a1111ac0a6bf10637de3f3389c701495a73b9c07a012a69c92f5fd24b80a0ae7

Analysis

max time kernel
2717111s
max time network
150s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
23-12-2023 23:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a1111ac0a6bf10637de3f3389c701495a73b9c07a012a69c92f5fd24b80a0ae7.apk
Size

17.9MB
MD5

e19c8d533b27f09919287ffebf23bbec
SHA1

0d05758e3e47a376b0d909762b9eccc420c44c23
SHA256

a1111ac0a6bf10637de3f3389c701495a73b9c07a012a69c92f5fd24b80a0ae7
SHA512

a91eebec2ff2112df14ea070b2f7f809109ae31eb1ff256d6d490a9eb89d6f2cf2adc43d60c010dda9064e370becaec8beb5ef67711d9474f547f9e57d1dd0a1
SSDEEP

393216:pL3LyyQerDBb/Hl8nSYajRt//MImrgnpHh+FJhu+oqNhZ54Pti:pSyfrlb/WWbMImUR8Pu+oyF

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.chengyu.taohuo/[email protected]	4994	com.chengyu.taohuo

Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.chengyu.taohuo

com.chengyu.taohuo
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4994

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.chengyu.taohuo/.00000000000/A3AEECD8.dex

Filesize
63KB

MD5
ed73a80eb949bacc52428b8d5a087fa5

SHA1
07e973549a2cee61ffeeb6439abc419cd8a489a9

SHA256
f0ead1ad60e0cc310c1a40685c28fc7a69aa346604552816c51dd3c1718a1e76

SHA512
4bc26c18ca3a2edfe38ca1e14ad1e1415268b4a69cdff3c0f8e2b8fa910c67c2e4bc4f32c21274e586e8e139122ea3dbde7ec507c4722b4a9a778ee2598090b8

Download Submit
/data/data/com.chengyu.taohuo/.00000000000/A3AEECD8.dex

Filesize
63KB

MD5
5061e4948844f7d366972ac8005e9f13

SHA1
a2b79a1c79afb095ddebf0f16a1f9db64482bcaf

SHA256
3aa6caecfcd101531539147e01382bc530b4fdc61e98937d63cc4648793c6a45

SHA512
223d18ce248912df18cdea3c8e864ea5e6ec058ca42cc5fde738188c54abcd260d7f24ac53d4987d3e32f4ae3e1e40e01354054d035bb100eef51b2d695f5299

Download Submit
/data/data/com.chengyu.taohuo/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.chengyu.taohuo/cache/weex/libs/weexjsb/x86/libweexjsb.so

Filesize
6KB

MD5
9bb067cd33b490d30f2c88054c732574

SHA1
d95a11e2be5c7a1fab9820e34cdd9e482523ea86

SHA256
fb993dc086feddf19af9700c7428386e3e4a5c67f273711c371ff4460a830ae9

SHA512
0b721c51332313c50ae466fff1b4bdb48a71791bca67ee83d2882a19e8abb59dc1406ed15d6dabbcd3ba922167fbf68a3828fd82edf4b2270ff0191b8fed0dbc

Download Submit
/data/data/com.chengyu.taohuo/files/.imei.txt

Filesize
32B

MD5
b4999a04fecc14fa26f2cd0d0852b312

SHA1
84a6262e730c3a1153ae4db49ffc71b2c9b12197

SHA256
9d29b3991a25bf10178b9c181152f2575646a30eac00e4b06f5f21bf5f681c4d

SHA512
1d0a49997682cbc51ead0ac15590e2bf3da283f917267efb98393f8cedd4adc738d3970b312adcdc5177f56db29419237336b3eefa87ad517ce44ef2ec68a24f

Download Submit
/data/data/com.chengyu.taohuo/files/cnc3ejE6/eje3cnc

Filesize
35B

MD5
762298b93820a5cd8b6d8ec469078f7f

SHA1
d5b02a2ff3b235cd2b61ceff53a1d88b8984477d

SHA256
dc3f98a33c26c2796dc294b354831fd5ca9796295f4cb38479c80b145d4807db

SHA512
70f864211ce16679d0538abf9b7071d27c2d22ae458e32409d20065032c762dd186307ef33ede90abd9ac794a4ced8b163404e9799c05f0c515337249684311e

Download Submit
/data/data/com.chengyu.taohuo/lib-main/dso_deps

Filesize
288B

MD5
5e7bb379e08264411d54cb0cc19f2916

SHA1
20809082e52bae94ba0d5e90d3b56ee49add2e51

SHA256
45ee52aec212f8e026f07a9f7a95f174e6cefaae6587746e73c90d70e7cbcc49

SHA512
58fb958215cdf122f5073ad82d9f5b96b1cf2c500a072bcf452fe36d3bed4876da59284eb5c6b8cac45365d00e421bbe12538c7820e499f6cfd9dc898010ba21

Download Submit
/data/data/com.chengyu.taohuo/lib-main/dso_manifest

Filesize
5B

MD5
c06857e9ea338f3f3a24bb78f8fbdf6f

SHA1
c5a0a2529d2deb60fec041b4fbd722a2ebe31702

SHA256
957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

SHA512
29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

Download Submit
/data/data/com.chengyu.taohuo/lib-main/dso_state

Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/data/com.chengyu.taohuo/lib-main/dso_state

Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/data/com.chengyu.taohuo/shared_prefs_ext/test_app

Filesize
29B

MD5
424d4d58a7e0b33b4e970f4a38363984

SHA1
6bef0c7f22208deee15e4a24b100dd96e27fb59c

SHA256
0c4b00173095ffe51706d0a271860aab98ea1977cf84e6e7a4c6aeb81cf7601e

SHA512
5fe5963f60c8e3eb047ff0b66b517dae96624f130f6e5c271970185bd8fc09dcbf475eeb378033f71b046034ee78efbc3387e0c06c00742764bfc97091dc30d1

Download Submit
/storage/emulated/0/Android/data/com.chengyu.taohuo/apps/__UNI__EA8BD3C/temp/1452510917

Filesize
640B

MD5
d33d633a64e0150397add33fa84e768d

SHA1
9f2116db51088587637efbdf127cbb26649d8d30

SHA256
a32e5d2e6717b16da4d44f8629aec4daf92fa1b3ffb92b465f2410e8c67c8ecc

SHA512
0cf35a157d5130f4d6a688a6f620d0e320e48d637d618fef5924352e43a0676d2d8b090d26487684a662f4169c8c47f07fd0c78b68d2e18bfe3087a0a1c82fd3

Download Submit
/storage/emulated/0/Android/data/com.chengyu.taohuo/apps/__UNI__EA8BD3C/temp/1703524080275

Filesize
348KB

MD5
ab071c286ef8bec6ae1e0d9f90affda7

SHA1
93ed563405bd7cd78bd546375d76db897da8ae81

SHA256
9280002277a0a5b91b287a47c0097b949ced0126f5ad804f924feee849483ffa

SHA512
29cbf4213077dc1f0001271f36af351ca0b97d96d780e5c61872447a27349ee576b654e25389a59f7503a9faf666e1966bf51340fa07188e86bbc6fb135dbca6

Download Submit
/storage/emulated/0/Android/data/com.chengyu.taohuo/apps/__UNI__EA8BD3C/temp/585175696

Filesize
1017B

MD5
43a7e9228ead34e93d36207f4a701a43

SHA1
be39c397cde59292edceab29886c80e4765c51ab

SHA256
4b4ba8d7ff19735647b36829c80406ff9738a5f0ec9d845543c48347a51f8d91

SHA512
ba2ac11a2ebd9972fed1e1de476d47b0eb4596aaa701a9ba98ce939bebeeab7887e2689b369d3d44ce0c97b6ee850d1c1b315072492266e1bb6572c276f137a2

Download Submit
/storage/emulated/0/Android/data/com.chengyu.taohuo/cache/AdEnable.dat

Filesize
1B

MD5
cfcd208495d565ef66e7dff9f98764da

SHA1
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c

SHA256
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

SHA512
31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads