8bac3f7a1d7d57e36cf485c094f42017f9a40b370ebdc377d2ad133eaa548627

Analysis

max time kernel
2503638s
max time network
161s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20/12/2023, 06:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8bac3f7a1d7d57e36cf485c094f42017f9a40b370ebdc377d2ad133eaa548627.apk
Size

14.0MB
MD5

91a36518a75dc9f4c9ecd808a28f4344
SHA1

a071017ee76d1f8c231cc62d2f1eeff3313ce9e8
SHA256

8bac3f7a1d7d57e36cf485c094f42017f9a40b370ebdc377d2ad133eaa548627
SHA512

bdc098bbcaae915b3c860a140ccf9557c95cedee992cb4229f64c48a09391899740e56b6c5e7b154616be506923109e31b5e0558f95d9d2cd6d1c44723e0475e
SSDEEP

393216:lNF1xnn1X7uBZ7jm3xUuno79vkR7aFE0WYOa1:jFRy7qhUnrW21

Score

6^/10

Malware Config

Signatures

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.duofan.zyjq
Framework API call	javax.crypto.Cipher.doFinal	com.duofan.zyjq:pushcore

com.duofan.zyjq
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4248

com.duofan.zyjq:pushcore
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4283

com.duofan.zyjq:pushservice
1⤵
PID:4302

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.duofan.zyjq/cache/image_manager_disk_cache/227af250449935e0943c05278ae2dd317f5949ab8265fc2ff818f4f00be1c427.0.tmp

Filesize
28KB

MD5
15d7f3baa1ce79e6937f08551289deda

SHA1
2eeda437ae3919cd6bb6bedef4e5a19cb4b8b2a1

SHA256
bebb68447b579e4ca104e8fb0330caf424059b446a55b2092da4ba8e2e5a57ee

SHA512
e6b82fbfc4ca6704546379169fba2ccda92106d7492606557d34265c650811041809a4624688bc7599f10093fe57cdfeaaf6d871476261cc68ec8cdcf00772f6

Download Submit
/data/data/com.duofan.zyjq/cache/image_manager_disk_cache/557c4725f63db5a2d2d1f9bcaecfb4d4f59d428469a0169d9d2da7212515e909.0.tmp

Filesize
27KB

MD5
2ab150cdee1e153922443b9ddb355c92

SHA1
f4b34f5930c85525e26c929fd98e95211b6e5350

SHA256
2ac2de704b2a91e29ff874e968d98476cb40a2fb75e2b687dc63d9794d084380

SHA512
708eb1dc00447df634bf5a47a6e61b0e579fd9c92b8f6a35dc0708f5bbdc39a54d991ed77bd5cb907a8a7d2546cdef6fa87c8b0e29b209bfded95ba69882f75e

Download Submit
/data/data/com.duofan.zyjq/cache/image_manager_disk_cache/b7f32ff3ce19b48b7feb8dc84b412c89327a4e4c8bcc6f888530c04328bda167.0.tmp

Filesize
30KB

MD5
dd620632e244b3d5449258329e2b1f6f

SHA1
7777e34705071a007f74b33bc41c54988e7cf904

SHA256
31ce1bb1f23a2ee97b8fa736831fb0aacf339ce17a7897ba05915257c54d69c7

SHA512
dcb4826fdae5111f89e13466da8bb390778a57f2f3f7057d04b319ccc22c3a10878c9584353e52cdb4171b52a17d899a3c6b561beda1b0dc085fa6c66dcfa62f

Download Submit
/data/data/com.duofan.zyjq/cache/image_manager_disk_cache/journal

Filesize
71B

MD5
a9b4a485eab3ff4e0926666e6fe44670

SHA1
9b02dfdcb9970446931ce928438b143939e5b601

SHA256
4a255484b92711a0e463d2f68c3b7ad043dbad7b0585ce2ffe718f778d746ac8

SHA512
c474afd9f3e1910611098a35fb5c8694b4a4a5e611c7f9615e4c2448fd34af3716c849bd098b06d6b5e483a89f450d4e8300d24a8bc3bc5999ade3036d46b941

Download Submit
/data/data/com.duofan.zyjq/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.duofan.zyjq/databases/chuanglan_report_2.2.0.db

Filesize
20KB

MD5
6bfbc17722614846bbc69422680426a3

SHA1
9d41efc69c9de477941cb12f06320fb69944cac1

SHA256
653ce55e4d976aa3749aee44ed8a56c2f246a57b3f4d1458e28ee7c6a774f58d

SHA512
3f0ce21ff7dffa08867a3b7e9ffa50f4e52d4a2a31587bd674ed2a69a37fdfe2b1842ddd5c23e5f9881b9ab8e498d08fcfd9ccbe9924b1b4985f012bdc28cc16

Download Submit
/data/data/com.duofan.zyjq/databases/chuanglan_report_2.2.0.db-journal

Filesize
512B

MD5
66c74fab698142f5d93c9341aaec745a

SHA1
ba94be50775c8f1ed3991fdb77c33b1551235087

SHA256
245b1856c93ba6a20c8c1350e9f1c33a501b41e9ea67079c5dd610b9a8c988ea

SHA512
7bf6e25f17c0948ac9b43cb813697b6f23d8991cc68e97fd87a7e187e567672caad56b7af7070fc2b5de9b18ed1399fb3be14a9f371a33e71f7356387ae2d26d

Download Submit
/data/data/com.duofan.zyjq/databases/chuanglan_report_2.2.0.db-wal

Filesize
64KB

MD5
e57af61b183ce9fec21727180c219e40

SHA1
44182c291e840609310cc59d2ad6aedc6a596e0f

SHA256
625acfa84c72593c9d60f406022e7b7d4099512e910ce32963cb2ad3c29c6d99

SHA512
850583ef4cc02b33acf78b4321f441bfe49c9a9ed94b1e79b2fcdb68ca40e0f26edbc3e570406ce89e9d5ff0b41c23c7999e9a5c635887ab051d5253addd2e9c

Download Submit
/data/data/com.duofan.zyjq/databases/chuanglan_report_2.2.0.db-wal

Filesize
32KB

MD5
1960264015c43c71407d29df6cead2fb

SHA1
6215fa2357b504b861e005b4a7a671f847c570f0

SHA256
a8c63f3b5012930b3fe58ede885e83ea7118ce4dd3cff9a8314e422fed828bcf

SHA512
6b935e2d16458cb7441199cc95868e3069c468c0d4a379ed62c5c84e071165944f59e3297d02abb3abd2ca9858f2426b15f46c6c4fc91d592045ad1c12747831

Download Submit
/data/data/com.duofan.zyjq/databases/chuanglan_report_2.2.0.db-wal

Filesize
40KB

MD5
a5d06387d697982cfdb5fa0b2b482dd0

SHA1
908aa648f492d96a1c49320488c38ccf1ec86885

SHA256
705c68e41f8963f7da6d763d423877efd40dc4e15bd6d77e0fc78b851dfe79e2

SHA512
73b51471fcc5c06404434c2c83f966367725d5058dd4ed5afde9ed864de3a38b70fd9912fcce03346ab8f98e7b38991b9a4357dbc156ad3daf58216e3e130c65

Download Submit
/data/data/com.duofan.zyjq/databases/chuanglan_report_2.2.0.db-wal

Filesize
8KB

MD5
8514e36851039ce30242ce08f7b49484

SHA1
994160f4c641e91daed75b70fde8b25951c19f0a

SHA256
d2cfa8555f5539434fe059b5ceae1c4490556c496bec23a6b55b6ce9e2dcbcc0

SHA512
e871050a3c0d6b5a9a8a898b8fb18b4b8b703f1b75e926ec7e814174f9e84f15ecb7e620f5bbf7924521a17d86dccdb50b1418e8b606b6f368be27d3b71da641

Download Submit
/data/data/com.duofan.zyjq/databases/chuanglan_report_2.2.0.db-wal

Filesize
8KB

MD5
15c475c7e60d576fe572c1acdd48289c

SHA1
b7731204a6bb5e65bc6df574f88c3bc185f1ffe7

SHA256
0d90797853f1cc0ae0288340c631927e342fbebf1c36c546947a06bdcaf1a2ba

SHA512
046664323713d720f9d603f076b8da134e325ecfe3c02472ba1b02314e3557e223faf44697cca7c60982fc8834a5288746b2cf650b5a7d2e364de8de7b898008

Download Submit
/data/data/com.duofan.zyjq/databases/com.duofan.zyjq

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.duofan.zyjq/databases/com.duofan.zyjq-journal

Filesize
512B

MD5
a0fe584d45382cdfb830f1b3259d0d5f

SHA1
5e2099b2199d189cb706f47a874b37da3faefe51

SHA256
e9f75c90b47448a5458b8139c4d10a49d3f65507dcd747c183313620fdf78484

SHA512
41df6de1cd48b572c7bcd3fc71aa79f5da277b012c73c488a7575909d4841271e69eed2857e1d666330260aef34f57102301c42e9afc9240b18ad59bc91ce9e9

Download Submit
/data/data/com.duofan.zyjq/databases/com.duofan.zyjq-wal

Filesize
16KB

MD5
750451bb0fcca5e67afee228960e112b

SHA1
a233e52f7db48a76e3ab08bf01a8176f46f48f5f

SHA256
c496369902273d0b01c9716de5279faadc66aea3657ee7fab00dcf9c05ff90fe

SHA512
4bcc9610016396ea9285a1acee1f7e04da73d78e59b0781f993884bd29fc4aeaad45e35af3fb0e4f8192b4fb260917aea095b1843fa9d81d87569227e23b569e

Download Submit
/data/data/com.duofan.zyjq/databases/gtc.db-journal

Filesize
512B

MD5
6c291af65990fd2f703cd0690cb8e6f0

SHA1
4101886923fa7ab21e1fee737985dce6393f3835

SHA256
7fd3a95130fd509b3f6d58027cd402e026deced607708d44f8b7746ee6b02c65

SHA512
a10701e4932bc51fb07abfbd0c36e9da26c142110c16ba57fdc96c27b41f7aeba0e8e38484aeda85178538edd63a7182965c9963527ee854a1fd6cd1eeb99595

Download Submit
/data/data/com.duofan.zyjq/databases/gtc.db-wal

Filesize
16KB

MD5
e85cfa1c3edb3090da2a57fd0b0810ad

SHA1
e1a47a6e21b578d076e7d6375a3250e70476594f

SHA256
4091338b333046aeb8106c17cbbac48e26d03059f13e495b6d16ff494d5919df

SHA512
bc5eadecdcb9fa627bf3d81afc46755ad394515c7fdd6d7f214bbfc6d67364e4346b9b55f633e7f0ea4f4db7f0072db97f432c9bbcd3a31951912426d7741525

Download Submit
/data/data/com.duofan.zyjq/databases/ias.db-journal

Filesize
128KB

MD5
2bc1887b467024a27ee1beff0c85a84b

SHA1
42766ef914a36a3bdb8d762fa942d11d49f73360

SHA256
00a02b29afa586ea712831a5b9cf46c418106084a4929c163e3f6444263dfabb

SHA512
c9118ed31527fa5d6eac412ec8c04fd5b9583d2346fbec4e77c20c2f0068ce6e452f548ead34909b92223a1bbbc30be9f8454f4140ebaebdfcd15343a809cf24

Download Submit
/data/data/com.duofan.zyjq/databases/ias.db-wal

Filesize
88KB

MD5
77f4ef42834e1065bcf6655dec62318e

SHA1
3493e9735e16bf5c2cbaf2763a3423405de5b4b6

SHA256
bd4e189ff22d2e820966d63af0bbe310f2709f512bfac33faf4f131fa3826229

SHA512
0306e0c14063da2ad797473aa8cca2b6520314dd70f46fdf0a54296a411b448238dc94bf70f04ab965938aa729e3638e49e00489e48125bcad2b295baeebe73d

Download Submit
/data/data/com.duofan.zyjq/databases/ias.db-wal

Filesize
28KB

MD5
562f6d11dca60fa6cebbfdc056cf4c34

SHA1
56062e3bc6bf2398b7e202a5130693a5e39997a6

SHA256
09d85d1dccb7e4c4186558007582f60fa7070227caeefa08fc767bf05a10ddaa

SHA512
b60b5d1e2538a226297c35e770ad3c57a1d3a42e12f8ea7a2ba615fa04d90d0c92bd47cd4853c4cc228dc2514f9cc9a67cf9c46a227446aadfa7b408a9d9a935

Download Submit
/data/data/com.duofan.zyjq/databases/ias.db-wal

Filesize
96KB

MD5
62f80183168cb8726b6b79c4d02da960

SHA1
3c730558b9ce3daa22801d1d86a2d51f953c44a9

SHA256
7f8e2a3038a523f95df9553bc2fbf5f7953d3c4af49e54e148aa5afc909af1ef

SHA512
41d6bd97b44bf269b953920ba45e413525044cc1d4ce7815b6b87ad9dd9159029bf38d98c79c1991c68ab260cbbb2e775ecff62ce5a0e970a038f2688835201b

Download Submit
/data/data/com.duofan.zyjq/databases/ua.db

Filesize
32KB

MD5
006649d1be7cf1db2ae52ef92317618b

SHA1
4b4ff23be8805d2510c9aa019231cedb21890c81

SHA256
222be71ea06c0e2568614df8e52a725e0d9bacd73af689d2676be296e20af5b3

SHA512
ce14c37e986ebb1ce16845afafab05fc6fff2c7ebebea637a4b52b3dcd3cec1e878208338ce4fa453ec9adca04048675903880fa34e21c319005ea84070c5056

Download Submit
/data/data/com.duofan.zyjq/databases/ua.db

Filesize
32KB

MD5
8d69959c77a53a8b7dc21103da5989f6

SHA1
ad2d02d9d345d7e65146e1e1c05146b3f95ae1ab

SHA256
b9e50d9b60022b6e9576508245c0081fe0d087742b1b5e164e56c56624c23e24

SHA512
c9242ad8ba1941d16540d40f355ba0e70af4f74108d1e27af73e22ae9fb3c572c87d4d66b508de0887d2375210f409da86c61630d45089d1f2809ee1a8f7b696

Download Submit
/data/data/com.duofan.zyjq/databases/ua.db

Filesize
40KB

MD5
95f39ac3a7d1a4a2fe65db7aa2bb6398

SHA1
159b0fb6f9f486b2b3815478a795ec3fa9a4619b

SHA256
4766f9bfa67016dd6f2866cc849eb95d7c83ab482c3173e97106fd63a81ef698

SHA512
8daececc7edfb04a7d31d6e20818c203091c3974dcfb6455dde4df90cc55ffa6aff478b2d77ee9fc4a776c49d24b8d601b50ee9895fb05a13b6686ceadfbf458

Download Submit
/data/data/com.duofan.zyjq/databases/ua.db-journal

Filesize
512B

MD5
c9e6c0dce64d0c9795b57f62acc46bff

SHA1
996923431df9655404a59a18bad3a70a3855da86

SHA256
72a202385034f488a794d32f0b15deba603eec28362ec574d7d2bb2533d62c6f

SHA512
5d66a6b8d2f80efb00f48552bb720dda93d8e0161e0c76bb2550af441ea4b2227f455ca32d75457778da5eb8878c4e35a395d14de6f1646740e998daebb8cadb

Download Submit
/data/data/com.duofan.zyjq/databases/ua.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.duofan.zyjq/databases/ua.db-wal

Filesize
64KB

MD5
d27a46d04340277ce3e4d1054c8d6e84

SHA1
5dcd42fd888adffa218aca6530d520a222f75100

SHA256
4ed6fbaa5650ffccc91f12ca8a98bea0bee2c7912b8dd217f337a5fa217d9411

SHA512
373464b6c5142214c277400d01b44caa04a062b9a056dbd12312580eaf8a07deac14410e78fc0193c08187f282f8d04e0f4299e051673d5ba048ec5b9d9fb268

Download Submit
/data/data/com.duofan.zyjq/databases/ua.db-wal

Filesize
12KB

MD5
4da9817e82fcd64ebddfd3319b50fe83

SHA1
87b472e648bee05a220116bd4ce30773dbe9a9a2

SHA256
3043ce7672ea049abff98101372044e7de5f03b34d025e6d2496adb5f01d78c6

SHA512
0c93d4c59626528f17bfea86e92bbea8534fb030bda01af0e167c9a2686f6a29f581fb1150311b04ad48603598ee169ab85964b15c0af679a3d73067b4139566

Download Submit
/data/data/com.duofan.zyjq/databases/ua.db-wal

Filesize
12KB

MD5
d2c1f0523f5e25d5874609fecd108952

SHA1
3216a79c4f66ed29db0c4c79fe5612e2c91b160b

SHA256
df4a0d02555ffd73c5650ced8634268965465723cea4a600cd76e0287388ae43

SHA512
0c71b3b5b1abd1eb4a89f4c6ee787b51eb7c53299cf282b7ea6645d1b7adf5718168daf6533fa994db3368a861fe89931677f9e13d80a1479b80f19fe4329ac2

Download Submit
/data/data/com.duofan.zyjq/files/init_c1.pid

Filesize
4KB

MD5
d706373546e0d7e978568a65f103f028

SHA1
5314ef8acc603a03740cc53129b9239dfa7c7c85

SHA256
61e4cdd9ac98fdc0770d08def1913f71ff5acfba456abb4ac912c1db76aae95d

SHA512
85a8083bfcf68e142159f914ac937972dfce2e9635e14258adb65e49d86975c47895b2d30029a6420300927ec11ca80200d69b290d4262377f8e2b1fb77a506a

Download Submit
/data/data/com.duofan.zyjq/files/init_c1.pid

Filesize
512B

MD5
20dc946496d8de43e6cd146200af369b

SHA1
cc6e7c419e5b0e1687b1ea0534289a0e32ad12d4

SHA256
f3aa4cc1909623bb904353afc35e0aeab09a2a997cee0cae41e1f1390706700a

SHA512
cdabcb24998c080c0edfe7008042fa3283f3edca6cea92d5aac84b649361b38b213c09c73af1af7d4b3d6850ece9172326de033aa1ace8b26485dd375bdf6a9b

Download Submit
/data/data/com.duofan.zyjq/files/init_c1.pid

Filesize
88KB

MD5
841934a9c3804f052a59fd9e3b1920bf

SHA1
5048bf56a5abcf9723b314ff81c8442334658c9a

SHA256
ade13597cc098833a88afaf5ff72e69cce02aef670275fd8409f548e3a6572ec

SHA512
cf56e180eb2dff7cbf7387f6926c906abc3325f6c490887e5dfaf333ccc8dbabae98c33136fb8245d5ca6ba71bc948af8169d817967d9ec29188e4f577e9b10c

Download Submit
/data/data/com.duofan.zyjq/files/init_c1.pid

Filesize
4KB

MD5
a0f7d3dacef0742a49bc41ea885d389d

SHA1
6ae011ba64746857147845da54ea90f6e9cde778

SHA256
aafd66f0a65c42531409dbbb3a1cafadf7ecf5552af88e013d6858636f941426

SHA512
d55f39e089a25c3d1936a34ff1d4140a5afce39beba49bb7bf88f2bd7e6d52d75cc070f5285168bc192ff0f33f5f4cf514de3ebcede650554874c35fdf848348

Download Submit
/data/data/com.duofan.zyjq/files/init_er.pid

Filesize
512B

MD5
b65405c4110ab59be7945c87f8edcc10

SHA1
d2ef34f81d29899c9d96d424b11654778b0bf18f

SHA256
8e3391a0de1f1a5bc4249fd0cbac762df970cf31da36fc7f645f3117df3d66fc

SHA512
252772e1b3c542465c5c634374631d85052abb03fdd00857a8b9ef9826c3fb7af071de3a1f79ff06e3b53c41ee78598f4478aa8a34b4d2772989c8fde4ce75da

Download Submit
/data/data/com.duofan.zyjq/files/jpush_stat_history_pushcore/00268299910a8d6d79bed8e0/normal/nowrap/dad83009-0c01-47ba-884a-5cf6047f0dfa

Filesize
32KB

MD5
7d7589918e0c6300d7499250d75f682d

SHA1
f6c5c7df46ee81ab43538ec4633924936942d8c6

SHA256
b3b0a55727d47e8df55462571ff63617b18c3c44dcc245f2f0f57bae08cc41d1

SHA512
1d90bc7fd503143fac8d464104abb5728a6ea28ae235ce8837cbe4e9795de957713a5e30aeb5f3badc6ef50b0c029a8abf360c340bac09f884362c503dee9dd4

Download Submit
/data/data/com.duofan.zyjq/files/push_stat_cache.json

Filesize
119B

MD5
2ff78a414e48f0d67f6d0d7db06043df

SHA1
7166d8c41de4801a15410f719bc8a82ae5f854ea

SHA256
ccf9387baf252014c33ba708f2e55d94d1706f78cb60a5b122ae2b6903484523

SHA512
979fc1c8fba93062ed4dae73157f26bd146fa0d98b1452f1d7cd5f02eb9b242c4752553578cbe79f0137d188898dab61187936fddcd6071b808a926ef06a212c

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
512B

MD5
007f84ee5b4e9bebbba8b01c52c79b1b

SHA1
d6b3f4c501a40921f358ce1af591519b41f6ed34

SHA256
ee28143ba2c97dfc1e2b634645e5adbd6fc69bd92220ada86a71ed723fc959e4

SHA512
ca3b3d35bd75a9c3e98189b940253d2096a9b37d49a74eab20504b9189555731002b8ac5d5a936b397d12cf056c713e83fa9a144e149c6644f24a5c24fbfb1ae

Download Submit
/storage/emulated/0/libs/com.duofan.zyjq_.db

Filesize
67B

MD5
763fe8ad98ec98746a19818f0a87111a

SHA1
7dc04bc774a4ff313efac97d7773e9b31b2b47f0

SHA256
3784333e052101210206b392b61772180440655f80789ef9d1aded845bd90fa4

SHA512
cba4470fb69f057b5b28d7b9176b41dbe2294e01e844fdbd6e2dda9086eacdefad33b3ee3fe7101cb1928c581239896cf01de80448b137d25fcf95723e186726

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads