Overview

overview

8

Static

static

6

a83b892e4c...26.apk

 

a83b892e4c...26.apk

android-10-x64

8

a83b892e4c...26.apk

android-11-x64

8

bdxadsdk.apk

 

bdxadsdk.apk

android-10-x64

bdxadsdk.apk

android-11-x64

gdtadv2.apk

 

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Analysis

  • max time kernel
    2495724s
  • max time network
    162s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    20/12/2023, 11:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a83b892e4cbe750cdc72315043578c9dab444083a16fe6f73c95f898b6307426.apk

  • Size

    2.3MB

  • MD5

    c43b9dc5d8282b25d9adc1e26c119390

  • SHA1

    9a718052ad71a39d3e259c6e2295211f186b491a

  • SHA256

    a83b892e4cbe750cdc72315043578c9dab444083a16fe6f73c95f898b6307426

  • SHA512

    4521e4383f27f37ef0a0d5d7e7214f72e33e7499bcbae64c45bb6bf52931e48f83f8b541f3702f6e45edb52c0a3d58930b61eb5feb29494954b02cb948df1100

  • SSDEEP

    49152:sqvE/I1p5WgbM3ruLD343IPpLjoSSAbh5XvUBmWY+7+cFGG2XN:sqv0CoXruLDUIPhtSAl5XE5t7XO

Score
8/10

Malware Config

Signatures

  • Requests cell location 2 IoCs

    Uses Android APIs to to get current cell location.

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.zeek.notstop
    1⤵
    • Requests cell location
    • Loads dropped Dex/Jar
    PID:4581

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/user/0/com.zeek.notstop/app_baidu_ad_sdk/__xadsdk__remote__final__builtin__.jar
          Filesize

          84KB

          MD5

          15cf2b18a418ed61950abcbe7b97d17f

          SHA1

          65f19f2f31da78769fa3d5e22ed23a903b27449a

          SHA256

          40289ee4823f569e311598cfdc814028e15723f9dfbe86483cc6c0e36336f494

          SHA512

          cff777d140d2895159727571ea1d6a7f6966f1838183f6915f4c78613f3054d642aafc80e6bc39e3e2a5385f1596d397b35bbcf2d83cc5dd078bfa7ca18b5f8d

          Download Submit

        • /data/user/0/com.zeek.notstop/app_baidu_ad_sdk/__xadsdk__remote__final__builtin__.jar
          Filesize

          207KB

          MD5

          f13c5e5d15d4529a941009a391d338fd

          SHA1

          11d50d18e9ca4f65ae685abc7646bd7180f8b21d

          SHA256

          1282df6e431b6027980f9460320b72779c6bcd19a28886cdb5fb77ea5e434da6

          SHA512

          d191b3a03019c94ac801c13763698cecad99df80771c9af03770b411b4074a8583b0c034edede0fd19307799d3a001d996b45beeb9e3a7b9fe1fcb19b19e6e40

          Download Submit

        • /data/user/0/com.zeek.notstop/app_baidu_ad_sdk/oat/__xadsdk__remote__final__builtin__.jar.cur.prof
          Filesize

          218B

          MD5

          6062b079b5a6d7ec9b046e03c9bb277d

          SHA1

          0cb6dc0b79b7b5de930afe71107bed2edd9820b3

          SHA256

          30f2703859f6843879ba21e68a0e72581a5f45fc6c97dffb5e1ec87e7931510e

          SHA512

          4630c68f0ae9e43f6165a67a6fb3dbb04a84b776bdd7b24f24e4922bde8b2bd3ff7e8b051ab6845429eed6f92c734d3d4605b0b967e9d05c743a35ded1ec4092

          Download Submit

        • /data/user/0/com.zeek.notstop/files/.um/um_cache_1703302697876.env
          Filesize

          640B

          MD5

          aab6f653787a8393218f972fbbb45c81

          SHA1

          b6edf7804ccaf54017cb2522fe94163dc0090658

          SHA256

          0322b906848f47b7df5114710223cad7f5e09f66c4b2a70ab9307287e9f37f40

          SHA512

          9772bc4cf579ebe52f1c0d1050db6ff3c14beeff8c481ef9a0594fb9dc115b707817c11a22343abb0a25c507f77a96a02cfad37285e0460970ab1741e63514cb

          Download Submit

        • /data/user/0/com.zeek.notstop/files/.umeng/exchangeIdentity.json
          Filesize

          162B

          MD5

          06f34d15ede4917b46ed89be826a4fa6

          SHA1

          853572b6513358033ceab51592a993f041b657fd

          SHA256

          5a304a8c9d9fc7ce94f02628e2216ca0dbe088159103dac2a4e9ee4a4a67dc3c

          SHA512

          b6535ec6644482653c77203db18d9a7178d607a3639d03e6a6e20a7503c37dd883ca6396903f7b702e72492aa956d7a431f1f648384ac29d6aa4deb97d8367d8

          Download Submit

        • /data/user/0/com.zeek.notstop/files/umeng_it.cache
          Filesize

          352B

          MD5

          e44a9bd850fa77022a2408434fd7fd01

          SHA1

          40667978e920efda7b5abfca5bec03598b93b755

          SHA256

          ff54d9588611e2b927bac74144cbad77c1f2820fbd810096932f43ed1c200f32

          SHA512

          8eda6ca2bd745b78ed7e47bcfd40e9ad036396a01c1ac33048038fb80a37cf2d87cf861a0252daff631e3e612e3deda4a490ab9037c7066b8b06e85d6eedf9ae

          Download Submit