7de9213ec76ff39a5be03d8d5357170e5752a3623d0ee761da55a849d746f1a9

Analysis

max time kernel
2300577s
max time network
155s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
20/12/2023, 02:32

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

7de9213ec76ff39a5be03d8d5357170e5752a3623d0ee761da55a849d746f1a9.apk
Size

10.8MB
MD5

028d9b293bfa471394ccfbf95540c4cf
SHA1

045d3af51f4de2dbe1488b5075ab07ad9ea75ac0
SHA256

7de9213ec76ff39a5be03d8d5357170e5752a3623d0ee761da55a849d746f1a9
SHA512

61204e358272ea7566ace1ab2d7009c484cb9e62d2e7fa23145679361847b4a3e1f62c3c40958216782732a92cadb2c87efbd00352cd34a64b056492e1167522
SSDEEP

196608:YFD9DfdMAjB1C0ayoo5SFhZWlst3uSYBMwovG71SEye4lf0Ii0XrTW1XZZLOt4fK:IFJayoo5SFhv3eUvmDw0Ii0X23XDI/

Score

5^/10

evasion

Malware Config

Signatures

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.yxxinglin.xzid135457

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.yxxinglin.xzid135457

com.yxxinglin.xzid135457
1⤵
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4987

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yxxinglin.xzid135457/databases/RKStorage

Filesize
20KB

MD5
d40760ef7b00bcee6988ed6ebdcdce7e

SHA1
b383772f089528dfd4785899e686f29b6668b684

SHA256
9fce706259465cd6084fc8861a871be507144d66f1c7ec1eb57368ffd81eda32

SHA512
a5845a6a86ef6ae9fb7f7729e259ec1d0fa782370de71ed6f2c58a41cc17e845fddb31ba842d84e3eb00280555a15e811238a23859454664d4a1ee9127a8ba88

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/RKStorage-journal

Filesize
512B

MD5
8a9785a9a95bf59f16d042270069d0fc

SHA1
d5dcd6b42f9f65f09c341411baa53d9b0f2a21ea

SHA256
73aec6ecb2f015d66c02a336ef2591d5f254eb80486761d1e994e19fe5747194

SHA512
084621e70120071f66ef0df43559a2eb5ffcb3f9d6a9dd0eb95d58ac8c7a187e239bc9b9b68235b893a5a370e474eb8384e097ffe263f23eb12430d021050ffa

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/RKStorage-journal

Filesize
8KB

MD5
c44b21d7acec45e81121f74d6f032ffd

SHA1
7c0163610c26d12bef2070f0078c79c12ec8c4b9

SHA256
b81856829e96ff4a372885f17afe150f2fd27900a6a619e27f663b5b0bbd14a0

SHA512
6bd513991b12b13df289665b4555069d037ff5c1c032f31d604ba231bd9e4f0beecbd83ba7f67c87a3b9de2c08487a34922b641bb08358c122883e22a31e38a1

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/RKStorage-journal

Filesize
8KB

MD5
ecdbf27bd808217a076ada56d35189a8

SHA1
ecb6ee7983e4d45880a833f097d89ff30c9e49c9

SHA256
87b45690b1d9459e010105bdd8adb2cc9bb4e04bfa479ee0d77a1745a8b964f9

SHA512
b25a5575fe95097acf8103c15d2046cf47df813fddee002a5f862b8e669b0412ff5ee25a71225b4ebaf5e7491206c0198881ac90327c58a7941ecc076a87d757

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/RKStorage-journal

Filesize
12KB

MD5
6776a4a8f3eacbd232d65e231a12dc1b

SHA1
7eb3d4905e5716f8e526d9fd699da9702bad014e

SHA256
44df93284bdfa9d0725bb4afebcbf371df22df27e8e9406612c13153fac8d44d

SHA512
7f36031cc76058685e313bc398c6016f3132dc1137f7cdf3290ceb019e6a1694fdfb9c5831c5736ee8964e94247faaab194f8d75bf8c14a0d94fb16095903234

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/RKStorage-journal

Filesize
12KB

MD5
d3a57f5c720d0f07e9761cab949ccbb6

SHA1
88e2003afc9660081b4f704db77cdbe9f1d56977

SHA256
6ad5d27dc30cdb5bc631efabb5c8ddc737e29fa8e311a06355875e4a5466459d

SHA512
4ad485b8193edbb6f0925409889c9c537c050196dafdae21ca0433413fd83e779cd2b087c86e53051d46936480bc5aee830b14f7e632c63cfb2da3e85685d154

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/RKStorage-journal

Filesize
12KB

MD5
0c210c40563c20c55e2b4139bc66d8cc

SHA1
0ce8f585078d0e88f3530f4851bb98fe8e368600

SHA256
b702dc5108cc5f9ce966ba6e9ad71b8736640ba1dd2ef4b5cf957e7802402a1a

SHA512
0b0b9c8ce52ad4775360375339f7475ef20cfe0a2cb8a797ebf7d741ee33d5694c5f97f04f4bb51b6ed1f213dff25ac08f930fbd603294af3bd70bf56979bfb6

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/cc/cc.db

Filesize
36KB

MD5
0908e924aa236931dc7166fef6e00862

SHA1
7782648d6d8f6e835bd47058d4852932c096a467

SHA256
38f8548795ca7470b449dd1de9598c07a247ba59883c0764c9c96ff0b7d31d7f

SHA512
3c16fbc5172aed04cd206e776c46d26e911732c6e3631536410a71f1d217449475727ac9b3175e827c5ce645a1da9e05900258ee6ca27c936a9060f241361dee

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/cc/cc.db

Filesize
28KB

MD5
096a7b548e6526ebdac908545f457551

SHA1
951e2d617611cb4e24f826c89b904b46bc4d276e

SHA256
a7b7de98c2df853f097b4515e03f3ad376896da406ab0c31a04bca206edb657c

SHA512
7e86b3db26e0ca113f40c9f39f45773fcc5be4a53336d7d47be10b6f5e328fe50a405cd78d42006227d5269e2d7d6489b35b0223c0aeb0f73e35935e34ae330a

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/cc/cc.db-journal

Filesize
512B

MD5
e0c0f58f437586fb13a929f640f11e7c

SHA1
da5e1fe9f2ac30e8134c4d3b95b90cb552c2bdb0

SHA256
738356d85e0a17fbca910a05e2d03f754d6c7a002efcbc0894607b84cb87d8dd

SHA512
f56d1aff4fe4ba94a8b90c95ec1c996f3946a6c84651ff3fd86615657b805f4784a958fbcf8cb2d5246088d0be443835aca6ace3398d8361bf738bd6ccb7604c

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/cc/cc.db-journal

Filesize
8KB

MD5
afd2d5a77d3ef3089dd308513fb9704c

SHA1
5e69d484fa201abf64c8def47adcc113c0b4c030

SHA256
f67f9d92ebcd51eb1f34e7c08b74957c7a34574cbcad02fc25c75e2fadfbdead

SHA512
9dc426582b0dc04af2848d29078d23d3d977e463177f9f11fa797219e91a8a05a39adf84ee37537956e48f84dd2a9f4551b41f08ceaf3e24f9aa93ab5b89ac92

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/cc/cc.db-journal

Filesize
8KB

MD5
10a24958b98207cf9fd3cf7d386936a1

SHA1
19d54c75711933276415b729cc1554d185fb62cd

SHA256
d45b0e027ed17cb405a479bed948468c6cd08e86e0b323daf3ec142263ed3424

SHA512
97755a567e4c434245ecba473061d9135177b2889fa6404570ec778195716c5e657d631a3a099926cf22812b39917a4be027c54fac45fb3d7ef2397bc234280c

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/cc/cc.db-journal

Filesize
8KB

MD5
b3e6736e9204f284181336e55c356963

SHA1
4113c17d5b28c67c45dd556fe0f9af57c3e82d01

SHA256
ccc3baeb2c7f4f6ae80730491e4a669dd1349e42e8ae7a0650e735bddadc9fdf

SHA512
dcc16d759aaa93d52f6346ec38ae0faeac15e8522e1c2749db6ff665983ce19bb7f17e9a779e78ad076ce75bf36b6480ad3a3f8b2b5fef0c8cc2ae36d62d072e

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/cc/cc.db-journal

Filesize
8KB

MD5
8fdc0b6a55e9ef5868be408ac9f7f679

SHA1
c317741cd431e8cbc2c234d9713e62f9e65e399b

SHA256
7f051946b51f019127e28dc275c7aede5283ab7b5f18d6813f00613fdf989b17

SHA512
684a886565c53530213711661d9b705586dfba851ae8293772edccdb389454f9e592284e7b21dfeb24050747e6842174b34ee2598524caf7969c50759a0b9c59

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/cc/cc.db-journal

Filesize
12KB

MD5
f77f11c72d176388a75c4af537f45b3f

SHA1
5fdc730ed8c0398ed96a0eb79c2b296065985054

SHA256
2097f5c4b725f512fd32507ad248a8df4e81d7b951af4cbc0e873bd1a82d6e43

SHA512
18f3c59a48a2e164b8b9f2dff37ea7678d3bc87203f2fc4b15f1a23f01cfffd024c8feac5bc2743f36f5d1dba420d8b3498dc12edfe8e1cdfd2f78ba62766b5b

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/ua.db

Filesize
32KB

MD5
4ce764f73923f01745e3ebad7be87a79

SHA1
ebf97e70f9e753e4de835cd0d727c45eea514dd1

SHA256
4778aa6057d83cb3b2a2e00095b4ed1384f89dfb65c645f93b1e5a14e6194c75

SHA512
ab49cd06aef149a50e1836d194cd82d17ffb342c314464d6c703887eb6843f6c1641969970424b7126721b3e79fb47bed6f5464fb7191d5ea2f0eb26354e1e3e

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/ua.db

Filesize
32KB

MD5
38564ad4c73e5619bc2264b0c44997a5

SHA1
e55f6fe1b20347ad4cd58d77af0b0feb149f63d0

SHA256
1820a909a310bf7bc4ddaab6c8be3954dedd53612749f7bd08fefbef31670ec8

SHA512
30d84731a3d8380e63bb73227623e86bd779476474269f252abe546028531c77658573874444e66b862ea049724e93a9344b1d4fd9f26c0fe02a79a4079a9a7d

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/ua.db-journal

Filesize
512B

MD5
5138cfc8205746d6fa9d9f016ff0a66a

SHA1
b9a6cfc62f9d2a3c13bb0ab06333e60e891f9530

SHA256
38658ddbed4203a4681bea671f7284600ff15eaf813a69e70ce89f192a084e99

SHA512
52b54b98ae539acf92fc39c544d41973cd380a1bac710ed47a09eea3fe8f8da03a8a1ef06d84aec7ec108cbd23e3ebab13b434cfe263aa744f7152c965ced443

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/ua.db-journal

Filesize
8KB

MD5
370c431fcb78c3101cdb5ff610a19912

SHA1
722660fda58a5d85293135205c0b58dc4f018f74

SHA256
f2ba19bd8143b033c36cfba396447986ed958d8fdd3a4498da02d8796cf10fac

SHA512
dc1142d76797c8eedbe9dc26bc975103e380ddea01b03f22e7f44403107db88be7c31fe94b79562f0c3526fd920b8098e7853de7ce89545b0586f9124d93c88e

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/ua.db-journal

Filesize
8KB

MD5
f9d6e11accd96ee2a12e5054b75b2387

SHA1
c481ee6fcbc7305af1eb984aa82635462857f01a

SHA256
1eaf1aa82ac524e6f2ffc1f54de8b497191ab7be3cb2b47f866e7738f7607375

SHA512
71b5819e67b17c785b6aa86ee204dcc7774aaa5546d4a4b4dcb7a6a625e14fb019a8372b6912d585b3e2b79da8bac74175d7354c37e2c7abe7ad0e311980bea0

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/ua.db-journal

Filesize
16KB

MD5
2502bcb6481dbd5da6914738cb09aa62

SHA1
8b65cbeac3af1453584a11b66b218e91fe100dfb

SHA256
e2a2a3afaecd6945e4cf01667dce9b18798e76927fc3c051413e9fcf0f19333d

SHA512
d4d5e34de0df99fc1c9bb7059ccef8d42d969b1b5aaf6d64593821c1becce95017cfd8b7308cfaa43591d8c687692bd811998efe6e9b63dc096adbb6096ccd35

Download Submit
/data/data/com.yxxinglin.xzid135457/databases/ua.db-journal

Filesize
12KB

MD5
6dfffeb4f83d10910dcd2e9aaf1eaed2

SHA1
7d13f94034835527e9cb5c5cdcbe5c7ad500f6f0

SHA256
7d402d71be81f071459df128154059480c4c6140ab6314429b4378945b374b4d

SHA512
561e9f7d2cff54936376d3a5f3f1bd14cab3f83dd5078a8a7489f91743df5ba0657a0d6f7572fa6d44c9358a0026865c47a52249228111e13a75f6f996e4fc51

Download Submit
/data/data/com.yxxinglin.xzid135457/files/.um/um_cache_1703107626784.env

Filesize
1KB

MD5
ac6dd680b06af9be5acd8dacb734a999

SHA1
46939f5eec570ed0a3caec5145fafe4a0d57a670

SHA256
6147d4061b0bc00a4ff829d9b8ac28a0b0a5f7b530ffd5a5e0e7ecff11b9cbae

SHA512
8e755214a72c2b70a34c15fdd55454c8037d80ab268621fcdb27e1b2ec4759552c5db3e4939281c19a6a8acda34239f4c17fb27531b2327a73e01d3aa8b60ad1

Download Submit
/data/data/com.yxxinglin.xzid135457/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
2fda92887ac9f2cdda2fb4c0c911957c

SHA1
305753fbb782116a7d79187ed4b21501d3798cc0

SHA256
b4f9ce20cb7b76e7faf089e4f87943c822f0d816dfe83787ef56b43160228452

SHA512
d3373d853cc317f2f2b9fcb3902aa6c0d95956df4323178eeb2edfb0f9515e21b29c8260d0e345b2c8481c0ab526f160d65b064d3fb236fdbbb4a67852c87e0b

Download Submit
/data/data/com.yxxinglin.xzid135457/files/exid.dat

Filesize
54B

MD5
8eca6f1cafc0b3b293d3d25476339bf8

SHA1
f0175a2a6c166ca6be7bfaf3a01e0073a28e765a

SHA256
cf0563c7683abbf91edcb5b3f5ed516c6c544d2f4e05534757730a157e802095

SHA512
76d0158b3d5861de62dd477f6421f0f60ae102752e43a45cbc26223d3d24a405db768562ed8c8c1fa661ef6634ab36763a961aec534c297dcfb8aa33f691c098

Download Submit
/data/data/com.yxxinglin.xzid135457/files/umeng_it.cache

Filesize
433B

MD5
bd6bb5ce450ff79c37d6b952f393f484

SHA1
f6a2f2759ba5fa672c9ef598f25492a12d56a434

SHA256
9ab169a09731129e4056abb40c9208c10b7bb9026fe186a8ef81524c9bb83c73

SHA512
61f37394cbc66f97da7e0b35af588e32cdd2a0150776ee3cbb9d536a28d25e0ba7207f90a423b4e8862a9f5e5f4c913f5de6dc7e620b5175fcc8d91a9a8723a4

Download Submit
/data/data/com.yxxinglin.xzid135457/lib-main/dso_deps

Filesize
156B

MD5
02132bde6c45d1172efc90457cfcfd44

SHA1
b040cad51ad4e24c4ccadf71e3659a82bef33439

SHA256
35e856d52a2f827a83b1b7e7d16b3ff67859a692056efd7c62c38aab79cde90f

SHA512
20db195e4a7daa31c54f086f0df78f4f3f770e04a538c2f4d23b687851dca24890a73425abbd688d87029024297caef495bb38aad55eebb4abb94d6ca48e54e8

Download Submit
/data/data/com.yxxinglin.xzid135457/lib-main/dso_manifest

Filesize
5B

MD5
c06857e9ea338f3f3a24bb78f8fbdf6f

SHA1
c5a0a2529d2deb60fec041b4fbd722a2ebe31702

SHA256
957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

SHA512
29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

Download Submit
/data/data/com.yxxinglin.xzid135457/lib-main/dso_state

Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/data/com.yxxinglin.xzid135457/lib-main/dso_state

Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
0dbc82e958a04d87b6ebf8ffe4da0791

SHA1
5985004dc7dcca5cb17abe8bc9a8778eff0c70c1

SHA256
cf937c09590977ed0573c87975dc247eee0d09cb8e2950f381bf431bf0aec1fb

SHA512
37dd612c9be323cb43076981a7d5776fa6f13e3ffb3c6264116280c4626832d55e64bec3e8e154f9d3925a0eb85bc937e7ba30d88aacb155d97f6fdb6a4f1602

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
05b21c8ddf3d6166e5c22644d311a1c7

SHA1
b171c750839110769b5de15a17f4b9e94e0fc88d

SHA256
4bacde89b6714842c4ad9616511f6880e4ec97b61d306e0ed9ce8a3653925827

SHA512
ea6809e9c7ee8eb9d469ab8aa2507a3cadb6a1e3ab6ebf1e0b10108bfc5ca86912d7617a168f11d94d9b9f5c5da8a7d20f257c8d407e202f48bf873e008fd87f

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
408B

MD5
a65d034a7d6e75a82235b436582f46e4

SHA1
a9eb6e0d2d3b90ebf50c987f3a2c6b9093eed659

SHA256
ff7fe0268bcde2fb41ed4111e671e57c41d579b2249af602df24ca5f25202393

SHA512
1dcfee398cfbf7053d370bac76ea9b2caf6b5720605af2c15e3efdd5c9a4d6b8c71466f54e3f9a0bcd9e17a487995e3e15d8a13026271538235e19a8fca53f2f

Download Submit
/storage/emulated/0/JXCP/aff/com.yxxinglin.xzid135457

Filesize
8B

MD5
4fa7e26102afc285def55883c283d885

SHA1
ce1709a188ef1213291453f4751e3c5c5d048301

SHA256
ec600619d127b4524746c2668a7e5bf700042643d25951f1e6feb99bac4a4423

SHA512
c0191d0e19a0ececfb137fc102a7ce92b1f3b9d65c6e8e21f45cb9e9527b17b6a6e0bf68ef0216b69c3e0795556de29ffd7944d3dacf847b2b5f0e2813a5d3a2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads