89cdbc57a27602fe2df71401485afdf572a6f8b8f0e443a50f37b92da8109008

General

Target

89cdbc57a27602fe2df71401485afdf572a6f8b8f0e443a50f37b92da8109008.apk
Size

6.8MB
MD5

5d8a565fff39739e7248f09ee6eaf4cc
SHA1

dba6baf457919a6eef81503d226d03c1d827678b
SHA256

89cdbc57a27602fe2df71401485afdf572a6f8b8f0e443a50f37b92da8109008
SHA512

1aa856152db09a20b40a8246a7ce98140f2aa71e41803fa605effd71f9c2b94d9d4a9ccf72099f78f2f3ac0b81e83469450bd6f7b0065f0716f6a3e3b5345fc4
SSDEEP

196608:m6irK4bHYewV+Xa7VxtWA4DYMBEfsKmnyECcCQYn+E49f:Bi74ew0X+VbSFBE05FCcvwNM

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 5 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar	4534	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/oat/x86/hsyCore_6.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar	4489	com.maopaoke.mpk6002746.sms
/data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar	4557	com.maopaoke.hsy.service
/data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar	4711	com.maopaoke.hsy.service
/data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar	4845	com.maopaoke.hsy.service

com.maopaoke.mpk6002746.sms
1⤵
- Loads dropped Dex/Jar
PID:4489
- ln -s /storage/emulated/0/android/.qianlong/plugins/hsyCore/hsyCore_6.plg /data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar
  2⤵
  PID:4514
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/oat/x86/hsyCore_6.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4534

com.maopaoke.hsy.service
1⤵
- Loads dropped Dex/Jar
PID:4557
- ln -s /storage/emulated/0/android/.qianlong/plugins/hsyCore/hsyCore_6.plg /data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar
  2⤵
  PID:4588
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
  2⤵
  PID:4661
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
  2⤵
  PID:4679

com.maopaoke.hsy.service
1⤵
- Loads dropped Dex/Jar
PID:4711
- ln -s /storage/emulated/0/android/.qianlong/plugins/hsyCore/hsyCore_6.plg /data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar
  2⤵
  PID:4736
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
  2⤵
  PID:4758
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
  2⤵
  PID:4777

com.maopaoke.hsy.service
1⤵
- Loads dropped Dex/Jar
PID:4845
- ln -s /storage/emulated/0/android/.qianlong/plugins/hsyCore/hsyCore_6.plg /data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar
  2⤵
  PID:4871
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
  2⤵
  PID:4893
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
  2⤵
  PID:4912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar

Filesize
208KB

MD5
48cbf7c7c5d14202bbab3a473842fa29

SHA1
bfd1981243b3b15b65039d8d098480221fc654c2

SHA256
1821e8fb5e6a021f0a156fa238920b7514da14657d001e13c804691f99415ccd

SHA512
0be1019278ecc8542b7870776c01f9659b98b20f11f6620fd1fb801c9f17e299d814246803b23413ecc19b09c62775f40c457e5ed86854f640be394c5503aedd

Download Submit
/data/user/0/com.maopaoke.mpk6002746.sms/cache/plugins/hsyCore/hsyCore_6.jar

Filesize
208KB

MD5
f455edd0fea8c45f3504256297a4a0fe

SHA1
37f26952bbf66289be798c195f93462f8793b042

SHA256
5a47e4d7128bb4c77a81c162eea83d563b9fce483a84a26e706e782ee5255a5a

SHA512
9acfb9c6ee9e26e9b35cef5b81f546cdba8d15e589a7c2b360a25c94c5797deb680e76380ce11e40878d0759577093a5b9a85876c3d44b1b68d26e8569175d7f

Download Submit
/storage/emulated/0/Android/.qianlong/apps/com.licai.kuailecaidengmi/com.licai.kuailecaidengmi.mpk.temp

Filesize
2.2MB

MD5
5a50b36d472e11c120bf84f67485164f

SHA1
641a70936a151c03e3381ce7a87f5f8c39f31025

SHA256
cd577ad5b8e347cd793300a207883f52ae5b488815dd656c9e9ee09eb4777d40

SHA512
acab34d09165d338875e450784b6312de4ec0d8e9198031cfcaf144f7e8bd9577b099c550980b8d8213e91e7fd383200220f8183b3594311c6f4516fac8dc02f

Download Submit
/storage/emulated/0/Android/.qianlong/data/mpk_context_v1.000.cfg

Filesize
65B

MD5
2c5560765e0bbaf5549694133e1ed905

SHA1
df8fb483e6e118e382c5ae23c472cd9e5a2f7491

SHA256
691f2fa0a39c61b7d900caab91c7cd052d65a9707ba08a080efbb9fff656ed54

SHA512
8a8d47df741e07a347f9e313564419bb6e7d99856ed3aa6c2cc46e7f17640adbaef8a5be0d461c8b9be09a4dbffe7ff89c2941930248c474593beec072a23078

Download Submit
/storage/emulated/0/Android/.qianlong/data/mpsdk_plg_v2.000.cfg

Filesize
99KB

MD5
f3cbddb03a142f1200501258f79238ca

SHA1
0b015d86d13129e498ae5fccad8424c00e6a63e2

SHA256
cd0c2df45f197fca49524c544c93e88d919fd955fa974288ee6065eddfb29cb8

SHA512
8df0ce31b13402278ef9d166a8ae5ff79041bae00bbee38ef1d03d84eb4281cf519ee34e1c8a475e4f0fa07890fc2323e80282fe0281389d9ff73ed814c8df39

Download Submit
/storage/emulated/0/Android/.qianlong/data/mpsdk_plg_v2.000.cfg

Filesize
99KB

MD5
99a6e2d62e1818357a52485b8ca4a8ce

SHA1
6d66c686db678a3b90c5b11db3122aba7543f3ca

SHA256
2bfe8575aef64a1a02b1ac51f6444d350c759f4b0a5ae105e631eb6c8fa72778

SHA512
0b4ee5c143b712fe452227ff351151f8eb0d76a65bd69e36e07d6e53abaf2c4e955bc45574d5b6c8848f67bfd0ae9c510411806ce30b376080b6a76a81c4339c

Download Submit
/storage/emulated/0/Android/.qianlong/data/mpsdk_plg_v2.000.cfg

Filesize
99KB

MD5
e0a773f8aaf9e375cf60bd23b52a49b2

SHA1
dcbf743bb55212fe34b23d2fc73065175a29429c

SHA256
0e2674c179189624bd2dd5a70d4bd2cbd0612f090f1fdcb7d0649dfa68fb12b7

SHA512
daa51b0edcfc142e6de056ee6ebb23fd3663e2608222aa75b2e8abb4edf1d0d5c666b0bfafac96c7943a590b974488938a2f64f4bc3e11e2a58834e23000d675

Download Submit
/storage/emulated/0/Android/.qianlong/data/mpsdk_plg_v2.000.cfg

Filesize
52B

MD5
3746dd258c416394d6634328cfe5adde

SHA1
1928bf1ad761401a28cdc23afdc8bbcdf9226ba3

SHA256
36fc539c3f04ae5b52736bad3565ee4a0786e3c5eb2764fe0bc57ce3bbdaed0c

SHA512
c1bed7becff58fdcb1d8438760aeadbf1d7aa8140c5a8753f0da179d1aa1534420158b7756389801f8b7a1052494a34b3945f9f1b774aef3c6cfc2949ec41651

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads