aa1f15ac55ec976f4e60c54bc49bac88bc644e18b995f56a6a1576821c2c24f2

Analysis

max time kernel
2520694s
max time network
168s
platform
android_x64
resource
android-33-x64-arm64-20231215-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20231215-enlocale:en-usos:android-13-x64system
submitted
20/12/2023, 11:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

aa1f15ac55ec976f4e60c54bc49bac88bc644e18b995f56a6a1576821c2c24f2.apk
Size

22.2MB
MD5

1b3ce4203e09d377ae44c8258de89e1b
SHA1

6025ae1d35d90cf9b6eb2eb11822f0890e50d284
SHA256

aa1f15ac55ec976f4e60c54bc49bac88bc644e18b995f56a6a1576821c2c24f2
SHA512

b27976fe240a65cac215cc0b3a6342b086f3307a8c3aa3052d863e42ec6ce39879a6bbf4ffda8c288a3a1ce3005da63af61ffe1e615e6f4b9c6953636bcf82e9
SSDEEP

393216:rlvJVRfkoLbFiALuWajrAampRipN7Hr1+uHMsIR1BGYNvdboZYY6qoc/qox+iczs:rlvJnk60QuPjdHrY3B7NqZYY6+/vQQ

Score

8^/10

Malware Config

Signatures

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	cn.com.weshare.jiekuan
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	cn.com.weshare.jiekuan

Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	cn.com.weshare.jiekuan

cn.com.weshare.jiekuan
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4293

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/cn.com.weshare.jiekuan/databases/tencent_analysis.db_cn.com.weshare.jiekuan

Filesize
12KB

MD5
d89acee9fbf356695093f2724f643ac8

SHA1
22d2f857dfd38f9df961569715333e53fe64ee36

SHA256
4e1313b40c676cdc9653aecd74da0f6212f5d84ef960e1e8bc249811bdeb5783

SHA512
66448f754e7932dfeb98d20cddef9fe318b3a3aff17c2c47d065db78c5f830208febed67faf30a41977bc62cbd5c7a6e8205da054ff296843a75ca1b463f420d

Download Submit
/data/user/0/cn.com.weshare.jiekuan/databases/tencent_analysis.db_cn.com.weshare.jiekuan-journal

Filesize
512B

MD5
65543ffcaf412b561f8b43887952efda

SHA1
c20d6ea29abf5f18d20a67155e50a8e1c7397df6

SHA256
ae72e70d48bdcc36bfb77dca525bb10028c40aae626a633a8abbe579a859d58c

SHA512
787124bd892b5fbe7f07b65a26ae04e9ad21b0d6f9935eb954b906670f4c6d51bfc087ed53f37c29b89fac8e43b215cf8e042c2bc5042cd5600fe1252bb0ea32

Download Submit
/data/user/0/cn.com.weshare.jiekuan/databases/tencent_analysis.db_cn.com.weshare.jiekuan-journal

Filesize
8KB

MD5
60958250836476f5c9c9bd87691038af

SHA1
da318725a032fac376314153cba9175268396859

SHA256
064e18665d3fce0bedfd0b4448f45bea2308991ce4cd4fcd48df0bc01b0083ae

SHA512
f0b432a8974d6af3e6a71b32bea37b766d7e661b58833d85eff34dc9ded48d98ebf6c5fb702d498284d12d15ad0fde2d897a682fa6f698a4b0c60eea289ca689

Download Submit
/data/user/0/cn.com.weshare.jiekuan/databases/zzjr.db

Filesize
12KB

MD5
edb655088d1ed9f33f9d0d499b7a3ef5

SHA1
565c4f4e43179dbfc285cd6331dc8ac75a901af8

SHA256
bb9e45aad35b43e895393e7a66e4ead6a5f728f90b7627e3c741d391bf65d4f9

SHA512
98cbf923880de82921c38973fbc6d711dc39884428d1eb4ead33658a5a7f163734e5121823d5b043ca44554d19c5b6f966674ac7291513944a94cec97d5be599

Download Submit
/data/user/0/cn.com.weshare.jiekuan/databases/zzjr.db-journal

Filesize
512B

MD5
d608b73c426a0a75cf14a9566014a88b

SHA1
38df545f47be4c552db1d55beef5418b84cf334f

SHA256
448ac07242549333e2082b2bee2e88dc8b2c5a50a12c010b8f95f96313d61fe4

SHA512
deaaf5988d226259b07f3cdfe63cebc3566c665ed66ce7f03165e5176acf5e4687e8b9776f7ea8875867d52ed2377bcb3f52161fbeacb3b2ed09426cdc4547a3

Download Submit
/data/user/0/cn.com.weshare.jiekuan/databases/zzjr.db-journal

Filesize
8KB

MD5
8883fdbbae834fbf7dd3c5f069b1592e

SHA1
7bcef27f22c9e736d126197004cb5f05ed5f60a7

SHA256
3723d0ba9438ea8fd393cab7a5d2e42cb0e31806b8e90ff87f0bd49fc50cf2f3

SHA512
b4bffff80d90033ac7b93d60035af747b4edfbe0261518da6c69dabae7abed71f637753b8c1645c3aeb1f7a1342abb67e0b76e9be734ac3416f9ba35f26060a2

Download Submit
/data/user/0/cn.com.weshare.jiekuan/databases/zzjr.db-journal

Filesize
8KB

MD5
8cfd3731094220a0a48ee643c9ff155b

SHA1
a0fc3b214c5f3054e9e2a96028c5ee80d24eb907

SHA256
28f7bb0bc4e982fba2b56c564d9e93e4a865f718a606afd251fda79d976d4772

SHA512
0d3f4b9bc6a221a1a9ab6a181310897d6b929cf8a65026b028142ce8a3837340badd4a22cf829a11e0c7d7d101311746c088a9dfef1c45c60b9b2dd238c816f1

Download Submit
/data/user/0/cn.com.weshare.jiekuan/files/shuzilm.db

Filesize
323KB

MD5
68d6c315394f3a0a281fdbd23c6bdfd1

SHA1
5d6fa816e3286a27250a28792705186f1f8595d9

SHA256
45288cd86db84ed1b17f356bf1a9eab7265df0a464ca1449341295cfda7da34c

SHA512
00df0c9daa1837828253ea9297028d0f09eb3b33d460668ef291d0a11d23cd0d6ce5bcbb9fba0952551fcaf6557ceeaa11510844d36c183182d0abf727a9fe72

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
32B

MD5
3c0199cab6f03e987efb945c361ef3bb

SHA1
43ca306ada785c748b464153f0cba04e81e5b16b

SHA256
1b80cadb5a0dd3780b01caa2c6d2a0b65b12b1962073bb2120f79a7b4db51c35

SHA512
b90c625d7c79691159599335172d7f8583feedcfb3a3c6fd101b30888abd567751927e6978cc5e580da79ce794cd3e98753e9ae5581367dfbc1ce3b1862f3c35

Download Submit
/storage/emulated/0/zzjr/share.txt

Filesize
46B

MD5
7fe32573ebafabc75464ed4b926539fa

SHA1
90bf291c7ac5352582ba05180644627281447ed1

SHA256
27be4afaa7f847e0ee732932bc15e8fc7f6e2569bcfdabe94729d64383dcea8b

SHA512
d809403a8c52ade08fee1a4322a6940a264e5b356e5ca1a3671e798c0dc0c69d1f7d091b67f16aa9fc35a14373442040f3d3835317cc2ad578ffdb87d2b5a629

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads