Overview

overview

7

Static

static

6

96b65dd142...d0.apk

android-9-x86

7

96b65dd142...d0.apk

android-10-x64

7

96b65dd142...d0.apk

android-11-x64

7

chargelocal.apk

android-9-x86

1

chargelocal.apk

android-10-x64

1

chargelocal.apk

android-11-x64

1

Analysis

  • max time kernel
    2790436s
  • max time network
    157s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 22:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    96b65dd142be131fe78ec2ffe09727acc70aa5fdff3a11e2f10938eba3d5f1d0.apk

  • Size

    8.1MB

  • MD5

    a38b041b39fe0767cd10cae9855dfb5f

  • SHA1

    78bb259a232e26583919414aae78ab16522a0e4c

  • SHA256

    96b65dd142be131fe78ec2ffe09727acc70aa5fdff3a11e2f10938eba3d5f1d0

  • SHA512

    98b777e7f080bb20b74017ed3d6c1297b10b364e88b6b58df4dd0be4694294ee3f3a03365d1be2e83475077019803b7fb065645ba18be69fa30a040e0dfd81d9

  • SSDEEP

    98304:jvco5mi8GjHhga39PdAZdemyo+gC+OiMSIQ2rBQoXXh3PRHSVJKEdXSYGAIegQ:j0o5ZZPduYgtGQyXXFoW8XSYGAIeV

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.jiubang.alock
    1⤵
    • Loads dropped Dex/Jar
    PID:4269
    • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
      2⤵
        PID:4314
      • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/framework/clrunpath/-1068444737/meal.jar --output-vdex-fd=77 --oat-fd=76 --oat-location=/storage/emulated/0/Android/framework/clrunpath/-1068444737/oat/x86/meal.odex --compiler-filter=quicken --class-loader-context=&
        2⤵
        • Loads dropped Dex/Jar
        PID:4438
    • com.jiubang.alock:pushservice
      1⤵
      • Acquires the wake lock
      • Uses Crypto APIs (Might try to encrypt user data)
      PID:4364
    • com.jiubang.alock:com.jiubang.commerce.service.IntelligentPreloadService
      1⤵
        PID:4453
      • com.jiubang.alock:com.jiubang.commerce.chargelocker
        1⤵
        • Loads dropped Dex/Jar
        PID:4555
      • com.jiubang.alock:com.jiubang.commerce.service.IntelligentPreloadService
        1⤵
          PID:4598

        Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • /data/data/com.jiubang.alock/databases/ad_sdk.db-journal
                Filesize

                512B

                MD5

                4b78f6baa3ccc179a512f149791689a7

                SHA1

                660b4555e4523ac887ec023ee4bcc50f65d93f54

                SHA256

                685181590a8f9d6e621819521e3a748f7126cab1d7e1acfbcb3e49cb9224d861

                SHA512

                fc89f7d00fdc62020a8d6a05cd6a504cce4c9bda4c6d357fdba65b23bd23045bfca7220e7196abf8c6ac496743d1cbf8588d2dbbe2542f5c1fb5e16cfc1b7ab3

                Download Submit

              • /data/data/com.jiubang.alock/databases/ad_sdk.db-wal
                Filesize

                60KB

                MD5

                ecd56d88aeea1c6494efbfc60f725c72

                SHA1

                747eb7ce93534533cd7f5a8275c2eb9e19dd6f7d

                SHA256

                98bb86e5e33503cba998b5691b82c438e176b870eb24d020b2efdb7936330f15

                SHA512

                373fc4a290df59c8ddd166e57fdbb0e21ca284e6e38f2aab58dcb7ca21c4f189b82b1b1068a9d71d25d7af8a39bc80c461ffd8a95b5f1f7e6ab12730c40d2e08

                Download Submit

              • /data/data/com.jiubang.alock/databases/ad_sdk.db-wal
                Filesize

                64KB

                MD5

                ac8329a5fb45da78d77870f11971125e

                SHA1

                f9e5f9175cb43313080f3f2b6988eb422a6e7fb7

                SHA256

                cb80b0cb6a55de8977ee2d43060a508073c5a1bfadf1d9e54d3cfb888e7f1b47

                SHA512

                3517cc81e5984887eace933fe74f47c5557347fea68b3adb9af4f8d497d3ea7bcba572479723f205be4ca95a62fad1bea9450565e93bce61810d3a71d9ee0321

                Download Submit

              • /data/data/com.jiubang.alock/databases/alocker-journal
                Filesize

                512B

                MD5

                ec193a8a6ef0f8e86236c56f3b0172e2

                SHA1

                d68d47764cba2a46b688c0fca4fc6c7d324dacfa

                SHA256

                e56f9b680d0f3ded9cf702daaf9a413a6788547966122b94e019b4c2f4a8157d

                SHA512

                72bb44ca65e33799f8f64cb5bcc74178723d9675abfd6443cd7b8bc54de90a06a52bc9b35510b6accf7ac85793ae298f64fdf3d2ab4dde93b27b7ae77557ecaf

                Download Submit

              • /data/data/com.jiubang.alock/databases/alocker-wal
                Filesize

                44KB

                MD5

                5e6c1bf1dc1466fb74ac110be16629fe

                SHA1

                4d3c0560bd8ab57ec288f9cf886bba03d89cca80

                SHA256

                2252e6ee32d30a27c3f1361282e7317e402814052c49964fea9095972b3f2a71

                SHA512

                4e5b472c0a7771dde3720d47bffb1fdd655c7d4e1e164b6edba9689960f1c1d8cb7c2ec81f3324a9974c40b98ea521872753e3736eade3ae3f01d169c054fa0c

                Download Submit

              • /data/data/com.jiubang.alock/databases/dynamicload.db-journal
                Filesize

                512B

                MD5

                35434884ec40adc187190a2b8d06e1da

                SHA1

                2a91f9964c157dc79ce62016641d6ea51307c532

                SHA256

                48a0e40f4e04fd1622a93b687dc601d015320f55e5d1f06d5ef5c3840252aa08

                SHA512

                2bbc6b060f20afcb9f365923f78e109afa698f80dcd30a46303bc4dad11056b995f8c4f2547e087bab28f46ada4f9c4b4810684d33fceaeaef99083e0ecb4c74

                Download Submit

              • /data/data/com.jiubang.alock/databases/dynamicload.db-wal
                Filesize

                32KB

                MD5

                c4ff4faa82a597165ba59261fd3ef89c

                SHA1

                de29dc170dd2f23acd458abb25eeb08648119e1e

                SHA256

                80d56b3764e97369e1c0a8c8ae727ee46883b543aaba2c3f20e6306ae9e2fc3c

                SHA512

                255e7c92b77d8537457b80ac9e343d00138d7692f4b58808f96b33b51de8ff2f65f38858e48290a4edcd36be55d6eedc2068f47dc6385a9b63d6abf05ee0fd59

                Download Submit

              • /data/data/com.jiubang.alock/databases/gostatistics_sdk.db
                Filesize

                4KB

                MD5

                f2b4b0190b9f384ca885f0c8c9b14700

                SHA1

                934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                SHA256

                0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                SHA512

                ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                Download Submit

              • /data/data/com.jiubang.alock/databases/gostatistics_sdk.db-journal
                Filesize

                512B

                MD5

                d17f8e910eedca2e6b0cb0380755bf62

                SHA1

                1c5dacaf3f21784a8448be469f8526e91d8089d7

                SHA256

                630eb965b1f43d9bba00ea4c43685a0d7bbd50145f514633ad5f39bbdaa4cea0

                SHA512

                110cce5b208f745a047c82a8f9a1ae88272691473ca367019e60a4fd35eaf12e83155813c56d79e071de932b3e063ec77f14ec147fcdeb30233899323adbf008

                Download Submit

              • /data/data/com.jiubang.alock/databases/gostatistics_sdk.db-shm
                Filesize

                28KB

                MD5

                cf845a781c107ec1346e849c9dd1b7e8

                SHA1

                b44ccc7f7d519352422e59ee8b0bdbac881768a7

                SHA256

                18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

                SHA512

                4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

                Download Submit

              • /data/data/com.jiubang.alock/databases/gostatistics_sdk.db-wal
                Filesize

                32KB

                MD5

                342b041a1b891234f0813231bcf3df5a

                SHA1

                0632033c86b9b3f13051a1a46347fe47d91ccb67

                SHA256

                7f93b0902b4d5e54437ff4fdd94594f3c7c9036e1c0337bb4e487730c218498d

                SHA512

                42948e453a7fd74c35663bffa7d7d7442fb13ec61a2c9519ada94d9636c33f344bdece64c9a6e2fb664cb893b193f8a4f83b27c7c799df5abee1d6edd432f55b

                Download Submit

              • /data/data/com.jiubang.alock/files/AF_INSTALLATION
                Filesize

                33B

                MD5

                654870091cd2674f6d242555a54d8473

                SHA1

                ced497cabec3f0702e03f584eeef030647a7f6a8

                SHA256

                cfe83498e39d91dd7d5c9f7644944d9458491233297106e34386b3a294f3060c

                SHA512

                a6778d7ea5479a0a5185e3dea8dd2abc618fc659409df5af27e3460973c233892ebbb08bf71a066204a6b2a4be58471535d698f4aff4438d5fb3e6ab2a2a7df8

                Download Submit

              • /storage/emulated/0/.goproduct/goid
                Filesize

                29B

                MD5

                eb1d4fb341e55d78b832a4dbb548ad07

                SHA1

                6a76ed91528935a9a24bcf2813167583f4613dca

                SHA256

                cc9c1bbc669d4b19cd577e77dca78442eb614330f38cf0e69a1f25b50abc0007

                SHA512

                c6372850eae3feaa72ac3b4d95e806340c7d69140e6661b7290c8b4e9b2492a384fd286e440eb57d49730c5ae1acc06a44f2ae9f8dfb115d07b8d681c3bb72cc

                Download Submit

              • /storage/emulated/0/Android/data/com.jiubang.gochargelockor/hodler.cfg
                Filesize

                23B

                MD5

                a755bdca303541ca7b67fb938932e920

                SHA1

                b4b125c190d477aaad75d1ecb8d838d4868146fe

                SHA256

                f8cc363b8f133515e5b838a3142ca0b7f178fdebf386989d8a3ccb2d7d255e27

                SHA512

                094ecef56934b3769c68bf3083dcea21a7a8403f2a60f4692b10da120a04102c57c4be0bb3419f17856d24c90eb36a4a6b71c8f82c8ea6d352e493db9f8a83a4

                Download Submit

              • /storage/emulated/0/Android/framework/clrunpath/-1068444737/meal.jar
                Filesize

                1.1MB

                MD5

                af16ee1c6d61c49c35130db955c3e8f2

                SHA1

                da9af5db9a140e6475028e97892daeefbf36a672

                SHA256

                6cb640dbf9f172cef0fb1f3e46e25d1da9c48dba5e65cb5e3d4f434cb1b4ad69

                SHA512

                8bb16c3796c12e270ebc2c044bcbbbfeb4495e52f89bd1399c6df266e0e3cabc44b09fff86d7750994fedb7dcf5bc891dd103e54898ab324adb5943fd83204b5

                Download Submit

              • /storage/emulated/0/Android/framework/clrunpath/-1068444737/meal.jar
                Filesize

                2.6MB

                MD5

                5b692fda6b8e0c750453bfb1c9ea9fb6

                SHA1

                24d95328948efa8a82525a5ca1691ff0778a299d

                SHA256

                5e542031be2404bac6c3c9def72bbf910a4ce2f03305004aa9e1c5e7f36a9e51

                SHA512

                9366dcd1c07b50742d57ce06c2096ffeaa0c78bb64548656df52e5f09f4c5e1d6e919c17f273cf01ad49f41f30e71fe8445541070e7534c01dff117016d67c24

                Download Submit

              • /storage/emulated/0/Android/framework/clrunpath/-1068444737/meal.jar
                Filesize

                2.6MB

                MD5

                f33238a3025fbce44d37f1fbf9bffce1

                SHA1

                c9758df5dc95e6d57bdd66f51d84b415290ebc94

                SHA256

                ff27de746fec062b4e4ce002eebe5823aaa5684450a3ad8a2f1ac4ace9741e5d

                SHA512

                38872efdb93a674fae01fafab21c5e7e329448ced5ea60bc1627e4cc98a61ca5a509e12f75e9805d6fe11e74350e572a3196aa7e79a09ccde93d5bb1063ab629

                Download Submit

              • /storage/emulated/0/commerce/statistics/deviceId.txt
                Filesize

                18B

                MD5

                851c4fb9a461ebf2d6e958e3013d05a3

                SHA1

                fbd10a3e2fe2142725fa359f049cc2eff283cde9

                SHA256

                23babdca5d902c986cef4d7bc16f9ae2d7130147fe92b7d7d11a2eff38e5187d

                SHA512

                29a195c62793b0a4024b9a97f474e9961b2052d97e69ba833d00df4998a03fabf15968c346361e378f35b96725a07ba4ede36c3189716ff4a0062b59aff0529a

                Download Submit