7f09d58adb4fc00b7f01d1475b8e5c67bf171a26c149be0763120fdbbe724d4f

Analysis

max time kernel
2349979s
max time network
158s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20-12-2023 02:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7f09d58adb4fc00b7f01d1475b8e5c67bf171a26c149be0763120fdbbe724d4f.apk
Size

12.2MB
MD5

44f54ec25dc6e3bd2092e1f453f0caa5
SHA1

4c2ad1f0106e0a96ee99f4b0705d027fd22437f1
SHA256

7f09d58adb4fc00b7f01d1475b8e5c67bf171a26c149be0763120fdbbe724d4f
SHA512

ca2ada33f523865d5ff0bb902bcaae150335e9bbd1b06c153fc9ccdf9d2325a1296fef5ed44665bb545e25a2370a5969fbe3d581f338d890e3f69168abf26686
SSDEEP

393216:AjigJLGNYWQCwHl5WHLnQCwHlQXIj3sGEw:6igBwvvwHKzvwHQ8cGJ

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 5 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/data/com.ujigu.tczhifazige/mix.dex	4248	com.ujigu.tczhifazige
/data/data/com.ujigu.tczhifazige/mix.dex	4319	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.ujigu.tczhifazige/mix.dex --output-vdex-fd=56 --oat-fd=58 --oat-location=/data/data/com.ujigu.tczhifazige/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.ujigu.tczhifazige/mix.dex	4248	com.ujigu.tczhifazige
/data/data/com.ujigu.tczhifazige/mix.dex	4498	com.ujigu.tczhifazige:pushcore
/data/data/com.ujigu.tczhifazige/mix.dex	4498	com.ujigu.tczhifazige:pushcore

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ujigu.tczhifazige

com.ujigu.tczhifazige
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4248
- sh -c getprop ro.yunos.version
  2⤵
  PID:4291
- getprop ro.yunos.version
  2⤵
  PID:4291
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.ujigu.tczhifazige/mix.dex --output-vdex-fd=56 --oat-fd=58 --oat-location=/data/data/com.ujigu.tczhifazige/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4319

com.ujigu.tczhifazige:pushcore
1⤵
PID:4356

com.ujigu.tczhifazige:pushcore
1⤵
- Loads dropped Dex/Jar
PID:4498
- sh -c getprop ro.yunos.version
  2⤵
  PID:4551
- getprop ro.yunos.version
  2⤵
  PID:4551
- ping -c 1 -w 3 www.baidu.com
  2⤵
  PID:4606

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ujigu.tczhifazige/app_config/config

Filesize
44B

MD5
631626e7defa42881e4c03a3f74a0aa4

SHA1
24b1babee9da49832fd69f46bbea529eded9a168

SHA256
e76fd71fb828f990bf66c3f75e020107c06afbe2284d4fdd98276ba1c6c8d62f

SHA512
f3194838f92c6a544263e63afdb1302b224dd7b2a0016e027de5f0350dee8491bbc7a57e5ea14cbda1dfdb789f0203ddc938cc01c62f16bd4edfd36f739622cb

Download Submit
/data/data/com.ujigu.tczhifazige/app_config/config

Filesize
58B

MD5
fa406b72ce40654859949f7e6d6ac046

SHA1
5a5aa7eac5b5688265a556654ed6ed991716a983

SHA256
ef975eef5ffd2047674fa6b3ffb291ea60e84289980fdeea6d4cd32087a98212

SHA512
7fa02085b5c8fb0751365f1bfca3f5ebb2d81216f103f164c855e54a2b367e22fd0b8c588dadcf25f9134c71be94a2a9efb538126b47137c8409a5bf4cb04af1

Download Submit
/data/data/com.ujigu.tczhifazige/app_config/config

Filesize
72B

MD5
69b51263ddda532a8d8a1bca22eaa8f8

SHA1
01c37aaec9a76b16be963c72ef4a55f588904ccc

SHA256
21841aca758f36734c71954f8b25d2c3db98e19a78df6b052fe76dac80d3cb74

SHA512
ccd11a025ee2426fd9cabc22706a347d3a9b6368bc12346e80d8839719099d115d3cabadc4b506561df07e47e3d6a91bce2490aaa9a93f54c70876f2967b166c

Download Submit
/data/data/com.ujigu.tczhifazige/app_config/config

Filesize
86B

MD5
4c75288b8db959f232c4e13b1b3cfe05

SHA1
e7d270469fa0af50217f82f7c0ad89090d41fe2b

SHA256
192d4964099ee44c394ee0eadb5cc22d1810cce9a97fd4bf1c9eeef1cd091ea4

SHA512
c1c14af04aedf6012fa3ee4d8a5a08dcf6849340dc116a1626a337ef9e367f357fcef3fd817737e466264da785b45bb58d442bc7c981fbfa738845e3ea346a77

Download Submit
/data/data/com.ujigu.tczhifazige/app_config/config

Filesize
107B

MD5
a4162a58b43ca82c3d1d56c8f672e4e6

SHA1
1c338b0a1aab61ae715eaacab46fd793b186f0b5

SHA256
1ada5b3f57cb8861db67b12337f2f92ffecfaf06e3496508427819f56fecc484

SHA512
0df62abad5e3d1f2fe647ae82f2ae8b6645c46775edd1d853f53aa12568cf33d312643f655bc0a82ee2e2973a8125752466af11cd0426d8306540078f247326c

Download Submit
/data/data/com.ujigu.tczhifazige/databases/bugly_db_legu

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.ujigu.tczhifazige/databases/bugly_db_legu-journal

Filesize
512B

MD5
9c106fe0a1745bbd5e1573b789bb8891

SHA1
88d85094c16329e5b0274145213bfd752a32e53a

SHA256
15ebb49bf948338e9749f22b0bfb1a6f011faafda7b32313092d9cccfe1df86e

SHA512
5c4ea6f83eb9beace43faa55f3b045c3daf6efe3a3592f58f423d854d3996fef759a7cae7e0faa8f51d4f613232efa1d69048f3bae163badf825d551507eba05

Download Submit
/data/data/com.ujigu.tczhifazige/databases/bugly_db_legu-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.ujigu.tczhifazige/databases/bugly_db_legu-wal

Filesize
148KB

MD5
fb12d0e32dc6b5576b8bde807b8ce32a

SHA1
e0a8085e04e477a4073f8a21df98064399911284

SHA256
4f01a241af30ca7042f3dee53128d6a419268240ecd605d02b044f4b627e0456

SHA512
792dcd05b3cc9f1bee6b044a6da1021b5c93d675ab239085fff5eedc9cd1d2cb35d7fb238c2f330ee949b35a8a6a106ab498287065e0e283d472160436bf4d86

Download Submit
/data/data/com.ujigu.tczhifazige/databases/bugly_db_legu-wal

Filesize
120KB

MD5
cbd860029f61071f49176291d51d5d9a

SHA1
1758037af00f7e3c146c4a46502005f748e31a86

SHA256
1bcd6a4bde61495470c793ae6ce0fc31d455e8b23f0026131a9052ff41fec5b4

SHA512
b86cf73dfe814cbdd2a0a05f6073f46c72b967daa617a912fa99acce781245448eb456d45c65b22c26b088c7d6665f0c072173e72c28b8cfd05a2360332dc0f1

Download Submit
/data/data/com.ujigu.tczhifazige/databases/bugly_db_legu-wal

Filesize
76KB

MD5
12630ac23514a7c13a8e1567c798ad42

SHA1
0775dd99e2a138a277fbccbbea67459d5570e685

SHA256
97b87f5064557de054cb77fd225c04255431958a7e2f4e1aec0f1d50dd3af35a

SHA512
974f991375b339b1010285d7c3fe5698de718d366d75b05eabb0065ad90890459dc1cc89bfa3fdb2f70f94f5c00f3073df23876a239b9eee8c312f1c885320ed

Download Submit
/data/data/com.ujigu.tczhifazige/databases/cc/cc.db

Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.ujigu.tczhifazige/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.ujigu.tczhifazige/databases/cc/cc.db-journal

Filesize
512B

MD5
dfd49a16f3757f88b46ea80f0a438865

SHA1
bcd59c45c938819b885d92fc8639783ad9b4e46f

SHA256
2c3e4b739f85a89962cadefb971b21ae1354a139fa1ead5a8c7111062b41f6be

SHA512
823aaecb2b10a20ede4d1e153c64fc6d781dd6497acfc427e5a0f3845f0a2df074c3994087e41b53c77f311b037b6b6c4dd73ca24c6b48132814e9c041a0a9ec

Download Submit
/data/data/com.ujigu.tczhifazige/databases/cc/cc.db-wal

Filesize
48KB

MD5
c8b4076cc321611d6d5b5509510632bc

SHA1
567bd24929a497efd40eb365c166d0c4a0639acf

SHA256
785632dc7d846006a25cd35d2a9856a919263572f8f003032dd48707491effba

SHA512
ac1ce49782138c839bc2cc11b3b030380c00137c5d0659c1aaaa63e376761ecd3a101ac21cbec335aed699ac9c51f624dd7be3200150354d1a708d6c48ede6ed

Download Submit
/data/data/com.ujigu.tczhifazige/databases/cc/cc.db-wal

Filesize
16KB

MD5
e9a84649cca834f70cd4f1b41deb546c

SHA1
a0d227775e46b28fdeccd8cf4bc3dd780bcf6c62

SHA256
49092b39e2ee0ec2688e7e5142c059aa728fee29a8d25f6f00e07d93dd189b5a

SHA512
d7c715ceb1cc47899f11fc915c0cc4a436815c05d2773ce78fe73e6d84218f613090d5e45143bd285e11dceaeffcd3d69bd43dd665be28bb72e42a91d6e7ca27

Download Submit
/data/data/com.ujigu.tczhifazige/databases/crash_log-journal

Filesize
512B

MD5
f277f6758e73491340077dc15eb22c1d

SHA1
231dd1c518a505c4bc60ec6e6b8f4a48151b771a

SHA256
00b72847a1e6d84885fed1c0262b60a8d4d9374eee5e29c0379a33e2ca0085f1

SHA512
3f2c5f17ddd2e68b1cdbd35670b7edd8e7cb81769e6bc5460f02bde699b3b7eaca2db6187d12de33841076895ddbb34b7899f89cae0dffeaa6d29983c4178a09

Download Submit
/data/data/com.ujigu.tczhifazige/databases/crash_log-wal

Filesize
32KB

MD5
0a146b7cdd53ad2175f295fe9a02f0cd

SHA1
a7dee51d06f838a45c8f67dac24737bf69e6b109

SHA256
7c7b8e27c7588be7c8a1059f6d1ef0c223e517ba7e6e61b7adef1d061d67569a

SHA512
e5ea6ea9689973c7f406b7594e0cf2ebf124d7d5db8eb71926fce9cdf39810ef9377f674b44c5e674ac5ea8c6a2c05dae991b0bac3967d6560fc69ade958bbb0

Download Submit
/data/data/com.ujigu.tczhifazige/databases/ua.db

Filesize
16KB

MD5
ca1f346f82929bd51d8027602e99131d

SHA1
699597965792b0f32479b35743d0978e8c79b792

SHA256
f2b780122f01d92e7f21f74679828777a4953dc5eef715c13bff9006e978f44b

SHA512
9c5c9d1a9c7225d2883ab90e1955e9a9997b2acf327a76fed0c5cbdd06f271f6e02036178a3a3daa1982cf369727baf4f9c6a57d9326905857b6d0ac0ba9af95

Download Submit
/data/data/com.ujigu.tczhifazige/databases/ua.db

Filesize
16KB

MD5
8c0a37cbedbf617d3fb45c4611a21e38

SHA1
111b1b771c5a4ea2058e28036c41c77a5cb96369

SHA256
4a9dd61146e04e4db76cdc16cc384e272103597d218360d5a79218a4def0bba3

SHA512
79e97e4a9847e9b2720f9b67a6f5e20fab5757dc553ae79567fed180ade06ca0b453df640f5d259289dd21db0ea9c0cb6fd5fa39e01e012bab2a52beb45c8e7a

Download Submit
/data/data/com.ujigu.tczhifazige/databases/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.ujigu.tczhifazige/databases/ua.db-journal

Filesize
512B

MD5
a96e7c7d79c371ac98b65aff028561fc

SHA1
1c5c2fec1367ef51a647291538eebce67b0703e2

SHA256
573963b1427a566fd4caed61169e6e3c6daa581b75c39e2a9d81817ca5fb322f

SHA512
f3903ef95e1252254056926d0c459fe274957d5da08ad0890c37ec6bfc3dc3b4b45c4741643e41c2b225ba16b0df590d4e1d61ab9c563cc466255ae75125786a

Download Submit
/data/data/com.ujigu.tczhifazige/databases/ua.db-wal

Filesize
44KB

MD5
db5d941ea7880bd136a136ee601fe620

SHA1
5cffda5186dfc2a8d0045385fe03d1770f1778fe

SHA256
262546222816bfca16df794f623d2b4fb5a626572ee8d6fad2266cdef40f93a7

SHA512
9f41cf4475950fce686e841fece9b7cf9c7d9d54b4add69ed2c72ae2e1de97a0251ee10ecb49351cc7025140a0db4059465fc0a2f130cfccdd855eb683c96dac

Download Submit
/data/data/com.ujigu.tczhifazige/databases/ua.db-wal

Filesize
4KB

MD5
bbfa2256bbee4ae3c8f11b85918fe40d

SHA1
567db9d1a92ee09b5ec9afa3a2682408a77d860a

SHA256
ebe21cc58eee65200a0e2ecf548f999a94563f81c6d81e73c8992e56452aaf8e

SHA512
1e0722d6287f698f903fa6a434ec79ac1624077f2a64188f86eb752f6d838bd668b4a321ae4225fe5197d2cebc8b3e06645fc1aaa64618e9df0fbac1cad5c0cc

Download Submit
/data/data/com.ujigu.tczhifazige/databases/ua.db-wal

Filesize
4KB

MD5
4c28541c32987dcf54f8add3bce3e6a2

SHA1
08eaaff0ee76b1df274100b39352cc775d5ca58b

SHA256
8cb17056386be36c7b3d88da4137261452cb88602fe11e2751a4cbe70aaed360

SHA512
08d40d4275da4946259987373ed541ad3b9b91c43c7b13c46ef7410fa3e9a0cde4ceeddf0690166eb193af37e0295b942837c13be132b3172afd36d95b63931d

Download Submit
/data/data/com.ujigu.tczhifazige/databases/ua.db-wal

Filesize
8KB

MD5
c2398e0878bfdf30158975e0564f9b1c

SHA1
2590c92448b3220c6c137e09ff1f9fdf8b81874a

SHA256
16ae9da3cb722070c86c6abed57dd4d7bb467ad472ab334819fc38ed44dcce27

SHA512
c3697c30ef0477d57073b49b2dd8ae3419577cc507b65b34bd8ae84e9fb22589090d083aceaac52f22eaff38c9823d83de0b4f97ce6dc69ce83ad06f5ba61c1d

Download Submit
/data/data/com.ujigu.tczhifazige/files/.um/um_cache_1703157021635.env

Filesize
1KB

MD5
0d18b72192697b1ece2e86bc296ce09d

SHA1
cbc805f62cba622664fefbf37ba5d14e9d9a7808

SHA256
c1fdbb75d76436496407cd2e6bcc8e62a37af082333a7faa27d6763fce3c1573

SHA512
ced1364c5a93b542aa660ab557966e09ea577862059e4ba574dcdcc77f60d199efb940cef0d725deec8306a744603e38d5bb951e80ce4d641fd23d3591a7188f

Download Submit
/data/data/com.ujigu.tczhifazige/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
31fa452fd7e577df093db987a1b11b6f

SHA1
f6fcd2d8c79449302e57fad2a15d4d824065438d

SHA256
ee60427ed8c8b0c606278a6ccadc9fbcdb17b5ccc49baa7d726a1b8628e46145

SHA512
e48572f8b08c441eed853c079eaf6f7c4eddea9bf11036dac3f6db349517d4c56aeb8254409f8d235b1e9e9724af38a73b76e51b5a19b4c041f8424de3e6b440

Download Submit
/data/data/com.ujigu.tczhifazige/files/exid.dat

Filesize
55B

MD5
8c263ecdee6a4e03e70882e41296f5ab

SHA1
4f456c37b4192a330a7dc9896be699bfd0be6c2d

SHA256
70905dd5b332786dc9e148045042947a7201bf56ddb0f7c50927c5cade73c08d

SHA512
4a1dc435ffe7e2ea8c162c467ae8aef5960448b69642e2ded2ee035865cc6016fa12f95b91dcf592178926acfcb7b88f439ff85e03f6f651a3a5fe502cce0421

Download Submit
/data/data/com.ujigu.tczhifazige/files/jpush_stat_cache.json

Filesize
130B

MD5
7dd022e802778b513defc06a4fdef293

SHA1
e3b001cf52c797ce9f4d681d35c029bd144473f6

SHA256
4bfc2bf6edc04ebd3779cf994afcda33799101536ecc465335012f15bfd8fb31

SHA512
c27a0a1d713f6f8b72e386dbf9df4a2ac87cf2a771bd498f0562d6a1ad50b736a3be709a3d9d2e4f33583673c1c569f8e03d22b5870993368c8eaeb5c2b99d63

Download Submit
/data/data/com.ujigu.tczhifazige/files/umeng_it.cache

Filesize
413B

MD5
fb738ccf38a45b4c040569a920f95493

SHA1
da6d53ebff4ddf9b1ea9b3fad261b79b12d09e95

SHA256
0d779e38b1a91f13004062cc7181935575de4b93eea4d80065f1373c2b224d57

SHA512
a14073f0531570aaaae5f3ec533ae5b41ec0cfcab8e07b9b4b4f3cdd53d1ad345d1e4ed24ed038916f1236d47f024ef639a165abc347b7a9252db9b128915db3

Download Submit
/data/data/com.ujigu.tczhifazige/mix.dex

Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
32B

MD5
89573e43536b7416522b4dd33edacd9f

SHA1
cae0afb114385c1c2ae39a16cb1bcdc33cff74de

SHA256
ab4a942054dfbe51458ddeb46590ad050cddc6922a66859c2587d69f945303f6

SHA512
c7943ee5f4b7d3b8a85e0697bc72a432b1c879dbe3a2515fcc42dababd28e5729ab4ae454850f73055d116e0ace1cec6d29da8a6c54195ea5f6dfc9fc180e284

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads