8e752a5336a411eb4ffedca0a524a6ce12bb83dba8ee64a10c0396d4f6b8c61e

Analysis

max time kernel
2500877s
max time network
139s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20/12/2023, 07:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8e752a5336a411eb4ffedca0a524a6ce12bb83dba8ee64a10c0396d4f6b8c61e.apk
Size

6.5MB
MD5

99bf14fe35249b5f6f2e9e333cb1a38a
SHA1

e473f0e48820bc21b7dc115d2e1b06a1e0c90bf9
SHA256

8e752a5336a411eb4ffedca0a524a6ce12bb83dba8ee64a10c0396d4f6b8c61e
SHA512

8a2b96ff20870d79b1bf0c6e0c58e8946d82b215f0752152538466652d7da11c5d83daf00d2bb02d2a3fbf12128c4d26ceec32a71e2fac28b315b28afaa2b836
SSDEEP

196608:M/FLEolw0GwFusZLFW7nHpMQrjB12aNISbmt54a:QFYCwzwFn2MIT2B2ib

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.joniy.abc.yhzd/files/data.jar	4260	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.joniy.abc.yhzd/files/data.jar --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/user/0/com.joniy.abc.yhzd/files/oat/x86/data.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.joniy.abc.yhzd/files/data.jar	4203	com.joniy.abc.yhzd

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.joniy.abc.yhzd

com.joniy.abc.yhzd
1⤵
- Loads dropped Dex/Jar
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4203
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.joniy.abc.yhzd/files/data.jar --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/user/0/com.joniy.abc.yhzd/files/oat/x86/data.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.joniy.abc.yhzd/databases/license_data.db

Filesize
32KB

MD5
ca2bcc7a502ebe854deae37d6952b481

SHA1
29d9cacf79b5eaea6db50402bdb19fd17454ad1f

SHA256
b8c2639c6e290d8880b1ecc74cd61838439860efa104c9d68c578d8fa3da85d2

SHA512
0a6b1cb290da5bfc7641cf4df4df4a6b332f0cfc9db45a8bfe36379c8dbfb06ed6267792ef397be193d601e472b8607f441035e9a05b85546b626b90346443f5

Download Submit
/data/data/com.joniy.abc.yhzd/databases/license_data.db-journal

Filesize
512B

MD5
45f840092e6a94b2b1fb357fa32ad437

SHA1
0cf08b102c8cc4085bb5c14bd0b5587b395d3989

SHA256
4c7f1afca2a1895969454d00602d2a83e1e3086a0cc1f3a33d86465623a3dac8

SHA512
87f540126337add2ff66ec409c246680dc988653a77cf7e9b0ec25f993463fabebbfcaddd86826543fd8c3c94fda42dcee6390ef25d0940c5feafde93a599ac3

Download Submit
/data/data/com.joniy.abc.yhzd/databases/license_data.db-wal

Filesize
44KB

MD5
da91c7feb54a2e9776946f12eb3f1046

SHA1
2bee8713a2818a53e28ee23e5f72ea51664a4caf

SHA256
539cf08f989a4b9a5a8ee1eac198a6931fb02d757e9ea5f95f9dceee26c1c011

SHA512
23e3399042cce9bfa4b06201468836e7187877d0258af67be1522363a46e586c2e256b30de74485ab147b2b89946fd6443767f939c6fb08fbf46f48aaf4082b0

Download Submit
/data/data/com.joniy.abc.yhzd/databases/save3.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.joniy.abc.yhzd/databases/save3.db-journal

Filesize
512B

MD5
487709887bf0a5d443d4f870e2223027

SHA1
88d57e7b02eec128a0bb38825ed99122c66f29b8

SHA256
ef08b0471416566bb3b2cc9b81f5e00b837456c25bce823d86f7cba6b34097ff

SHA512
70acd658b8770eeb8bfe09e290182506addb781af15d38d9171a408102f505b46573b12594053418b64cc339bf30e48de48c8e0cf27179119a9467f2960a577f

Download Submit
/data/data/com.joniy.abc.yhzd/databases/save3.db-wal

Filesize
16KB

MD5
581a286475ff3cd194b16937d37f1552

SHA1
9230a90d796b57e3c207eac035a0c8f94dad13d8

SHA256
0fad0b51a2e43c7968e5eb62bea834c22bd76f7a1fe99b2f40f1cfc98dea4140

SHA512
d79d874dcf6910d2738fdd0ec4a9dcc1d31ddc4a07385f1f48345b7828637531298505315a091320cf4191071ceb030c6bdb5e0c75ee4dbfad51b93745950b8e

Download Submit
/data/data/com.joniy.abc.yhzd/files/data.jar

Filesize
97KB

MD5
43aa6e671437df7e21ada10b9ca9c76e

SHA1
21603addc58ee1aacd36fc5a065a6c28d8348957

SHA256
bfb16339a70adf336c93d4eff1854ce69ec2f23e8473743721bb83e6c2816bc4

SHA512
42e9caa35a717e4522bc4f2c69db219762338d66ae68d3b413e1c369952e9d05e5651d9b7c52e13f4beccb597c909c4d71884ec8cdb36323094cbeada9cf05e6

Download Submit
/data/data/com.joniy.abc.yhzd/files/iapSplash.dat

Filesize
3B

MD5
c6f057b86584942e415435ffb1fa93d4

SHA1
8aefb06c426e07a0a671a1e2488b4858d694a730

SHA256
2ac9a6746aca543af8dff39894cfe8173afba21eb01c6fae33d52947222855ef

SHA512
bdc247a1a0e28a586ed40744d281993d519abe981aaef33277d4877d167e1150816e9723d068a59509991ed0cdd8c5cea0f9ecd0ef23664db7cb85db5a0dbe12

Download Submit
/data/data/com.joniy.abc.yhzd/files/pay.data

Filesize
97KB

MD5
b3318d0f9efefa37d789745f55ec3b6a

SHA1
62794c6e107c5d6bd248fd1c883a5ab02da2d7df

SHA256
62e0bdbf50e5684c6ebf48c10491b662f1662d26c9594e852c34849bcaec856a

SHA512
bbbb19ed4c7f427e1399c2d18a4e104812514feea1bbdcda927c593e9d9d987a72051e133c94fe4c3d15d24716299dae53f172eb32b02c79f0d3c885fe748f1d

Download Submit
/data/user/0/com.joniy.abc.yhzd/files/data.jar

Filesize
238KB

MD5
7b77931bfeb2f5c8b0337fbba9a8b528

SHA1
0e6906a326f3921beedd676f7f0bd7c3eabaf2c2

SHA256
92b9752d6ae65eeb948653cf5f27ab83438b787d5601845974c976f492df21d0

SHA512
c97a3e2063c68103a5298a1a5d8c740f6ec44b60e836092438fe6295964955d2c99d1e4a113d3dfab7eff2fb8c4caca09cca6ea516f0be20b02c57e51767c900

Download Submit
/data/user/0/com.joniy.abc.yhzd/files/data.jar

Filesize
238KB

MD5
1cc8518346734dd6224a76390abdcc47

SHA1
6b008b0bfaeb1f96b7e146cf90e6d5cdea251405

SHA256
f57bd8ca4cd7c881b8c304dad6e2530613bb287296888f5ffe1bdd39ad1d4f1d

SHA512
7c824d52c4ef673f437811315d2e2aab4fa9c84050a5814cba780eeca21ed2a82759e88d9bd36f9a402a53f64188ada8c78718d26919f14a8954624e9e939248

Download Submit
/storage/emulated/0/InAppBillingLibrary/log

Filesize
89B

MD5
4cb3e4ad3b6aaefdda4f27267ae2c6ba

SHA1
792ff40717003dc5caac4961b0e736dc9b841c8e

SHA256
85acec5aa1097e5032c7a6d79ff97713f01902f35b2b92ade31c343f5dd1fca1

SHA512
858cb61b5c8a81b072477f8eb78cea72c03ec316b0c544726f3e7a795107377be9c968f02bc5a4a8b2621878f230a3288f323a766cff256226cd5e21000ab3b3

Download Submit
/storage/emulated/0/InAppBillingLibrary/log

Filesize
82B

MD5
54749b38c84f0fbf5b82a77ec4aaf36e

SHA1
8c6a1e41c0b7b9929e63e32ef8546f8d84d5d716

SHA256
8a640e94702ca8f0889a56b7911fb6ee8ae727be0eaf72fc0541a57499202f68

SHA512
11cb81e6f3fdf43b3de6b3c5db5c311093a6e5fc6e722c666a0b2c5c9d6b17ab9abae3c980dc2a0704db28842a72e7d6c4b4deb0010ce77bcae7dbd0bb2a5139

Download Submit
/storage/emulated/0/InAppBillingLibrary/log

Filesize
79B

MD5
6b01cd6e0fb72b041f69b49be9e71428

SHA1
e557faedfafbb1754703422cd48ee96cb7129cf5

SHA256
eef5a313217aa79c507f6693f70887d23fb5995ce81e96e7b522e53e144e3045

SHA512
46ecf9387250c9ab8d6348408028efb4f2ae2028e437f9da7b237a2ddb630f86ae7bc0743578fce4d9011511c0941645d39339140d05418b3aaacf9cd43f8f6c

Download Submit