Overview

overview

8

Static

static

8

171b26924b...bf.apk

 

171b26924b...bf.apk

android-11-x64

6

amap_resou..._0.apk

 

amap_resou..._0.apk

android-10-x64

amap_resou..._0.apk

android-11-x64

Analysis

  • max time kernel
    2887356s
  • max time network
    168s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    23/12/2023, 12:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    171b26924baf9b908e221d2cc03ff44e1905dc909b71a482c47011ec3475b4bf.apk

  • Size

    20.5MB

  • MD5

    f841183e0e09bb95bdd3fb7d955e96d8

  • SHA1

    b1a4d5e48d96ccfcfef498f1453e9b0ffbe5bf95

  • SHA256

    171b26924baf9b908e221d2cc03ff44e1905dc909b71a482c47011ec3475b4bf

  • SHA512

    17dd1847a108871ac8b0622a6dcc3f6f1b3db44b3dcc33397f47adeb9d7c564fc29aaed254b503d71bd8cc7f7199c8509e31f8c62ba26faee353ecfe6d8a122d

  • SSDEEP

    393216:azX0K+YZTQYmkNtuPRNfJf5msMUKylcT5MmhTAK+LWYIsKWb/72EVVd1u4K:OX08ZTtmB7xxTKGC5MiTAfWYIQ7en

Score
6/10

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.lysoft.android.lyyd.report.mobile.xzmz
    1⤵
      PID:4465
    • com.lysoft.android.lyyd.report.mobile.xzmz:pushcore
      1⤵
      • Uses Crypto APIs (Might try to encrypt user data)
      PID:4516

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/cache/CatchLog/2023-12-27.txt
            Filesize

            8KB

            MD5

            f7c5eeeb746b4aea14475c9fc14d5a72

            SHA1

            98e63913e5c948f3f19903dfe5c90688edec9cc3

            SHA256

            7b49330e41672e4d11ed11cb3938c9f08f7d4b4b167b51898afc3bd4ee24a060

            SHA512

            9ebc3712912ebd6a22393795fe95f4b6af1bffcd0e86aa4a89911960069fb2b9d86ee7b6aa62f89b1bda2ce264da5ddea6d0a375d18f8e682c25e3ff73082425

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/cache/CatchLog/2023-12-27.txt
            Filesize

            437B

            MD5

            e6beb886938516db28e98a674fdf3e72

            SHA1

            7e090588ebedfd1308a2c025f3b953f9e17a9d15

            SHA256

            cdb3e5d33215fb406f9e5829f3ef7e885d62e5b834eb47b7350f6f5e45bc3f1e

            SHA512

            2fbfdce610114a3b6fd96dfb27a2e4cd8112ec0c37c04e0ac438df15de76d52f0f00a1f2100c90df7c3c69a56eec36e8683be94c27de62a6237b6c7fd08d383f

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/cache/CatchLog/2023-12-27.txt
            Filesize

            336B

            MD5

            a485ef442af1bde9f8372bab6ca3ca15

            SHA1

            ab6e2edf101e1db4e855f6c19c2843d82b7215ee

            SHA256

            402d88faa2d981d93356bb5a9e32f6711f225d6f36a7b702675499a8a2bfb44b

            SHA512

            bb2a7ea0e72c9ae083a0ba9be5d4d4acd2160743cf781fd8482b515ca3b4b8c02d1970648bd372026938238f03c6277996286f1c29f43b2bc393a958ec21f3c6

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/cache/CatchLog/2023-12-27.txt
            Filesize

            436B

            MD5

            b2bb5549e85e5d8ee858bbff5d4e273f

            SHA1

            66ea2631aa848e9dd40046213aa2a225d6941843

            SHA256

            6ddb62959cd125e93e30c67eac3b99d872eafe67c8fee814cf9601707c9fec58

            SHA512

            7c9a473918dcbdd4b081dbdb1d243080e56dbf55d80fe607c2c70e22fd502c25abaa35f3087725630ca03a21c47cff4fa37458f2c17382c3ddbaca9381268e89

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/cache/CatchLog/2023-12-27.txt
            Filesize

            358B

            MD5

            94c83d06c9e921b0cdbbfb578aa67721

            SHA1

            c9052addb9f54a9df2ee1ee654af8dcbc2b90f63

            SHA256

            73128bd23fa142caf24ccf31dde952a7edcaa72666d3886edb5db21c7a66ba28

            SHA512

            e22e7e0a2644566e0aeffc5428273802d80c0f08216387f874ee3789fcbb8d03066b884f4ca26bf69792c2a36639e352f64d3228da0fc6169e17fe4f0d646613

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/cache/CatchLog/2023-12-27.txt
            Filesize

            512B

            MD5

            60159036d2c1f8c9902fd8cb8ee6b680

            SHA1

            32f10e95f69aaa56099bae9fce01f85bce8ff20f

            SHA256

            d2cf344964758e26f10bac9e07bcab983eb377c5e499879b72e0767b548a5b85

            SHA512

            6d56f5739175d962c5ceb8c4fc453866cb94bc2d1ba1c4ddf846a0658b23b5bb447d7d9bfdb8911bc4b0c23458595c04623de2f6176f35c5d1dada4e899af0d6

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/xUtils_http_cookie.db
            Filesize

            4KB

            MD5

            b9e10ce4641ac1eb042b25c43bc3d8f3

            SHA1

            85c15efa83a28a083b900375dd8d8f90b307f22c

            SHA256

            fb2d2d7f4ccb2251604003206df006b69f41705f0b265ddec061ac6beb30dd95

            SHA512

            ae8944f77dc535d10cde4970cd9966500686c4aecd3411d9eaa5d8d5d548e36a9e6be7225f30fadcf0d2d893fe976966ead7ea391bd89e2bcbbc55feeffa7ccc

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/xUtils_http_cookie.db
            Filesize

            12KB

            MD5

            171aedf968e17a2744d2585715606cb9

            SHA1

            bbeddeb3b89fcf809619c35b4a318a80e7d5b029

            SHA256

            d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

            SHA512

            78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/xUtils_http_cookie.db-journal
            Filesize

            8KB

            MD5

            03266cfc5eeae7a6750c072c11652d10

            SHA1

            3a442a5c4450a95e2fe890d6de2155c32e681072

            SHA256

            517a8faf9ac7f503189f36c94a9ffa03e22da1c5c086697c472b6d3d99fa9b5c

            SHA512

            b0d0d4c3c980d5d81b966931dc835076978ccb6b2ebad59b957db42f543d7ecbcfea1623c8cb251e9a9bf37b002bf8ec2ea371685c149aa0595f614db0ce916d

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/xUtils_http_cookie.db-journal
            Filesize

            4KB

            MD5

            339a3793441de02d47bf5f3dc2c9501d

            SHA1

            be99993cab14cd4875e73d78f9a18c399fab1e0d

            SHA256

            e8face106550132e08112628d10cfa95c30fe1746980d1ecd4fbf47685c0925d

            SHA512

            efb2dbd2c83d0b60ba108523a6297601c02a7b8e0ca9a0a14e96868978a04dc51d9c68ad2d55fe316f08584ed2784e403305f41ed11154059b3d7ea8770bf399

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/xUtils_http_cookie.db-journal
            Filesize

            512B

            MD5

            4ae7fe44c95cc67d8b0d5f70bdada24e

            SHA1

            ebbcfa5198b84b8c17383dacb05315510204eed8

            SHA256

            cfeea82d314f430f02bd2488ede3f248df897fc2447c0ef9c173de2f05ca4d2b

            SHA512

            f9ab7151d12f01bac7f43d6f50f3253c0489f4ed096e5bd7b682672d54c93a44b40843435b12414a1f8ca990de2eb849a77f73b24758fab0eee0efe00b640677

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/xUtils_http_cookie.db-shm
            Filesize

            28KB

            MD5

            cf845a781c107ec1346e849c9dd1b7e8

            SHA1

            b44ccc7f7d519352422e59ee8b0bdbac881768a7

            SHA256

            18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

            SHA512

            4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/xUtils_http_cookie.db-wal
            Filesize

            4KB

            MD5

            bde043bec4b2b6699f6e81e4d9c7277e

            SHA1

            99e9b25e75369bd70088770f6250441c33f308dd

            SHA256

            4d83e54e420cfa7e2b40c47157c5ff1ebc39ab4417aca638fc7defbb83e3fddb

            SHA512

            75a1e6e33da5b06cb246860fb4e69146e904012acdbf046e9755095ad56fc202fdf7226b0cb31c0c50d497594bb43f82a90d8d7a654ea2f32d449bd05fa9e98c

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/ybg3.db
            Filesize

            20KB

            MD5

            6d2228ce48c5310dc0e65f28a7ac6ef3

            SHA1

            c83d95be1c1b16e42ce2cf27535c2e91dbd08832

            SHA256

            1def8432f6c7f3196ba61a7060839555949dfc05b99b0c9c6eeb5e131291277d

            SHA512

            c813cdf12ad976a55e3498d8873d034ecc63164d3bf49f41b3817b947fe1c08bb48a1cf1a3b3f9ca7bac253bc1a6246f7b7180978b7b34f22e33de99236afee2

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/ybg3.db-journal
            Filesize

            512B

            MD5

            6f193daac7c76008021dbde4ba774515

            SHA1

            5c7aeeb18586d13f3bb3cf954e18d9cdc90204c2

            SHA256

            c3c65828490a483abc67dd12ca209e478efa397a2bd562ce24bc7782b0b6f18d

            SHA512

            3b0f51275222bfe13e2d40e3b01be3c2b729ebc11a4597d98858e7623b1957a1eef09b5ae49a24d44ed2d1e2e69ed487b097ac83f1d3b84057677b177bb09980

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/ybg3.db-journal
            Filesize

            8KB

            MD5

            599fe08df01a9722cf99284a55937577

            SHA1

            66f6682a8309da6c40663c5d615a8e0a290c7c68

            SHA256

            38e59ad0dba1bfc0410b706efeeedb2bd7350f3009b80fe57ff540b032b6aa4a

            SHA512

            687d49a81e2fed78f424eb29492975b6375062450e698b705f453402904ff1f6b7b238c824838fbc985d7f7ed6af7bc440312ef48fa98ce67c746c0b66d40b8c

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/ybg3.db-journal
            Filesize

            4KB

            MD5

            5c0fdf764e7f27310becdd6c77e08588

            SHA1

            9d464f34eb0174dd074d76ae6b41058ff9109845

            SHA256

            b713f3703cea0e6d23bcbf23cb2978d269efdce63a0091c223c357f77ef38333

            SHA512

            3180294f82820fd4798ac3248878c7d504a324a22c37e3e9130cc9d8f95f297caaf5f94d9a1a26f48a16914405eb712e70b4df493e39ebbc779417297b16d21d

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/ybg3.db-journal
            Filesize

            8KB

            MD5

            56123236612980b237c29462159156e3

            SHA1

            3550930d0b1c0d9744d36bd6f5df0caa8a6041d2

            SHA256

            3f6ae71c53d2a0567f492b0421901cb51cae1510ac6c589886c146896b51db0a

            SHA512

            37ed50a844ec601e3c127af0da81fcb207008aa5d76fbbfddf70e120bfb432cf512821631a46e82d9bd31e24faaeb2030d1c4c1f4b385ede144ebd90709ac3b6

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/ybg3.db-journal
            Filesize

            8KB

            MD5

            0cdff119cd02b2019f2f0224ba49e3ac

            SHA1

            d3487830d4cdd713dcabbbf8124f57e63b5977a2

            SHA256

            5ef78dacc6adfdd78164e915c1295c9a13ce2e0771486d2434307e8aa27989fa

            SHA512

            639b7d60fe5be8c63920281a1e4f50ce6ba49fabacca1490a2794ab20661a59d042782ca3af6fa0875b529def89d7f695727fc516327eb40e57496b204cfac23

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/databases/ybg3.db-journal
            Filesize

            8KB

            MD5

            3948587a780ca45d55325aebade07ffa

            SHA1

            144d862041e108e5ecdad7011724a756e70061ec

            SHA256

            18b66ecc5101d7907a6f80caaaf726f490afe796769387d81c4b650d8b1e6d44

            SHA512

            7d20e69de211472d5eab270276170fe786f2791b233c169b50cfa35e2b4b3080e4376bed664936895a01ea974b66c3a3df90545109877f76af6dd1cccf35cd8e

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/files/jpush_stat_cache.json
            Filesize

            119B

            MD5

            190e75a3c80311bb969a6909ce59c232

            SHA1

            40ad1d7f9fa43ec2ca06604f6a14edd7e90c5bb8

            SHA256

            80416600776d577dbbcb5efddc45f741964dd9998836f134963cd393d6e9cab1

            SHA512

            009f1cc89050dbdb89081db8f56a86327f60a5a6e65d8dc15ef2a779f1c40bb8be721994c25cdc838334c29f4c127b7b823fae524b924d84f4df8bca65b659ea

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/files/jpush_stat_history/active_user/nowrap/028f62f2-9489-4ae7-9e7f-3ce20086b086
            Filesize

            159B

            MD5

            77883b1c67c82a597314b687b69fd7cb

            SHA1

            79048b9fce896b25af2135795816f9d19ad1bad9

            SHA256

            bb4bf006f605c331a9a238c2ef7e24c706c32c3c68378ac418bd42d1853ff129

            SHA512

            4c5ff583f057f6fe30999e4b4cf6bbc7f46690b7eacf812a0029527ee33cbd91979c78a0f6e40e63e0871d47bba3aed6bd211dc53c805c5c1d5e3eb4f2902ab1

            Download Submit

          • /data/user/0/com.lysoft.android.lyyd.report.mobile.xzmz/files/jpush_stat_history_pushcore/normal/nowrap/bdd193a5-f734-4421-a5e2-4947cc13195a
            Filesize

            12KB

            MD5

            237f72bc4fc82f0fe53d129919db4b03

            SHA1

            f0f2ad8a0676a5d9d1c64b69232333683f680325

            SHA256

            3a1272c1425420eadca604de8b2bde5b773e8de54e02854dbbc885c56dd4efb9

            SHA512

            ae97a126fd26e3ce724bf5a2044e728688eeba8b756d7b603802e3c88417b6f4367cf1d3404d703b0652899f79cda0a44d154363e822bc7f80f07ceb335cc94d

            Download Submit

          • /storage/emulated/0/data/.push_deviceid
            Filesize

            32B

            MD5

            bb427ca54f12eb044b0778e22383a92f

            SHA1

            fd790ead8bc49e2dc4dadfcf8451007314bd8f8a

            SHA256

            fca999c11d4f03eb5b8f49fd4df1f922694ec447f55758855439b0b5c667d1e1

            SHA512

            32d2f306f0db38773722d29848aacc809b57ebaa82fd7b1f49bcfcb8f0236a9d6599cebe790e110166e41c8b4b4fe5884a67df236d08c3fde5945f54fe8830e0

            Download Submit

          • /storage/emulated/0/data/.push_deviceid
            Filesize

            8KB

            MD5

            720443a9caa9a1373cd51bfc0f001322

            SHA1

            0457b4968628e2c32f14a6f6cb3232359a2c8ce9

            SHA256

            41102a3d78a30ee47d017465542f21d2764a11c9a0754489952974ca90329830

            SHA512

            1429c24ed2adc18db724bff0c1c0d150dafc986a4d5f7cb68747af13fd6c4867d7fb56639b2f73451f5262512d61d4875f71b272576015aecc67c2bf01696b0f

            Download Submit