.xinmang.camera.measure.altimeter/[email protected]	4299	com.xinmang.camera.measure.altimeter
/data/user/0/com.xinmang.camera.measure.altimeter/[email protected]!classes2.dex	4299	com.xinmang.camera.measure.altimeter

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.xinmang.camera.measure.altimeter

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.xinmang.camera.measure.altimeter

com.xinmang.camera.measure.altimeter
1⤵
- Requests cell location
- Loads dropped Dex/Jar
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4299

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.xinmang.camera.measure.altimeter/[email protected]

Filesize
5.8MB

MD5
f78a2c17bce530b6cd31228f22b9b92c

SHA1
231333e60ed22dc9734f9febfda25b696bcaf1be

SHA256
a3c836e24269225ed7c3e74e07f658f79b9b545fc433b3e9647ae11e4b32fc4f

SHA512
2a35cc82ed709a81dfa9b5e89a090030e177d7bee8d7782ea38448425c7402a6bd6feb47bc0ec05ce497479ebf8de1f37f6b333f88b75a593b28a28e388758aa

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/[email protected]!classes2.dex

Filesize
3.4MB

MD5
2156a64766a81eb438f87392d6ac7fd0

SHA1
f3136211ff5f5a66c41b9b12bd57ceb75bdd0fb4

SHA256
c2f98a44b70507479bbad529d6ead815cea8f4f8e62efdeebaa7e882597bbe2b

SHA512
4b01a644ac7128fb59ee1c5f46391d8381a4a6d78c0d56794c4d8833482d558a0773306a5aa05b43b2442da35ddd6163b9ce8a187a0c7cfb74e7d8a24a69505c

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/databases/crash_reports

Filesize
12KB

MD5
d89acee9fbf356695093f2724f643ac8

SHA1
22d2f857dfd38f9df961569715333e53fe64ee36

SHA256
4e1313b40c676cdc9653aecd74da0f6212f5d84ef960e1e8bc249811bdeb5783

SHA512
66448f754e7932dfeb98d20cddef9fe318b3a3aff17c2c47d065db78c5f830208febed67faf30a41977bc62cbd5c7a6e8205da054ff296843a75ca1b463f420d

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/databases/crash_reports-journal

Filesize
512B

MD5
70de4b17550cb578f60d62b7bed82a38

SHA1
353e0f5fc398176e9c520e8256b3b229d7f3c038

SHA256
b508913f9543c2bade331d532b54a9b15aae8e90f3d0e704ba7c79978dbee1b7

SHA512
3c8bcf7d1c0330ebbaadb83f228201b6bbbeff2f35379b061c6323ac731acc9eac3a929e6f84a835666b73e0bd53cbe372de25d4c367be413e3729e07eee6b9d

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/databases/crash_reports-journal

Filesize
8KB

MD5
2d6627b821c9460145f8b2fc28ff3003

SHA1
849fb2db2dbfc32a5a051d9235ec98936e50f5af

SHA256
8f3bae3ec7436d2df3a6fcb079e1c58e24c916405baaf7a4722d356752f92076

SHA512
f83114306fe61f08849c53c72904b427070fb4d6da0d6e310871e4b4d489ab41e46a3bd97bbba2c4e1e76b792003a6366c1d1b69ce2fcca38d0feafcf27c56bb

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/databases/google_app_measurement.db

Filesize
12KB

MD5
6d527da87c4c692e2091d953eacc7523

SHA1
1ff367e91ec7428668218c1bdc0dcb49541f40b8

SHA256
b78ed93c9a3f339ca2eeb511aa6d79e594931a0279815b239f7065dcb5f810fe

SHA512
5402292ce8d85214e91e24be0c314b41a9846e9dee8ad6ea405553bb04c2597084829a99cad810e6ca327f6fcb80bc99bd42c95f2f6a247d681eb19444d362b0

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/databases/google_app_measurement.db-journal

Filesize
512B

MD5
d4547e2c41043a337f8d8ec04d217864

SHA1
c21842e0d31326549427a7f37ad0abbaf494b27b

SHA256
716476344b36c19d49b6fbbaf49275e315697bf8b87facda241fbfa1bec27a07

SHA512
fdeb22eec2b9c91874e68273df686f6b5e0a4ab05a25bdfbded699ed9985304832591d40c9072a66f50645cdd684bcdc86dd7fc6806286ac6bf7fe4be4d069c4

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
a9e94b0ddbe763cd109bc235473563d7

SHA1
5e5434ed17827f0fa216566bd2d246db7f66147e

SHA256
e17020f6076a9e7cb181190fd47ad639f2f1a4f771fd68f866a9aa3847f7a2fe

SHA512
20b88438368d65b2c5e91648c48ebe6ce2de3a7f69593513b697a3f6482c9a064feea06aa0523f8c115bb3810747dc2a4988673d04cb0ff1250e21030f5e4259

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/databases/google_app_measurement.db-journal

Filesize
4KB

MD5
85b3254fa63cb22af5dd8f6fc4f89480

SHA1
007d5e73f022bb819ef84ca1ad04eed58cbc7646

SHA256
efc17b9d225bc8e2ffffaa6011abc2baef809d0ae07ec4365ec0250f78f2694a

SHA512
9612c04d56931d0e1777b838aaad4e8d5cb71027407b3bc290f9976842adde502824fb4e2891d3c5f1f432710b1595b023b39349cf98cd9b66b571bc2d7c9eb2

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/databases/google_app_measurement.db-journal

Filesize
8KB

MD5
30dba9331091ac494b333dca0a613011

SHA1
1c7c7eca06e923130498273a8216b59a1f81092e

SHA256
4fbd4525c62b50db9a58f63f14e4bee2ea085c1e87511cc1ea01a4a3a5cf01e1

SHA512
2397d502161dff6b43a545b243aa6d8fe822be971e8180517beb2aed83ee92a2b8677c52c20e7981a798dd15447656e218b01cecdeb8abb19b1d8e97e966b30c

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/files/.jglogs/.jg.di

Filesize
348B

MD5
3d71bea6c9f86d78e2d402c8aecc699f

SHA1
cd0c6644b6a3a6d9ed6f283066b8c6a97431c8a7

SHA256
53c17f756c28c9513e832b3dd9f3b01218c0d159d11b68477d94aea1db69f832

SHA512
6071d379e07425740ca3cc6865219cbf9377ac795a24f051c975a5ecccdbe71903a4e5cdcb3465133aa6db900c1a6c40ec3a637743bc7e135e5e19d01770b281

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/files/.jglogs/.jg.rd

Filesize
32B

MD5
455f31ee04ad3890ba07328b069d84a6

SHA1
61eb46a69597721c7ac757f6a4633b7ad1b4707f

SHA256
7e7d90d893ee9a84c744bf52d25c3579da31af1e00a8687938ea7c01328f6731

SHA512
baa03c889cc2d838daa602e1893d8f4ce87e7f2d36927c121c7baa02f6fb17a788c3e52eb40b717c86e0b0e2187f0fd43b508e574b5a5c37fe5a23e1af5d015a

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/files/.jglogs/.jg.ri

Filesize
314B

MD5
c0b7e15fd0548a4f9fd88f2f1b17b12e

SHA1
c48cbfec47b7a482e726b319a01bb15b22a60b91

SHA256
c8f996330af1d076690ce135a160fc6719c32b855060c01e28333ff58c6386cf

SHA512
32577e616e450951599e1923b2aa530d98d60c628869e6f2c3f19bd6b08303c7aff86bca0e7e00a0705f6ee42222eb6ce03c541ef63bef46fc40035f01651996

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/files/.jglogs/.jg.store

Filesize
32B

MD5
448e391c59eef34ee1defbe4dee4c41f

SHA1
df1f890987371d7d8e6963c68b787856e42bc146

SHA256
55612e17689f4bb05f27e18b4f6d06ffef92a6a8893a5cfdd3d5b99a6028b549

SHA512
ce336ce895ba861dda7da27e8869dea065eb3c3403cac55cdf1935409e5ebc95b495370f87ed7416af20af533b15615472e333ae9f2fd2713040f526835399b7

Download Submit
/data/user/0/com.xinmang.camera.measure.altimeter/files/.jiagu.lock

Filesize
27B

MD5
a7b94ec391123ce6a0227d5e0535b8f7

SHA1
2fc2aecb0664a7862274d3c2752fd46d1de27ed4

SHA256
13b277f4a5c556406fb59820834c8596eb4d8c651eaad761d3852a876711f33f

SHA512
da335b38d21cd1c07109889ee6646b0c295ba44db7640b445541906ac797910f1b4b9b371088a77fdc70752407397c851e9f8c1669681c4dbd2d9a35d7ad5276

Download Submit
/storage/emulated/0/.tcookieid

Filesize
33B

MD5
4b408ce954abc6428689c2d570955e5b

SHA1
5baf8ee7ac817ca3f2e6a223d4aee35ddc88f52d

SHA256
e65226dc53e6c135bcbf8989f1a2f810c8be81c3867f723d68d83331dee084e1

SHA512
dc798872cb23cdb990725e6f2e25bbec68d4a157b52ecc178beb06592b28c6f7fbd1174226af0300d70cfe181b013d65b121bdc6aa9caf97d39081011541d624

Download Submit
/storage/emulated/0/360/.deviceId

Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata

Filesize
32B

MD5
3f37c43e1e8b78e1ed2a4860388a6a5e

SHA1
b5c501d3cce913decb9fb7d93e6e41f140027ec0

SHA256
a19126aa6c300b4e0a87079cf1852c0f138793a2e9fc1e5f85eedf4d6a2bec80

SHA512
0f020a934bc48a0eeb6fada05d496bbb9b32eb04dfaed2f1dcf55848509a326364abfb39522be072ff97fd90b394cfef561ac9bc9544b827853cf6168ae7fbba

Download Submit