7cb9b252bb5cb992477ba5755d5be902ce0d601cd6f4ced093e956c511e9a610

Analysis

max time kernel
2297156s
max time network
147s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
20-12-2023 02:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7cb9b252bb5cb992477ba5755d5be902ce0d601cd6f4ced093e956c511e9a610.apk
Size

3.4MB
MD5

ed52e930604fb654566fbba2ed5ed9f3
SHA1

5a71c7c70d25338b6298eb007f45dfa647d741ec
SHA256

7cb9b252bb5cb992477ba5755d5be902ce0d601cd6f4ced093e956c511e9a610
SHA512

b25d72e9598a987c47d83c30d18be05c1131b54141dd15879a84a05033e742e6c0b9629a4d1aeaaee0d17cb4fc661ade161bf5510838f40a855a3dec439239e4
SSDEEP

49152:MvJZog1euGlJyjB9QkEaUcnj8hgjFmXMOjycys8F6fuRmg8f8R+UV32mvg+DHn:oog1uJI3EW8h8Fm5wsy6nf7o3P9

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.fansapk.rootex/app_e_qq_com_plugin/gdt_plugin.jar	4917	com.fansapk.rootex

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.fansapk.rootex

com.fansapk.rootex
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4917

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.fansapk.rootex/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
420KB

MD5
f0ee7f7dd1ef4e5cd436ed6e1c609e5a

SHA1
7d112abb7896294b075721b0200f0812ed65a418

SHA256
0906bca7332f10d1bdc98b04eb5ad9de2af5da0590b5615aa5f66852b78d9369

SHA512
5912538f74fcbe24bba5e3eef2804fd160ccd002bf144e30dd910c9d52d6a3e2dc172a3baa1f6d64ed93346a9b1d4760ae17ec6d1c7c8a4de8cb9264b82bf2be

Download Submit
/data/data/com.fansapk.rootex/app_e_qq_com_plugin/gdt_plugin.jar.sig

Filesize
180B

MD5
f2bbab793b52792b316596ceca701a06

SHA1
3d75c7168bd20f6fcc6a1c94ed795d13083237a1

SHA256
af3a3f4fb158ba74777c74e5410dd3385487c69197bdd9105339ea62b9c4dc3b

SHA512
21c10c125e1d20ec532df3645eb4e83e77a5e11c7e5b2ddff127ac781f77d6cad435ff5827d3fa82f94ab484b07ace876ac8e22eb224f2768fdc56dcea7334df

Download Submit
/data/data/com.fansapk.rootex/app_e_qq_com_plugin/update_lc

Filesize
4B

MD5
dce7c4174ce9323904a934a486c41288

SHA1
e117797422d35ce52f036963c7e9603e9955b5c7

SHA256
0c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f

SHA512
d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143

Download Submit
/data/data/com.fansapk.rootex/databases/cc/cc.db

Filesize
36KB

MD5
0908e924aa236931dc7166fef6e00862

SHA1
7782648d6d8f6e835bd47058d4852932c096a467

SHA256
38f8548795ca7470b449dd1de9598c07a247ba59883c0764c9c96ff0b7d31d7f

SHA512
3c16fbc5172aed04cd206e776c46d26e911732c6e3631536410a71f1d217449475727ac9b3175e827c5ce645a1da9e05900258ee6ca27c936a9060f241361dee

Download Submit
/data/data/com.fansapk.rootex/databases/cc/cc.db-journal

Filesize
512B

MD5
65e3969875aac578c553dbfcdfcff936

SHA1
e82678ce9965a761ba346335e930f343185dacd7

SHA256
485b8f97494f427cb2b194441b4f93c89abceabd6b3ed69db437dac03896d1fb

SHA512
8749d1f5de12d7d556abd92d3a3126e42ca9b96f2b3fc81a112f0a0b6c8ce5da68541d0e372f1c54bce8c09481670c4d833c28f655bb01cceacee81d4a6823af

Download Submit
/data/data/com.fansapk.rootex/databases/cc/cc.db-journal

Filesize
8KB

MD5
541e94a7ea60b5354d351b582d2c63e4

SHA1
219ca2dcf5265f39c9c98443fdb0d84c101b4280

SHA256
c9c493a0c6617927b72226de1ccd23b38f65df61d395c1f7b9cd3b01e4dd0d3f

SHA512
ade5845907caebf9471d5f46db9473f5235120cbf08869fb7f88d2c1b0c57c173390adb09ef45ab6e38ace8a4d34efab2597a5b9737aaefbf61272118d092939

Download Submit
/data/data/com.fansapk.rootex/databases/cc/cc.db-journal

Filesize
8KB

MD5
add8caf1506e532cfa1e4193a8e4a0e8

SHA1
35abdbf946082057b8673924fe450a43aa94ced8

SHA256
188c6ba7b9276b240b7ccc96609a8ad2a2975125d10f20821311c0dd0392c03a

SHA512
528724050614f2bcbc389a4f58ee3adc95eac4bac93dde4a4c85137acca3af081cc782dc19cf265202d161964d2bff73651d5aefd89b9a4b095d74b3e3f1971e

Download Submit
/data/data/com.fansapk.rootex/databases/ua.db

Filesize
16KB

MD5
a5ad7f60181ee188d957e6d65b6189ec

SHA1
d5d95b478022230d2297afac57a2c89366412a9e

SHA256
194f9b8b2050d7bf4851ff9b1cb20560eb63b5b1c471246093af234ef1d4e37d

SHA512
8aa02c9bf0185346216a6cd53e81f67571bc3e45e7798ff0ece2b44d9f018a900eb5893cb18949208fa96db3fae0e5e59b15928dd7da492f205ec795d1840808

Download Submit
/data/data/com.fansapk.rootex/databases/ua.db

Filesize
16KB

MD5
138b02fa4d613f4408474868c7d868a4

SHA1
c8398e3c03f7f77c7db1f948b6dd012081e1099d

SHA256
3354873f4a1b1569d22898e4ed328b804529a522d5c54148d30929007b01f91c

SHA512
64a9ceaf72f8687414a491c6d37098033debe3aa24d6d4de2c85487c22c44da2b83b7ba8247ac29600972081832c2d272e6641b1af06f0b108851d8816332d58

Download Submit
/data/data/com.fansapk.rootex/databases/ua.db

Filesize
32KB

MD5
209e023e536be025a0ab85747abf72d9

SHA1
876fca64cdeb5fcd7495a8079c96c9ae0e95fdc9

SHA256
cb4b2d6d4c6812e0260fc05b29de7e0e4723fd9986278fba0c557a831ba6083a

SHA512
fd843fe75ae20066eb1607c4da67031ef644ef6fd1defaf14f0fa7b3c428be4d6b8faad79833e6b21c846019cbb4e9952b2f31e2b1ec3b766ecf93c587e789f6

Download Submit
/data/data/com.fansapk.rootex/databases/ua.db-journal

Filesize
8KB

MD5
c7b9c6e53c7e81e4cdc2e88636c8ba7d

SHA1
ea0a0a762c5978f13ee0c7d18c66489e8977ac2d

SHA256
d1722e81020b3446b78c9fbf4c985bd9f505d6be1ab034437227e0f892296703

SHA512
d6114a0e140881f8fece4b049662c43750c203aeb8e736cbbd84de129ddd5a2ac7a02da6428d1e1ec44e03ce655662f9d7a94a5e3da447dc6d614ab00bb5f86a

Download Submit
/data/data/com.fansapk.rootex/databases/ua.db-journal

Filesize
16KB

MD5
d6b08371db96e51e8330c1e784141eb5

SHA1
29b24a46e2bb3e08b574b661c7b32b079107825f

SHA256
59d93782f83fd293be3b5379a7fa2ed3dd8f5a3fabaa7cd83cd7459cc4d91280

SHA512
b4dc99e74b3cee6a5d9c859c7c4afae3c2c60a3333a92a9350eb49f97b0dfbe9d75d9494983285076109dc5270144498ad5d2efebcb500b1bbb2ceea42f52bbc

Download Submit
/data/data/com.fansapk.rootex/databases/ua.db-journal

Filesize
8KB

MD5
b7e617101d9cacce7fe9060b153881e0

SHA1
96d622e184d3ac12f4825bd2feee61f52a202b35

SHA256
43dbcbc9c6b212c595a070d1f294f0f49906bcc0926611133a33a890bfbb71ba

SHA512
af016a85dc458ff2d0fdb5218caf255443e09f8eb8414e8eafb323aed16f2397f6261c02f4ed721a08197a629d7b0007f9606dea3b0723216b7d5f98da5879a3

Download Submit
/data/data/com.fansapk.rootex/databases/ua.db-journal

Filesize
8KB

MD5
214cad4c7011f223cba48d22760fc4b9

SHA1
8eee18e2f56ce4bda54f2099c8811b2ea87650e9

SHA256
59a5a066f9a1aadce84fff3b36ee1e0ad0b72cece26a747a120ef14a8cfc3176

SHA512
6d92fd61d115b56636f884f52db7269630a91762ab9fb937e8e752f3af34269a6a5172a1ba43e9a1dcb578edfd772659dd389ede820ab819a6bae10bd3f6493a

Download Submit
/data/data/com.fansapk.rootex/databases/ua.db-journal

Filesize
512B

MD5
a329f70f039dd53d6975c1e1860cc921

SHA1
831766a63658bcd06b8e49724f17a95b679452bc

SHA256
2c004d9578e5eb1596eee355baa7ef00152dce7ab614739b98d1c2c5e7833b87

SHA512
9c24cc53f51fb98294bff8eab7ee7cb57cc4ad5cccda774cffdefb192140262483424d202462f946d5586cb8aa4a447195478d3a2efc935a1324dc95a6455396

Download Submit
/data/data/com.fansapk.rootex/databases/ua.db-journal

Filesize
8KB

MD5
cd2c0870f41dd2a2c616287880a5fa6a

SHA1
5135a22f25018853bb8a86585f4fa1cf58ae71b6

SHA256
fdbbbc5065713f065d790dfa812b7d6cd2a5402fedaf2d44e2dec2fe23979d11

SHA512
03bb832b6bdbe61ca51decf5607918b430e3713cf59e191246792259c3c4a41261d6cae081b09f8516b04a464f4a4b6b828795936eafe1192f7ca6f185e48d84

Download Submit
/data/data/com.fansapk.rootex/files/.um/um_cache_1703104205769.env

Filesize
1KB

MD5
b5f3d5545f5d76851e46b0752cfa342e

SHA1
39330eb55a122595e6da689f9b5c6e0f87867d31

SHA256
90140212e650db5e5e2b66d09c241ca25697ab04c3f84a8ecafb020c045dc41c

SHA512
e4f3bfdda9672b6d02bbd998f85b56125bd1e0480e3731e8ddc2f04abf5034ce4cae7c7d0762f5d090585ca5a0e407528ecba55e0202ba0554c630b3d315616e

Download Submit
/data/data/com.fansapk.rootex/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
1ee9262b78ced746af311ac030ae8ef7

SHA1
26bc6ae9cf86456b6e0f5706d0f85051cd5838a9

SHA256
67d1d76eea5e1a28ebaf2fc02d7a9325daf1cdcfddca15813005b8a45ec35b9f

SHA512
87afc313492aa05a8559757b10f72e6931bad76add7957114b5b52bd811d01c1f41df555a7ee7597c3489ca6263eff883d5ac1cd3599d43942ee1950f961157a

Download Submit
/data/data/com.fansapk.rootex/files/exid.dat

Filesize
53B

MD5
b5a7c586ffc5d27bd9e0ec35be133860

SHA1
494da944a73b4da3aa54c965d910c5017dc52e52

SHA256
7a7c642972bb440f24f67ed83e0f5b86bf87817f796add89e37f3cd9e13a2567

SHA512
5702a949c00dce4f2f0ea8cc179e44ac37db64193a6c7778a4c7ff231eb4bf98e545f8388b8fcbb1a295dde75cacd3f44597c1eb50ee1f8e8e361a997f8cb52e

Download Submit
/data/data/com.fansapk.rootex/files/umeng_it.cache

Filesize
350B

MD5
93bc63e6594169cf9608144dec6443d0

SHA1
5e1571535baeb2a4d2d06371746a4a82c6ae341b

SHA256
7c77dc1fa1186b122094f8e4bb225a0ad33ab8e5bd6b677eb2fb7bf64987e3c7

SHA512
e93ae29945e1e9be4dbf43cc0a942e8fc121e1e770313c8a103768f367860da905f135101af5c6463ff4c86192af37ae733072ea7907658617b88d096e4cfd9e

Download Submit
/data/user/0/com.fansapk.rootex/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
699KB

MD5
b9a0d3d374f7a4cfc9b108125bb7a89a

SHA1
60d1a70cd347d47cc8058bec6783b1629021f93a

SHA256
63e945fe1c16cf0d8e9310e31097eedf98f5345d5a6560420d774556c92bfe41

SHA512
1406d7af32687fe35b0530b545c883ef7f7ffa27eb44e924eafbfaf92fced08e7c9820458ad591cd4f4979a3a9665db4821b5bd9477f21471239e43b02fcfdfe

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads