Overview

overview

8

Static

static

6

845bd07fee...f5.apk

android-9-x86

8

Analysis

  • max time kernel
    2431612s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20-12-2023 04:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    845bd07fee6e4f6c3e0c2a25227ac29d1cec35296226477e2ca3b7470c0ad2f5.apk

  • Size

    9.6MB

  • MD5

    46eb3c8830253f67a3af52b6373d7398

  • SHA1

    818c0f830783799dc3ea0d3dca8f2a98d0cbd6ab

  • SHA256

    845bd07fee6e4f6c3e0c2a25227ac29d1cec35296226477e2ca3b7470c0ad2f5

  • SHA512

    49f50026691ec4af9e16972fd9129dd7cd4c9851254b1e21b35fa2ad85d9f7a2215d058cdbbca2a7631a212b0b1d4cb97e7d9302e8ac0e78e5075d239f5bf0cb

  • SSDEEP

    196608:2Zq/qV4qlr7PzHRADGEO/H3/p71si9qk/xgQZ8UOWWv7hhJqA9G4MogsikWz:2Zw18jRaaPpGi9jOdTh6AI4d4

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.thran.zhbwz
    1⤵
    • Requests cell location
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4269

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.thran.zhbwz/databases/ThranSDKUP
    Filesize

    20KB

    MD5

    7a719542fbaf9335b43e2c2daecbc9b1

    SHA1

    dab65a51c24b48a79fe907e9b1c2bee9310a52c3

    SHA256

    60a2a8354eb241345725c6468c4287325db13b863fbb6fb005e2f245c75f2796

    SHA512

    78209de22d9f7ec02ae087eb37248b8a96ed072ba96a7c46b053c03738013c8b149063583f56055805f3bca0582928216eff478f89dbbcee965cd1647008e88e

    Download Submit

  • /data/data/com.thran.zhbwz/databases/ThranSDKUP-journal
    Filesize

    512B

    MD5

    c7e39b676964dc673eb321c75d5a6ed0

    SHA1

    f9182848a1af84c883a25caa2b5d02073840125b

    SHA256

    34c0c7d380c664883f3de664e77ef4c1db690a4a7482ff216e71c6c068aa2214

    SHA512

    6f3101f33f27125cf6e8b8522cd40c292a57755f80a5f7d5e086985f0db017545203f5d6800760c3924baed40aeca61b3720566696e5055e717733c2e73d6b14

    Download Submit

  • /data/data/com.thran.zhbwz/databases/ThranSDKUP-wal
    Filesize

    32KB

    MD5

    9df8e7d469ef34367fe6376c6a327e48

    SHA1

    1babf966e17d11d4affa0dff44e67361aef0b4a4

    SHA256

    0536f42c073f083c4b90d19db8863abdfe0155bed2cf279ea958ab64755d7bbc

    SHA512

    10afea15d893a263e47ba4680af39204c0d78dfc254c49caced5dc7863bb245c12a6df9b9fc9f92ef746c97e6fb5fe9420bb2b7093fb0fb228dcdedd1c36d6c3

    Download Submit

  • /data/data/com.thran.zhbwz/databases/ThranSDKUP-wal
    Filesize

    8KB

    MD5

    4f1351419b687f29da16fc68db5434bd

    SHA1

    4e23ff9bd5f3b6852e8a4cb86abc019e5bc3d81a

    SHA256

    0cc2ef0704cef2610d6d54a8c6db01a455b7a222cea64ffc9e8d77f3bacbfb07

    SHA512

    3a7817dc81abdcd2dc350f1be7bbb4d8aec25e220e7724196529e6737b038951d53524de189aa4e199e8c9cb91a8d2b63c870416a4a1c2ed6b9dc8fdfc44225b

    Download Submit

  • /data/data/com.thran.zhbwz/databases/__hq_recorder_
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.thran.zhbwz/databases/__hq_recorder_-journal
    Filesize

    512B

    MD5

    53199fbb69595e513944e6af1f43bd30

    SHA1

    e94881d688a70c56e043b5f2e123199690bff697

    SHA256

    661e7339daeccdd988ea99a73cf81c3c89f16a408564f2f46114a3e0c00ff079

    SHA512

    6c2899fa50a6bf68fd1933108056d4ec6d72f15b756f72c013c906c24ab2996fb2cddb68916be9e20632741b0b6453e447e0cb7ea645d6f057b23b07e1f229ac

    Download Submit

  • /data/data/com.thran.zhbwz/databases/__hq_recorder_-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.thran.zhbwz/databases/__hq_recorder_-wal
    Filesize

    36KB

    MD5

    16089d0a157818537247f8c0be0ba74d

    SHA1

    ea36aa3d32fdae1223e328326e41ba6061020d01

    SHA256

    a48d0f58ca69bb6d1cf89b5514dd52eb473b270ecf58543b9076cf8668bf787b

    SHA512

    9c400e8338e734d56122f9014add586082f1a0c4056e8effb7042c1fc5026b22d2c4a2049d92f46d5813ba51f336fc0a10ab7480187f162ccdebab325cd3ff8b

    Download Submit

  • /data/data/com.thran.zhbwz/databases/dataeye_database_C84128344884F66C83B91FDC4163C15C.db
    Filesize

    24KB

    MD5

    6448fc6bf56326605da6868ddafd1183

    SHA1

    40f16cc595404767c130de3172d468092b12a64b

    SHA256

    a366991ac0e4b86c1d93aa9804e263ca69e264bacaabe41392fa65c09e664fc4

    SHA512

    7776431597fc2e5a4e921a26660b9669ee1b8e501bfd6996a705b1fd8715092529a65300200c8bb657c5637fb69272ccd3d64eca5224eb7b7a799a6cf65405e6

    Download Submit

  • /data/data/com.thran.zhbwz/databases/dataeye_database_C84128344884F66C83B91FDC4163C15C.db
    Filesize

    32KB

    MD5

    d2fcaabbdf50b950a80c27ddba30bab3

    SHA1

    4eba735389d6f9e645669d164372932f89536e50

    SHA256

    b3460ca49e56f61845ec361e926d6a23ac5b0b3c4553bff86ab4ce9cf6b69ba0

    SHA512

    5cbf8474e08f7234c0be3d7c423fcea75944222070058db20988ca9dc1566316db9f99f8a040e14abb4bd7bf02f102aca0acbe865601b5042aee332851bd4a0c

    Download Submit

  • /data/data/com.thran.zhbwz/databases/dataeye_database_C84128344884F66C83B91FDC4163C15C.db
    Filesize

    20KB

    MD5

    398b438db6c23742ce9c021f4ea55a75

    SHA1

    b14d9a12b98ebd76e4ab2ac66892e916a4b83243

    SHA256

    f9ba2eca3df25f33f32a9bd54393956a78796da579567cc058071105b07729af

    SHA512

    e0a704d988a021bbe8b54d82252b5616b7086c9d8bf0e5c7e6a496ccc43ecb286ebc0458be79432aa56fa63899b4d8bd3563f17209004db6f0b59c15b25fcefa

    Download Submit

  • /data/data/com.thran.zhbwz/databases/dataeye_database_C84128344884F66C83B91FDC4163C15C.db
    Filesize

    20KB

    MD5

    b4bfad4a9052b5e2bd8c5afc4e23e786

    SHA1

    8846e74eaa674e5628162c8a16458207bda72cdd

    SHA256

    edc2a1c891b54b5564e48732e9a53fd54a06936d75e8e2e7abc5f8e9e79987df

    SHA512

    994675cecd5d393b0a58f29b5afbb59d761b703866d08cd69ff3e0c44fd521f70a71d6001d17962daed7fc4ed88f42461d79a3b532162c5b93110140be8a738b

    Download Submit

  • /data/data/com.thran.zhbwz/databases/dataeye_database_C84128344884F66C83B91FDC4163C15C.db-journal
    Filesize

    512B

    MD5

    9ac1c8ecdd1ce56b0ba20a583e27442d

    SHA1

    a24a069ab3e8b57fe16687b413ea853ed4dd0027

    SHA256

    dc83d0fa096bfe6f72aa973588e6b2bd70b624f02080ab2603fb81aa42afb900

    SHA512

    097c53e435a60d4fe6f8ccc22bc3dc152587fa90bb589f7ba3d8d1b3c445675235a4fc380775d7bfdce4339f4f7dc0fbd2c27e93f6f008cd81d294aca0527eb1

    Download Submit

  • /data/data/com.thran.zhbwz/databases/dataeye_database_C84128344884F66C83B91FDC4163C15C.db-wal
    Filesize

    8KB

    MD5

    589398407fef0d02abf14832421a02e0

    SHA1

    f34a21e9907ee60c4bd3d001ce957101f06058f1

    SHA256

    b335d70f8591f298666161b22acee2fab2101b80f40451a7d8054a82ad129274

    SHA512

    3e8e1b707f8e60d49dbabf2cd5d0e4f6dbf874980c4bc0337730ec726944d919a03a0d91f6bdb435ae55a669ce283bc5abd9f6623de5b5936c09af9e1446bdd6

    Download Submit

  • /data/data/com.thran.zhbwz/databases/dataeye_database_C84128344884F66C83B91FDC4163C15C.db-wal
    Filesize

    24KB

    MD5

    90a6ca9cc6eb3473d655c309347ed64b

    SHA1

    c5c3e39769fdfcd75fe5d51900389267ddf8170a

    SHA256

    48cf38af15dad04f8c9bb7dce75d879b25e72c3d7975088dc30fa58c268b3981

    SHA512

    7871160cd2f7de107aadedd05208cbd42551f627f3f01eea65b331cf1d9647e411a8681ac02cdc57285b361263792d394f47fd6b21869d4aa46a7598cdd8ca55

    Download Submit

  • /data/data/com.thran.zhbwz/databases/dataeye_database_C84128344884F66C83B91FDC4163C15C.db-wal
    Filesize

    8KB

    MD5

    568e5a5006bcd0b33d7bbf4dbdbd4d79

    SHA1

    ff6bc4001b8491f4e2b0bf4de0f06cb335a502b8

    SHA256

    a3b4ddcd39f56b709a15199f80d733e20316d6a21620f64b45fe5a072c268efa

    SHA512

    c1f2a72df58781a67ebb124b7a9696a4148b3c67e32b07ad3334d96c6db7b112801d1cdde5bf2e7a23c843bb91ce44d27e1022eb78a43e72d38ea90140938405

    Download Submit

  • /data/data/com.thran.zhbwz/databases/dataeye_database_C84128344884F66C83B91FDC4163C15C.db-wal
    Filesize

    8KB

    MD5

    10ff5cbc327d2d18d6ccae3784d9fc91

    SHA1

    9d8fc29a45989a0cae824a9101d08f40a23d2ebe

    SHA256

    5b0d9529d383fc39d3935a1d0a42ba97e25749d915421ebae27cb5e165ab4f28

    SHA512

    1ce31a2c400f5d7453421872a6397b86945ccdbd7b20f1e3caa263e610a70c1ff450f1a61aebb1080caecf825250ef481434ca4eb0f7754f1e14155cbc9ef9eb

    Download Submit

  • /data/data/com.thran.zhbwz/databases/dataeye_database_C84128344884F66C83B91FDC4163C15C.db-wal
    Filesize

    8KB

    MD5

    2033501339faef0b1199a084a14f3249

    SHA1

    3f76c3566bf25dab189275f5340c8f36a51e1988

    SHA256

    94ba247e1448e74867215c2aa1b04b3b3be0587bd1b127d3951998372c6eb99a

    SHA512

    c13b71b4715a038256f1168527a3c5dadb0f1d544e278e62fb97e0c0782eb3da970d3a6bf78aed7b624a99856e8d961a71361e4328a0c88e3a69d399faf10569

    Download Submit

  • /data/data/com.thran.zhbwz/databases/dataeye_database_C84128344884F66C83B91FDC4163C15C.db-wal
    Filesize

    36KB

    MD5

    587b43073e010ba65b910ca42fa6e9da

    SHA1

    977f12c4140219a43b1cb8788bc52eb054fdd77e

    SHA256

    707d5d6ac8edc0e2ed173a704ad1bbdd2e34a98b7ebbff3ca041f8500e695a7e

    SHA512

    958d0db0a96ff0f6310b3caea04654ac8a18cddc67d11f0d6e03e88feb1410edd29d1a822760f94f6797be136c2decc0949a4567371830d60b9e931a7b3bf6a0

    Download Submit

  • /data/data/com.thran.zhbwz/files/.um/um_cache_1703238591742.env
    Filesize

    601B

    MD5

    5a7b72636220120fc8fd43973ed229b8

    SHA1

    734a4124653f532e4626dbcd6e4558f73270b419

    SHA256

    e7436f353222fe77c20c5efee5d4c739e0670a85c29878df89186beadccc02b7

    SHA512

    d31615c08b1960648fe1e4f2a051cfba526497850ec2452ebebfae665f12d7ad82ba0ecfea0ce06bb089606fbe696f2eb77ca3a8cb21c64098c0bb283960472a

    Download Submit

  • /data/data/com.thran.zhbwz/files/umeng_it.cache
    Filesize

    310B

    MD5

    bb54436379e4f6f85a63c01e278089bb

    SHA1

    1569c210a28523a3773ec600544623a5184e0366

    SHA256

    6efc033251b4169a9da5952738be361e956d261359ce2a0e68be61cf0800bc24

    SHA512

    967debfe5882779419f1194473c814a01a6a80b7ba093d60c4015b86ab73c1015b7d8946621b64d578ae782e06d4abdae8319d9934e0be8690227b320c3571b9

    Download Submit

  • /storage/emulated/0/.SystemService/C84128344884F66C83B91FDC4163C15C/uid
    Filesize

    34B

    MD5

    9271895893dbdadd1f054640b625ae37

    SHA1

    f0263a846f1f17cdb8efa6fe1e43c43a6c90c539

    SHA256

    95985bf9f84e7e59f7fa0ada1b6e53f87cbd42349f2a2ff8aa1f6f294bd83eab

    SHA512

    d10e039d9089dad3a4f5a694584b677ef8d84dfe6898597cf3e24b32b6e62c9f99dab18a1f4b5fab59f7ba8e8ee03be3bbcb2c0d642ae6d8e3c67e74e7388975

    Download Submit