Overview

overview

7

Static

static

6

77d25c7972...82.apk

android-9-x86

7

77d25c7972...82.apk

android-11-x64

1

Analysis

  • max time kernel
    2308827s
  • max time network
    153s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20/12/2023, 01:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    77d25c797232b3e2f43a90c9ded9b1b7031970113449d56ddb4e775326e99482.apk

  • Size

    5.2MB

  • MD5

    7c2ac1f5e9588b405bd9d4b0993db19c

  • SHA1

    793ceba9bf44cfddedc4529f87d0bf56d356a2d6

  • SHA256

    77d25c797232b3e2f43a90c9ded9b1b7031970113449d56ddb4e775326e99482

  • SHA512

    31ed71e87b59b259e0c8300c9641a14f61264d86bb8d406b4dffb896b8e58f8126decab7195ff93e2d355fb532ca70bb421f40183638b6f6db4bcdf5cc80be4a

  • SSDEEP

    98304:Wvmd5FGVNzYslPbYu3V4L4d5pmgsDiEyY0MOsREN+PF0x6Q4LuuwDO:Xd5IvZPbV3V6w5M4tkRvCYQ4L5wy

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • xiaoan.com
    1⤵
    • Loads dropped Dex/Jar
    PID:4474
    • sh -c getprop ro.yunos.version
      2⤵
        PID:4544
      • getprop ro.yunos.version
        2⤵
          PID:4544
        • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/xiaoan.com/mix.dex --output-vdex-fd=57 --oat-fd=58 --oat-location=/data/data/xiaoan.com/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
          2⤵
          • Loads dropped Dex/Jar
          PID:4570
        • /system/bin/sh -c getprop ro.miui.ui.version.name
          2⤵
            PID:4743
          • getprop ro.miui.ui.version.name
            2⤵
              PID:4743
            • /system/bin/sh -c getprop ro.build.version.emui
              2⤵
                PID:4767
              • getprop ro.build.version.emui
                2⤵
                  PID:4767
                • /system/bin/sh -c getprop ro.lenovo.series
                  2⤵
                    PID:4792
                  • getprop ro.lenovo.series
                    2⤵
                      PID:4792
                    • /system/bin/sh -c getprop ro.build.nubia.rom.name
                      2⤵
                        PID:4822
                      • getprop ro.build.nubia.rom.name
                        2⤵
                          PID:4822

                      Network

                      MITRE ATT&CK Matrix

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads

                      • /data/data/xiaoan.com/databases/bugly_db_legu
                        Filesize

                        4KB

                        MD5

                        f2b4b0190b9f384ca885f0c8c9b14700

                        SHA1

                        934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                        SHA256

                        0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                        SHA512

                        ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                        Download Submit

                      • /data/data/xiaoan.com/databases/bugly_db_legu-journal
                        Filesize

                        512B

                        MD5

                        f3d70d94aa21c2c1a8fc3af51b22296a

                        SHA1

                        78565b61954a63ff8308f361e1f612852afb95e0

                        SHA256

                        9bbeb3191b2ea242d5949970920bc21aecdca786f4a1e74f5fe24b934589893b

                        SHA512

                        652e52e6a283ed0826c7670fdadc3ae5b7d79c4a0817796de2b025a1e8558b8e4f5068e7bd268959eec83c22dd18291a610dbdd263a6dfb1995907a7d4424ced

                        Download Submit

                      • /data/data/xiaoan.com/databases/bugly_db_legu-shm
                        Filesize

                        28KB

                        MD5

                        cf845a781c107ec1346e849c9dd1b7e8

                        SHA1

                        b44ccc7f7d519352422e59ee8b0bdbac881768a7

                        SHA256

                        18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

                        SHA512

                        4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

                        Download Submit

                      • /data/data/xiaoan.com/databases/bugly_db_legu-wal
                        Filesize

                        92KB

                        MD5

                        6c3d1e89432956de56e778ffadf2908e

                        SHA1

                        012a51b031c409705e5f71d3ae6798ea2937e68b

                        SHA256

                        1aa5994295aa0616470483f2a905c03a75b8bc8b790f7efdf742f0f885f84190

                        SHA512

                        e8caf0619b7cf1d7b4906ed8f7b84d23e21d13d7522ea1e20e65c262eb53b284e084d68c1f44d55f28852d497c5ab0117da5a53612e0ca51f1ce9c37ce33a1b2

                        Download Submit

                      • /data/data/xiaoan.com/databases/legu_tencent_analysis.db_xiaoan.com-journal
                        Filesize

                        512B

                        MD5

                        1db32d6155a8224b79e5b49e00931b44

                        SHA1

                        cc3fa9a484d3d931bdbf34dd5617d87911a063f0

                        SHA256

                        7fa162af11466dfa68c23220e48562955853b32fa4055985d58c8c0e4f1e2ad0

                        SHA512

                        55e291bc4ed179181d4e198652b1883d8bb0f380ea5f6e40c64ff9e54842adf63c4d2270f60bfcbe31426c7095de357ec8b48fd864bbebecd04fc855ed6d4d03

                        Download Submit

                      • /data/data/xiaoan.com/databases/legu_tencent_analysis.db_xiaoan.com-wal
                        Filesize

                        64KB

                        MD5

                        c25e1c9a9485fdd70d93ac2c8fab3036

                        SHA1

                        bc91d26151d5199f517d27ddbc0314917300e526

                        SHA256

                        4a5a52866b446bea3797fa31f523019c1694f108e83a0eadcacf5b794e7ce509

                        SHA512

                        36229a65921ddf9746ddb5b83c6e70039c98b25917319f0d087574030fc4139b0df9f6840fb36f8339ef128a4b964033a3045fe885d4362b336c1e41c7917510

                        Download Submit

                      • /data/data/xiaoan.com/databases/shangpin
                        Filesize

                        28KB

                        MD5

                        0084b4bf42256f35114524a6b222549d

                        SHA1

                        43899487283a97f39080a723527d46d50521f113

                        SHA256

                        d1412b719f158f65cfd7f1890cc06a32632f4cf0c89e7e8f8a8be494cf3aa4cf

                        SHA512

                        e1c9823865594dbef851c4584ed4156c09d39543029bfafcd83cedab97789bca136efed31a10f1a85beeebd3180cd197c68af151649c47f9b1466b766accd571

                        Download Submit

                      • /data/data/xiaoan.com/databases/shangpin-journal
                        Filesize

                        512B

                        MD5

                        17fd6b1786414ee9fb895f4112ba8b36

                        SHA1

                        87df9de6a4c1e3807eb70cc39c604069397c63d8

                        SHA256

                        265f80fa8c5134869b73d10b6a1223e2c99a1637c842f3977a96b12246b7b128

                        SHA512

                        7062b77ceb41021723052934bab45ceea0f2a061eba1d26259e0f7ff227983c716bc0ab998c2a6f30f3c466af57c1f122f40e4365f8f4bf85609893f39b06218

                        Download Submit

                      • /data/data/xiaoan.com/databases/shangpin-wal
                        Filesize

                        40KB

                        MD5

                        96e8b11cccbf7a560e0ff0fd4ceb6593

                        SHA1

                        aee317e042d4fd02d21e773d46992a69122f0cbc

                        SHA256

                        132a78a20bf166625c8d33ef27eccaa22c4a194323a8c0790ad81c6029eebfb4

                        SHA512

                        4efb9e0122e5479ea36158226274040dadc6fa2b0b22b74e360223f0b9f81466d321523538eca01776e708d0d7674d703ea0aec9b5084e8582f816072894f6e6

                        Download Submit

                      • /data/data/xiaoan.com/mix.dex
                        Filesize

                        292B

                        MD5

                        63f77f99bd2c2b772a479923bde11974

                        SHA1

                        c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

                        SHA256

                        4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

                        SHA512

                        3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

                        Download Submit