Overview

overview

7

Static

static

6

a372abd4fe...30.apk

android-9-x86

7

a372abd4fe...30.apk

android-10-x64

7

Analysis

  • max time kernel
    2901750s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23-12-2023 23:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a372abd4fe681344cbce1decec8b0333679c63a948db85290480c7a99bc3a530.apk

  • Size

    12.5MB

  • MD5

    54df32b9afc95bb80ab4b19f27af0a4d

  • SHA1

    cf41bf70c13ee08cbc835638752a89f96537680e

  • SHA256

    a372abd4fe681344cbce1decec8b0333679c63a948db85290480c7a99bc3a530

  • SHA512

    47561ca6b26d4b304b07f549a68c5bb3e91dce660edf0047824163a398d90d97ad3afe7880332de80e446c2c0358ee3aca30e950756e5eb7a916b81e7e2c5f8b

  • SSDEEP

    196608:hRFXZuYNkkJUH40BpeGcfVog4UCeeg44EzFM+iJVHDZdVw06tabL:hR98jY0BPcfVoLngDEzu+aVlj2c

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 5 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.sd.business_shop
    1⤵
    • Loads dropped Dex/Jar
    PID:4504
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.sd.business_shop/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.sd.business_shop/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4538

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.sd.business_shop/.jiagu/classes.dex
    Filesize

    6.2MB

    MD5

    c821156243b48888d18be1adf4c44fe6

    SHA1

    ffe5e4d59c94a13fc21d3a9b5b0d89250ad014b6

    SHA256

    74caa20d185f58dafb4f76dfd9b464fdf2b76ba2a430e6afbd1f4a88fb068712

    SHA512

    7d9287dde0c817f6b4637ccecf72a2ec94a5b4368fd6d3dc43b9753eb0b3f9d628561232645c8a09cb8f10f22e06d6400d8b4f0e0200ff24345f5f4e2dd19f51

    Download Submit

  • /data/data/com.sd.business_shop/.jiagu/classes.dex!classes2.dex
    Filesize

    5.6MB

    MD5

    3c054b8a49932c5e40e51d32e701cb30

    SHA1

    1a12c2b4c93926b7a38431df3a0f15cb019a0cfc

    SHA256

    ac0e16e447d88bd5a492e790ee3f19fe952602e5b5f18435ddffc88083bd9a41

    SHA512

    271936206f4c24f52c6b78b8b0ea3a1aecd8cd01fbe90c2af73f7ba1d9c0c234ae6d2cc81efa4f1e7c49b000dffa486b29d2770b79353c6600d2c7746a801e05

    Download Submit

  • /data/data/com.sd.business_shop/.jiagu/libjiagu.so
    Filesize

    480KB

    MD5

    6e8ea47d2d8500b7fb8855394fdf0526

    SHA1

    d3c719bda605cd787c4acf30507edb76b7fb6070

    SHA256

    cc3b55086867ed7136d474a21b1359f49e6afed3b74fbb4ba5f11b36ce1f4d46

    SHA512

    385241f905c46ead517e4e0bcaf2fe00160ba0f7f40c6926ba288bf41d46e77a8bd63ec0a97d57a5b65cf6fb1f93b5f86f51d9cb24809ae934ebdb2fd49c0b70

    Download Submit

  • /data/data/com.sd.business_shop/.jiagu/tmp.dex
    Filesize

    284B

    MD5

    f1771b68f5f9b168b79ff59ae2daabe4

    SHA1

    0df6a835559f5c99670214a12700e7d8c28e5a42

    SHA256

    9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

    SHA512

    dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

    Download Submit

  • /data/data/com.sd.business_shop/app_crashrecord/1002
    Filesize

    230B

    MD5

    baed87040a4a4f3c0ee890841e34f19e

    SHA1

    72a4ea58548984b40c4618382fdf60ffae784f58

    SHA256

    af012079bee9464f934155d1fcf73cebde1ccc89556da99b6170d69027953807

    SHA512

    237062218914884c3e559b32b70f984b113a8d177198a3820e69cf149105a88b46e48291d99c2de158cf73c10c04c88cb8737aca5c792c8d618bc15d2584132b

    Download Submit

  • /data/data/com.sd.business_shop/app_crashrecord/1004
    Filesize

    230B

    MD5

    8c7a56dd1c03fe46b55e3a474def6d00

    SHA1

    abc9c22cb16d56ee6e7681b36a99abcf8cfdd760

    SHA256

    8f17302d7c5f094c3d29973d3c0b09eb81d7881b0cc2565e8ce2e896ae85451c

    SHA512

    3a19cee05b0d474d89f39f8e5c26146f88a6cefc545edde57f395f79a83a8dc1e8afa9631d4c66376da3cade384ee6fd9c16ceada2c5630793efde31372050d4

    Download Submit

  • /data/data/com.sd.business_shop/app_crashrecord/1004
    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

    Download Submit

  • /data/data/com.sd.business_shop/databases/bugly_db_
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.sd.business_shop/databases/bugly_db_-journal
    Filesize

    512B

    MD5

    0dc3cb59073692b23cbb6a19654f7767

    SHA1

    cdc53fb0a5935f0d063c86d2baa91d8358349594

    SHA256

    e0266b64c6bad5ab625682a7db93416477699e0751821bc19eef70476d971a75

    SHA512

    2744381d21c5ecda0fc90e45bd6148b77a2cc4ef2914c3c795f19cbb43366b7a48f94fbd6c67d2db6c9d395979c115b3813585d7dc15d461f89c309451e4d93d

    Download Submit

  • /data/data/com.sd.business_shop/databases/bugly_db_-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.sd.business_shop/databases/bugly_db_-wal
    Filesize

    16KB

    MD5

    c0f96fc916bd54b333c9cb8d0300710c

    SHA1

    ac0dc94b01d3b8d6ffc35f9b5a03a9de2e0c44fe

    SHA256

    3cdcc7a54e48e711f96bcdaa745edf330ea93fd67aef441ee156d8dba7a94472

    SHA512

    316ebf27e7338cccdb76fdaf678b86d81665b731ce9c71cec569ab048973937bff2a12c8aaa0940fdc70d157a26f733082fa1d88fa1d9d0af9d409a075b55314

    Download Submit

  • /data/data/com.sd.business_shop/files/.jglogs/.jg.rd
    Filesize

    73B

    MD5

    ed7ad27ec4bae6886cd96102dfaa020a

    SHA1

    9baff26227bd5646bf5158a8746ed98ffbe3117f

    SHA256

    4506a948bc0769575a3f75ed550a26fb9d554fba1dd72d0753f7c741482613e5

    SHA512

    30cdc540bec5427b58c230a7603cbc8384131786d3de18c6b289df54e2238eb9ea5f8718ac3d05d048a594c50e41f2f939e6556745ac6eb659bd73606c1f64c1

    Download Submit

  • /data/data/com.sd.business_shop/files/.jglogs/.jg.ri
    Filesize

    314B

    MD5

    6b6bd07fee922e3a6ee4f928611fb312

    SHA1

    9791a6aa6176dda35d71fcd12713ac56b074ee3d

    SHA256

    04105012ac8a6d3c497c7f4c46d97183846aea931a0485dbfd341e7924a0b897

    SHA512

    07f5ecb721a3969ab6ce06ac07f5093ab836df7f590ea30972b03cd136ff72ec896ae3dc81f3bf4cf55042d4915ec792c429c5563622cfdcb9efff4fad272b77

    Download Submit

  • /data/data/com.sd.business_shop/files/.jglogs/.jg.store
    Filesize

    32B

    MD5

    448e391c59eef34ee1defbe4dee4c41f

    SHA1

    df1f890987371d7d8e6963c68b787856e42bc146

    SHA256

    55612e17689f4bb05f27e18b4f6d06ffef92a6a8893a5cfdd3d5b99a6028b549

    SHA512

    ce336ce895ba861dda7da27e8869dea065eb3c3403cac55cdf1935409e5ebc95b495370f87ed7416af20af533b15615472e333ae9f2fd2713040f526835399b7

    Download Submit

  • /data/data/com.sd.business_shop/files/.jiagu.lock
    Filesize

    27B

    MD5

    9e781e4c19a4fc5df577a3bdce7840b4

    SHA1

    419f80380dca0972af3005ad64e19f4ade6a07fe

    SHA256

    837e2bd5edff8d80f1060befc3996b2f74050a19c34a8bb9003a9433e3b71190

    SHA512

    8f6bce535a6d12ac91a97015eb39232f5b37211b7269d48ec8895a7c4552ca38405fc88f81930b752d65be9336d99f462b014d64bf88a69de65a0b372e77a9a2

    Download Submit