736ccb3f08d6f5de16d87d5675fa5e9483e3ddce0d531b79484dd13eb7872c7a

Analysis

max time kernel
2282143s
max time network
135s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20/12/2023, 00:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

736ccb3f08d6f5de16d87d5675fa5e9483e3ddce0d531b79484dd13eb7872c7a.apk
Size

2.2MB
MD5

be231408134ad71f7669eda26c5311e3
SHA1

9a2aa26dde82221746d0bf9cc70799e8cba2c9f6
SHA256

736ccb3f08d6f5de16d87d5675fa5e9483e3ddce0d531b79484dd13eb7872c7a
SHA512

e8e3a2ce4ab6a0f0d4d2aa8004036da702108bce48971365e4f6f9109b9f8c7fe929a1e5a1df8d50b9826bc7b9a16324a109413827bf5e9f0fc337b957bfb6ee
SSDEEP

49152:WHzxme/MxIKqU0c8IMBWmDXEdU5/35UGHRhGHR7DnRPonkr5PIGHR5:+h2IKqU0cqjDUCF3WGHRhGHR7BzgGHR5

Score

6^/10

evasion

Malware Config

Signatures

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.game.xysz.hq

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.game.xysz.hq

com.game.xysz.hq
1⤵
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4247
- /system/bin/sh -c getprop
  2⤵
  PID:4291
- getprop
  2⤵
  PID:4291

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.game.xysz.hq/app_crashrecord/1004

Filesize
225B

MD5
ded6660507a9b69031784bc6f7753c04

SHA1
26e7c17e0cdbb806b4afb730430b5f701165d7e5

SHA256
5f0a283cfbc8e147d9e1cac039cdcfe7285771e4fd777f902530ade9d3dc5067

SHA512
640b4a4c64b46d56fbd04fff7aeb1471a4cfbcfae3f3bdf72e70e2b8eca00f3090f155f9a03f28735ccda720a237d3203dfc483d55897b3a941034cc9c16d435

Download Submit
/data/data/com.game.xysz.hq/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.game.xysz.hq/databases/bugly_db_

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.game.xysz.hq/databases/bugly_db_-journal

Filesize
512B

MD5
2ceb58aa48bf8f4e87c858461853667b

SHA1
9cfe8b4b3d8519d5f54c5e0fd49490d6bd6ecaa0

SHA256
692bb8d1d01f2e314f8a69180e1c6c7ad30f224a3eede97b36360b6deeab58ea

SHA512
cbae675c14b8e0b9af141313d73889936e69e29f84d8daa2589ec351b898853a526aa080aee5daa0b9465505aefc7c5243a82d03a2304beab7761b3d9e52ba6a

Download Submit
/data/data/com.game.xysz.hq/databases/bugly_db_-wal

Filesize
16KB

MD5
7551a125c99d5b969bb94e7df3f928aa

SHA1
a208ba6042bceca0dad543cac7d0d7240e82c43b

SHA256
fe65519f78d2134f7264bb00921382426beedf94875624fb39bfb8873ac1fa9a

SHA512
a5777506e1c5c4ef8e604bcdbd7b813d1b772aa6ffb73c1e7eb68265f3603f1cd6cc478abfdec8fc86f584c1d83279f5ccfe8ab9aad07b2d9b00af999cdbc108

Download Submit
/data/data/com.game.xysz.hq/databases/outdbName.db-journal

Filesize
512B

MD5
bdbda5e20ebbaf3826beef932074f2ed

SHA1
c73d8e3442387fafa5f130176a066e966d85bece

SHA256
69493ebf5a4496ad9fced5129a117dd9d609bed2ca020e71c777e05641fbe79c

SHA512
fb079e69305a21304bff5ae086cb95e3cba85a151c4f885c4a54f2d79fcd2f32bfaba3dc9ebe9978677cd4fbf7dc6304dafafe19efa5f53b78ef6329990dac6c

Download Submit
/data/data/com.game.xysz.hq/databases/outdbName.db-wal

Filesize
48KB

MD5
245e15427593774a80df9cdc4988edc1

SHA1
ec55bca49790dd7f03cffe8de7e103759e646668

SHA256
5f8b7b2d62f7c1c6fe3a24bcf4958517e0840aa609ffe0d1ae52902b37290c67

SHA512
69ea8c98447534e94df4fa4328b20310eb143c2ea8ac70acd3e61c5a325ed54296c36823adb0405773d21eb5f4679daa9fc8df26b3399d13920f82ea71a72aab

Download Submit
/storage/emulated/0/UcQkDir/qk.dvid.txt

Filesize
65B

MD5
b48d8fa5378938e8cc60b92081e12028

SHA1
9fd35f383b78e14d09b26a66fedd2050c00c7897

SHA256
24d59a959d49676da0a0e92019867101c58f2f4ec1853facc447857f7601d5ba

SHA512
1f16e80b07ebe79ac8672396819e1a803d6a8e1b13f93304bdddee3398fc16d29cef3903ca4e9ab7f62e1f0af4fc5b297c8461b072c6520185cb35bda85d595f

Download Submit
/storage/emulated/0/system_hs/303/outdbName.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/storage/emulated/0/system_hs/303/outdbName.db-wal

Filesize
64KB

MD5
74fd050181777320fe8f1e37f318a436

SHA1
e3dd0401974b32007f416434279bfae5c1e82df7

SHA256
a4855010c57e0ee890c739bf9657872ee0f85ef81eee314267338fe90dbc20b1

SHA512
a6d29cf7ad793545d3225c778e596cf73276e697150be27c9681ec169190b4d6504f087e9332e66c3a5430e2c6c5b05f50d032a6f8dfc8ca916370e61c674369

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads