8a1752955a4749c29b8521743dc0e1ba877924eb4de9fe080983eb44312a3d61

Analysis

max time kernel
2468465s
max time network
138s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20-12-2023 06:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8a1752955a4749c29b8521743dc0e1ba877924eb4de9fe080983eb44312a3d61.apk
Size

26.5MB
MD5

bec2ddec02c9cb38e19bfd5472738c5f
SHA1

7e20dbc5cf6f901075e9c1f7d9b0476394326d75
SHA256

8a1752955a4749c29b8521743dc0e1ba877924eb4de9fe080983eb44312a3d61
SHA512

9e13bec6ed8ab255c0c409d43e3603b3c12301731660a96198097beaeb44bd6c74e44b8b618846d1289f1716c97e3f4b598ee01d26e15449c35f46277aa28054
SSDEEP

786432:/Of2niwXO+st2PEbh+sG5Ss4rF3bKNlLC4t50bif1iw:/O2hVstckdsMrmlLHv08iw

Score

8^/10

Malware Config

Signatures

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.pinle.pinlegame
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.pinle.pinlegame:remote

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.pinle.pinlegame

com.pinle.pinlegame
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4236
- sh -c rm -r "/data/user/0/com.pinle.pinlegame/files/down_pic/"
  2⤵
  PID:4382
- - rm -r /data/user/0/com.pinle.pinlegame/files/down_pic/
    3⤵
    PID:4407

com.pinle.pinlegame:remote
1⤵
- Requests cell location
PID:4289

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.pinle.pinlegame/databases/sharesdk.db-journal

Filesize
512B

MD5
19837a015d786eadba290a31e4ea4a56

SHA1
4a205c1ca3d9ece3643a4c32f8ab40b1239dbf6c

SHA256
5e626bddcac1859654dc9cd355fb1b18625ca4810d7a299bb6808e0da64a6c3d

SHA512
ec233a72e5f241b2a3a43a23e077a00fd662d876153961887e43cc887642f8bfc998c592d215a34f743262d9998b38ed685ee941c0b41d323dcde15da57bb4d3

Download Submit
/data/data/com.pinle.pinlegame/databases/sharesdk.db-shm

Filesize
156KB

MD5
0561148d01856fb8ec53273cb94a34c3

SHA1
4142879bfedbf93d1af17f359a9650aa899d6529

SHA256
f9d901876016c817fe83ed5ef411cd5c7d2f39d5e1a94bc2a0599e7c7d242e3e

SHA512
09787d32602a63d3df88632c612f6d3d1cd838671e0f4f9bc8e68d276c7a444c8d2a87ad27aab8f57a943909e4f57c87ad5148df77d93b35b4562fe99220b453

Download Submit
/data/data/com.pinle.pinlegame/databases/sharesdk.db-wal

Filesize
32KB

MD5
d6fb344fa69a71dd81e43d6733825526

SHA1
cce2fa142e37aab1b6f89e6a8405563b928ffb26

SHA256
9a7a9e8d70f64de3b738b9bdcc8d6959c280ec47e299fd14414b5b7d38a09667

SHA512
a951efba49a16e852e3aa259db8bf5f75d3ee052b29e1aee954b46d307d6fe74fb8e172e272d9d1034dc4524b82deb00b2adb3451da9c23854e478ae00e0189f

Download Submit
/data/data/com.pinle.pinlegame/files/lldt/firll.dat

Filesize
76B

MD5
d44af952fa5db2364c7abfdc319146eb

SHA1
829d1eb1bb0645cdf7e30a94fee6ec0af0fbe1c6

SHA256
659003ace2b5ff2fca4374dd78b8b24ff061203a7387be7b3b32f12e98219c3d

SHA512
4ca8745aa9e41ce394cb1ed743f8c8678a6b1711b59c0755003386d2e53b3688a14b5ca2f094efe5fe5c038d64f22036b635be12b0c9a4cfe2fc0d264c8fb953

Download Submit
/data/data/com.pinle.pinlegame/files/ofld/ofl_location.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.pinle.pinlegame/files/ofld/ofl_location.db-journal

Filesize
512B

MD5
e936ed2c4e5761029bf85b9a7ed83907

SHA1
fe41dc71dd7d3e60e5fe33741286ed7241124518

SHA256
091e27a50b9edf853e53e6fb725e0f15a0984bc1d21073e90593e06c4e75c321

SHA512
40ecfb19eb2f6e16f5088b2e4f2d1f4830b9a9362f52398bbf620a8905a63b5433b2ba708f47d259fadd898a1b60267a7321ea8a5b183fa9acdb146a6eb61259

Download Submit
/data/data/com.pinle.pinlegame/files/ofld/ofl_location.db-wal

Filesize
48KB

MD5
521475c6737918e62a2403f94016d0ea

SHA1
0a5082fd2541e79d2137b90a484c0a12586a51e2

SHA256
f4a3dd1b7374d8f2baa42de8783d6b5c26f7ff184442e800cf956d67f9243e52

SHA512
9827b30c5cd5019fd84dc0b8aa38aedf0a35158023ec5d1a5ee29b88ccb1ac22895a6086e2f5a9b5f2d1f87878078f3a4c0b5635a6f0264e86a084fa8414f641

Download Submit
/data/data/com.pinle.pinlegame/files/ofld/ofl_statistics.db-journal

Filesize
512B

MD5
a2f77819fbad24821dcfdf29d99227f5

SHA1
3650b1ef96e505c1127fa701a70e78be9cc9430a

SHA256
4da2a20198d6e020a8b13531e2a4a78d86d2799fa09b2e9511af9aff4666a4b3

SHA512
b579c37d6c5cb9bb4eafb454abd1002d867d735534f7c9b019e8cd44dae41ec6936410c2ea2f4f139222a25e99e5573852708276f8e3fe0c094b9c6d2a637310

Download Submit
/data/data/com.pinle.pinlegame/files/ofld/ofl_statistics.db-wal

Filesize
96KB

MD5
635c0910db5a536db2a524fdc2828aa2

SHA1
5d28677a191207382dee325a09ea4f44dddbc74c

SHA256
2e16cc74f5654cbda3bd73d9d9e43ac1a614b8a6b1c2bc30c175222a82d31a64

SHA512
f1845091d0cb764cb9a0b58dce1545668b5ddd4cc9b8d94b6f6d7cd2b42f2548d2a7d5cd9f0fcc35871b6b7485a7e4a33fbc69dcc35af51962c6d5dc87e39823

Download Submit
/data/data/com.pinle.pinlegame/files/umeng_analytics_cache

Filesize
32KB

MD5
5b476674360642442bafe8d782b1f1fc

SHA1
3f91071da75cfaf6a1d0896c7124a28019186023

SHA256
876b41f98939af9a64e1c6566e951e9a075d356e95b51dbe64522c0e6b46963d

SHA512
056d98dca7fb9d641649cc0d086a76441586008a0cccde3be0506962f92b4d1bc1bcea0281524edc14932ab0bf80a2faf8d09fb82956d497bf8199654ef2d7a9

Download Submit
/data/data/com.pinle.pinlegame/files/umeng_analytics_cache

Filesize
28KB

MD5
b46ca2bb55379c8487520a785c7edd8e

SHA1
7772245570bbbb0bd1c4de017e2369228200a34a

SHA256
60c8625481634c85c4936b111ec0de0820dea925e666984c35accfe5aa77ac58

SHA512
cfbf0c586b40b36224bc4828a7b71c313ec2e2f7d645750021e43a5346daf73c58c71b0ab086e4c4767a7652acecf5aab44cf0efd0d71efab59b780bd73d9843

Download Submit
/data/data/com.pinle.pinlegame/files/umeng_analytics_cache

Filesize
512B

MD5
6f3a6040e43bc523cb9e51259d043294

SHA1
c4d35d885ef9580d6e8583e51db9fcbece3ef27a

SHA256
09dc1d09e5e44c24b40e472109f93ff3ff92dab12288d38f52a5440572bd24fc

SHA512
eea24cdd474db274ee67c333b942f754206d72ccc2333292e149fea18757e060f9420a811f8d2b2d3a40724895db6a3565598a64529b3e332aab08dbd73d3d98

Download Submit
/data/data/com.pinle.pinlegame/files/umeng_analytics_cache

Filesize
4KB

MD5
deb8618c6233bcae69a17cb867483afd

SHA1
e166536e73a8b2406bcaaf233a7af62837b46b77

SHA256
ad9682398c9f14e53536486bca3c63e33d326f854f821bc9f551080b756b66c0

SHA512
ab18aed392f1a4b80eaa1d39323d2eecd1153735b88fb5df8fddc23b1edd166dad60f741d6d09f9f33a236499c76637d582e90f202bcc33d92f07bb80ee34469

Download Submit
/data/data/com.pinle.pinlegame/files/umeng_analytics_cache

Filesize
48KB

MD5
387ed765724e188ec545bb3e471d60c8

SHA1
c8ee163496537cb241b090238476b891e59b95e1

SHA256
1c63c11aff2f3e899830eb0239728a82dd786c3d45cf59df1a930e6251aa4b08

SHA512
030656aa91ffdf7a1d10c2d324ae637de7f408df4cefeff35adb3fcb579e767589be4a31fefb3b0ee369e647c8da7b822b874ccb4d0651c2f5f86fe97e72123c

Download Submit
/storage/emulated/0/Android/data/com.pinle.pinlegame/files/baidu/tempdata/conlts.dat

Filesize
12B

MD5
8d80bc8ea90e9cac010d3ddf97bda5f5

SHA1
f063bc0d356e6ba9ab1eb9a851131ffbefd8fa07

SHA256
f52db31332534833414abd5e870f78c810b8ebbe5b134bbf599506beecfd1b93

SHA512
9ea732dd572a9a4ba91b70891972230a09576687ca1bc19e62d5a98b5b84e0f2ae11985108008bc9fbccf357219b8bd3dbf146bb70752f618f70dc5d0c46a7c7

Download Submit
/storage/emulated/0/Android/data/com.pinle.pinlegame/files/baidu/tempdata/conlts.dat

Filesize
156B

MD5
7a1874a5fefe54920a06ebc1ee65e820

SHA1
9529a6c715fdc2d16ea061295659dbf9141cf296

SHA256
341e189c40429210e9d0002d0b360017c6e929e2188fd989c6f8a33a1e7f95a9

SHA512
c76d838500b9121a3d719eb1abf7292a7ab0b175b344a51ce51580573643345eabb8931d46676b0f3a8e979031d6e81d94e2536ebf8cde46c5bbf4f340f1c38d

Download Submit
/storage/emulated/0/Android/data/com.pinle.pinlegame/files/baidu/tempdata/llg.dat

Filesize
24B

MD5
161557b06b4a4d3ce095528dea370eb7

SHA1
8bfe9c4d916fe58d856b5a6ecaf8cd9ea4df2c9f

SHA256
f054ef19481234ee5b2db1d1c681839dab235a857ed3a4bc02efa8f785f478d4

SHA512
96ce8aedbdbb387438efc86aaabd13a6378628bfae203d2bc25ea1cd7daa6ddbd6dd2c81d631fbdc9b653a93011d3c80f0c085580275b683d5e0bce077e6e449

Download Submit
/storage/emulated/0/Android/data/com.pinle.pinlegame/files/baidu/tempdata/llg.dat

Filesize
446B

MD5
6f70b2a1285b2f0396b1d0d0af07b065

SHA1
e87a10b84c6badb87b57fa8dbbcdb5172a522b0f

SHA256
7ee39be3458f16bbcdcf258c7f659ace6f26a7c56a6df074c4e9909ecca3355b

SHA512
c832c1777c64f7d32a04c6a5a39d5c45070c0824df286351c39c35d6ded2494fab0e02730e05e3072666779f764a92ed0a3a10adcecda25466851f8d7bc48952

Download Submit
/storage/emulated/0/Android/data/com.pinle.pinlegame/files/baidu/tempdata/yoh.dat

Filesize
24B

MD5
a936690571e9104e1922dda4a0ba5bd1

SHA1
65f49c57edde2f96be2a1dbdfc3f7351f1e66554

SHA256
f0f5049c51879dd7da0ce4a43349b5b34ce053d072a0ca704f62cf22ba4a8412

SHA512
3be1c3693963aebdfc04e86b1c820ee0ec3cf0b200e6a4788ef1141f39fd6c2f77f4227247ae4affa66c0a6c027df8466cc0dcec1e67ebfb953e36bee97de394

Download Submit
/storage/emulated/0/Android/data/com.pinle.pinlegame/files/baidu/tempdata/yoh.dat

Filesize
24B

MD5
1681ffc6e046c7af98c9e6c232a3fe0a

SHA1
d3399b7262fb56cb9ed053d68db9291c410839c4

SHA256
9d908ecfb6b256def8b49a7c504e6c889c4b0e41fe6ce3e01863dd7b61a20aa0

SHA512
11bb994b5d2eab48b18667c7d8943e82c9011cb1d974304b8f2b6247a7e6b7f55ca2f7c62893644c3728d17dafd74ae3ba46271cf6287bb9e751c779a26fefc5

Download Submit
/storage/emulated/0/ShareSDK/.dk

Filesize
512B

MD5
fcb9787c86ded8d4dcd844b8a5098eba

SHA1
2ccaf3d81963bbc75a4cbb729c6a2c0d3d1f4db5

SHA256
2ade322001ca0558bbee47fc5cf5d377c3c234c6af42297ba237161d36a15672

SHA512
1cb1222cd0efc4abf3cb3845d82e6a91f24e6409cf71fb07e0d8f9220bec1afc52e23840efc5cb6b2132c2ce947c870ad9d472ae678e95022065daf9c3a98440

Download Submit
/storage/emulated/0/baidu/.cuid

Filesize
89B

MD5
55d569077c117d6155fe8996ab142019

SHA1
5943a9680502ac10b7f9b991bd7032993f2ab282

SHA256
416c2822e9e7cdc95d8df7973d0649b4438623f251b2a47a1651e0eb8fda1eac

SHA512
1c9103e059b7636754d11a0538596bbfebeca82c9b3ed3ede8681e190d2412dbb65729267dd4f2965187f87dbf33cca8e1abef903b7ff4a2733d8e1d13e7e9fd

Download Submit
/storage/emulated/0/baidu/tempdata/lcvif.dat

Filesize
96B

MD5
98442548d09a07992ef6a0bf818454ef

SHA1
6e8955b89445dcf6097d4638eb09e773f6c9827d

SHA256
2f805dc05c34d92a6ee352e951a2eb2d41e5f213036fa3cc477bc7df76350678

SHA512
9061dedd06225619c6ed040eca120900478fdf47b7666bd4a4e4abd714ebb2a53718682a201a31351ccb040cc3633d959e8dc58692d1436a78b473cb52cde523

Download Submit
/storage/emulated/0/baidu/tempdata/lcvif.dat

Filesize
96B

MD5
7ce217a4d887816a542401eb89a3f9e8

SHA1
d48af193e669a1a59de483df40b9309e7f2c4857

SHA256
a42582e56b1034c7f20cd22b8a0cc79dd17013a6ffcbc77bed475ff1462cb3be

SHA512
2db05891b479cca2f5bfcb36c3df5aff2a548fe50c837e92f82e7eedc4657f099e683009aecdf86e2e2782b2b45feacd1aeeb312e488b78ba00a622191fc6263

Download Submit
/storage/emulated/0/baidu/tempdata/ls.db

Filesize
28KB

MD5
0d3e99204c6401ea499fe9e6d9855497

SHA1
09829f00ca458eab7374d5079393a2cd69a2348a

SHA256
63ad014cb50908591939d6a1536f85eece807425af4f4e8a1f9b9eeab13cc5ca

SHA512
8d9a50aa9abd17e508ed3ac35a3033e8f9e550d1088baa951f53e6c4697c5ac026d22b90e36e27341d64baa3f0202bd89ca97583e99feb25f8c26b5776c59c68

Download Submit
/storage/emulated/0/baidu/tempdata/ls.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/storage/emulated/0/baidu/tempdata/ls.db-wal

Filesize
52KB

MD5
7a988d6742a2c052cdec2c02a3a47268

SHA1
03c2a9d370b37a758c04808246b7a5ad2ae6f746

SHA256
1210831621196ad4f0428a7022411d7af5d28beff84045a51b52825743666e99

SHA512
c8d5d9dacc4e62440bd32f0058ef4ad69091d8d582e21e8575e9d94bcb928996df6d6820ec0e53cda68f86eaed817c4b315b02f0786b121a5c459c930bf2f521

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads