96b65dd142be131fe78ec2ffe09727acc70aa5fdff3a11e2f10938eba3d5f1d0

Analysis

max time kernel
2663408s
max time network
163s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
23/12/2023, 22:25

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

96b65dd142be131fe78ec2ffe09727acc70aa5fdff3a11e2f10938eba3d5f1d0.apk
Size

8.1MB
MD5

a38b041b39fe0767cd10cae9855dfb5f
SHA1

78bb259a232e26583919414aae78ab16522a0e4c
SHA256

96b65dd142be131fe78ec2ffe09727acc70aa5fdff3a11e2f10938eba3d5f1d0
SHA512

98b777e7f080bb20b74017ed3d6c1297b10b364e88b6b58df4dd0be4694294ee3f3a03365d1be2e83475077019803b7fb065645ba18be69fa30a040e0dfd81d9
SSDEEP

98304:jvco5mi8GjHhga39PdAZdemyo+gC+OiMSIQ2rBQoXXh3PRHSVJKEdXSYGAIegQ:j0o5ZZPduYgtGQyXXFoW8XSYGAIeV

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/storage/emulated/0/Android/framework/clrunpath/-1068444737/meal.jar	4644	com.jiubang.alock
/storage/emulated/0/Android/framework/clrunpath/-1068444737/meal.jar	4932	com.jiubang.alock:com.jiubang.commerce.chargelocker

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.jiubang.alock:pushservice

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.jiubang.alock:pushservice

com.jiubang.alock
1⤵
- Loads dropped Dex/Jar
PID:4644

com.jiubang.alock:pushservice
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4741

com.jiubang.alock:com.jiubang.commerce.service.IntelligentPreloadService
1⤵
PID:4805

com.jiubang.alock:com.jiubang.commerce.chargelocker
1⤵
- Loads dropped Dex/Jar
PID:4932

com.jiubang.alock:com.jiubang.commerce.service.IntelligentPreloadService
1⤵
PID:5093

com.jiubang.alock:com.jiubang.commerce.service.IntelligentPreloadService
1⤵
PID:5164

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.jiubang.alock/databases/dynamicload.db

Filesize
20KB

MD5
d1e88259795c91e90b067ec340f8f810

SHA1
f4e90b941cace66d62d5569470a6e36dd26a858b

SHA256
8bc74d120ae1a1650d48654d2378c1af70ce747e44b71a3a66aef0540fbc9b0b

SHA512
cc29c557bfbcb7bfac56dcfad5b81b972cc3249ebd9afb6555f791e7f5f3f16ca100ab78e159f72ba114fb7fd79e0ff0d4bef04b796f58d59b7aacadeaeb2671

Download Submit
/data/user/0/com.jiubang.alock/databases/dynamicload.db-journal

Filesize
512B

MD5
8fe63bb3d373806b2c5a54292c278cc6

SHA1
20bf504eb688adc864fa998428011bc656da743b

SHA256
9a809176949bbf570f20898ec8839d31d1900e5f92444ab110a8c4bd8d5dadda

SHA512
6229727c3c45a5e7f5e64df80d32af875daa29178ad59aa9b80c1371855b7810cc7e10b8090c2c9bf4866afeadbcd6f124ad906dff81279297eb80cd5dc1662b

Download Submit
/data/user/0/com.jiubang.alock/databases/dynamicload.db-journal

Filesize
8KB

MD5
2e31a7265c975260ec5db7637ecdb786

SHA1
20bbaa324ed861a66e44914f4f1dcf9e06f8fa9d

SHA256
914289418941ed1bbb15346a90891a1946c22e8c769f901640ab3b3bd7332709

SHA512
889994e42be8d8fe126cfc43dee14b8e65b7952268250cb6c621205224349ccd19ebb77f995871fddd11329491af0ecbf12dce25cc1c11c3c5951001e69d58d8

Download Submit
/data/user/0/com.jiubang.alock/databases/dynamicload.db-journal

Filesize
8KB

MD5
c55fd0c1d7874041d749b3cd494b66c7

SHA1
c94ec6f08c8fc2643455949dea9180bd9fcfbdfb

SHA256
10aca71343a50f362c76600f15f16120b91d8e6fae923f9b0afb25a66c636f85

SHA512
9955a1fac60c3bd5d4d072b146fcfa86b8170b92be74ff548ce88dc62de2dfffe9a620f9489424ddf3ad8f46355c66c081679397961b2352a61cd7359d695e65

Download Submit
/data/user/0/com.jiubang.alock/databases/dynamicload.db-journal

Filesize
12KB

MD5
b117bac88c4ccb4adb5b2475db0d6045

SHA1
e8d4de28b03814f3764b9663230e91df35b84da2

SHA256
eca11ec293376b2c4f96da07f7753db32cf8904720c508e1880bd499e1362bfd

SHA512
5a6768a431518be48da957cdaf1c989c5676a06ef294c038752bc39a60c591029d10f7f2580682cc01c599944cd7041bc7ce2d15c4cb70a778f622f25b91fe7b

Download Submit
/data/user/0/com.jiubang.alock/databases/dynamicload.db-journal

Filesize
12KB

MD5
604d8b16e1bc54c67fb4c719542cfc10

SHA1
7cf6bcc038ece9ce40c8ee4689fe38edf92133de

SHA256
e2e55f589b3ce3f2f4fd9982f8a77fc9218100583ef10258f938ec30e35ba772

SHA512
4af7f8f8c6ae5c60d34c06ef80e01a81867cc156716a72d8a4502b7a9dbac2771043bc01ac528f258ce2c16d44743cf479027b2edcb20aafc13cfc7aca15e8b8

Download Submit
/data/user/0/com.jiubang.alock/databases/gostatistics_sdk.db

Filesize
20KB

MD5
186816d3e5d9121b7d104d41ecde6d0e

SHA1
78d5f67a143fad6a56657f98a93317f4c1356ac9

SHA256
e0c257bf83adf9e2744364c113ff116624385b56a9721971d2df8c0476e62cc1

SHA512
a193ecb5e63cf99b996e4e8d5937b09ad5dca0563f10cc0e344c295a697223856af8f36ef8dbfd156460e9348cc32374763c359e469fd24b72ad1406102784f5

Download Submit
/data/user/0/com.jiubang.alock/databases/gostatistics_sdk.db-journal

Filesize
512B

MD5
bc8344a9d1babbe2c260429d1beb1040

SHA1
d4df8e4394d14cbda4c16727b050945281b92f8c

SHA256
a88d828056139889eae1fd6722384e71f63f361c1458524723e209569170fffa

SHA512
ad2a6c16be11cc6f242aaa114998c6eca1730ac5e0d825ca7084700dfb350f47d0ee2a2a6c4b00d90b8cee868ab14422cf47ce77f9db4f3b05ea31757abcd42f

Download Submit
/data/user/0/com.jiubang.alock/databases/gostatistics_sdk.db-journal

Filesize
8KB

MD5
0e2e88d42d3ae09b3c09aba83159bafb

SHA1
4149df363db9b43c4cb9f8c502917e742bb52e60

SHA256
e05c98bf2e5bc22b480658e55e83ed3acb444e8c44c8f2b632d629a6b9867e81

SHA512
dbc5a6e7ff93288cbc7d27c276e9bb41c0664eb550b82a73000d1ca7d02cb4a2d0f5056a432340a56c40f29dda586582b33127bbc9459cef6fd5ee4adece9aaa

Download Submit
/data/user/0/com.jiubang.alock/databases/gostatistics_sdk.db-journal

Filesize
8KB

MD5
1f5d2cdaf70809e0816967e120191622

SHA1
cb4ef7fd8aa286192badb48d8454ecf67db939c4

SHA256
9006cdbf2945c4575ccc6f7a8a58dbeff033c3049350c423565000a85a6c46f7

SHA512
bbfbcb7d38f5d4c7c62b26fc427bd1ccd117b9c328a2a6e24d0ad63a3838d1d120c59f4d6e4d4c9d15e6dd260a3fbf95f12f4585251192f1c6d85ef49914932a

Download Submit
/data/user/0/com.jiubang.alock/databases/gostatistics_sdk.db-journal

Filesize
8KB

MD5
37e32a202960ee1c60d6f1340f5f4984

SHA1
0333ca00ffa2f63975b43300733a9b51b1ed7600

SHA256
5fa09ee0c89b7b672845ecef24a3c803765d8622559e84df87b841438bdbb614

SHA512
246c3f0f6e8c4c66f7f6d91a919bb8e048e45191c9eb678b4ab6896aaa71a0a2434f4f0b0d33cca001063b153172a766e0e9ed95bbc791dbe572303b6ae40fd3

Download Submit
/storage/emulated/0/.goproduct/goid

Filesize
29B

MD5
59be284313336920f486882cc9fe4959

SHA1
aac76309f4e8b8d1b38f342f2cdf9ce959d088ee

SHA256
4e3c93848d2c0d617188917c0deae97d12c2e1eda9a0f815f9060d3a0e7965fe

SHA512
650ad6fa23a0c979be83f67ee9212a3a44e9db16f964c4246d9d8edceb84d86b582002e6a93c89883c4315afb5fcf8a652f8e445851fce5facdc7f2361038da5

Download Submit
/storage/emulated/0/Android/framework/clrunpath/-1068444737/meal.jar

Filesize
2.6MB

MD5
f33238a3025fbce44d37f1fbf9bffce1

SHA1
c9758df5dc95e6d57bdd66f51d84b415290ebc94

SHA256
ff27de746fec062b4e4ce002eebe5823aaa5684450a3ad8a2f1ac4ace9741e5d

SHA512
38872efdb93a674fae01fafab21c5e7e329448ced5ea60bc1627e4cc98a61ca5a509e12f75e9805d6fe11e74350e572a3196aa7e79a09ccde93d5bb1063ab629

Download Submit
/storage/emulated/0/commerce/statistics/deviceId.txt

Filesize
19B

MD5
065c5e1f3daa07fc002be47ba14980bc

SHA1
7716c79580d9b63133b0774f7fb5cd65fd5a600d

SHA256
ac187ae11c67e930694043c96cedac8e4ddd0617d3f7159ebba1dad67cafc25f

SHA512
2be33eb9bd6c1d2b9405c783091e0b063a811ca0d032463649bd87f694e8027108905c48953a6f744b966bb4de8e1638a04e2ceb81d1f626dbb8fa48479a9a6c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads