7abbb5a6f19324829ceb15e668ad52c1fa334a18c64cac692431c213cf6970df

Analysis

max time kernel
2291206s
max time network
158s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
20/12/2023, 01:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7abbb5a6f19324829ceb15e668ad52c1fa334a18c64cac692431c213cf6970df.apk
Size

5.0MB
MD5

e2fb0e9ba8a8fa8702e1c9b664576889
SHA1

41f7b1c5f63635148affb3fe036a689ac88bc17d
SHA256

7abbb5a6f19324829ceb15e668ad52c1fa334a18c64cac692431c213cf6970df
SHA512

07980399571bbd76edd1acfa179f37ff44349ef87cd8101f6785b2eefa475695a48d16db91ba2c73870645aaaf62a2938414a150b163708f86919b3168a68b73
SSDEEP

98304:ItwG4c20AD0z7WJqAphjRyuL9qaU6znfi6WBEtoWWZT/74UpV1TeuwDB:IT4QlnWJqatd8J6+gnWZPFpV1Tpw1

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/data/io.dcloud.H508B1563/mix.dex	4916	io.dcloud.H508B1563
/data/data/io.dcloud.H508B1563/mix.dex	4916	io.dcloud.H508B1563

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	io.dcloud.H508B1563

io.dcloud.H508B1563
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/io.dcloud.H508B1563/app_bugly/rqd_record.eup

Filesize
360B

MD5
36b2cb4150c647cf7959be45941b060c

SHA1
8e5d645d31330d5d98820f292211c52834758784

SHA256
e66a6af27454bd6ffaa01c0c7024fafeb6b8a96e6ccab99f3584c284c98f3ffb

SHA512
99cfc84a1ddafcdc0348c82da9650306c980a16b61b475dbd2b9ed09ca5879678d99f3f236458018da049136674ece860a951f3b9274d90b39e1fd339ef21480

Download Submit
/data/data/io.dcloud.H508B1563/app_bugly/rqd_record.eup

Filesize
1KB

MD5
5cae4d2fa0bc70707b1cbcd5e8184f06

SHA1
6205d0794a435b679a283eb6a08cac2906e4e690

SHA256
de322668455844edf35ca7d92fcf326a1d56c4c1944181fd7386933ce8c0ddf7

SHA512
791a95b3e5173afd5274504bf1068b1e5c770d16d94efde98d98c268381b10d55468958d4009b1718d05553ccb67ed2d0e36abdf34496e765da868687bc5e06f

Download Submit
/data/data/io.dcloud.H508B1563/app_bugly/tomb_1703098252785.txt

Filesize
19KB

MD5
b487996a0bab3e58dbf9d921dfa38a22

SHA1
8c4ba86bd0f960f9bf436ec89b14c8540e049eb7

SHA256
a962570a4cacb343ef50b7b453a1acca5fa3f69aeb678e1a62755a2cec4370aa

SHA512
6880be4ec4021214b59665cfe7e11e592f3ae578b44001a6456e88561df0ff6a54b07e2624b32ad16e21b44707ed0052eda1cd60fc199e6df88a9ab321250cf6

Download Submit
/data/data/io.dcloud.H508B1563/databases/bugly_db_legu

Filesize
60KB

MD5
48d6ae68dc96326f43a5709f1861dbeb

SHA1
4e00cb7e8371e9c7dec396b3d01f7898029995eb

SHA256
7382186f33ae7258a19cc924563a049c5ca1ce8490ac929188525031fa1bc809

SHA512
7bb5e2fc0d111eeeea048acb41b105f2a285a3afc48ab6c01ce90097605dd46bf187c1c7e962b16e1f23cb04f19bf936782f083fef44ed2978757c93f59662ac

Download Submit
/data/data/io.dcloud.H508B1563/databases/bugly_db_legu-journal

Filesize
12KB

MD5
a2602aa367bd217dbc09247a59bfd128

SHA1
ebdc97d7926fd7c87d8f703001e2b7749cf39947

SHA256
e7e9c2f14443a72600378a6ff57cc1411ca8dcdefae9112bc865704497027ca9

SHA512
4e59f26dccd66ac42c8d36651cef8db0544c323f4dc09515c9373d842c8c5a6ae57d04b1cb85340346ce109dab2c3deee3b130b951734f513c2c82050b80b221

Download Submit
/data/data/io.dcloud.H508B1563/databases/bugly_db_legu-journal

Filesize
512B

MD5
c5a027bfa09750d8fdfb3e9b1b97c5f6

SHA1
a5e0261e701f85c123c8be496dc9844833471f58

SHA256
f534917e11d47fac4e421351355f77799377d7125199df3abe8dc0170d804748

SHA512
e290b04ce0c89f13d1824b6941fd5d473e05e34f11d73fcd9748ddd3a3491a8618aa1471cb48051d557a7e42d6a454456a1e58159199fc9bcc97bf844894895f

Download Submit
/data/data/io.dcloud.H508B1563/databases/bugly_db_legu-journal

Filesize
8KB

MD5
a71968a737437ce576f66ae1330e4aa3

SHA1
bf8536a9316a01aa22ea9ab2edb20ef115a3f7f3

SHA256
69e646ca7fe689a011bf232fdef59c1f958a839b622ef77b2c6ea0a93c5843ad

SHA512
3bb501e90aaffd46cbab7ca4551dcbc15bba04dd49578006ad8f21506539f5f269f60553366d25eefee71545f0ad5685064979426090de037c7fdb0ad602a9ba

Download Submit
/data/data/io.dcloud.H508B1563/databases/bugly_db_legu-journal

Filesize
8KB

MD5
ef328b4087ec4b0163dc7726cda7a21c

SHA1
88b822ecaad37b4b021a72ee54005ada80cecf75

SHA256
d7b7e56e48ce719e191e4de289a485e14b45bf76b09d51fb716dbed28e313f32

SHA512
b018bfb7a52d415691310f878210d2da6d4b343fc676aa371df634366b800302b6e2923839e4496c1e5b0608b20b4ac40303bc3143065ca12c145786688fe806

Download Submit
/data/data/io.dcloud.H508B1563/databases/bugly_db_legu-journal

Filesize
8KB

MD5
1ebcc527631b89fc916c2c317c575e69

SHA1
58e8c6da161620c26fe405f3397a99ca962724ab

SHA256
5b4dcc41c8e2d95304e99786ab7b922a9dcc15dde90eb0d369ba162d7ff659cb

SHA512
9b0e5deb937933306dd41c644dfc9f0266c6b277b1724e58e14ddc349d7052042355f678852c62e5856e80f6735fcb58d611b2b3ba96259afab415cb75d900f7

Download Submit
/data/data/io.dcloud.H508B1563/databases/bugly_db_legu-journal

Filesize
12KB

MD5
2a643ee39a2a8ca3ac3b0efa6ae3dcdb

SHA1
b6d223de039a7b21a7f7f731dddbbe7b9a884e2a

SHA256
0d59f8a6a60b0abc6872998f3d4fb64c23fbb94036b0873f7d09f43b6abb417a

SHA512
d84be468b9d326e48765e2a4316ca42de8771fc4ea8bf938afa6c4244b1a21958dbd29e443c671984fd1e2809b089c2b23a90fa820dc73876bcbf245e0f13a67

Download Submit
/data/data/io.dcloud.H508B1563/mix.dex

Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads