Overview

overview

7

Static

static

6

775d1ccbf1...28.apk

android-9-x86

7

775d1ccbf1...28.apk

android-10-x64

7

775d1ccbf1...28.apk

android-11-x64

7

libsells.apk

android-9-x86

7

libsells.apk

android-10-x64

7

libsells.apk

android-11-x64

7

Analysis

  • max time kernel
    2306378s
  • max time network
    135s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20/12/2023, 01:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    775d1ccbf1a31456251b0eb0397d66522d211aee7cde0567d116d777c944c328.apk

  • Size

    6.5MB

  • MD5

    6f4e8cdd87a81e5f525a927910172270

  • SHA1

    bfa0fee19c1a4b781af6fffe334c83f39dbe5d5d

  • SHA256

    775d1ccbf1a31456251b0eb0397d66522d211aee7cde0567d116d777c944c328

  • SHA512

    f345f2f2476c04179a7642dfa2a3cbf4305340116619fce33fa3b8ec422b3da428b5abad8ccdbcc2f01025cac51929ff7a868f896c455fb69247d8adac4d5beb

  • SSDEEP

    196608:HDC4kLGadmKKPdyuYnCuJFbN8xeITZenaI1KXKzps9b:HDsGa0yxCueM+ZtYK0u9b

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.arquanjing.apps
    1⤵
    • Loads dropped Dex/Jar
    PID:4251
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.arquanjing.apps/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.arquanjing.apps/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4278

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.arquanjing.apps/.jiagu/classes.dex
    Filesize

    2.2MB

    MD5

    3f80d78f898c1aae881bcce81a3d2f8c

    SHA1

    4bdc8d516bb733382ef429ed7dee834f6f43c801

    SHA256

    5e947c675ed4e3d8d322899753f4d047f2168697256de3add6c52044e81700a0

    SHA512

    521828365477a73acbb17ddd54179ee753570faaea876a94eea5698a81334b53f4e874683ecf8eca77d84ca73b0eb8e32fcb450edf0db1a6c540d2bc41dea055

    Download Submit

  • /data/data/com.arquanjing.apps/.jiagu/libjiagu.so
    Filesize

    558KB

    MD5

    98736de515958ae37ae93a0a0e997098

    SHA1

    72d0f9d43f7c9bdc9f19d13834c0872f5652c0f9

    SHA256

    335091dfc73a9f792cb720389c5d94eb6642764a38d70d4b6b7a8afd34038421

    SHA512

    cc4974ce398bf7f4a20160ad30e4c4b5821ff0d7f2cc9fa0aead73ddc036585266edf429add276b53d6db8dd24a344d709469b9c839451deead6b621e70c92cf

    Download Submit

  • /data/data/com.arquanjing.apps/.jiagu/tmp.dex
    Filesize

    284B

    MD5

    f1771b68f5f9b168b79ff59ae2daabe4

    SHA1

    0df6a835559f5c99670214a12700e7d8c28e5a42

    SHA256

    9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

    SHA512

    dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

    Download Submit

  • /data/data/com.arquanjing.apps/files/.jglogs/.jg.ac
    Filesize

    32B

    MD5

    624db59584a6586c81db255cf3cc117d

    SHA1

    9bf8e0d4286fd15ca647df15031c11d9bcfa184f

    SHA256

    2ba4bf41190a7b0279a567a8bf3a327251e1eabfe6be99f08c87d99220ae6326

    SHA512

    874c0393fa725e7d187c9bfab337e0a98d27325e490142eeda12a29493065dc58b0cfb8743a0aaba9a4307c7b8e723cd02e3f60427edc5624bb029ec570960dd

    Download Submit

  • /data/data/com.arquanjing.apps/files/.jglogs/.jg.ic
    Filesize

    32B

    MD5

    5d953b53da1e10fb5441403f20241d55

    SHA1

    7b3cf7d84f61977849fddbfc5c890e59757a7c47

    SHA256

    9717fd4a0a5e760c6bfe1f1a918e15530674111cd31536be0c09bd16db2237d1

    SHA512

    df0b854fbc1c46e1e61a203d5933305919bc5bd0c0d72141d48c9084a3e1da0e0d7f122fb7ae99386d207d98d04fb7a0c80ddd47799b6f2d7298cc7d501af9dd

    Download Submit

  • /data/data/com.arquanjing.apps/files/.jglogs/.jg.pk
    Filesize

    32B

    MD5

    5ec79805fd5c952c78c837ed0a21adb8

    SHA1

    4b43a8a8acfb7a9f89780ea31bf888d9e46de32a

    SHA256

    dcad910c9b754d7bbe97729bfc42639ca7c73325508c4c9e47cb52533fadadca

    SHA512

    939699bebff2517f50e40f681c29d8906a12e6ffe2867848a6d0a51f7dbb388920f91a3768e6c6e8b4bb8a0bfa897a291f06a538de438f5d5a58e02fceb4b477

    Download Submit

  • /data/data/com.arquanjing.apps/files/.jglogs/.jg.pk.h
    Filesize

    64B

    MD5

    16ba8a152edb81b5f6b40024348a5340

    SHA1

    4366e4d8ae6c13b9f06faff487df8d4ff5b18bff

    SHA256

    a978c239665f512f826133c7c08591e24e9c91ede8a9818568c0763c8f74fb9c

    SHA512

    05e5f3f193af5cd4b4b50a3861d51dd089ef78b2bb48662f6df6f87763336421317396a9b7a30b26f578ce84c3d736764be54e1e16448e47ceead9bd36fb00de

    Download Submit

  • /data/data/com.arquanjing.apps/files/.jglogs/.jg.rd
    Filesize

    32B

    MD5

    6dd38a80202a6e1d25b866abe0042119

    SHA1

    772b222b01ca199215e16384c24cc696c087d9af

    SHA256

    4dc233433101a59b0a076f924e7009642dc9b9b96fb16fd82add045280ba39d6

    SHA512

    f86098aa3f1a1eaf5a0f553716c46142a1882abc666308077a6963fac9b133267b6acdff150eaf8a6e5e90b915cff7de84d3180f5d45c611fd39e9766177d6e5

    Download Submit

  • /data/data/com.arquanjing.apps/files/.jglogs/.jg.ri
    Filesize

    314B

    MD5

    51158fff7f5d660906d1527b4134cb5a

    SHA1

    66bf3d1b0cfc943ca685d682dc8dde840724b55a

    SHA256

    48c691f19f50d1ee8c1ab505d420ffafe0c132b7c83ed1db068e5834b5d744ab

    SHA512

    6af036ce4e4fb344480320bab65dd400aef9098ee0a4b953307facc33c8b75506d010daaadc7ab9dffcb5e7c730b02c3e37fd8fe0de602cd65dbbde14822ac83

    Download Submit

  • /data/data/com.arquanjing.apps/files/.jglogs/.jg.ri
    Filesize

    307B

    MD5

    1aa7df6552d51e04e951092e8ac50232

    SHA1

    849623d7ddc3c86d7b944ecaed92b648de8558c5

    SHA256

    c26194e781c55e72a61ad713e0ed892860f9a8cb60f784962ceb54c70a1d256f

    SHA512

    0dd583b451d1b6bc6ab95f3b74707796840896b46dc7fa0c9f668e728b8963fdcc6ae382a2487cc850efd0e86f739277758baf5ee29e9671c3df8acab7f18551

    Download Submit

  • /data/data/com.arquanjing.apps/files/.jglogs/.jg.ri
    Filesize

    307B

    MD5

    50363b69733452620500c74a07ab8ca6

    SHA1

    10e79cd4b3d690c66704be4d7e5afa5267d5bb92

    SHA256

    36b0924303c4eb563aa8da9bd08df5a88560e75223addd3d4999fc2ac544da24

    SHA512

    eee323328ee8f2b18e806d202b198cf174e3e6f1aaf295952980c75d11dadcc9b2d7688fb0c575bfc282eb2259b96c2c55f18e20ad1463340df4a07b52c7d10a

    Download Submit

  • /data/data/com.arquanjing.apps/files/.jglogs/.jg.store.report_cf
    Filesize

    32B

    MD5

    9714abab240ba505281df70405d44288

    SHA1

    1c287a9d6d12e037dbd2d4de2f3486c617f9c2f8

    SHA256

    7c12baab6671e029ded06b1a9d73f1f1caacb9593eaa65bdf8e5dc622b50cc38

    SHA512

    40e98cef3c6e8850cad99863613293f76d9af9b6dd4e93c8b8ddf10f844eacf31a9df8984766d49840776128418dcfb3191f486db857fd718e672e61cca62ce5

    Download Submit

  • /data/data/com.arquanjing.apps/files/.jglogs/.jg.store.report_pid
    Filesize

    32B

    MD5

    dbeefaec03bfa8ee26a168b4c98014e3

    SHA1

    f826a005e586421145cdcd292c2b759f460c4e33

    SHA256

    f2c2bc552267d9f87b213758eb15afdb5439ae32c67d9cb4984c0fe9d53d5942

    SHA512

    28d386d502db4c263c1b697a33c2409925b577346a947390d39c6bded0461331641f6ebdd5b05e7fe860e0b2c2d622c2404f3e15c47614a58f2559055784e17c

    Download Submit

  • /data/data/com.arquanjing.apps/files/.jiagu.lock
    Filesize

    27B

    MD5

    b5a3b08767a9bcfb76e401296351e8c4

    SHA1

    9221ed1c607e06d2a72b5fdb2e6e81694bc802e9

    SHA256

    06a2138242d3bf8bc54086d625ce43028683bf7ee400c1397822ac1fff25f854

    SHA512

    3fda7db7b068a80a94ab59969d8707824eb145b7356228dc1df638a0177540528d69faa813b72e1cd5cd2b9ebc8af230fa0df99096b5111fdbe6ee01f94858ac

    Download Submit