7433e5ed9cb16c5a3c9b5bcd98ed67e5d643fdbec7c68c4eed7f21e04fdf68a2

Analysis

max time kernel
2272420s
max time network
147s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
20/12/2023, 00:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7433e5ed9cb16c5a3c9b5bcd98ed67e5d643fdbec7c68c4eed7f21e04fdf68a2.apk
Size

23.7MB
MD5

4455ab8ef63e11de9a22bacf9bea6957
SHA1

cbb217c336c182dc4a855191e6a2ba0b84d9e2ed
SHA256

7433e5ed9cb16c5a3c9b5bcd98ed67e5d643fdbec7c68c4eed7f21e04fdf68a2
SHA512

24f39520d411c64e856a03c8166f59e226c89a0a88521fe9fe64bd16fe4e281e10977802cff91f09adcc70e853beeaac39f731cae5cb45b2da0c0cb7fcc4874f
SSDEEP

393216:Ml1ssZ2Lju5fj46Q5fsDuaFaDqod56d8FhJbsMzwOdyY758eHhs7U50O53OHM:Ml3g0c6Q5fjvgWnJbsKyYVHhs20O5n

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.yixu.carserve/[email protected]	4962	com.yixu.carserve
/data/user/0/com.yixu.carserve/[email protected]!classes2.dex	4962	com.yixu.carserve
/data/user/0/com.yixu.carserve/[email protected]!classes3.dex	4962	com.yixu.carserve

com.yixu.carserve
1⤵
- Loads dropped Dex/Jar
PID:4962

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yixu.carserve/.jiagu/classes.dex

Filesize
7.5MB

MD5
f8fba82a27024b865d6536622a6739d2

SHA1
6c7fc6c182d5794355c12d3ee4aa01d8ceceb296

SHA256
5d75695fed47660f910eeee9558c37411a12fdb5258106433e5dd7d7b660c5b1

SHA512
4c77034faa2699a610dd0f9960d10d345ffd7d7a8da42402528411b84856e448dec8194e7bc70b6f63e4065e4249810cf65da22807d67fa242c0586df3cdacff

Download Submit
/data/data/com.yixu.carserve/.jiagu/libjiagu.so

Filesize
382KB

MD5
aa01dd97609092ce310e17bf791069ce

SHA1
f000840a8f68ea7beb2e29ea466088daf55609db

SHA256
e432c191f918053ce368e1b1f155b2e1f9e84379611b93aabec0106172b73aa2

SHA512
766c120a06215d0950aae32026fcde3eafed8d18ae0de7bc8135a7378a9055c8f0040d61574d9af67fe2b5b90eeae64c62d787343858ae375bb6658df8afe7b4

Download Submit
/data/data/com.yixu.carserve/.jiagu/libjiagu_64.so

Filesize
363KB

MD5
164b659b1b75016c75a025e050ec82d1

SHA1
53f0156f39800db2ac4acebd1f3f97ebcf9138f9

SHA256
aa8d5d52b64309ea1b5337fa5042874a3f81fcf5fe286205ac9a49bad2db88fd

SHA512
a8e9696f179ca5915536e1d600d18c452bd90588a3d8e8bfe1a94b1ecba166cf627a3e2036421294afe4acae2a4bf12d95786d26e180440794e48f7de96fe88a

Download Submit
/data/data/com.yixu.carserve/files/.jglogs/.jg.di

Filesize
348B

MD5
99da193988d2b9a131a80350967c3c00

SHA1
78f6582cfa52503ab03935311867bc84503554c3

SHA256
f9a5311ad76829a05a2c68832538dd8327b6697031d3ccf7d137be983f8569ee

SHA512
52e383571fc57217606a1334079790cc100aac3eacb99605f080c1c0fda7a4ea022d34f963dfa31ace6dfc6dc71b284722440dd2857567a5ab4703dc6b04df35

Download Submit
/data/data/com.yixu.carserve/files/.jglogs/.jg.ri

Filesize
314B

MD5
31980511ce26fcc7141d95f47eb9888d

SHA1
b78e359ef246aafe025122e265f82bf0427325c6

SHA256
5e7bd064189c8456a9ffa0da5423291002f76da263addb168b14c217deeae2ef

SHA512
9baf5ce8b2cddba0fb920ef6d7aae506d8ae52a811acf8d30af6dfcecf8cc35b4852dee3895c916417380ee1c6447628bbf2657b35ea198781103a96d9b5174d

Download Submit
/data/data/com.yixu.carserve/files/.jiagu.lock

Filesize
27B

MD5
41ab04c149a732baea69950748fce32b

SHA1
835a0d2dfc777c87d978ae9c70884f6fbc323106

SHA256
d32edc4d4f2a6ca9aee468f7289c0af2cccc209ce3f63eeeff649d69fac18a14

SHA512
f9857867bc1162616e2d9e31b15d0561af4ff96d536d2c34925b8b2a6c1443619f8a08e9dd19e1e3ec270d6458984a4d801482d1bd45df4dad5b7fc83be449f7

Download Submit
/data/user/0/com.yixu.carserve/[email protected]

Filesize
6.4MB

MD5
88bfc3e193a191d26fe9690649406b57

SHA1
8ba41f4fe90e74dfdc56794ef30c271b6efcc841

SHA256
671f24377fde58702a1fc06f9bc99cf47f223b76eb0431452f05a01ab707d07b

SHA512
c2fe670bb3105f1b6c060067953d71de6eb07601094b1c6c3b52a0ed56d56dc6158b18ad16e12d499af57295330b3a1f523187fe152abf95e95e33c1da71a4d2

Download Submit
/data/user/0/com.yixu.carserve/[email protected]!classes2.dex

Filesize
6.6MB

MD5
ddf33a37e7b9cd0e09bcb1c903ce8916

SHA1
98a19dc4d26925fe278a6e4d65f52b9d644e0441

SHA256
da1fa6982de92906508c1e25d7db0927a9ffb32b69c9633f8646a98731a15821

SHA512
68e14dbcb9e1b7897d3ce0056e3bc82693071a9d453a9e241a016c8c56690f4576e024c21fda6a1a955e9a7c73168284d0d1933912420b10aa637b448d523b93

Download Submit
/data/user/0/com.yixu.carserve/[email protected]!classes3.dex

Filesize
473KB

MD5
50a4964e147fc29267e63856022d1029

SHA1
42a6af17196e5fb6bc474b545adf9f7e49463f00

SHA256
ede9c27cac78d368c302524cabc0d6aa2582b629eac32756c437c30a8a3f9f4a

SHA512
32204bc8d5f3213f0c6070b0681e601068f255dca051a6273549a12abd80f210905d07d069fb0ecef0fe3af46c65e78b2e1294d5c403d8d5762e4d366e217cd6

Download Submit
/storage/emulated/0/360/.deviceId

Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata

Filesize
32B

MD5
634ccabf1f4c777946dc211bd0370abb

SHA1
467e1626c159dc5f89560b65e6544dcc0707d44f

SHA256
670629a055a46cf305ac4d090ae3342bae086915f6401f64fb0a13465ad4963e

SHA512
0e4af1c886626928e538812b18b2fcfd832245c762c850d802a9ce4fc8374f527fd7dd1c2cc2d3bd72bc1eec994e513229f692b4b894305fed3e63a8c22005c1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads