99324f77032dbcbcc4c16541968074ab3a4df5bc0324038278f8ef38082c357b

Analysis

max time kernel
2794898s
max time network
145s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 22:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

99324f77032dbcbcc4c16541968074ab3a4df5bc0324038278f8ef38082c357b.apk
Size

27.5MB
MD5

2ccd878a386af64e598c646f825816e5
SHA1

61bb6714dae2b54bb16685256a164c09f5feded5
SHA256

99324f77032dbcbcc4c16541968074ab3a4df5bc0324038278f8ef38082c357b
SHA512

c2a1d2d7260c28db12bf2021f2c86dfb36524cb8b39a465b2ca30f98b3cd3fcfcf83ca8a2fe016ecf0b467fda6bf63ec87c1a68132faa2746db9ae482d074742
SSDEEP

786432:i+3dXQQNuGxd2tGykLODAc/WpcQ+YmYjV+bjLfPn:irGxkQy0OfW68mGejbn

Score

8^/10

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.hemaapp.yjnh

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.hemaapp.yjnh

com.hemaapp.yjnh
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4247

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.hemaapp.yjnh/databases/cc/cc.db-journal

Filesize
512B

MD5
8132c3ec9d6bcfd536a9ffc0fe377ca5

SHA1
a662025cde76e29efcd141f7ba23b34196ef0387

SHA256
1787f0aa89f50499ca29b21591721c090dd476aeff741923a95da67981be466f

SHA512
82f9f6e70b51c28603d15dde1577a1f4fe52be3285c8f79edccf425240891847381715861b40c030e69ec28163a8221d9ca7a42adbaec3c7b0e233998e9c16ba

Download Submit
/data/data/com.hemaapp.yjnh/databases/cc/cc.db-wal

Filesize
16KB

MD5
104367d3aa694fa4aa324a058fad6326

SHA1
e7b1dbfa0348a6c61c30813bfa629f92881f5b65

SHA256
c1e97acfd9d4c09022139c029982ecab1f2e4f2eab42deb4d0987c0daeafcf8a

SHA512
29fe0fd831e3025a7660e7fac5add1014d27ac529be22db89c2730a5e7e8589fb92e69d00a86870a3b5633f0585a36b6798e060f8c287d920e94bbf0aaabbfb5

Download Submit
/data/data/com.hemaapp.yjnh/databases/cc/cc.db-wal

Filesize
4KB

MD5
a7817b2e85ca8a52f56da0f654baacc3

SHA1
2e72c169c9bc16d066b59b06a8eb974cbd0cd7d9

SHA256
79bed58e179ebc468d897117c228d58083ae31f63619e926f9c3dbde5c6fad37

SHA512
9e86cc6b936e37d354d163186df406f80b990ac96850a46456c603e507915b8a0e8132023c1e114385b9994d4f782e47d6d7e61c2bbbe14c6dba87943ba9fc72

Download Submit
/data/data/com.hemaapp.yjnh/databases/hmdb-journal

Filesize
512B

MD5
e94d50c5f97837bbe30b1d169f2380a5

SHA1
83820c79f2d88fb45d5d6e337192cfab8a18a0f3

SHA256
7d06d0b2a52cae682b220ba8a0ac8a92b1510110c5050e16ca6dbf5b6d0de4bc

SHA512
efa680cb9e75943f527d3b5b5efa7224fe9222ef0dd06efda4d8a17059e2be595e70838b54d39c9b882dfda90d35a284b3a3bc0f52e8d43345cd3ef3ab926e22

Download Submit
/data/data/com.hemaapp.yjnh/databases/hmdb-wal

Filesize
16KB

MD5
7bb24ae27bc273baed5f1a251950dc56

SHA1
f6d5c3a4fb3e25b0f627693de5cb2def66012167

SHA256
78013fcef381a4e832d0a6e66b515233f902d6854d73eed51d5c1b66842b2c34

SHA512
0dbc98b6bcb6703261d35491dd451e19d5104872300e36cf01050143f4c1e4e2f640db7023b27822eaab6e954180dccaae69f2cb22dd244fa2753ebc18fd2dc5

Download Submit
/data/data/com.hemaapp.yjnh/databases/logdb.db

Filesize
16KB

MD5
888259c5dffd26d0ca25396ae6684ac7

SHA1
4ddecdf98ee5cf6cb552b28ff41f1b249463ba7e

SHA256
9ccc8e3ba8b04acbbac04200130d5067f942dfb597922dc4b7472265f7001262

SHA512
5ec3a15a371aa993204969910e79f6f60cef4c3cb3bd36041e36efe77ae3ec1b5cd507a044bbbf19634c9c644cf2afa65a89e809ef9a5b04451dab1bd0e5b785

Download Submit
/data/data/com.hemaapp.yjnh/databases/logdb.db-journal

Filesize
512B

MD5
be291d7fc626fd4f0d2ab8ebe6d856f5

SHA1
5f7b833861a2d51dbf4ae96220dc72ec56738a8f

SHA256
2d6124db3ebac54454dac39f88b67d3977af0b67e1d6abee311e05a275c19427

SHA512
ce116c4bb278f70ff1066bc4bd087f4798ac66a879f4a9f68e9513395a389d4e5fec7e5b1a1e354a80061adafd4aaacbf15be7365e6560046e801d27c3fa03dd

Download Submit
/data/data/com.hemaapp.yjnh/databases/logdb.db-wal

Filesize
16KB

MD5
df2d99fd77dc4e849f7d667c48dabab9

SHA1
b6e3d3abe5b4670d99633f300f5621b7c365cccd

SHA256
7ee84658a53c98d858d5c4c6d98c488c7957552ef13427184f811b75f4bf077f

SHA512
e21509f7d090b631ee4bae997e77ef7535eac447cc06780980f0500e2bd1eb88f9da45143ad6ba522e03829be5312359be4867bba5985e3dd6de7c149a9117b6

Download Submit
/data/data/com.hemaapp.yjnh/databases/logdb.db-wal

Filesize
4KB

MD5
10f9f83f4e234226a49072ee99e46787

SHA1
b990415d000a18cf307ac9b8b8d5653e3bc502ca

SHA256
e64a121ec571f281dc884a5586c9eb23ac88a398565e83408bc0a4591a02b526

SHA512
81cde3a89a1f1791f01d93447a9de12b9b274e6bf3f53d9f9f1e4ad98900dfd1283b22e6ee84577beb6f70d5fb4655e4e503f9d52e39278d08e34e0035dba1b3

Download Submit
/data/data/com.hemaapp.yjnh/databases/logdb.db-wal

Filesize
4KB

MD5
c8228c134411f3e6ddf12ae39f48f0b5

SHA1
1981e67d7ba346195502b28a20f3bc92ad0aafd6

SHA256
3987765e72f29bfb1221ad5f1a2cc5f9b2024755de4d0b2641720236067df2dc

SHA512
e1dd7b3deb7592238d2b02a3165cb66dc5a910277cd4694717510eee4cea7eb7915be477c34137b9f2c975550737af981fcfa2d7959590d41df704357d928368

Download Submit
/data/data/com.hemaapp.yjnh/databases/logdb.db-wal

Filesize
4KB

MD5
a2b23b199af803c6a9f1d8f6d285d41d

SHA1
8c829dea5a72b4d936227f2d447e473c5c0f8966

SHA256
f3a805304e3454d62ce84363662e409840f654b689e6bfaa843aea4e3f06f27d

SHA512
0f83e7fdca65cec8de28db80827ff6b22051fc8e05872ad6828516fa6f4b3f3f60ed563e9b7747a107d08319766a1a76e524a6b0054a4434a481bf692db70d71

Download Submit
/data/data/com.hemaapp.yjnh/databases/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.hemaapp.yjnh/databases/ua.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.hemaapp.yjnh/databases/ua.db-journal

Filesize
512B

MD5
74127312e2474cbc9724bc85eaf313f7

SHA1
e0070795e5ce239736fe7a649d735bd886b55f71

SHA256
8dacffc5f86be6f2ebf6d9eb798ff9facd16e343c9cffebba813061d09df6c9b

SHA512
1a4879ab4363dee68dc4a417edae091c6571c1854612040e0a3030eb7da5ce6ada862ce13eb1345c02df20c1685fd9ad4dcca0faaf05dce10fd40cd8e3537fc3

Download Submit
/data/data/com.hemaapp.yjnh/databases/ua.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.hemaapp.yjnh/databases/ua.db-wal

Filesize
8KB

MD5
d790453f8752af417cd773e5390d2895

SHA1
3ed2d81c35325f7007923a9db375c2050e4f8ec1

SHA256
2d366d85751a760b9dfec49a2520a3ca78ccfc8500a51acf8bfa24f8440d1f91

SHA512
f50869bf1ab5f8e93aa25bedb2da659427aa4833002def2d023c345eb87470b29459fc7f29f2a46cb1ddcdc59f59779e3a06f77c4a396a1fcadded746b4597ba

Download Submit
/data/data/com.hemaapp.yjnh/databases/ua.db-wal

Filesize
56KB

MD5
e5e679351946bde686c76437283b3607

SHA1
1943683c5c8be4959e2e77d01b905458593ee736

SHA256
a5c61fd4fb1b15e3b20f7154da855c5e743fca113f4ccf6e429ecb5a9f4d4bb5

SHA512
495f70837ed4f04fe1cc8ba7059ea9956890a0c16c3f2ca9c05078d3f069782857d70ec840b3a0050973475db1c60a61faddb63db4d3e0cb766a41a2889c7f0d

Download Submit
/data/data/com.hemaapp.yjnh/files/.um/um_cache_1703601927539.env

Filesize
1KB

MD5
2690299dfca126313d22dddccb19fb64

SHA1
6c807a501513995b12e26f7460e01f2c681882f2

SHA256
950c96803a4da0eef5276174a03561cac81a99fa93c913802cdb68227f8d2e54

SHA512
e52c059ab8f87f143dce269ac9fcc9ed7f7b8401c463eecab7bbf4ad7910035b32e1afcecb7a30de9eb69771141a9ffbe4b40b0a8ef83c6163981c871912abe0

Download Submit
/data/data/com.hemaapp.yjnh/files/a/e/33164700476350.0.tmp

Filesize
71B

MD5
e66da7041d5fbdf65fe102ae28410008

SHA1
71a7753a2265da75e9eb98941099e1508fdf13d3

SHA256
69ec8b2b8a1a6ec42723256635b3088dd009c5163dabd1d4b7775b7dc19c431d

SHA512
92a3979e7396d3b8e0ae362107dd573b25d0fcbbb468d629d4108cd3cbaad230dca7dfcf237e81032fdec615ddcc4064ed893df2639554dcaca153bbc95dd55a

Download Submit
/data/data/com.hemaapp.yjnh/files/a/e/3574923693970.0.tmp

Filesize
69B

MD5
6d7fba92b7829d51907e497ecd274aa9

SHA1
d749d0ba57cfa42c747cb1a394c10c687c7f453f

SHA256
8abe77679e2f1cb585ef79f15fb4bb1a7fc0cbc13ed55a1d2afc0b43ecedf1e2

SHA512
d8d53cca94fa59f019942151d09d2b97dfc16420ca5a6ee92e46ace8a6ecf4360dde9e598e6639162a7f41eac90fd567e2591a5d83a025693023ad07f1449036

Download Submit
/data/data/com.hemaapp.yjnh/files/a/e/3674957483850.0.tmp

Filesize
75B

MD5
e0ff804d7d33553605abfe806a0291ff

SHA1
c22e7cb20ffe97b59edc5f0785d7a959b57e39ec

SHA256
66b3f98061ef4652b2c111307e0031a56a6e4f286bb912a533b6dbfea387a6b0

SHA512
f6e41ed47a30848210ded4c05de12b0e1fd11107e957ec63a9dc5974c779f1ce10420415dcc786182b5f28be3ad5eb2dc98311f2e62ddb649bb4f51c9db325de

Download Submit
/data/data/com.hemaapp.yjnh/files/a/e/47130422679270.0.tmp

Filesize
71B

MD5
d247f007cf4e8426e0b78b080820a97e

SHA1
e55dd8e773e5a49d343466339ff0c3d89639fac9

SHA256
d3a20b34ec2583cebf865a161e1b9f4cd444730abde77f674dd67b328e7c5552

SHA512
4678fe6be027f74a9faefcc2b1c745e0c738602b0d19ee97267a2792cbfa355218351e551e4df3cbba408e1028bd7f8a3c9c7e6991f404fba2d9d658b099939a

Download Submit
/data/data/com.hemaapp.yjnh/files/a/e/8574974526400.0.tmp

Filesize
71B

MD5
928ee0743ccd343641a0f87ce530964d

SHA1
badfd7342fc6fb19049b21358314f5f0912c8847

SHA256
62406f52aecb9cd8b9bf6959905ebec48a0f6bd837145b8adecd8f92961cb527

SHA512
90f4b8dc32e383a03a26dde25c211db91c2cfcfc0cc0dd212fb1d672942a8ab997ae3d0b24c69ac28bb36159b1dde157ed72252624753d4d99329bd9575fb354

Download Submit
/data/data/com.hemaapp.yjnh/files/a/e/journal

Filesize
74B

MD5
4dd37be36625bf3c2042257ebafa04a6

SHA1
f0449362e2cdf932e7984465a9c321d2eee3c49a

SHA256
75c13dc116b9faba8e9240b189d1f86f329ccce654b836fd1750f69950a2d8f2

SHA512
72809056c3a3fa47315f009386d54782a3b3d98e1fe57122571fe032708370125a786ffa66774f564303e56a4ed0ab0ca82fdcc0d7287445c4074d825d3d8958

Download Submit
/data/data/com.hemaapp.yjnh/files/a/e/journal

Filesize
117B

MD5
884498b9afb3204e93aebc864202f94a

SHA1
2c5a616e98149286639c2eaa747b38612cd0086f

SHA256
40c9c45443f97d9f857a7bc828e791f78a9a5b4fe355f28b1c5a4dd7fc0a5195

SHA512
0ddd75d8ae09c987aa8a9b223f5860d8a5497eb8a23ad633d196a4ef4a950cb513eefdf3977041c0ad1c25b141c3f0e81ba6d154ed546448b95036a976f2d859

Download Submit
/data/data/com.hemaapp.yjnh/files/a/e/journal

Filesize
160B

MD5
03d0a6a95eb4534a8cfc40adb4c4a010

SHA1
7a655f86e9e555ce22783a456cc6725dd10d9222

SHA256
a720f7b0473f0ceb91f6d392f9b34bc02a8cb586194cd3047b3ec1f4f9b57f72

SHA512
594d6f4e3add8e83544b540bcc017cfce8a06edb64b440b227a729aba1c48d76bc49ca95586bd28a52b5ce5419536482fb00998191170e4e8b2f23bef2c8f3cd

Download Submit
/data/data/com.hemaapp.yjnh/files/a/e/journal

Filesize
205B

MD5
8ae802b15fc8089cb8038ac9dfc5245a

SHA1
edd83462e8b8fe9f97ad371330682ac31aca2740

SHA256
3ed2cea5f3840a0aa183d9c27c0ae95d03379415ffe1e3826c73d485489fafa0

SHA512
f90f543090ad4828b4ba85c8793d4ad9485586c5382be07e7072ebf5daaf21499864c39ef4d45c616cc1a7e6cd45ac3a182d86a0dc58a0ecf86cc9f1244a78f0

Download Submit
/data/data/com.hemaapp.yjnh/files/a/e/journal

Filesize
295B

MD5
e5748eceabcce3ec104c3952eb079f01

SHA1
deb8a8364878669997c3c3e513a0ae988b60bb81

SHA256
df2042b4c606ecaa57086c782e7fa5a45dc242a980c447bbd6a5ebbcfd1107c0

SHA512
6ade1513c4db910d02d76ad9f2d79c2f035a232ecff88866131e1cc22628aa19da1f752aa558b6c3b363e8205001138eecbc0f8727ab0b588e9f17a1e033ba52

Download Submit
/data/data/com.hemaapp.yjnh/files/a/e/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
2314a88761c6fbfac84d513809548e28

SHA1
b228d011bb5381d5a4f3f2a73b5210946ddfedf1

SHA256
d6f86c770eab86be2aa69f320798c822de1db90d5e0a4d022460d5a8e2ed1971

SHA512
b6740954ba325fd3c9ceb4afc3d55ceb9b15c15fd3a900643000df3968a35e978b151d4176b38c8f190a45a83d9d1c575a59315d61259d94677c9b7307ec2432

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
59bd7b0e7733ff5d12d20eac04c2a901

SHA1
47c7e22d1d85c0879536863ef949dcd6cf753199

SHA256
13972c63577dcf08ca1559594bf62e0d8a4eb66aa7545c27d3f391657614945c

SHA512
2fa8e05cf6452e7b30cad587a5c44c342bea23f6688c3573e83d209766d6a5706a283ae6381fa99fe76b0d9a98a9de15f0f4a2000832f7852d2debc2b8a8f678

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
39063ac61073506a744495b81a732aaf

SHA1
838c543f062ec9c67af1d25741bfc16f7328dd60

SHA256
7b8931e067cc88e044968caae55da5422a8ca3f2b1316295cbcbafcd6a2f1ba9

SHA512
8bb4a4397d536a67f275993c775f14afce7ec40242965957f7a087b5498328c72d81f330d0b33d2c7e191485f8187c99074ae0d4c49564fc96ff0940a6d024f8

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/als.db

Filesize
24KB

MD5
a22d9b53bda0f7778f3d24257fcf4441

SHA1
71a3202820a5d72b61c6a9185a225ad483faf94a

SHA256
888492242c42413ad12546ef19324233a05469b6c6883c49dde8415d06ef5982

SHA512
5e3cef7d79e1a41c55cb92b79cfd5273207df202feb742653462e98a600c0b2c6df0e63be1fc84201a08de83301c2b1a999973e37c3ab25fb0e8f32f94e15d08

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/als.db-journal

Filesize
512B

MD5
ae41c2b075f489fc2f5c340a7786cd14

SHA1
79a899774a9906f600e788770dff8bb86fce4c97

SHA256
6b54057cb167ed48fecc362742096d894af43248101b3cf6326585f13364cc14

SHA512
bba5675fd0b25dcabf0764b990e84823563f16fa41bb1e577bdae34b5d9ab941c7a1db2db8f05c1f67bf6efaa5784d1450b813d7320440d5bf054fec5ebe1353

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/als.db-wal

Filesize
36KB

MD5
2320bd2cc247c1426e94b4f8191c685a

SHA1
cafe33aadb6c74197a8ee112b0544a5c61f01739

SHA256
91ce5f005412feccf8766891b909e4eb352f8f965293dacc7cc3b6b1f8711dd3

SHA512
a4556519044e5caabe1d86e1632e38406ca19ec06bb32a608a65078fa1e163b3c7427a5dc228ba933bcf02295bce7f261136317e74a8e0fb8a6fd4fcd8f91637

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/als.db-wal

Filesize
8KB

MD5
275c8b03c29e676182f0b0910b51c4ca

SHA1
5e79a2776546e4bf67094553e31d54f2e811ffee

SHA256
42f8e4b70557614fcd16b111236909a0fe6cac9bedfeffa664cf88924a63ca72

SHA512
31d8c1806ad7547741379b3e3c9bdcb27752bec2a633970827cdbb0260aee14896b8c180bc8f9c24aae3c5602819c7f15d796c42eb7717ddbdcd038f13052d31

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads