Overview

overview

6

Static

static

6

a3778411f6...e9.apk

android-9-x86

6

a3778411f6...e9.apk

android-11-x64

6

Analysis

  • max time kernel
    2902034s
  • max time network
    158s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 23:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a3778411f670a494d9945bd2730d8d77a7baf2ed12d2641d18ee8484b413abe9.apk

  • Size

    16.9MB

  • MD5

    1347b412eb538cec12456c5201f13ce8

  • SHA1

    fbd08de177d8bb43a9c0e134d01d59aa435fe94b

  • SHA256

    a3778411f670a494d9945bd2730d8d77a7baf2ed12d2641d18ee8484b413abe9

  • SHA512

    3f4ddd15cc6f4c9adb0810ec40ea80264db42bc4c33d1fee872555ad82143d35dd06f62a986b564be22896629a98d4d891e86d8705678e2579e62b06202325ff

  • SSDEEP

    393216:0rOx6yHZNy7rQQLodpMUwthYthWO5wvDXDCw/y59R:0rOxhMUQE2GhWMUTDC8CR

Score
6/10

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.licheng.businesstrip
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4262

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.licheng.businesstrip/databases/ut.db
          Filesize

          20KB

          MD5

          440183c0bf58e05242a8c679529288e5

          SHA1

          9fb61cc8a96fc6a0193da8ecfbf1226219768e40

          SHA256

          ca2298952072f5f2c1964e6706c11ae7d840400ab0948dd0eb55679f6b335c95

          SHA512

          2f40cc4dc8f2ea2d5635bbb324cf7b95f57026dfb5e7bbfe4697dc66d4567afe0fd490d83577ebc98cc20f4c6324d11b9184d994a7cbb19ab5498fddd5e2b66c

          Download Submit

        • /data/data/com.licheng.businesstrip/databases/ut.db
          Filesize

          20KB

          MD5

          c208c7570a78ffffcc58166dabec37de

          SHA1

          bff0f58ce65d086d294057cbc53c7d3e6af1fc20

          SHA256

          5de73e8efddf5d92048aaaff8aacee34732d6222c1ba25278ff48803ae2fa696

          SHA512

          64746f111947c10c31e055ef18cc76d0e3ca34c2bcd59a93ae4c8c912451992b5bfbb1d4d819ab98eb619a5489d1c2f81d2cab6c7f205ff0ab1ce2573f379625

          Download Submit

        • /data/data/com.licheng.businesstrip/databases/ut.db
          Filesize

          20KB

          MD5

          0db6e4dd7b49dcc1e5ca746e9d7a6960

          SHA1

          f70cf4293c887f0a519d58a09b9eb977b5354bdc

          SHA256

          4d9070b6e6b641f66a7e92a138df7169619a908d35262589dd20d3d89444dfb8

          SHA512

          f0695c34bdcb07fdb53214ee7161ade881a5a01d84c7d005a83688f1f4baf5b1384fc7521a3519d6ecbdbbd8ac12da82cfeda5514a6af2b897a299aebee08064

          Download Submit

        • /data/data/com.licheng.businesstrip/databases/ut.db
          Filesize

          20KB

          MD5

          38616785cca0600a03205f84fe330b4b

          SHA1

          6ac41a6bdcae297d56dac5fdde70be5faccf0832

          SHA256

          b05c698d5827005da5e04b4fbdcac53cfc83405247353f8e9e145969a820a4e8

          SHA512

          7ff2901c032607f5fa1f24a48056ae85fe8d67b6c5649233fdad7b66950d359b2fb933344bf1e2fe6255a00c593de7bcf959d201fe8b6ad214249bb31f855a08

          Download Submit

        • /data/data/com.licheng.businesstrip/databases/ut.db-journal
          Filesize

          512B

          MD5

          6b5a8291fa8a64ee85023c67431bba30

          SHA1

          684a0a30402b2049749af52d8b735e35787e0818

          SHA256

          377f164ff436c0b80b7e53465b89a8ee9b5123cbf5f352013638d492875d6b79

          SHA512

          4251944bd14ef470ab5dfbbdb3520ae761f56646fd6daac66173ad74668e9298c894434f2b7c100325d30ff3fbb4744cc7b3fc1dad4562506c993b14371343ad

          Download Submit

        • /data/data/com.licheng.businesstrip/databases/ut.db-shm
          Filesize

          28KB

          MD5

          cf845a781c107ec1346e849c9dd1b7e8

          SHA1

          b44ccc7f7d519352422e59ee8b0bdbac881768a7

          SHA256

          18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

          SHA512

          4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

          Download Submit

        • /data/data/com.licheng.businesstrip/databases/ut.db-wal
          Filesize

          32KB

          MD5

          834e8d37c63cb25da3fe6fdb4ea21c5c

          SHA1

          df306778b280d6be2354fed8a5c486772cab11e1

          SHA256

          7d9b2be5906972978f4ca6e6fe4b86d31814ee937404f18f83ae012ffb59bb82

          SHA512

          c99cc78dc83c6b491d3af0d66a57cafad15ec846dd210da6597e66c188fc6f693a6f5d5740fe22acc6e09235a10f93da8b97d28a01d72591a592e20eea922a13

          Download Submit

        • /data/data/com.licheng.businesstrip/databases/ut.db-wal
          Filesize

          8KB

          MD5

          171e3f5d24b74883aa93703435a89946

          SHA1

          e8cce34848637a343ba3fb58ba0bf18de7649660

          SHA256

          eeec34bcfc09ddae35535d21165a7d1ff15dd1780d286e3985dfdf2201938929

          SHA512

          de2871b2b593a8f94893f9d7c2b672083621ef340aba61adb4d87c9ce7de25929149adee7838cd43aac1dc5e47c8a491cd1ec865fe3784009fb8b53d675712a7

          Download Submit

        • /data/data/com.licheng.businesstrip/databases/ut.db-wal
          Filesize

          8KB

          MD5

          1eb31dd53a4e0c7822903d713ee1fae6

          SHA1

          e59399aba4a8e1cc4817a2f6bc24429e145d3594

          SHA256

          983631a40cca9a9e51a4582097690e2c19f61164e4b8e0e89a5e294b704aea0a

          SHA512

          20da67567ec3aad6149e36e668a2a055df3e894b6ea427da4d3e9deef5478c6ffda2482d24b3b5d9d64792fbb93b31b5db33ba26a50683f19fd69215ecf3a14e

          Download Submit

        • /data/data/com.licheng.businesstrip/databases/ut.db-wal
          Filesize

          8KB

          MD5

          beaf9c5a0eab0e550f6e6e92103c4b9d

          SHA1

          50a5f400c67683a03cd9178a2c166880ef26a3f0

          SHA256

          2557c0aecf258406bb6882b1c6c5b920d65ce29e4dc66522197addd42a4c7368

          SHA512

          128edf163211d4bf31d4014d80bac6308d623e8f52835709494882ef9b0f55629624669ef67acdcbd66733b2c18aef03ca1093cc5a767681c256e4ee84fb8235

          Download Submit

        • /data/data/com.licheng.businesstrip/files/com_alibaba_aliyun_crash_defend_sdk_info
          Filesize

          222B

          MD5

          89f8026df0cc2879b62141ee83b45c20

          SHA1

          51863e2845d7fe465893aedba6a003e194bd0a35

          SHA256

          c138015ca8765d260512bc4fd03f1c7c114ae183fe73a706dd215c542b6bc1d7

          SHA512

          09a53fb5d5509a3a67380977abc6e20a0970a0dc387f6ecf4646e9df837124838dd552a54cef2e016fc05ebb1e3510d229038b17f5b48a632356e2b12d538e36

          Download Submit

        • /data/data/com.licheng.businesstrip/files/com_alibaba_aliyun_crash_defend_sdk_info
          Filesize

          222B

          MD5

          df21b227deba040cf0b040d0e65e4440

          SHA1

          a83676d8341a2ecbf72a0081329e0cb17776c1ce

          SHA256

          5b01d57011d37b1696b648854a857864d6458647e7f80c30ac580deaf6128007

          SHA512

          9703d6f599af75e19ac4542e4ade16b8fabb637477cdbd671dfda039364e649e41eba967ee5aef0c2a0055e70e5281fd9dab6f164c124b9a96ebda0f27b89a40

          Download Submit

        • /storage/emulated/0/.DataStorage/ContextData.xml
          Filesize

          111B

          MD5

          5652f2701551b4f0b85995705c2c6d53

          SHA1

          f862d1a0962d5eba02bb2ebe16f2e3b144a10662

          SHA256

          a38f004600e84243d8939fb065540a2641da7c70bbbeb4f0a99e0550fc18e5d6

          SHA512

          cca59987008e022d2fa5c8e6e6e445b8f696fa13d83d87bf5a55526ddb349d179e9b779d16cba143f65ca0238daa4b9e4ad97b8dfce13bdaaf06c3803060b806

          Download Submit

        • /storage/emulated/0/.DataStorage/ContextData.xml
          Filesize

          213B

          MD5

          f9f1b5162589d33a630df244841a43e3

          SHA1

          3c70e3c73f3c563a7e6e1bb48f184787da9d0b1b

          SHA256

          76f77c199dc69ae57b9b1ea006a862628185fb6cc33baf19410836e9e74acd34

          SHA512

          13d568e32196b04490845246136b4f00ab50a83ea257b0185bb4fab1b4659daac60e5ceb5089c9e9e93e22e75815ed0032900d701832ce90ac57f56ada92fe81

          Download Submit

        • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
          Filesize

          65B

          MD5

          9781ca003f10f8d0c9c1945b63fdca7f

          SHA1

          4156cf5dc8d71dbab734d25e5e1598b37a5456f4

          SHA256

          3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

          SHA512

          25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

          Download Submit

        • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
          Filesize

          111B

          MD5

          27203f8c25cea3e2147ac017d130f0fc

          SHA1

          4fe00372c98dc8e2819dd85e1daf1bafd4e28323

          SHA256

          d5e5f902772896d12d8d0688e6cf643845bc3df75840b437551250ad910a2610

          SHA512

          8428b288b1f6424498c47fca09dff69eb4c37c6a118c16586f43e9aaba64c7093feecae565e3e4d84f0865cb5fdd62383a6379ed1d9f3bd267bf4ff4f4cb9e26

          Download Submit

        • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
          Filesize

          167B

          MD5

          66d2a7d3c717902c1cf6b12ddb4629d5

          SHA1

          89d04559ffd45d8a14e5163d653e2e266bdcdae3

          SHA256

          25980f436aa6eb53fa763e0a4272fccd37e856536581040e43ee8333a2e56226

          SHA512

          0b32396114262c253e20ec22a395f49e90e78c462e07deca26031ca4d63149c704ad2327c4922c943cd0fa2231b3ff645d39ae8e7908a613564c09d6c733386b

          Download Submit