Overview

overview

8

Static

static

6

708178bc76...df.apk

android-9-x86

8

708178bc76...df.apk

android-10-x64

8

708178bc76...df.apk

android-11-x64

8

gdtadv2.apk

android-9-x86

Analysis

  • max time kernel
    2319645s
  • max time network
    148s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20-12-2023 00:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    708178bc763762b9cb35d0a8885ac5c43e751815564b137a26d4b230c91b9ddf.apk

  • Size

    5.9MB

  • MD5

    b7f7ec7b04a14cf5a8bcbf64651f6239

  • SHA1

    c12d97a4f80faff6f7498434b6c532450c533afc

  • SHA256

    708178bc763762b9cb35d0a8885ac5c43e751815564b137a26d4b230c91b9ddf

  • SHA512

    e1b1d7bea749fcea749a1437a43bd8f24d05b2eef53d094fc8db55ac27bdfc0e4b193c0feec2843068865b990f553d7ff79b80bc3cc8ff8d6640ab159e6ed9a4

  • SSDEEP

    98304:8Fv+iHKtSoZGMAOZMbyRzltMnu1XcdwwVLmRTmL+asZ/XyyM91lRjhIEMKObtM9V:CWiqXK52plmRvIRTmaUWEitM/

Score
8/10
evasion

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.ants.avatar
    1⤵
    • Requests cell location
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4259
    • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
      2⤵
        PID:4356

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.ants.avatar/databases/ua.db
      Filesize

      36KB

      MD5

      0adda9c85a5e4808f5b1b74c0a8591a5

      SHA1

      5048107883ab1e345af9cf2e6849ce46e0e612bf

      SHA256

      1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1

      SHA512

      646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1

      Download Submit

    • /data/data/com.ants.avatar/databases/ua.db
      Filesize

      16KB

      MD5

      140dfefd38af87f503baacc5c998ad0f

      SHA1

      380b49a5dff0b3689fb1652a822fa10da988d37e

      SHA256

      d644a14f5d3e329265fb8deccaa44647031c60d0363b6ce056cd66e7461dddfa

      SHA512

      3d7c9629722dae7ab079538fd3c52f0c025e5eaae836f679a133433a3b49da178e2da6ed0c6c06bdced2f28bc016eb9f1657a7fb8e6e0191a1ae87a1c2d059bc

      Download Submit

    • /data/data/com.ants.avatar/databases/ua.db
      Filesize

      16KB

      MD5

      f47947fc116be41baf4e29a5fa8b8029

      SHA1

      a5326846489168c2dbc4b5cb9a66f0a6fdc4c36f

      SHA256

      03f6d587e151ed96fae8947326fad3711893c5dab66d66d6fe24b06cde41aece

      SHA512

      8f31f20986ec80137c256664eac3ed1af80f164d3c4825fb68333a8c61997003273296c733cb2bab76a9efad7c82786e09af1da887d9ce24ee6ab19aa67cecac

      Download Submit

    • /data/data/com.ants.avatar/databases/ua.db
      Filesize

      24KB

      MD5

      229a72fe11f84a0bc8bf0058b17d8c76

      SHA1

      62aa19d06b28e4a1c14a4b6df7e8b4c6616f03b5

      SHA256

      1f0470318faccb20dbc7cef2225c9e0a548f5b0e02aec849055fabf1493fd3d5

      SHA512

      ce8d1f03052b764bc7867f21e9ea364b68d910a698e58aa6461f83aa8beed9336c0fc6622b980892401bfca6f9616a28d5c4ed3b03911edd965fde636255a4c9

      Download Submit

    • /data/data/com.ants.avatar/databases/ua.db-journal
      Filesize

      512B

      MD5

      0a3a4afb9ca928a4506a86da067acdfc

      SHA1

      f384807e60e9a18678e75f80103ba55450a89b69

      SHA256

      3b176c3fa4eeaba3ba3ebaa2b16c10fdc15c81614163470a3f7d464c11719b77

      SHA512

      fb31e4c252b6b450ab509737716a0816ce7b1407fd1c484b0af710a7473483d70b930ca66c7f193db1b89a8ce0832bcaa8551ed5b46f4491e699bdf293a182f5

      Download Submit

    • /data/data/com.ants.avatar/databases/ua.db-shm
      Filesize

      28KB

      MD5

      cf845a781c107ec1346e849c9dd1b7e8

      SHA1

      b44ccc7f7d519352422e59ee8b0bdbac881768a7

      SHA256

      18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

      SHA512

      4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

      Download Submit

    • /data/data/com.ants.avatar/databases/ua.db-wal
      Filesize

      4KB

      MD5

      52c0787b4f3081b5941f2c6b40f4b68f

      SHA1

      4fa6bf1b4567b1c140c147e0608dd54b728e6c1f

      SHA256

      4c714d43e66eb89eaa5175710bb02ff3a81421103ad257c74e1abc7d5eccbbfa

      SHA512

      08798385cdc4d31b17c34379cb486c49b7ee44c31f86a725e1dbb8c2ed8da05524f79bd0308c1811486472d339250a310b8cbf982326c27a767b9e29085d9a26

      Download Submit

    • /data/data/com.ants.avatar/databases/ua.db-wal
      Filesize

      4KB

      MD5

      bc9257360adfac972a934b9a09bd3b5d

      SHA1

      962ee39f99b761fb038f56d92c6b2d2b000d3120

      SHA256

      345e515eb5532acfeb22807b3f9239e3c67714b924cc0e8b4f0dd37f5f536eca

      SHA512

      787b80aad14122768c2524f233c2a94f12da3060529479b1d7c5f8545b2e60e0bbed890ff787bacdd5452b75514e5117755e23ca1b441329e41560830db9dbc9

      Download Submit

    • /data/data/com.ants.avatar/databases/ua.db-wal
      Filesize

      48KB

      MD5

      414906a6db4adef8cb53da07aed1208f

      SHA1

      d63ea8b4ceafc38a5badf50018094647f7955abe

      SHA256

      7fe4e98dd50adbdf5a54506a316831bd2f786fe14b1e25b3e44b05c48aa11430

      SHA512

      90a9649b87f9d6c12c0420736092d45ac5596ec8d739086ac944ed4b4f0c3db2bc41091899fb930c6f00d7c3c621822c1cbc745b373c587943fe17de6ac112df

      Download Submit

    • /data/data/com.ants.avatar/databases/ua.db-wal
      Filesize

      12KB

      MD5

      3da246fd483385252a24270423aab1df

      SHA1

      4612d93e176c6cf888013f09c5e33510a316bd2b

      SHA256

      986f0f2cfcba557220a9f59cc2da715edf145d69550044908cc1be6d1433ae76

      SHA512

      704917978adbd61e3787e7d3f28d3f4e1c3c585a5d22d492432a3145e7f690dd20687d2da2a2e81d1c9be30b2eca01b1f3e28d5610ed8e52e963270c9a969e50

      Download Submit

    • /data/data/com.ants.avatar/files/.envelope/a==7.4.4&&3.1.3_1703126557397_envelope.log
      Filesize

      1KB

      MD5

      027a8f5f0c8fd3f4a3f1b1130b65f67b

      SHA1

      dedd7d6b315c0f583e674832c39e497cdfd6e7a8

      SHA256

      31be70ae8aa64015e2105cce16980a58002caca92e65bd1176d332a4023c31d3

      SHA512

      a9a3f6cf4a97c974b0813b93ecbee6238b2cfe334f4d05ec43fb0024169cd9c810995e9c78d48db7d87e03b080a46e71c4176fca18745230761c2f2f048352dc

      Download Submit

    • /data/data/com.ants.avatar/files/.envelope/i==1.2.0&&3.1.3_1703126559112_envelope.log
      Filesize

      2KB

      MD5

      adf99740ccac21066795e295cc5565f8

      SHA1

      0ae736816d8d64d6a7149c0cc994cf56b93fb154

      SHA256

      8a2e5c490d117e5a451e9b104c97a885e76917c35c4e81f14fee7f63cc042cfe

      SHA512

      8665d6f9f268d3950725199177af32e7b0b31f250024a112991e01357125e58b6c4c29838882602f0af9a2d0669f0a31c3f25e774a88887dd77f74f245d05374

      Download Submit

    • /data/data/com.ants.avatar/files/.umeng/exchangeIdentity.json
      Filesize

      162B

      MD5

      94f8d7307280a5b3abea6f1a189b14a0

      SHA1

      0a54c502e067909f309a8efa4016c12817fb7f7f

      SHA256

      25786daa1a0eb15b72ca955d22965cfc05e2a06b9a9dcf3dbe0edd1baf6e21c9

      SHA512

      bc2b70f7cfc6df16685b89a53ff381240a71f920bfcbdf2ed8aa0179333bad8e9d4893c354f6c8b995ba3cd83ff5bc736f708e6b4e358856f8a65802618fb3b3

      Download Submit

    • /data/data/com.ants.avatar/files/exid.dat
      Filesize

      55B

      MD5

      cfe5d688735d37d61596d68974bcbba3

      SHA1

      b8431b44ffc16f2f91009ffd4b2916b23db230c2

      SHA256

      bd14d54862acf490503145125f33ad69cdb9a843b3516a006cf5907d22a59509

      SHA512

      fe9dbfe6ac871793e07f7e8e3dde62c3b0fbda840cda70c7c4cc1a732bb30d49894d057634c29e48d7411d55b6a08b13bcaef8678d3de821aa21e87bb7942915

      Download Submit

    • /data/data/com.ants.avatar/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzMTI2NTU3MDI0

      Filesize

      1KB

      MD5

      a74c2145d98c5a243cbc787a0fbcec24

      SHA1

      50e45bdbf345249b87fe1bfa028b34902d6b33f4

      SHA256

      5097c10f1bbfcd646642cf140b17579fb5de84c5660cc531b56e8e6f8ef54d74

      SHA512

      2fdb224115dc429a9a7f00ac7f53c53965ce77f0aed53f0c77bc624a5a3c0a4ef9cad59aa522273823b27ab459257041445eacb8c4d36a6bf7e0180aa1457e99

      Download Submit

    • /data/data/com.ants.avatar/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzMTI2NTg3MzM1

      Filesize

      1KB

      MD5

      2bb052fc3a35955f78ad482921360283

      SHA1

      249c22e9772dff84b229b1f8b8f83860ba52b088

      SHA256

      50bbe5ca895baa52ad088c9d008bc5ee1b4faba7231511906cbf9fd7b4d8d86a

      SHA512

      f6f42ddf5df165bc538b4c1e60d68847d058a199785045d81d555387f8d600d4a9a3cd1c6801d908a65a76884efbe8977bf1cb691da0b5e8cb05a9468abdb17c

      Download Submit

    • /data/data/com.ants.avatar/files/umeng_it.cache
      Filesize

      415B

      MD5

      9c01592263364eec61b48756a5780c9c

      SHA1

      e1704a421bcf431c42ecec42b52c5e33763daf8f

      SHA256

      98b292f159916f6af0e29017ea8c79f28975d707d29413dd2fb11b302837f7df

      SHA512

      a7a1818eb243b1024c2372f6db676476494a4f8cb1a08ee3cd74b20a25c93f4541f50cc2639d34db717fa8ca18c645bb4ef0cea315f5e4e0f97659d7d74d1105

      Download Submit