Overview

overview

7

Static

static

6

96b65dd142...d0.apk

android-9-x86

7

96b65dd142...d0.apk

android-10-x64

7

96b65dd142...d0.apk

android-11-x64

7

chargelocal.apk

android-9-x86

1

chargelocal.apk

android-10-x64

1

chargelocal.apk

android-11-x64

1

Analysis

  • max time kernel
    2663426s
  • max time network
    165s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    23/12/2023, 22:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    96b65dd142be131fe78ec2ffe09727acc70aa5fdff3a11e2f10938eba3d5f1d0.apk

  • Size

    8.1MB

  • MD5

    a38b041b39fe0767cd10cae9855dfb5f

  • SHA1

    78bb259a232e26583919414aae78ab16522a0e4c

  • SHA256

    96b65dd142be131fe78ec2ffe09727acc70aa5fdff3a11e2f10938eba3d5f1d0

  • SHA512

    98b777e7f080bb20b74017ed3d6c1297b10b364e88b6b58df4dd0be4694294ee3f3a03365d1be2e83475077019803b7fb065645ba18be69fa30a040e0dfd81d9

  • SSDEEP

    98304:jvco5mi8GjHhga39PdAZdemyo+gC+OiMSIQ2rBQoXXh3PRHSVJKEdXSYGAIegQ:j0o5ZZPduYgtGQyXXFoW8XSYGAIeV

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.jiubang.alock
    1⤵
    • Loads dropped Dex/Jar
    PID:4984
  • com.jiubang.alock:pushservice
    1⤵
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5081
  • com.jiubang.alock:com.jiubang.commerce.service.IntelligentPreloadService
    1⤵
      PID:5170
    • com.jiubang.alock:com.jiubang.commerce.chargelocker
      1⤵
      • Loads dropped Dex/Jar
      PID:5368
    • com.jiubang.alock:com.jiubang.commerce.service.IntelligentPreloadService
      1⤵
        PID:5578

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.jiubang.alock/databases/ad_sdk.db
              Filesize

              12KB

              MD5

              ea628e04765adaf4238a5dcdff4bbd51

              SHA1

              a801947619ea8c368efe9c006a324dc6339ac60b

              SHA256

              885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

              SHA512

              c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

              Download Submit

            • /data/data/com.jiubang.alock/databases/ad_sdk.db-journal
              Filesize

              512B

              MD5

              82b50c8d9ffc10af6d25f3bedcc2dc17

              SHA1

              bfb8f3ab53d8c3475b7c0e5fea09ba07ddba40ba

              SHA256

              e1ae3626985bd8140a2d80902ef107bb87a7f9039ea35b1396885f7a5a3b65e7

              SHA512

              c19d5a85b5194279d71f631a2846306ccd06ddc888406708ce21c690a7449961876f0aec5cace3add363ac543aab4fd43ded08d0766702fdd57ce7fd155fb761

              Download Submit

            • /data/data/com.jiubang.alock/databases/ad_sdk.db-journal
              Filesize

              8KB

              MD5

              19f8d0a97c3907f50ada05c3ebdae77f

              SHA1

              a17080a705f88fd9fed2c9fc40f5adea2888b1f9

              SHA256

              416fdb8d6053c7023fcddf8832740324419eb2113a9a2b330b4f97b1b3ff17d5

              SHA512

              98eb76c96bb58d7fcb642bfd08400792f6446bdd2bc11cf9b9ddeaf8cd4395d49c84e22b2aaecc6d6aaf6cbc12bcf587264e94117dcfb94c77f6b64bd84017b1

              Download Submit

            • /data/data/com.jiubang.alock/databases/ad_sdk.db-journal
              Filesize

              8KB

              MD5

              3e0717e35c005ccdb716403058e58738

              SHA1

              ff2a6c3c5492473f4198d20a8475344ca8611da6

              SHA256

              2fca6dcf869a82482f7ba64c79023c253f25e3495b2b7d34a434849354b0c5af

              SHA512

              172d61d5723ca5ee1bd901aa951ffb6371aacf69bbf9d1154124c0d4582c7aa2fc4bbea9ac21cb0960a47c8cfc2e6ce002d0035deb08c5d7daacfacbbf5d049b

              Download Submit

            • /data/data/com.jiubang.alock/databases/alocker
              Filesize

              32KB

              MD5

              30fea93c7ee36c3268859ebda421045a

              SHA1

              09623b00e67cbb27bfd7c23283a38045433aafd0

              SHA256

              09689978f8e47a2ea1875250c76d7230dce9d83479b90100c72b398efa255158

              SHA512

              41159989b4395b1374d4170efdb2a298f41b227f907022cae1970624ff030e6d762732ff07a8a383b46b4b200cbe8d6b196b20b19e36d5524995deff5e187b95

              Download Submit

            • /data/data/com.jiubang.alock/databases/alocker-journal
              Filesize

              512B

              MD5

              356168422ba89a4dbffdaa3739b72fdf

              SHA1

              33973500eebf631be7fc4deb02124260fc2b1c93

              SHA256

              b18a51cce0efb3f7d28725a77e1efbe169bee83c9e15d7dc42aa1d44a49720d2

              SHA512

              5eb0e68827cf61a946bc774f0bfdc90eb52f9e8ad4dcd647cd2765e73e4bca4231c82c7adac30fb6c5872b4bf2e2803baeefeecc31350e1eae87c54493f78bdb

              Download Submit

            • /data/data/com.jiubang.alock/databases/alocker-journal
              Filesize

              8KB

              MD5

              9056fa24a278ff0984f697dbbb56cdf5

              SHA1

              7d682208347d046365a9e983bf29c86accb3dd54

              SHA256

              7d8784e587516afd0734cf89b386fefb55ad49823bb8c28e3ede35a2cbc46bdd

              SHA512

              53493d3ba42c2392bd6a1f5acdf0404861a024f3c2ece875eedd7831ac374a40ec11f7bb6a629013c7e4297be962c8c126f98be4cbcd6edd759cc2aeda47562e

              Download Submit

            • /data/data/com.jiubang.alock/databases/alocker-journal
              Filesize

              8KB

              MD5

              c614015fdd49c6bf0709ef6730a5c106

              SHA1

              b10ee3b1c733dc57943b55a24bbae030d8f5fdba

              SHA256

              6a19191774f05a5bb77a10c11254e49e0aaf855586c9de6b7fb765d9c4170d43

              SHA512

              1926dd155e4a3feff2921a3c6a08ebe9dc8689cea3224d1be806bdf46ecad5a81a022f0cf19aa8989e185ef137ede364aa27ed38424b0ad981847b3ae97e33ac

              Download Submit

            • /data/data/com.jiubang.alock/databases/dynamicload.db
              Filesize

              20KB

              MD5

              8a61f9c77dda82b975d4f6f16cd33187

              SHA1

              8c757efcff966b934ade6f323993068b43608829

              SHA256

              c96a04d940e879dcfb9461eab0810ef247362e9d9440313efa178bdcefa760f9

              SHA512

              1c9ffc0ee14a7025722fe6d68a274e086dc7d0e1e8c5b6b092d8f42ba978a0c1abadcab91c3ac13b02aa5ee87294ed3e2fd4a709fc3cf21f80f51269cc69b74d

              Download Submit

            • /data/data/com.jiubang.alock/databases/dynamicload.db-journal
              Filesize

              512B

              MD5

              2c28f4bd369f236906114b6021ec1901

              SHA1

              c1e5b33c8793953cb1537fc83ece92ae643a67b2

              SHA256

              e9b99c09a4c8dd521d799b8e739b00b6749b5f2b943b81034246b71cd187e0ed

              SHA512

              acc53714b1ee524db65567cfa963b4fcca0410ebd39963de52d572a261b1058976ad99b87b9fe5cde599904518cf854d18f28ab8d66748944de355842a320dbd

              Download Submit

            • /data/data/com.jiubang.alock/databases/dynamicload.db-journal
              Filesize

              8KB

              MD5

              367cd3a37ee84e3a30c033ab7ded8ab1

              SHA1

              edbab840528f6849ca21e08ad06de9f01caccc23

              SHA256

              baca37fe4eed0b5ed4ba8d23e823216e94f9b02a0a85fc981df95fdfa509b7a6

              SHA512

              8c4e689c31d43a675f80bdaead55ea122e63c94dd127638bea192bacc491c08c98de9f78a8abc32883addee01da0cb86a3255bf68e61908dd7ad125db289d7ad

              Download Submit

            • /data/data/com.jiubang.alock/databases/dynamicload.db-journal
              Filesize

              8KB

              MD5

              d522698a0b574cc82181e3d7e5e65703

              SHA1

              5635a08ff94be7808d70a018ed17412510813165

              SHA256

              f245b8dd5beb003fdbcdc34738c9f51ee351fa5081f8ffc669b72a029bdb484a

              SHA512

              62c0c441e5c7b5614cdbb5a6b1d818ddcb5f85d6660df25128cfc52dadf63788a632f982eb6f74afcb8d75fa3118b75b607c2ccbb9e808e1bb038e92f5425f1a

              Download Submit

            • /data/data/com.jiubang.alock/databases/dynamicload.db-journal
              Filesize

              12KB

              MD5

              753a1e60d55a1f34da7afd250b8469b6

              SHA1

              51dc04808dcb2cc1739620434885abb71668ee91

              SHA256

              fbfcd5c24957c2e8642232d11de4d629fac451847c14811d25b9bd67513d537f

              SHA512

              677d3e8d4079b89bdf90432086e2582d3fcdff1cb6b2085d09cb10dab78de05dd9beac06657c8115031cb1641c6fa08554434c767d0bb1b08ded5e2fbc26bad0

              Download Submit

            • /data/data/com.jiubang.alock/databases/dynamicload.db-journal
              Filesize

              12KB

              MD5

              df5ad6dd0c87cd48c989831f8993df84

              SHA1

              db5f3fd4b805c2eb59c584d8108232d072a8407c

              SHA256

              b9b150187d0be3992b10a00d1caac16644b46dcdaf020434d60a0352a3085408

              SHA512

              e2961e6296454142172c9c9fe914a617a638efbee86a4a4676c9fca747c92d9777f0abb8ef369a80a1a08b2965e958941645a9f01f6a0ff8f161721d93538c40

              Download Submit

            • /data/data/com.jiubang.alock/databases/gostatistics_sdk.db
              Filesize

              20KB

              MD5

              552902ad0a8ba78aa6b93ddde3c1cc94

              SHA1

              d4276128e30e171a4f8d0ca680cc59f1c38a7e8a

              SHA256

              2d6ed23862eefaea98274ac2bb5f52c4bf9fef0663707d2fddcf34d2d3c4bc10

              SHA512

              2dd20518a9342d8d812fb185cb67561e5305a0c345a075c79906109438629c875a94b7742b2f0f634777186d7d8e44659c475a268302170c404f6ad2bd2cca4d

              Download Submit

            • /data/data/com.jiubang.alock/databases/gostatistics_sdk.db-journal
              Filesize

              8KB

              MD5

              6074c494b248eb3d217b0b2cc2fbc42e

              SHA1

              6a506aca7c1257057ae684c759329987c9a37942

              SHA256

              b90242aa4842490cb763ad7e9694f270abb74c3521f9f7d9413702f133e31341

              SHA512

              e05f3ec740ce93fd186c3b857bd4eeffb616f3233cc729f77b7a91234787459c434850b20a23efe96e8de98c4f8d0ce12329e086c702efae684bd9f0f6a53deb

              Download Submit

            • /data/data/com.jiubang.alock/databases/gostatistics_sdk.db-journal
              Filesize

              512B

              MD5

              13898bc5373166434720c04d3d8c2fc3

              SHA1

              f5b4172a51238a3b23198ce6072e8d0d1a1aaef6

              SHA256

              954979e397aacd433cdf866e51be2af7b338dbe842c8d28028d1898151370cf7

              SHA512

              29e3209810ccad1f8b886aabf9e1a3447bf65cbab462c26f568f3313d74037eadb51518b9a30a733a7157b67012a2d1e3ea8930f51fe7352e824f5c618ad85ad

              Download Submit

            • /data/data/com.jiubang.alock/databases/gostatistics_sdk.db-journal
              Filesize

              8KB

              MD5

              9ed44b8fab4c747b2635990a25b77873

              SHA1

              836451c3d3ded80f9d6e0feaa4de2a758251d96f

              SHA256

              9b042277eab54c9e9cb3a71c85619b705ee4fa5fc78a2279a8e7ca80de06fb65

              SHA512

              e673d1fce74bee37c7fa813dcf4fa85e5900d5a6a937557bfa4aae6970486c9b10f9dacf8eebe25419e19d485b3b51b832788b82d9ac6207be320e1910714a22

              Download Submit

            • /data/data/com.jiubang.alock/databases/gostatistics_sdk.db-journal
              Filesize

              8KB

              MD5

              efdff2944aaceb6b6bb9a821912b7d06

              SHA1

              5406d55680e1d5a86f7c007fb28194e4289bf2fa

              SHA256

              f1ee36a5d17925fc39f4deb0c58c3fdc8a27635fed2c3a8fa4b3091c61ff57e1

              SHA512

              f825863c2d8e5a09541bb4ae4b706d8dbf8a28be0806ba6fc560a05e822f9a8918a67ae94a17b5564a5f9c3fb9abd0d000b7620cc19658d4b780a747d07be927

              Download Submit

            • /data/data/com.jiubang.alock/databases/gostatistics_sdk.db-journal
              Filesize

              8KB

              MD5

              c044471d46dae80ad9045bb36b03643f

              SHA1

              70f0773b302d399a4a7da6e443e9ce9b7551a7ea

              SHA256

              d17672dff7ee92fc0c936e287eeb3b2747fba55ff48c14e1413acae7622c97e3

              SHA512

              611cac2f668cd921165fce42def9ef9a32a0d9030b2ed3cdc6714bdc4354585712c5be706195445bc9a577eb1e970c06d3f29de53f1a15ed09b0018674834768

              Download Submit

            • /data/data/com.jiubang.alock/databases/gostatistics_sdk.db-journal
              Filesize

              8KB

              MD5

              2dce659af28d24ea2a74417915538d62

              SHA1

              2fa883ffc0a227a480a4e46ee8db466517d6b3a8

              SHA256

              11641693ef0bfc11b2fcfafbed040878a6c3f1c978e06dce1726cb808c935d12

              SHA512

              42d092cea86f701037833089f12c11e74c0887cbd45b2df2538922c673c6857ecb171f30131fd9f93c53aa23f1c15747f6b85750b78a014ab4914ff8f82157a0

              Download Submit

            • /data/data/com.jiubang.alock/files/AF_INSTALLATION
              Filesize

              32B

              MD5

              d01fd6ae0bac45acecf4b200b4368ad5

              SHA1

              b7b67771ed34f566b946e2c9d1f279d890ffc1ef

              SHA256

              184261a251d3f3fc13352d0980fb75342dc25f0b61df3fd05a44c5035774d398

              SHA512

              c2da8e08f161f4f08b291d6061c70ab938625f81ad2086ac1da9fd9d7d17ab3649f3eac08da0f974dd829767895aab374ed704960e8e57c40a147095ab58d335

              Download Submit

            • /storage/emulated/0/.goproduct/goid
              Filesize

              29B

              MD5

              97216e2b3fce60e80f463b97b0ffaf0f

              SHA1

              0b1c9e3dfe558beeb4c07060909b52b6290ed76c

              SHA256

              1e4092abdb514fc7d7db63877efae2f54bf7bed9106e40abfa22a0ab586f80e7

              SHA512

              7f8ea108670d6985630204c12f91efcdaa47acd486073aefcff6b3bf6fcde639639641e8b0cf948924ecef0cf4f29dba808d5400746551b9f2f8c186ef4f8d4b

              Download Submit

            • /storage/emulated/0/Android/data/com.jiubang.gochargelockor/hodler.cfg
              Filesize

              23B

              MD5

              a755bdca303541ca7b67fb938932e920

              SHA1

              b4b125c190d477aaad75d1ecb8d838d4868146fe

              SHA256

              f8cc363b8f133515e5b838a3142ca0b7f178fdebf386989d8a3ccb2d7d255e27

              SHA512

              094ecef56934b3769c68bf3083dcea21a7a8403f2a60f4692b10da120a04102c57c4be0bb3419f17856d24c90eb36a4a6b71c8f82c8ea6d352e493db9f8a83a4

              Download Submit

            • /storage/emulated/0/Android/framework/clrunpath/-1068444737/meal.jar
              Filesize

              1.1MB

              MD5

              af16ee1c6d61c49c35130db955c3e8f2

              SHA1

              da9af5db9a140e6475028e97892daeefbf36a672

              SHA256

              6cb640dbf9f172cef0fb1f3e46e25d1da9c48dba5e65cb5e3d4f434cb1b4ad69

              SHA512

              8bb16c3796c12e270ebc2c044bcbbbfeb4495e52f89bd1399c6df266e0e3cabc44b09fff86d7750994fedb7dcf5bc891dd103e54898ab324adb5943fd83204b5

              Download Submit

            • /storage/emulated/0/Android/framework/clrunpath/-1068444737/meal.jar
              Filesize

              2.6MB

              MD5

              f33238a3025fbce44d37f1fbf9bffce1

              SHA1

              c9758df5dc95e6d57bdd66f51d84b415290ebc94

              SHA256

              ff27de746fec062b4e4ce002eebe5823aaa5684450a3ad8a2f1ac4ace9741e5d

              SHA512

              38872efdb93a674fae01fafab21c5e7e329448ced5ea60bc1627e4cc98a61ca5a509e12f75e9805d6fe11e74350e572a3196aa7e79a09ccde93d5bb1063ab629

              Download Submit

            • /storage/emulated/0/commerce/statistics/deviceId.txt
              Filesize

              19B

              MD5

              bde47408dbc7e47a4c1cc4cad21517c7

              SHA1

              92b3f2ffc648a7d1ea2e6a6c8d5ed89a5be17012

              SHA256

              9a8f022d6a09ae5cbfdf97ec621e361a3e81860689872082298bcd149fc89c31

              SHA512

              caa1701fe36106be393e68af49fa2d9eecdc63eaa9a07579aa629cc02100e0dd11924309e027ca002fa42dcd88432123aa125b0036b1aa9d8d06fb27fdcb8dba

              Download Submit