Overview

overview

6

Static

static

6

9ab889c623...75.apk

android-9-x86

6

9ab889c623...75.apk

android-11-x64

4

Analysis

  • max time kernel
    2879345s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 22:52

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    9ab889c62339ef40dad72ae4a48ec6eaa4a28a4c7c13e3dde777ee9b1c3e5475.apk

  • Size

    6.6MB

  • MD5

    a3084c10db43e925ffc9c0c1cc50f467

  • SHA1

    9ce223d2c205633e4bdb3c41401f263991f9823b

  • SHA256

    9ab889c62339ef40dad72ae4a48ec6eaa4a28a4c7c13e3dde777ee9b1c3e5475

  • SHA512

    b389ede9be51c6e76e2f7012e1c7584b92155440058c07a1709fe9ee618d90c12d034934325980056cef2f73c39b7d2feafd34786ed9aa1cdb43ec20eb0fb155

  • SSDEEP

    196608:r/q897/66Kq7tfGFgUkMFnZh9F0TwzlhJ:r/q6/66VtYRZh0wzlhJ

Score
6/10

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.wandoujia.phoenix2
    1⤵
      PID:4214
      • chmod 777 /data/local/tmp
        2⤵
          PID:4243
      • com.wandoujia.phoenix2:update_service
        1⤵
          PID:4384
          • chmod 777 /data/local/tmp
            2⤵
              PID:4417
          • com.wandoujia.phoenix2:accessibility
            1⤵
            • Uses Crypto APIs (Might try to encrypt user data)
            PID:4463
            • chmod 777 /data/local/tmp
              2⤵
                PID:4498
              • chmod 777 /data/local/tmp/.wdj_config/
                2⤵
                  PID:4549

              Network

                    MITRE ATT&CK Matrix

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • /data/data/com.wandoujia.phoenix2/databases/c4d3d1e0e4ee9b329ac0e10249826edf_jupiter-log.db
                      Filesize

                      4KB

                      MD5

                      f2b4b0190b9f384ca885f0c8c9b14700

                      SHA1

                      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                      SHA256

                      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                      SHA512

                      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                      Download Submit

                    • /data/data/com.wandoujia.phoenix2/databases/c4d3d1e0e4ee9b329ac0e10249826edf_jupiter-log.db-journal
                      Filesize

                      512B

                      MD5

                      840368f9564cd2ce3362efc828793bba

                      SHA1

                      73de0679324beacbf451126b2d2e1bd9d66d4156

                      SHA256

                      3f6df49b7d50775be18854103110ac0e99823056260d2d6be040ba06d56e7829

                      SHA512

                      4e611499bd948fb9db66a578bc8f19c8b1503ec846db37db2f007ec10c684b3462961a3cf8608e62da46b8438a806541bba4aee6bd8aac88362cc5f12f0ecf82

                      Download Submit

                    • /data/data/com.wandoujia.phoenix2/databases/c4d3d1e0e4ee9b329ac0e10249826edf_jupiter-log.db-wal
                      Filesize

                      40KB

                      MD5

                      8c1ac8e6c18f2f8cd746e8dc8db98346

                      SHA1

                      532b073731af1fb3b590faa912045d0b02b813f9

                      SHA256

                      b4e02438a0de765d8dc5a77d8e8e8a9923d255197793e09aeaa71354478c82c5

                      SHA512

                      bc9873d595e4ad522bf26a928fc476a1218ebd09156b63341026d613237ca24f7ece5db6b4b9e1e63d349fa0ac74dd42eb65ebd408e2260c587a83f5663051f7

                      Download Submit

                    • /data/data/com.wandoujia.phoenix2/files/.storage/shared_settings
                      Filesize

                      32KB

                      MD5

                      7a1246d502f02d84dbdfc9c40de66c48

                      SHA1

                      2a9fdb048f5a3282594347f19fef3274225292d5

                      SHA256

                      3301115e4a6574d35d3c503728ed1f56f71a85ca379e7a2da62d8320d6d2b9dd

                      SHA512

                      c7ded5aac913765782d99e325cc8378f7e544ed974f468c87e629e39091eb84076cb849939192c4bcc5e56771ebff43c8cb95dc2f29701e703112140433f3247

                      Download Submit

                    • /storage/emulated/0/wandoujia/.config/.udid
                      Filesize

                      73B

                      MD5

                      ad0a5f1e3ad3f6407d04d9bacc8bae6a

                      SHA1

                      db1f55d4e3d39353912de02b2a9e6a8867249cfd

                      SHA256

                      c1b4f086ab6f50cd5be05a47edfd585a6082d2a131633bb286526f08035c6676

                      SHA512

                      1e90acf9c53736b7c384afc0417dafcf09bbb27ca50fb70bb2f6e90983d3c0ddb4dee1403384647049abcde7a0966b4b01dda279f0b76678cc5dc5874feaddb7

                      Download Submit

                    • /storage/emulated/0/wandoujia/.config/shared_settings
                      Filesize

                      60B

                      MD5

                      e17c0046dcd1ff2619819c745bac9a54

                      SHA1

                      8de40bb0c9cd051a123854d56647446f3dd17d17

                      SHA256

                      74b308749bc4242b3a90ef8379296348602ff9ace27a8d7fd49fbcd6094a37f4

                      SHA512

                      cbd986d79ea11bc9fef4269e9c8cc1cb3916efb9701f2b96e8acc58c5c36a9322c7f903ccf143fd7af3f7b737b231eb90b6e90b43a89eb9ba91f76ba556372df

                      Download Submit