Overview

overview

8

Static

static

6

9932eb41c9...4a.apk

android-9-x86

8

9932eb41c9...4a.apk

android-10-x64

8

9932eb41c9...4a.apk

android-11-x64

8

Analysis

  • max time kernel
    2795090s
  • max time network
    139s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 22:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9932eb41c9c9f92c74ac138e2b1033173365ec58c7aa99fac4a4bfcedfab754a.apk

  • Size

    6.1MB

  • MD5

    e2fcf60c953cc78c6679e1108e307948

  • SHA1

    ed0b5a8fda9e9247b20277862531cabdc3ed583d

  • SHA256

    9932eb41c9c9f92c74ac138e2b1033173365ec58c7aa99fac4a4bfcedfab754a

  • SHA512

    53128c57429fb87d2d79f1d886831f34f6672067a6236df3e2276129e0a7b67893005254b0db761430241534ad7965ef90ba52c0daf13600df7784d61c1da3c9

  • SSDEEP

    196608:ixYGB2j38qEvMlxbBpeObLG4oISibwulFhYN+TiYoLzATlrNaoXqI4+2gQaHTww3:FGB2jMqEvMlxbBpeObLG4oISibwulFKC

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

Processes

  • com.when.coco
    1⤵
      PID:4243
    • com.when.coco:remote
      1⤵
      • Requests cell location
      PID:4296

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.when.coco/databases/birthdaydb
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.when.coco/databases/birthdaydb-journal
      Filesize

      512B

      MD5

      36ddc492dcbcd96f4bd68e7fcf6a3d9e

      SHA1

      202912081643fcc5563317d45c82367c5a8846a0

      SHA256

      b69cfc93e93d1e4700eacfeef6f38e4b5296636e3baffc9417428984cfe680ad

      SHA512

      bbd6b43422c9d825aed9798da9d30b63b4073fbb926164c33503c8f379de13095e54fb59011a4434cac2f87c0ad80c3c94497eaac2e006fb8eb7f5d283c97163

      Download Submit

    • /data/data/com.when.coco/files/mobclick_agent_cached_com.when.coco
      Filesize

      197B

      MD5

      b7a32b03b151cf5044510124074bacd2

      SHA1

      93dd53256b3bc1bb87d62de994cfec9bfc586ab2

      SHA256

      c4a02a1e468ee0436bd377a1f802255f38f843397035eaf284e656809430c276

      SHA512

      5b26a7d0400b3df939c07da0445c534dac98c2688b84ebe877ccd374bfefd0b458760e2a233dcf9e1f8127de732566ce47ce41ada7329f9fcd54590baf92b039

      Download Submit

    • /storage/emulated/0/baidu/tempdata/ls.db
      Filesize

      32KB

      MD5

      fea7d22aaffb7522306a3da14f94c129

      SHA1

      9f87f57b209ee0b5b78bba05a71267d799b44c1f

      SHA256

      6b90f63c234231f4dccd36a6ca69c6d30368383e0e1976288e61f06462b77757

      SHA512

      ee07f846c6365f678b996c053855725d7db90466227fcd9593649b381f8c3aab192b5119213451c8d0025a75814b4ba218b39e323ccd3d7fc72a3b394afcd81a

      Download Submit

    • /storage/emulated/0/baidu/tempdata/ls.db-wal
      Filesize

      32KB

      MD5

      bb7df04e1b0a2570657527a7e108ae23

      SHA1

      5188431849b4613152fd7bdba6a3ff0a4fd6424b

      SHA256

      c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

      SHA512

      768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

      Download Submit

    • /storage/emulated/0/baidu/tempdata/yoh.dat
      Filesize

      92KB

      MD5

      e5177baebf2dce2af47abd61f4d32d20

      SHA1

      405a578d5283028c0a618144521c90a81ba80053

      SHA256

      b081ee81353ab3513df47ff91efdd8c1db2629a3a979e13434bed96765a70b9f

      SHA512

      f8bdc681dd71a1a00d7fc2f83f5edbfae8fdeed4a0d2fccaf47475fea1fb7293b1390dbebc81f1fb423ec531ca7ae9884fa74fc3e711d00ade99942a4abda7c9

      Download Submit

    • /storage/emulated/0/baidu/tempdata/yom.dat
      Filesize

      24B

      MD5

      a936690571e9104e1922dda4a0ba5bd1

      SHA1

      65f49c57edde2f96be2a1dbdfc3f7351f1e66554

      SHA256

      f0f5049c51879dd7da0ce4a43349b5b34ce053d072a0ca704f62cf22ba4a8412

      SHA512

      3be1c3693963aebdfc04e86b1c820ee0ec3cf0b200e6a4788ef1141f39fd6c2f77f4227247ae4affa66c0a6c027df8466cc0dcec1e67ebfb953e36bee97de394

      Download Submit

    • /storage/emulated/0/baidu/tempdata/yom.dat
      Filesize

      24B

      MD5

      1681ffc6e046c7af98c9e6c232a3fe0a

      SHA1

      d3399b7262fb56cb9ed053d68db9291c410839c4

      SHA256

      9d908ecfb6b256def8b49a7c504e6c889c4b0e41fe6ce3e01863dd7b61a20aa0

      SHA512

      11bb994b5d2eab48b18667c7d8943e82c9011cb1d974304b8f2b6247a7e6b7f55ca2f7c62893644c3728d17dafd74ae3ba46271cf6287bb9e751c779a26fefc5

      Download Submit