Overview

overview

8

Static

static

6

d56509ec57...a5.apk

 

d56509ec57...a5.apk

android-13-x64

8

Analysis

  • max time kernel
    2837915s
  • max time network
    165s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20231215-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20231215-enlocale:en-usos:android-13-x64system
  • submitted
    22/12/2023, 15:14

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d56509ec57eab22745787af3847ed1a5.apk

  • Size

    17.8MB

  • MD5

    d56509ec57eab22745787af3847ed1a5

  • SHA1

    7723308efc8fccc51ce51c0e59e8b629b4ac4882

  • SHA256

    7541204e23b18ebcda1c83885becda85fd9aed744cee316ecdb02274ada8bae4

  • SHA512

    12638800d8460f566c9d7535809b441c8c72b5945f9da0a12ca656970de3ad54cfa7613dc8eb08dad37ede3ea2da454f84b09416a466c488d36c703480a82ea0

  • SSDEEP

    393216:I3GGM8Rm55Sj0jkyvPVQwqIWVTFMNroIAB9J3qw:pGYQyvPW3zMc9J3H

Score
8/10
evasion

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries the unique device ID (IMEI, MEID, IMSI)
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion

Processes

  • com.mfxsd.cn
    1⤵
    • Requests cell location
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:4284

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/user/0/com.mfxsd.cn/.jiagu/classes.dex
          Filesize

          5.6MB

          MD5

          641ba2aba2c7969611140dbd3b3233e7

          SHA1

          152e631d5b336cb996f17f59e289d2dc555f2d33

          SHA256

          c7193dcfed9a1d9af2c29af28c45f0d1c318344907cd290a96fd3e4f773ed9a1

          SHA512

          f89440e5f9f6cfa0261980c0e8f11d9d9ba931bd3d3e3e999fffe7b032836e59d2c76165de970e9ed4b44fb47494e918fdb51c7d2cdab9c2769157f094fd80c3

          Download Submit

        • /data/user/0/com.mfxsd.cn/.jiagu/classes.dex!classes2.dex
          Filesize

          785KB

          MD5

          3c579cdc884d285188c1f74308dfc784

          SHA1

          20b7bdb805437409b4418f57fef5e7e10b467196

          SHA256

          93173277795c30e0be6e13217c68bfba6a9a18086887a2fbe33f867c4a64be37

          SHA512

          3dbce96c3cdba1ebbb4fb9aa224b30ae95c35da21335e9511ffef01e4c74fc4315aa95a79ba8264b7b08b5992cb39901783a95968cfb7e40300d68bd04e384d8

          Download Submit

        • /data/user/0/com.mfxsd.cn/.jiagu/libjiagu.so
          Filesize

          480KB

          MD5

          d280346c134f75655acd484c75745d6b

          SHA1

          7d1ea0d71824ce214d4769981ed68b0ef86f1b0b

          SHA256

          344f4d98accbf8ad8a3ab052a649231f9ff1c9e7324374a6ec79d9de89dd9b55

          SHA512

          11ce3fc3f1a52900f140813a5362cc9bf4b9954139c3447a61fbc6c35c8eb75e454feaffdc043e999a167fb21bfe0ffeedb6b71359a5fe0867dcc44c7e14d16b

          Download Submit

        • /data/user/0/com.mfxsd.cn/.jiagu/libjiagu_64.so
          Filesize

          519KB

          MD5

          71002bb503b66d70f1c2b531184ce749

          SHA1

          c1a8f0e8b5f636b4df360f44227f078a4d147f88

          SHA256

          231cdea86dfd340f7fd36f30508eca5c4e90a82d006714101aecd57ed04ea7e6

          SHA512

          03fc8072925c4b497a5b6aabaee94acd90b773d266e5ee55a1127147691d43697077932d6faaf8e05b9d0502b455856e049e65823997fb62297786615d808276

          Download Submit

        • /data/user/0/com.mfxsd.cn/app_crashrecord/1004
          Filesize

          221B

          MD5

          ebda029c1346f17db2a7565f272c1096

          SHA1

          f8e33667885088909bd33cbdab84ccdef23b00da

          SHA256

          30953c9dff159a4bc85dfc5f9ac65d7076b9cfd6b1b60eb89ee1d84338b9c4b1

          SHA512

          f82d1c5a0e115359c0fa15dd16de8b0b77cdb5a639788267cb20fc4e9f3e1f2f50a8816c272a69a7e2c040b404bf9cc7a521b4f445c6db4d16c80bf7e42915bd

          Download Submit

        • /data/user/0/com.mfxsd.cn/databases/bugly_db_-journal
          Filesize

          512B

          MD5

          4414ef62bee526f1c9ac96b619575a89

          SHA1

          b340eccd3d1d33858918cf862465120e9a45ee3f

          SHA256

          5c2747ac9f69bde71391199105bd7d1a389228ac57531ef0a522c31f19d4c4f6

          SHA512

          94329401333751c4e3403610aaf3bb4aa3178a1593e053e692c2bdcfa1bc6a0fab6b6ea6215b84a125d1f3619372773e6b48673386dd48ba14d06b14aebe0ed9

          Download Submit

        • /data/user/0/com.mfxsd.cn/files/.jglogs/.jg.ic
          Filesize

          32B

          MD5

          b92998e5a56af7e37f577065d581b8a8

          SHA1

          36fa1136f6238fb7d4861df983e47cddc0fae119

          SHA256

          d2e4f148a4ce0943d44e9b6cb5d500db24915e232f9270a3fd3c94e9439275fc

          SHA512

          03b95778b7bb128b54fcf58b4d5f4036d00838c0b8ed5400ebc4603e9784ab7a422a0988522d09801e9d777a974f18489fbf560c677d04750c4dc38eeab959f0

          Download Submit

        • /data/user/0/com.mfxsd.cn/files/.jglogs/.jg.rd
          Filesize

          32B

          MD5

          e00410a29fda50a715b92d59e2fcbecb

          SHA1

          0d511bae79c85940d3076767a9c4318d282201e3

          SHA256

          db70f62a6108c5bf078529a6909418753756341e7eca2bd20a1be38854233f42

          SHA512

          4c9f44476e8e5cca30fc82befd93f31313850f709bc37ea5a6a34689203c7f6e264a6e6fe77a1b377110dcb04ec8d8351125843ffe26cf68d068789f7908bbb3

          Download Submit

        • /data/user/0/com.mfxsd.cn/files/.jglogs/.jg.ri
          Filesize

          307B

          MD5

          9a7343e27c541149168fd4682d5a4e44

          SHA1

          0626d7ead437134e2a51ec6d77e0553690a5cf52

          SHA256

          1b35ed3d161138731173ff8825bfa6fe2392de1f8de6dea40205f48d600e0887

          SHA512

          ce3fcc449f77daa40c59d19af93cf97d98d07f49a1f6120efc661373748f9f2bf32aab21d21d42b6ab1b873c8cd3e8d5c48c055aa262e3727d080288af9e4d1e

          Download Submit

        • /data/user/0/com.mfxsd.cn/files/.jglogs/.jg.ri
          Filesize

          307B

          MD5

          aa67d1ce9694fcf8655d1314215b9932

          SHA1

          f9a4b8fcc7fef5c3347fc79b6b73e6275ec9e121

          SHA256

          dc0361ec73eb9ca3122188409422d37c3f59cb8910bdee153095bf3e478a5418

          SHA512

          643c0a2a6909b4ae7cd6eb6bcbc6ed6638701e03bb340a78f868acc843851955d99993dd407bf7a9d817fdc9c2f6f3be07a3c3e003303726985f8f58d5ee6185

          Download Submit

        • /data/user/0/com.mfxsd.cn/files/.jglogs/.jg.store.report_cf
          Filesize

          54B

          MD5

          7e5320f742af6d4299d080d906f8c030

          SHA1

          b8ef232832ed5b1eaafaffc49fe929400edbf5a1

          SHA256

          fc8c1c9665f935e3075c3ae76172bed9ef7055dc9448890c11a224b4048f9f44

          SHA512

          9512f2c986fa7ec0e400b0a5fd1250f8daa8644533b346a5e7e7096058273c5af439913e749185049a0ad4c4a4cf0e1df0620498650c8232096fba90af3b8a5e

          Download Submit

        • /data/user/0/com.mfxsd.cn/files/.jglogs/.jg.store.report_cf
          Filesize

          32B

          MD5

          fdf6a6691956582680effb95291da41a

          SHA1

          28f40a5772d5d5825f10b93394e181f36f73bba5

          SHA256

          0d072bc2bf4fb3f8520eb7dcfb949f279be40c667d577bf0ff96f8e42eab0a80

          SHA512

          96e290ebead7e6abbb559cfa13226aa3d15e2829d49c0726c1e4f53e2b8706d273f341eb0a11c06e6ea6c9b992e1ea5adb0048cb4428cf4a7263d6a3aa650dfc

          Download Submit

        • /data/user/0/com.mfxsd.cn/files/.jglogs/.jg.store.report_pid
          Filesize

          54B

          MD5

          2909cb9dfb4fda5db1ce4a690a59a3ad

          SHA1

          898d3e61f305028f7e53e25899a2d2ae1c79aba6

          SHA256

          495cf22efa1aa112d056ae8f744aa8515bda51155f241f782bdf586aa53b8e46

          SHA512

          dea34a84803228a21509dfcc75b41c7a9d263ea42ade383f74b66a6253debe79a379e3c1e74eacdd6cf1c81f0019972f0504f14d040b751cbb36acbab6845d49

          Download Submit

        • /data/user/0/com.mfxsd.cn/files/.jglogs/.jg.store.report_pid
          Filesize

          32B

          MD5

          bbecde5e0d5256cdd380d96bf9509fd7

          SHA1

          5db93ef9e40e85a7b53936a168f8dba65ff67b9f

          SHA256

          a8155a5a61d545ceec13cebfaac5adc64905579b679069af51a6284148583295

          SHA512

          c61a14eb0c7e466da56324c032cded6753426d22e107843755a9f36753d6037d563384acf3ded48710a84f4c7669ea0b77aab72f8997eb001956f883d2c75cda

          Download Submit

        • /data/user/0/com.mfxsd.cn/files/.jiagu.lock
          Filesize

          27B

          MD5

          0ad717a8f2b64615ed42d60765796f94

          SHA1

          a2dbc56a5945b9e86fc57fc5a4a9737d4293c136

          SHA256

          2c82dcc760f8dab7d3f2e6b37fbc53f81b409183f301bc6104373279a15a7f00

          SHA512

          d9d7457f4245c09d0452488db426782434d2a913a0bc9ad1ea99ce8ea91087d9abc04b059181853ff6a2a34051a8503eaf7c5ae12bb4915272a79e2435920a1f

          Download Submit

        • /data/user/0/com.mfxsd.cn/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNjQ0ODQ5NDY5

          Filesize

          1KB

          MD5

          f0a9527ad3b1bf8c68f1b45efd0f2fe7

          SHA1

          5195624f528aadab2b8c52b059c39494671b81ba

          SHA256

          38132f53194f1de0e861d73bf072ad8736fce823864007a54fbbd8ad6e60fcf1

          SHA512

          1f95a2f1095d71713612b6cf253ff0843c412a66101470354213bd2b3f0c2fcf2312fde9cc050038a65f0bc5f2e14e0ea19588fe4ad76662e7c12d4e42c31a08

          Download Submit

        • /data/user/0/com.mfxsd.cn/files/umeng_it.cache
          Filesize

          350B

          MD5

          77f90f67d18e0def397daa4c4cfad4c2

          SHA1

          9d7b7060f3724281c3ac7cd97f0ca04646ae6e46

          SHA256

          0fd025b098354e8b7b5c5deaca1be64b12b7ea0f7deae5f19d506f3a4d5835bf

          SHA512

          78fe76cd9697517cca4d975d9e3ca83d29f2cf92a9f7795e24a76c7efbf384cdcc3183bfa9e158dfd18ba7b04bca6dd6968fed4874d8cfcac4ccd4f768a04264

          Download Submit