91624b93bcb0d87e3f187365196cd356b99ac794928e0d91b350e6172a4c0e72

Analysis

max time kernel
2415667s
max time network
159s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
20/12/2023, 07:56

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

91624b93bcb0d87e3f187365196cd356b99ac794928e0d91b350e6172a4c0e72.apk
Size

1.1MB
MD5

f67f48affb593eab7737cdf7456e5cae
SHA1

08ef1e7f667910e178f4468d229817058fe06088
SHA256

91624b93bcb0d87e3f187365196cd356b99ac794928e0d91b350e6172a4c0e72
SHA512

2472b828590e7fc3d37720785f0ad9b4ccb7eefb8fddd4eb9f01a12f4ccf40b835efbc3bfc903851003c4b526220d735f6ea06efea47c13e214502fcd98a7e76
SSDEEP

24576:MpYkiV8GYKLb4+PsZ9jNHoVbHCD+zsAxjFQtpzpBlzmQWd2SmX5MT:uGYK/hUfjsHCSguWtpdBJmQWC50

Score

8^/10

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.moon.hao2.shijian1

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.moon.hao2.shijian1/files/__pasys_remote_banner.jar	4626	com.moon.hao2.shijian1

com.moon.hao2.shijian1
1⤵
- Requests cell location
- Loads dropped Dex/Jar
PID:4626

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.moon.hao2.shijian1/files/.imprint

Filesize
849B

MD5
6c6f52db9be630d3e16180d446d3c70d

SHA1
a9c567db799a3087e60d9984a4c95587748494e5

SHA256
312b26f6e86252568b2776135cc65033162ed85eab64ee527b68b10421727011

SHA512
cfa3e9696bb676d0005ce141c74dce38907399a3c12e743b617266d24fffb8ad139ddc3159e31dc57845976133eaf0e002d92ff0b74651f30f43678f9ead4a97

Download Submit
/data/user/0/com.moon.hao2.shijian1/files/__pasys_remote_banner.jar

Filesize
231KB

MD5
c601107d24f96646ae86f74b0fea880c

SHA1
8a8ce84fe5b6e186ddcd69c8757de4fb1aae7ed1

SHA256
939120d702d97dc47c6963d98dc1d2694e0fae5f5d5199c0755f54741a3c2a16

SHA512
b573a0d74ea8c6e99c3ebad4ac7b42ce46940231f8a90c9b19c887c6c20356235241068d187aab2bae9914c3df84cbe80bca13b5b6d070247353f5e5eb282f33

Download Submit
/data/user/0/com.moon.hao2.shijian1/files/__pasys_remote_banner.tmp.jar

Filesize
114KB

MD5
2ad9fb4b2d9b333883b7e38f61c2fd2f

SHA1
5b85041452d173ed0d81d25b9ca78608a998e328

SHA256
b9310a99f1b60959f6b725eea74623dc491adec55da740c17e8c7e02f35818f5

SHA512
6fc04e1e22ebf8920b4928a8086cf3e0814d155f79f80d71622916f6a0911262382710e5ee2acea653db4b387730e201134592cb9992b14f3aef8b09d83bda90

Download Submit
/data/user/0/com.moon.hao2.shijian1/files/umeng_it.cache

Filesize
245B

MD5
23d028f92a767f0efec11ee9488a8fb8

SHA1
bbf199ecfc3f2083648b711366f1e209562eea74

SHA256
5d78233d8decaecbfb55f73b49890b97fab3ad9748070b3efd877368971f1d31

SHA512
c120308c5fb04ecd4bf4bdb19e83d4410e56ce9fa6f65e089e38c3916e6e2bccdeda99e5a5ca3079d853d54984c05e0e61ad9b6b45944cf49939c370c4bf971d

Download Submit
/data/user/0/com.moon.hao2.shijian1/files/umeng_it.cache

Filesize
125B

MD5
8716dab421b6b0f6f7ce623a1fb3b56b

SHA1
af402e74078e53fad1477fe07872ae5ae317e8f5

SHA256
11b7462a6847b4851799a867ff88f0aed052a4c8b500fcee2f4a599a95811fc1

SHA512
26d1d3f1dd562b3476061126d7530833de9653f4c0487ee188b7c19b94876cb4b206a61b85c12b0d8de34ec584fd92d9f609150de2b9b88c12dc17551076a281

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads