87148020bde62020fd1cd7c8cee092c16fa3b53c2fdc455d1ddadb7178622158

Analysis

max time kernel
2364744s
max time network
148s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
20/12/2023, 05:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

87148020bde62020fd1cd7c8cee092c16fa3b53c2fdc455d1ddadb7178622158.apk
Size

8.4MB
MD5

02786271851ea9941269d892a3d488fd
SHA1

c50486a1b2c37adf3bd83919f47c701cbc5cf82c
SHA256

87148020bde62020fd1cd7c8cee092c16fa3b53c2fdc455d1ddadb7178622158
SHA512

fe37fb823890a8e287412cbaa97311e4e4facca8604bd50f12d27971dc261ffb22ce92a161a1665b05fac420c03885e8441e921dbd25feddd01295499a23cbea
SSDEEP

196608:3PyyuYqCuJFbNpxeFuLGtkCgrgT0FrCybKobYBWOe9GaUYR0:Ky4CuvMFuaPk9FrSJoGaUYR0

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.yuyue.reader/.jiagu/classes.dex	4448	com.yuyue.reader
/data/user/0/com.yuyue.reader/.jiagu/classes.dex!classes2.dex	4448	com.yuyue.reader

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.yuyue.reader

com.yuyue.reader
1⤵
- Loads dropped Dex/Jar
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4448

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yuyue.reader/.jiagu/classes.dex

Filesize
5.9MB

MD5
fa7e2e6622ba77ea9c91f0d258283488

SHA1
8bf98bce220ae771d4af1b2aa76a5291c7cc2983

SHA256
6849ba4621ca4f2f48ed009b267f13ed47635c5c396d622b6bb2191fc150ba9d

SHA512
83cce12ff02120a5a34a2895229ae9e235b758babf8f25341e5575cdd387ca4aab260960cc7a8922f4fa880dd293e98ee7670da4bf611c058e29cc90669179a6

Download Submit
/data/user/0/com.yuyue.reader/.jiagu/classes.dex!classes2.dex

Filesize
1.2MB

MD5
bd7060e31e715595dfb4cdbde16c9f3b

SHA1
667b1d1d7053aafa853713902d0fb85b954b2ec1

SHA256
2deff7451df535011a7d1ce6adb8114167e1239a77eb62e8e5676831fd197686

SHA512
7bb9de1121429332951b1c036074c536a04275a4a71f634011a1c9ba0a6e6df4a9ee67690f001ea1fd3d935c475f568473718ad481603bea716b1507f324716b

Download Submit
/data/user/0/com.yuyue.reader/.jiagu/libjiagu.so

Filesize
495KB

MD5
de685970891708f6edfd18f03c6557ba

SHA1
ac50f88327652a72df73d43e9260faf169283c34

SHA256
b3124a6f192e562313f1e2d24b292852d4eb87cbe95dccd1d94b3a0540c0c11e

SHA512
cd56aa34265252c1457e28f442872dfaedc897607b816526de7e76c88ea00c24feb3542c21be7dc587b58df8ccbb1e045d3533741981212eac4d704143bfffe0

Download Submit
/data/user/0/com.yuyue.reader/.jiagu/libjiagu_64.so

Filesize
526KB

MD5
f3f377aff0413b6667306b3ad51a032e

SHA1
0e03658be45eb84be83a147329b82885da1b4702

SHA256
78bf69f4b3eea98355f96ae381547380263beb136fe29d630e2e3216780fdac8

SHA512
a23a89fb8721736f4c82f779f515fc2f702c0d98d696911802d57600ba4066762ade878535abdff7ba529e167d035f7b97e829dc3e1b7d04825b00d31f7d3b0b

Download Submit
/data/user/0/com.yuyue.reader/files/.jglogs/.jg.ac

Filesize
32B

MD5
e6dbbf1c4ab476770afecb02bdd49bdc

SHA1
b2f18ba8cb8c1d6f266193dac17b51fdefa76213

SHA256
b156a594f31b8479ae3ff191b75000663794f537c144e617795cbb7115764f3c

SHA512
3f3382d9eeae2973942e0ff9807a1680a559921c7c1d2b356153d9a190760a995982c2f2a0d78fe81c4c3fb226d1cb5aed73d2c1f591c0948e6c95f458ac4943

Download Submit
/data/user/0/com.yuyue.reader/files/.jglogs/.jg.ic

Filesize
32B

MD5
e21128384fbef55a55f6485d67aa2a4f

SHA1
c1f938ab4c34ac057be7ef223930ebc64e5fab9a

SHA256
486c11c4213e43cf57ea02c5f8949faa4f4e4a5062e47d2e201c822d44f5d26b

SHA512
619fad644886a80cca409d3d327c2c62faba69a53d6d6cc0ae76b69e85b88ac5d440e2be059f9b02c4b5925460de26a91b95e7eb600cffddd327a9d029c21e86

Download Submit
/data/user/0/com.yuyue.reader/files/.jglogs/.jg.rd

Filesize
32B

MD5
8b35a9aef4fb03768ac9d65f0505c4a4

SHA1
88944ff3ac19babfa5b4f66483d3cd0d7ba82cad

SHA256
a6f13364d6d874def6552eea27fd0af482a92eb91b34802f628585db2a54a186

SHA512
d1e873d61dab2b1060aba9d81ddc2a474d30fe1c2ae11ddabe8b567f8b0a9c2bf8d354417d61d768b8777d334b1f139aa6068c8911856495725807bef9825a59

Download Submit
/data/user/0/com.yuyue.reader/files/.jglogs/.jg.ri

Filesize
307B

MD5
d56c918cef7cd816b5cc002b447eb9e2

SHA1
8997689f777b350e2863b271ce6d2e5be35ab168

SHA256
2703213de77a0292a64c938004b966d9a9f8d2fa36e458681b5c4a31edd58876

SHA512
65d57b8c4e2a90fb61dee7b0d39a51e7e95f3acf3f24643d0ecaa0eed7cdb25b0b304e47c913c0988b8e45ba37747fbc61cf660f933cafa79a8335af33d6288e

Download Submit
/data/user/0/com.yuyue.reader/files/.jglogs/.jg.ri

Filesize
314B

MD5
51689c06c5349b19a13d49fce0ff9c32

SHA1
b73e850875099d267d7d889892c36c290e8726ac

SHA256
b792e4c0b77508d6204a83e0b52c78bbf045a1ad9bd356bd8ad16287301d0c8f

SHA512
aa15d3ef6fb0cb313e78efcdedce58ced188b1e958b207a47d154ee4d68b400072bd0fed98168d8ad10fed6661a6df06dd7e2a48449956ed9127ca17db86dbb8

Download Submit
/data/user/0/com.yuyue.reader/files/.jglogs/.jg.store.report_pid

Filesize
32B

MD5
e25d184758ff5cf9b20ce3b2d7046251

SHA1
046bcc0cdcc3ac4387f565c1735fa968699a7d3d

SHA256
2711fee843d81228e2feabc73679542361f41a6029f16bc4be1200f344f8ffbe

SHA512
d6d61d808f06716867eff0853de506334071d6a5d1a771120334af30b98f9fbde8f10871733e3d3b8824545a2c2e159b2d7da6bd3918982d3d7f68ad591272a5

Download Submit
/data/user/0/com.yuyue.reader/files/.jiagu.lock

Filesize
27B

MD5
42edef8fad7034bd7c80e995458527c4

SHA1
9a140bd2696bca6759a859aa3934d386d9d2771a

SHA256
49b3b98334bdb494f6dfdd9ddca2fa6f8c52229af77c5295802ef7528111b9ee

SHA512
22d40dafe47178ed56d7146b8ac2e22364a1e367452694a684d4a9710dbfb9db6c518405788189aa605fa549678d0342d92f28e51895e10dcce98579c1413d33

Download Submit