9ec6f3578a335383bfccac4372e7339edb574aa4132808248e135500511621ba

Analysis

max time kernel
2889716s
max time network
137s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 23:19

Target

9ec6f3578a335383bfccac4372e7339edb574aa4132808248e135500511621ba.apk
Size

14.1MB
MD5

0a588c16aadec6fc2cdde72299e55a8b
SHA1

8480567e5f3894e6e239cbb334204e98e44a3183
SHA256

9ec6f3578a335383bfccac4372e7339edb574aa4132808248e135500511621ba
SHA512

6b218529bf3851c2475bbe04dda958f5f9da0ff42a4f9571c3e27218efd4ce57a9cb4676fb475bb55ef809bb8e93b935398eb66f8b574049714bde3ac2798723
SSDEEP

393216:yMzpGBgbmqxD0xnymKMgoP5V+vlDr13kzRS:yq8gbmyYxN15V+vlDiS

Score

8^/10

banker

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.leeg.ddg

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.leeg.ddg

com.leeg.ddg
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4471
- getprop ro.product.cpu.abi
  2⤵
  PID:4508

/storage/emulated/0/Android/data/com.leeg.ddg/files/tbslog/tbslog.txt

Filesize
2KB

MD5
bec6bdfa93c108999f68fffa813fa59c

SHA1
98fb98b005d3caf90e7102bc2a5f4aaebdb0ed6a

SHA256
77bb8d38864b82732c666e78635aa0b35aab97142c16c7a8c1fea72c4296cc59

SHA512
74e0ba1e1e473f110c5a6af8fe103d18faf770abf358a2710a894eff87923ea83a27e1193431af5c71fd76dcb735a2907a43519f1722ab54627a93142358d6fc

Download Submit