83b2a4aa437c5b2de7d0d61b42ef21da3f30d55d15532519cea2c24e832cfe82

Analysis

max time kernel
2418384s
max time network
136s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20/12/2023, 04:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

83b2a4aa437c5b2de7d0d61b42ef21da3f30d55d15532519cea2c24e832cfe82.apk
Size

6.9MB
MD5

a26ec3df7632d004d2e1ce162c89f1e2
SHA1

594c85dd0856d293043bd4fd92277ad628a5fdd6
SHA256

83b2a4aa437c5b2de7d0d61b42ef21da3f30d55d15532519cea2c24e832cfe82
SHA512

d783790502fd0cb0fbcd0fd055c4d81f61458ab7e91c235a3f2dabe8db8980778ff333330c3ed6f4d9144b0e8c323220bc309f40da3104c0427fb5320110cf49
SSDEEP

196608:lJ5Vpm37Gk8DU8VNYMjUaVnKmnAXr5BCZBv2Ub6kf:BVQ37MlVNDnnnCjYBu26q

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.android.motherlovestreet/app_push_lib/plugin-deploy.jar	4279	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.android.motherlovestreet/app_push_lib/plugin-deploy.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.android.motherlovestreet/app_push_lib/oat/x86/plugin-deploy.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.android.motherlovestreet/app_push_lib/plugin-deploy.jar	4249	com.android.motherlovestreet
/data/user/0/com.android.motherlovestreet/app_push_lib/plugin-deploy.jar	4308	com.android.motherlovestreet:bdservice_v1

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.android.motherlovestreet:bdservice_v1
Framework API call	javax.crypto.Cipher.doFinal	com.android.motherlovestreet

com.android.motherlovestreet
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4249
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.android.motherlovestreet/app_push_lib/plugin-deploy.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.android.motherlovestreet/app_push_lib/oat/x86/plugin-deploy.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4279

com.android.motherlovestreet:bdservice_v1
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.android.motherlovestreet/app_push_lib/plugin-deploy.jar

Filesize
213KB

MD5
e70723b8f6c4c7c09a6019733022cf53

SHA1
e3ca32166c65e4dc73c21347ab22d54a7b5a9a83

SHA256
32d35cd80b0302e3fcdd7349b4ff9a7b689ce080435109607ff79a834ff710d5

SHA512
461c0499193c5ef5aa4e2e5d358031e7d28c98c8e1e38d22b710271bf3b561c28232bfaadbc2c275357e31b7b0ad6bca798008328ac3cff3701c1c9cca2ddddd

Download Submit
/data/data/com.android.motherlovestreet/app_push_lib/plugin-deploy.key

Filesize
174B

MD5
1ea8459a688352c3573a8e80727c2644

SHA1
9b47864e96eed98798a6da2b8860c8f8a68f089e

SHA256
be2c0f9e472138a78d35f29013fc43dfeae991806dfebbc5be5c8dc86b8a1093

SHA512
99a26c03e760fdac91546a47e18e58851996b7e38e93812a6be23f1eee64370323ac492c4c224bd419d91566356fcb8eca3989ff4f2ce41db3d16301fa9dd75f

Download Submit
/data/user/0/com.android.motherlovestreet/app_push_lib/plugin-deploy.jar

Filesize
530KB

MD5
5597a541eabd3fb792c581587550dc4a

SHA1
6500b0ff20c75717e1cb67dcee76b4641a4e8a35

SHA256
473b02216f8d2b5ffb26571e51ff322e3ce04ba45418408452bea103576ee8e2

SHA512
39b4acd82f67f11140cd1b0b4291e656a4a46ba63064509977f3f1de24a931dce83964f031e16ccab95cf0540ac5f613ca87d7665ce99f1c1ee4a0778e2c19e2

Download Submit
/data/user/0/com.android.motherlovestreet/app_push_lib/plugin-deploy.jar

Filesize
530KB

MD5
bdfa71feb08b80b649fddcd7488b03b4

SHA1
bcacf11199fd2c353034a7271b5dbfe2dd4cbddb

SHA256
f8bd07a7afce2d102976afaadd33dc70336a0b06682ac8d6fe9544a08d086d1d

SHA512
37dc848b995def498d0c832a76ed0ad429db18f26a5e9659c2b77a63bff555560160b6be4d22387eb529b2291bb27ae21718ddadb315bd1aa4c092d6330f049a

Download Submit
/storage/emulated/0/baidu/.cuid

Filesize
174B

MD5
1f774ce5cee1e05d7e1b47c43ecc14c3

SHA1
4ad5ec1203b6080721a14ec6aaa93a414dea31fc

SHA256
a992f28fdd35e0b5d214578bc3e8723de6e6f882d6e38523f3dd96c6e7749650

SHA512
105d12556e28e9611771082ead8a8fbf06c0a44efbb58d2b1fa97e6f2d2844adb6dd86e4f867c5719ec4dea7ff343cd3f030a342049ec69cf20f5d9017ea3656

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads