Overview

overview

7

Static

static

6

8a22a10a04...fc.apk

android-9-x86

7

8a22a10a04...fc.apk

android-10-x64

7

8a22a10a04...fc.apk

android-11-x64

7

Analysis

  • max time kernel
    2469511s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20/12/2023, 06:04

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    8a22a10a04cad1175c8100b4c93eaf8af2d9e274434ee5c1219243bcc65cf1fc.apk

  • Size

    3.3MB

  • MD5

    9a952386b4fcf7380232dfbee97674f1

  • SHA1

    d1db16cead43aa626fba18da11487fa81d953ef9

  • SHA256

    8a22a10a04cad1175c8100b4c93eaf8af2d9e274434ee5c1219243bcc65cf1fc

  • SHA512

    d90b5f907ffe84b940822ae78ece62a09bf234f13610b29a4642df33e9fd7f91fd2bc40d774a8d1c653ee82ee427f35464c2ddfc03bff60be4645defc55c2ffd

  • SSDEEP

    98304:HImHA8NjiFrCzGB6VCKB8dscYWDH5MbN5zOEHpxCt8uHRV:omg4jArCzG9dscYYAN5zpwt8uHRV

Score
7/10

Malware Config

Signatures

  • Checks known Qemu files. 3 IoCs

    Checks for known Qemu files that exist on Android virtual device images.

  • Checks known Qemu pipes. 2 IoCs

    Checks for known pipes used by the Android emulator to communicate with the host.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.ylyh.youai.yisou
    1⤵
    • Checks known Qemu files.
    • Checks known Qemu pipes.
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4246
    • /system/bin/sh -c getprop
      2⤵
        PID:4365
      • getprop
        2⤵
          PID:4365

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.ylyh.youai.yisou/app_crashrecord/1004
              Filesize

              229B

              MD5

              ea675bbe21d5a9332b81c4f93a1d75f2

              SHA1

              c20367e63921c829892c523c54e7ff37c7516090

              SHA256

              b585599186afd8769d22be8ceb83b2bef805cf1d3a1ff5431d1082465337bbb5

              SHA512

              ce6deac886c93d073bf0fec77da11f1e1d41f41163c1203d1fdfef1c9017c8993e4d8dd11864c94e433be0d74e200fc55e44401656279842702062c3d0251a5a

              Download Submit

            • /data/data/com.ylyh.youai.yisou/app_crashrecord/1004
              Filesize

              58B

              MD5

              0d210bfb2a0e1f1b4c082a6a0f79de07

              SHA1

              bb8ed9e364db79d1d9f2fcde3f15091893222faa

              SHA256

              988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

              SHA512

              536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

              Download Submit

            • /data/data/com.ylyh.youai.yisou/databases/bugly_db_
              Filesize

              4KB

              MD5

              f2b4b0190b9f384ca885f0c8c9b14700

              SHA1

              934ff2646757b5b6e7f20f6a0aa76c7f995d9361

              SHA256

              0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

              SHA512

              ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

              Download Submit

            • /data/data/com.ylyh.youai.yisou/databases/bugly_db_-journal
              Filesize

              512B

              MD5

              38f9dff76aa6af0e632abcfa3bcc4991

              SHA1

              8662e5f67644cb7517967c597682dc0f59565b4c

              SHA256

              3d46bfb8498d160c591a968c0c8d0ebfe23a7d281e2005d1af297c49fcd86af8

              SHA512

              bd5e617e24f1eb3bc9d246157221fbf3db761549ef89908cc09e7f25a095a41b45fe13df93b896c4d0f3f4378d3e6e6a91c3cb715e4bc7691be8e1ec77a7c13b

              Download Submit

            • /data/data/com.ylyh.youai.yisou/databases/bugly_db_-shm
              Filesize

              28KB

              MD5

              cf845a781c107ec1346e849c9dd1b7e8

              SHA1

              b44ccc7f7d519352422e59ee8b0bdbac881768a7

              SHA256

              18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

              SHA512

              4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

              Download Submit

            • /data/data/com.ylyh.youai.yisou/databases/bugly_db_-wal
              Filesize

              72KB

              MD5

              86606e4492298fe54de7dcc887a578ad

              SHA1

              b1bc1899d572d66f95e5f993c4f0fb2e424eda7e

              SHA256

              c161d160ab9f271d0b68f3679e33299365d35748e9d9faff4cba43469ac70d71

              SHA512

              d4fd822f206f3ec3a35394a62384fe9330ed2c21424b60fcad54d9b0d0b880a4e684091d20b1e2c27f974dab528ea56eddd5b7c2baf25a624a830c395c5a3124

              Download Submit

            • /storage/emulated/0/.sys_public_config/INSTALLATION
              Filesize

              51B

              MD5

              63b3413e807c0ca4b6e9c005d6bb0967

              SHA1

              c42c61aa56ae9869c28285be6a64c5cd6538fddd

              SHA256

              bcfc32fe9cbdcad002e91cd04d79d93b51e9c6dbb56617c5990adb4afedf0589

              SHA512

              3c057c4f884414655f97bcbabed3eae286b905dc48753d17ec7a96f0adc6fc3a1fb7c0cd3a7647e0ab6ba78661d42331c0592fd363a6771bc8138188596f7ea4

              Download Submit