996744dca9301180ab21c43b80eb58086acc6b3c3bc7bc4c2fb211e99beed84f

Analysis

max time kernel
2462785s
max time network
170s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
20-12-2023 09:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

996744dca9301180ab21c43b80eb58086acc6b3c3bc7bc4c2fb211e99beed84f.apk
Size

8.6MB
MD5

2c7fd8992e10f2d70b906a6eba41cb71
SHA1

7e52b8ce09000ee2ec2841cbfcfd1868e0f0d7b4
SHA256

996744dca9301180ab21c43b80eb58086acc6b3c3bc7bc4c2fb211e99beed84f
SHA512

3709ea1f30fe33254557aada4079660e609aff5d6c47d28a2f92fbd1fbf983bf5fbfd36636d9fc54a6782bd978c50ccd44f595c49ad2402cab11beb9266d4979
SSDEEP

196608:RwTEckqn2pGQiCvXI2MRczgPJfxyYaYUzmFRPRy1Kf2rfcasduN:R7ckq2pBlKczCJfxynYUKFRPgKsfR/

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.gome.mx.MMBoard

Queries the unique device ID (IMEI, MEID, IMSI)

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.gome.mx.MMBoard

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gome.mx.MMBoard:channel
Framework API call	javax.crypto.Cipher.doFinal	com.gome.mx.MMBoard

com.gome.mx.MMBoard
1⤵
- Requests cell location
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4529

com.gome.mx.MMBoard:channel
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4741

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.gome.mx.MMBoard/databases/MessageStore.db

Filesize
36KB

MD5
f1abc67cc72bf5fe66779fa5dd1dfeac

SHA1
660f6d1cffa2bf57ec29105e40d08ab103cf18ad

SHA256
a953ef381606a6d98d98f3278e94fc1d5b58a0778f8ea3e305111586b759c14a

SHA512
dfbe97f3c1f3a3ebd63fc5bcee1b1dd1b91dfe01ac95af8fe897f44079e852421fa0c4cf038da6e43264d50f3e612ddc2be9aa17bf47ef604ca428fafe0858de

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/MessageStore.db-journal

Filesize
12KB

MD5
87679fdd915c4bd5dbb81b27c4ff1cde

SHA1
7f849d491bcbd3b2b7cf3bf93344a5f10ebb3209

SHA256
3d4262303c5780d32d43916f9695f21e82bfebd529b5a15762cd7fd4899dbf6d

SHA512
f2156c610532b27f4d9343322fd974c455f475c74613c9afcbec963acc639e77bb8e7e68cec885556ccb1b2f24dc078a92f8bae90ce7ff3302bab4bca8a39e98

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/MessageStore.db-journal

Filesize
512B

MD5
133cccc6ecc33d9907f0bdaba8685b49

SHA1
965d99f888cce3a781447caabd895ae4947cb193

SHA256
242c8e780ff8a232d30a5e574062c0ba28288c36493c8cdcb5b1e262a9f68bc2

SHA512
68dcf7ed20c1bedad2e46054a9101d77d90982335bbc201cca7de3cc1dc127029fee9bffea90a80c1f1e48c00725c1240a43edb656ffb8d53fb878e786e39ce6

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/MessageStore.db-journal

Filesize
8KB

MD5
701e57d3cd0071c3c4ea4bbf92a3e722

SHA1
2e8f2f27108ed3eeb2b051297629d0b5526098d8

SHA256
76000dc6947e93105143441204f9150cbab63dcbb6b0f5e77b1725d888b71e0e

SHA512
830e16c92b3adc81414311e7a30442187275ab2e220a4a88d863bcf8be0a53307843273b6e0902934df5946522d8aeaaf7a1a10917943b6817a41f9dc1820813

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/MessageStore.db-journal

Filesize
8KB

MD5
f2206754ebe12155aba4ebf3c645eed3

SHA1
80f8827c1091f685395e96dcd02faf3ddec22dad

SHA256
376401f26c9e242c63e3689b3d513d733edaa3df7c5c657bcc77060891989500

SHA512
40ccebf9c8cb4f622fa51c26fb417124bb93e115ae87a79c02d1117a1bd4f706d9eb034c9c351f935e2854a31a1a58972c2b01777d9620a25f722a22858f8bc4

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/MessageStore.db-journal

Filesize
8KB

MD5
493abc5d08bed1aa36ee5677d6fa5776

SHA1
8cca3a483feeffd1e681b94494e436d1446f8d5b

SHA256
e2ea03359dd823ab5d637846c38dd2744d69a664bf7dbe8569fe6630dcc4e3ac

SHA512
c4b07e3640e2c215ed449438c94530cf49d8c7d8a2b2872420c7848e79e0b7ab7182a1442d011a742e699b45b6225db1c10fd837a84ca23e30ec393079c7a340

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/MsgLogStore.db

Filesize
56KB

MD5
a860ba3e3a648f73fc11269ff9ea9c16

SHA1
7167faf1666bdb05633e945dddc3d6af6c35fd0b

SHA256
4087524ad761d0669a39007849311b2b0a32c1a62d0a7ff04d4a77d702bfe27e

SHA512
279991548672e18e99522e1402ab96a3b1887a6ccbfa350cab5c5f5096807beb647b9cef0a5668755798f8032e243aab9ea5f1cfcd934671153d54fce48ef8c0

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/MsgLogStore.db-journal

Filesize
512B

MD5
ae59f44c7c20eb9cad481b92f761101e

SHA1
d8b8e4a207105af24e0f3e6c476fa81c2ff6b5f2

SHA256
b575c1ef4db24233a30efffb53bb9329b9314a58d8ae87a7af74c0d4c84cc7cc

SHA512
bb77ff305e53fdbef5e2eea7bff62a02f5958146d7e3df3139ea95784f54499803132330b52387e62c7cdddef1bbd4215c7ca31df082a2be9056ef84981225ff

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
b9e11a8b024cc51f0fb34f0ad4742864

SHA1
4500c0e97376b6c45b1006b2ab86fcb6e83d5bf6

SHA256
79e52a0f9d31a5ba0bf0681e394d77820148f2a29e674ee80393a3261fcd026b

SHA512
b73c146c8dc48c1ad581615b5fcd837ac270b6bc567239fedba22f58e6d577840dec959974b32ee80211af3de3973119c7a6f4110098027cb83d03c8fafb8c3b

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
34c55eb80c66f9e0347036d687c543b8

SHA1
54d1217642e0c7bff62bb67a7b104b567787249d

SHA256
e90671de326547eaf70280684c1431b33833de975d9709bb19c319d214e8aa61

SHA512
9b6cc9f8d4a8f3b409533c2817c57070a049d06232712d8571c247fb4ad46b17a270aef2fe4ac69717a6387f982d7922a88f1c61ec4f061f37b7e7b560a3d8b7

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/accs.db

Filesize
20KB

MD5
064201502ce25754236b3b5c12e24c65

SHA1
e2c89961dcf8306440bc99f7b058ef4680eacf0d

SHA256
b4ef8a71919ac4b6ef9a895a991b527f5c3316fd6204eb815366c9614dc71f00

SHA512
3f5af9d3e7fbca1c0a3f9ad5a8d8d8e1d3b3e3c79cfda89b6baef007aeafb4ec5738626fca1f682b73b0305a94a4e2bf17c0bdd4fc7fbacb80ed02c7affa44a1

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/accs.db-journal

Filesize
512B

MD5
1745fa487b5177b87f4d683d2ebbf4cc

SHA1
b09e1b888319a45cde03240ae8a1edc704b409f0

SHA256
13afda94d7c92cb1e0331f2ea4678bf36e5a2d524be6f495d4ceab5007300f80

SHA512
a0243b6283947bb0f7856546715a515146e99e89ef477cf8c8067cf745a417979ec2e7ae667b7700051ffa515dcc03f30c5934345d5f4be770049f6744fe6b0b

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/accs.db-journal

Filesize
8KB

MD5
2adf70d8be7325816450f207ddabd500

SHA1
33f03ffa7fbb07117ef5e6d9d45a68f6b08bfe09

SHA256
da0564f570997021bbf3620953f851aaa554958e7ee5f0a559c37dd9c94442b5

SHA512
34ddb908973c48990f8e024dc692425efbc5ef630e46a58e9cecea9f81ea6864c8b8f98dd77599e76001c1c964d49d3a33943ac0326d4735b40f3ad462b20d04

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/accs.db-journal

Filesize
8KB

MD5
896204597c2427627d1ea811cf34c77b

SHA1
f0db41a7891f82937e821e0aebd8fbe3872af623

SHA256
84ad0eaebf6d3c2d8520f62221a76a5f6a03b32132d83d1591798c61d3e7a7fc

SHA512
d24855351ce8f0c138217add0663949d65cc5a1e6531acfa738dde88f6093ae8f74598323d6b07e82692de633db4978f4b8855ce46a04d9ad35dcfdcedfbd5c4

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/message_accs_db

Filesize
36KB

MD5
7c0b5c6d1120bf3635cb815eb5e29f28

SHA1
cbb58092e164d3d098e750a608f3833f85a06476

SHA256
f2434b69ad5ddbdeb3796b9e34fa428cf6fc31bf987dee42c12816e3632a128b

SHA512
151d69445e8311fc78f40b5781e2e1f1d631e879e87a08d1076ac69d7ad5bbb8ee017fa4d5be934f9eaf1cd3a0aea87c40be405c2a601a845820d73705ec7a36

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/message_accs_db-journal

Filesize
8KB

MD5
e1d966a6f24f8ffc28b87e9eefdc20bd

SHA1
f3bea9adee81c1c35eb1ab1c6d61fbdeb88d85f7

SHA256
130e72986820211ae25e22dc6f99ac82415cf000edfe2e269ce565b393b9741e

SHA512
178e6e900017cc291d26653b22aed36eb46f067692d1daa66527b1d138a1f50e5e5349962238ab0293afc380bfb475e4ccf38e92c3a1f4e459e6e6ff79cc98bb

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/message_accs_db-journal

Filesize
8KB

MD5
b5c3769d6656498684a48eefc775faee

SHA1
99137b88ef6b6c04dfecd10b1a3636f8f1946c4a

SHA256
d9c78996c565954b235bcec6c2e90a0cd708fceeba44d96792dfc166b4129ec3

SHA512
dee3ff60b355b1a9e5a356c7e34fec42344c0dc8e5f03c6388ab57be148d70cf83baea1df173e330b296d168896f49595588631c2a2f6d2827587e6dda0fe4a0

Download Submit
/data/user/0/com.gome.mx.MMBoard/databases/message_accs_db-journal

Filesize
8KB

MD5
fc397a2004faeda2f6f62d63db9a2f6d

SHA1
7bdf48fdc6a89e410b744f3c436f1c13786137cf

SHA256
290d90fb2293d0a8fe3403e3f75fa83e07ca4931ce3668935f500a13c8c7c784

SHA512
88243919c245836df289da8f999d6f72e5e688c0a91765bb174045ba5758b852601d7e8828dce646eaf2cb0ecd0d7b930d08895335c78ecf6a0b46121d6c9482

Download Submit
/data/user/0/com.gome.mx.MMBoard/files/agoo.pid

Filesize
8KB

MD5
feb9eacb61fd64f8f2b85e3ff872178c

SHA1
06075a2c22c879fa65b3a1b62496a0d3785ab4b1

SHA256
418c87ca6dfd955d8925faba283a52536289a6420371c4d7b73f5eae67819379

SHA512
282524667eea468a0166f0577b327e8ee22dda6f366bc43cd8d8a8f50c8aa3a167a34ebdd6742cdeab386c259e75175f943682fcb941ba524a864013eb4f16ff

Download Submit
/data/user/0/com.gome.mx.MMBoard/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzMjY5NjkzNjAw

Filesize
1KB

MD5
9e4b728c51efd811e55df27c3613c2a4

SHA1
3b322521542f78543f249200512e9c6fb59b1e80

SHA256
b0e2b974ef12d553cc2307f619667905409e0cbaab49e2bf57f38ff6466cea0c

SHA512
0562ff40ba907c974a44cd7ee0cda53439c9502bbea09bbe137bb27f8100a290265e49d8a7f6acd3192e2d3c7c174f613f4058c68277e6eddf646880e1dee68c

Download Submit
/data/user/0/com.gome.mx.MMBoard/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzMjY5NzIzOTI0

Filesize
1KB

MD5
30bc1e265790a2f0e17b80101f056232

SHA1
486bb18e28325801f618cd80180a66990bcddb65

SHA256
140440e396caceb6c19176464caf9a5cbd93cb1801acc7611582ef047302911e

SHA512
33f50b0451fbc481c8b9b3efb181802c7777c79b1e2650b0e0115b28ad095170525ad4e7d0ef4f1856608e5f414546f950907eec366481a89aff76377e81101d

Download Submit
/data/user/0/com.gome.mx.MMBoard/files/umeng_it.cache

Filesize
433B

MD5
733b5e4cfb82cd4617376d6e48959897

SHA1
d937ce9dd3b120484aa75665ed2f2d5a15df484f

SHA256
d4dd081c287e5d852a940b97f439bb22100c9b3f0ed953cacd7d8ac5906331ed

SHA512
359daf0ffa797cdae603713c08b8b3543d6f41a44987e4d94cc8a65503d70db9b07e1d571685173e724694e825ffa6a550f441a9f3654f0be55e73b22abff27c

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
1854f2ea48e938d4b63ad2d5f9496ea2

SHA1
6c34d7a0968f282480190784346564ec686ae491

SHA256
fbda13ff241f2278f32efcb67eb55cdef520e84ae0a4fcc1e2e2621e81fa0570

SHA512
9702365fa9147e06969dfeff2df2c3356249e3c3eaf531f446391bcaff52f0945b3a99146cd75743e2096349b1f78263b4a84795b04ec54963edd3124b31301b

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
05d5a5d318961c65c911c359ed4f61f2

SHA1
09e69f58c8566cdfe34c4af608643ba6a2a6c1a8

SHA256
589cb1450302e9ecf70f4240cb56a552694ec4f0b0a7f74cc8e0b70bf249141c

SHA512
55bf035cc2e992725d2503163039a61e675ca16808fd82c4766fd3586b745ec122539fa1476033d0fa288098879fe26b29284758f4121f416c77e69c834bcaaf

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
512B

MD5
98e7274562597d8ea31eb6fbedff259d

SHA1
418aac765351aec5b546b42d11f9a9b0f296597e

SHA256
89a4331be35e0cbe6ff657c444097188cc54e77eb5ffd06096714eef1739858f

SHA512
159a6b08d2726d84f6780d43694db71b12ba9d753cd778007feee8f628745010fd496f908d80f85875e43a47e40eaf136f9ea6f2ef1cc29772332e1c7eb445bd

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
36KB

MD5
6b5db35f52497aaf85205918ade6cb81

SHA1
1d06ee1691fc452511b0513da19ca1f9457dcd45

SHA256
e544b3ae004daefed536780f0ba5f0e80e4d0f69f9db1ba153de88a222029771

SHA512
0c7d9bc49c959751e171db2c66ccb089ea9c369ee69a6cd34027c57506dcc3206b28e9c5b4be6434d2ecc7027cd7bc5429e349fe7fd77f72021fb3f21ec237c3

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
bc475d76cad1fe15f41e2ee08339755e

SHA1
5f081cc75b53c59a15d9fbcf15c195ff31d2f3f5

SHA256
2254a2cc8633e0439177ea4383c678ae88c077fb63db3a4c8d3e86267446503d

SHA512
cf5bb42e1768a133d96bea0462f8f5327454f32bb6ed54991adff83b14f96028ea143b32f1a937621d1fd84f0e11898ad0ff97df93f49ea2444e29578bdc727d

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
90cc4cd5a3fbeda67edff0a4f1efb229

SHA1
30e11f2f264e4d2941a6c3ea2389122c798a7447

SHA256
a5e79939ee0d3a47e99db0ec823e6b7a8a231e9e646ba480431539e849395856

SHA512
e482ce949d90b84a43363e48ad9593fd7bd64966fbf7cdccc053e47ddc0ebc616d962e2acb67679efe73cce4ac8cdfcd2933ab9dcb08011c00366622f21d5f1f

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit