75881c145d6860a59a0ec50415f4ea93ae38906a81c95fa6b130550dc767e851

Analysis

max time kernel
2347434s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20/12/2023, 00:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

75881c145d6860a59a0ec50415f4ea93ae38906a81c95fa6b130550dc767e851.apk
Size

16.4MB
MD5

461444c713403f69eb0924ae94c61f0c
SHA1

2a521d1e4f7fcbf4308cff45cfb22ae7652c8565
SHA256

75881c145d6860a59a0ec50415f4ea93ae38906a81c95fa6b130550dc767e851
SHA512

fafa125b79c9b4dfc6b6c2486d96726db3a749240fe31609c4cc8381fcc981617ac5af0ea1da30bbb1f51c0a23d87c9d7b7bf3a00fa4bc01b61090b321a96de1
SSDEEP

393216:IQrKN6HNBP2tP+L1CxV1LpYPuwvtvdK0FFZFlh7sSu/zVlH:IyI6tBP2tMEXKpvv5FvHKlH

Score

8^/10

banker

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.starfield.game.android.douniu

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.starfield.game.android.douniu

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.starfield.game.android.douniu

com.starfield.game.android.douniu
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4244
- getprop ro.product.cpu.abi
  2⤵
  PID:4276
- /system/bin/sh -c type su
  2⤵
  PID:4334

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.starfield.game.android.douniu/.cache/mmbclasses.dve

Filesize
24B

MD5
b46c81a6c7d2d126d8370d8fb606ed86

SHA1
292ed92095296c6ceb9c9e9f7fa5e2e8f9381fe8

SHA256
cdb9cbe4766c16358322d0f63fdbd628d1c0753473e5f9da212b63503f883f3c

SHA512
af6eeaacff024390ee9a65b57ec2782a82506c9060d7d7443aac11778e6b6ce4937f95bba2ab7106de775e80845534137284c219c2cc73774ebde3ecc0758e71

Download Submit
/data/data/com.starfield.game.android.douniu/databases/TDGAtcagentgame.db

Filesize
28KB

MD5
1d82ee8cad54ab714db961773c5e10d7

SHA1
6287ddb2f2f256fc67d20dc030ff679f7f26bd9e

SHA256
cbbea3d291d443ed4dde0133da8e66466e151ece2b72e2f9a8a6f1a7add4ad02

SHA512
73ba89c3d0a18a4798bb8069e49ceb9a11f9c84ec69bc463198661e71934989430b5c25bb8dd28d1adcd36baa659392be14c0e07a49043b8d57700f464958435

Download Submit
/data/data/com.starfield.game.android.douniu/databases/TDGAtcagentgame.db

Filesize
20KB

MD5
366d00ca2fdd5e4cb9a706e03d63d002

SHA1
50bc03d3d1e37900a3e522322a99905e8cf24d8b

SHA256
cc9cd9c8250a52c29b6901d06575b713c1f8dbf3106e8afbeed2a9391ff5b833

SHA512
9fe5c044539d6f88b1e545c4c9a9002b42315697c87f14da59b2593ade6259ef994ed9136ebc046b83eb708b0f8dc92ffe7d74d9b4ab601a0daa344b0329b53e

Download Submit
/data/data/com.starfield.game.android.douniu/databases/TDGAtcagentgame.db

Filesize
24KB

MD5
a8ff6dba5583bbadfe6ce8e540bc9cd9

SHA1
df9bc02a366ebee26bcd41a3f51e842840d0cfce

SHA256
d8a7bf0bf3791bb6611bec2108e7d5abc91dc8c6d5747b124592839043b48809

SHA512
1ebd72355738d8dacc2b1fb88d256f3453951c83b9d3c8624e3e02545c1d27739ef41e28e751820585cff299c604a89e1719426b34ce378170f76e2a8892cc70

Download Submit
/data/data/com.starfield.game.android.douniu/databases/TDGAtcagentgame.db-journal

Filesize
512B

MD5
c76c1f81ed5c89d72263190337924d51

SHA1
4c884ac47ab80301733aa54ff0f3ced35f0628b2

SHA256
307ed04c281b70455455266b79da099751b91d32b376cfd109810218cdf480a6

SHA512
69d0c2650fe74b21f0dc32b4186bdd7a20cf0932b2af7b334d6e0ce1b561b6478a17766881ad20db9528f830bd14b91f3980f9199834ff4337e0fa1fc0848959

Download Submit
/data/data/com.starfield.game.android.douniu/databases/TDGAtcagentgame.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.starfield.game.android.douniu/databases/TDGAtcagentgame.db-wal

Filesize
8KB

MD5
82a93268e02e5010783220517b1a8ab5

SHA1
9e5c2b2f91ee7f7203ebd87467f8d10f5a2ca9dd

SHA256
874903b95f0ce0804eda23d9632f196ed92a7a81909fce87774513e763b4b636

SHA512
4554fbfef513808e2a209e0a6538af827bae91123de96828fb8aaeb0903f2af8429d6456cb8730a0e53b9bbebf0e30577c90710fe15661cd6f355e1954744e88

Download Submit
/data/data/com.starfield.game.android.douniu/databases/TDGAtcagentgame.db-wal

Filesize
44KB

MD5
feec544f26bd72edcb3bb13149c750e5

SHA1
4246bf71d419a420bd3458c62413be6b33409f1f

SHA256
38011644347933cf81b98c50b27f9b12e0a5cae8f6f08f005b2e5ed08ec51c00

SHA512
87fce83091e0ed651bb257d49187154b7060d7ad31442f37be02df72f0f362a04fa6139357800fcbc88fa264da4de5e6fbfad392067edd8b7c8e2908fb11afa1

Download Submit
/data/data/com.starfield.game.android.douniu/databases/TDGAtcagentgame.db-wal

Filesize
20KB

MD5
a6a9b22d0d348d950aafc4699eb8fd78

SHA1
27802c1dbf91a558778043be4b3f70b9464b20f6

SHA256
38f6ba15cb16f98592d7e1f023b76b5d5cf36969b616b5f59b49d9393189b700

SHA512
81d279cae45c4f4c6e05114bd157cac5215275699e534f4ca599193c3deab5c987c738f1ccab8e0ef382c31c42effb59963788d81e93378a85746e8ffec4edd5

Download Submit
/data/data/com.starfield.game.android.douniu/databases/bugly_db_

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.starfield.game.android.douniu/databases/bugly_db_-journal

Filesize
512B

MD5
b96fa84802a3271ca2b4937361d29355

SHA1
f7f419945eb3a0ab25389b8024de6fb3f1f54217

SHA256
9e8ebeda46390bafc713a1ba362a1983d120f540f982bba54b60ca6df915465f

SHA512
2e0bd747da8cba0da60833ebe38234f613d32059ce5a90bcb61d265f098a8d79b93c8d1197edea03113c5fc0c5a5f451d604737faa6bf87c90596ee9026481c8

Download Submit
/data/data/com.starfield.game.android.douniu/databases/bugly_db_-wal

Filesize
60KB

MD5
955f85d0aeec2d5e30ea8e4976a67f87

SHA1
d5cb6a35736ad4f8943bbb4111fe01a1b06fdf6a

SHA256
7276d0ee8c6600d406667d2b6c18f1edaed428d3f9983118c488b6fcf854baab

SHA512
1677c463be5fd17352c76e076d8f42a5822ab27bb1c9d467d92295acc71ae940a7eca8d76c268e581a5a1595bd5a8fc1cdfcba53fa423942d692d9b8fa929d7d

Download Submit