8caaab71842caf51d9636229fcfbca8eef9e058d44e8121fea5aa632c47e2935

Analysis

max time kernel
2378351s
max time network
164s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
20/12/2023, 06:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8caaab71842caf51d9636229fcfbca8eef9e058d44e8121fea5aa632c47e2935.apk
Size

15.7MB
MD5

775daee2a3ae34b833461d775afb7aa7
SHA1

37cab6e82db136d167b3f6e31d325b8dcfee5619
SHA256

8caaab71842caf51d9636229fcfbca8eef9e058d44e8121fea5aa632c47e2935
SHA512

b103570e35919adfc3879a2538c149c3826e391b2dd373fb2cd831845e5192b8ad2cccc32a9f2c0f4ed68d6aec21888f8814d9a5fed6ccd3b7b6cee9b8450301
SSDEEP

393216:ejQn/vu+zTgGwh8qHGf8/XlWrgZtK0QhwW:bvR4Gwh8lfoXm01W

Score

7^/10

evasion

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 IoCs

description	ioc	Process
Accessed system property	key: ro.product.model	com.manhua.cn

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.manhua.cn/[email protected]	4987	com.manhua.cn
/data/user/0/com.manhua.cn/[email protected]!classes2.dex	4987	com.manhua.cn

Queries the unique device ID (IMEI, MEID, IMSI)

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.manhua.cn

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.manhua.cn

com.manhua.cn
1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4987

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.manhua.cn/.jiagu/libjiagu.so

Filesize
485KB

MD5
2c1a490890ff15348d2fc3815b2cfb3d

SHA1
922e1e5539c40ad5bed578a9cea9f076df02eaee

SHA256
4a272d3707e61d656a95d20b944a402a4ae39b79013e3a47a93c0faa3eefc6da

SHA512
3a910269e855c3c9a31e40d2d18d166d3c3dc08bb9b063e363be8e737181389e9cc67be8d9ef8d1a63ca0500d0d028aa2562e6fb979beb1a1cccf0fe4d1d1853

Download Submit
/data/data/com.manhua.cn/.jiagu/libjiagu_64.so

Filesize
525KB

MD5
de2676422ccdd058f2913d26a320095b

SHA1
02bafefae85292f4896709afeeec5c727dd84f27

SHA256
d9b4d39ece3b7f40379c47afd6b405d795596b7e8c4a6db691e63cc721aabed3

SHA512
17734018791404be1b95ed0d1cca973963b25cd19a3f87b92c19ef6607d44d772db51546468352cc1c57e785f7729e60d899689daf647b3e76fdc5262155e808

Download Submit
/data/data/com.manhua.cn/files/.jglogs/.jg.ac

Filesize
40B

MD5
79682460494f3275d41da3f108d328d6

SHA1
7b5c78a30066b1a6a624f5ceafa04302000c47c7

SHA256
08c72f96fc4437e2ad82880deb958a35eecec5df653a6bddb553679398e88c5d

SHA512
907f97cdc2bf6381f28d69b5943f7932d2f3d526fb5919dad57dff4f37b6ca6591f09a92694e3907ef263f9b2a67b916a3a838904525748ce4299e2b1090be70

Download Submit
/data/data/com.manhua.cn/files/.jglogs/.jg.di

Filesize
348B

MD5
89427a03ee586f6d7040b68e67a6a67e

SHA1
133adcab4d2264201fd08c85753410e9a482827c

SHA256
5965824434cc456c9b09d6ca42949094cb18f971630a223bfcaca231fcf86f9c

SHA512
ed8f4c47e4378c6c6b7c12beab050fe3effa7b656335bc50a9b82348dd3ffdf4b096e21841672d2f7bdf821e2d8ed4fbef139086d3bcabfcab9f1a8f3974c401

Download Submit
/data/data/com.manhua.cn/files/.jglogs/.jg.store

Filesize
127B

MD5
6d54675ef02ce2a497d6bb9bbd9f9bf4

SHA1
d1d2f3a8a878be07cd41b1d3f9377a0cc5a0a60c

SHA256
72a75ab1090e84109e2c9e1f6c563eb2919023292ae00fc89472bff3b3bb8f5d

SHA512
4e0a799ec619d1f4c187213bf2af10a648ad1c8971072288863aeca5592cabf1b631a6990289071adea28275b02c1ef2286d058349d5a09dee4b4244917039fe

Download Submit
/data/data/com.manhua.cn/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzMTg1Mjg3ODE2

Filesize
1KB

MD5
a4a14a9fb846a664d0cc07c90793340e

SHA1
802b6897b3a088ebcaf7ad5d63abfe91aef31948

SHA256
079743695d4c49d93fd460f7442660aa7f63ae2ff4da59bd2c18a4cc1dcf82ef

SHA512
1175b0768b66da871df23cd2e0ab9eead7e96e4ff902a928927c11565ddea16a6b8177831bab4847e999fe7c755c14631deee3613084fc47194452c265b5cf24

Download Submit
/data/data/com.manhua.cn/files/umeng_it.cache

Filesize
350B

MD5
348101ace49ceb5c22810998d57c1d92

SHA1
4bc8f168a5c18379b7a6b8e7d7d1f4a5f6c3798a

SHA256
5fc41ee1fc1027f41f89f5e681f3e1962a9a65f3823be975eb038438e94cbf3f

SHA512
302310b624b89b6ad2de3c2fa85b25f3a446ae35f1492565904868da6182bd8a6498d7ff23002930427f4ff4af6c095694df8e6e061bec260a64a853cbd51bdb

Download Submit
/data/user/0/com.manhua.cn/[email protected]

Filesize
6.2MB

MD5
90a2706afe6424a0910fbc264f9a4a16

SHA1
ad30279d98d941b99cf0e517ca43889c79cc3f70

SHA256
dd1f3e05bf64f0a8176814d08f3dfb0252916ce116c99ad2555ae1624a7598f2

SHA512
9efeacb8d37fd1a43d37cb8abe9a30198125c61bab7beaf7010698f2098570d213e2710af2da726f5e57f97951557af693f20bd756793ef4ea48a44968d311b5

Download Submit
/data/user/0/com.manhua.cn/[email protected]!classes2.dex

Filesize
1.7MB

MD5
aad925e146fcb154abf46257e0d08515

SHA1
e3ac8064c20b929240f56185f574dfc817f06666

SHA256
73cef0da6fffc14e9f29795a1c79cc92b1792755c6d3620fab70b1feacd4c410

SHA512
fddb28cce8e9f7087956a7926b199895fcaae5cc7bd04d076d9d0acbdc2a66b5d3f5337355f9aeafda6a38b66722e0d3133bbbcdd2b31ba51d9b05a745f85c05

Download Submit