10a4ecc263109dee27c8e31c8237e4c042966e3e1a09b3133a8a33b989cf5ffe

Analysis

max time kernel
2872851s
max time network
158s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
23/12/2023, 12:22

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

10a4ecc263109dee27c8e31c8237e4c042966e3e1a09b3133a8a33b989cf5ffe.apk
Size

6.4MB
MD5

4b36517669a4cc01e5f45d9fbf916c88
SHA1

33bb44f523737befd95a82bc1a3b837d5c4321fa
SHA256

10a4ecc263109dee27c8e31c8237e4c042966e3e1a09b3133a8a33b989cf5ffe
SHA512

c7515465728adba907e5b06bc6b62ee9f39d3f20af22a3f0cceacc6ca0dfe2fa66c5cd6d79531651e3bf77205e1ee9dbe9a0dcf7077d243421270fa86fdd3322
SSDEEP

196608:H8HEqNVu8U1ZYRK0qRSQS0UZMdBr80aAgrvFRvwiI:ckq+8oZ9yQAZMdF80aAgrvjwiI

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.hxyh.wxmp3/[email protected]	4600	com.hxyh.wxmp3

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.hxyh.wxmp3

com.hxyh.wxmp3
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4600

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.hxyh.wxmp3/databases/cc/cc.db

Filesize
36KB

MD5
4cfe777c9f6e7859f5efe2197401d8e5

SHA1
bb3774e8879ad5f6db0c37f151c3d6bc7b4b207a

SHA256
c422190539b6414072fc3950da19a17985c0c4c2172740b2f74682b520af5231

SHA512
6be469864edaf8eaa110f618f8abd27962da92e20945dcd38073ade2b60b10f00552d54d5db9d9f75ca133213031030e71e2e30113ff033e5ef507a28fe0b1de

Download Submit
/data/data/com.hxyh.wxmp3/databases/cc/cc.db-journal

Filesize
512B

MD5
181802ef8b52963c779d8b70d7527eea

SHA1
b77d4e0325c4570fc738362b650675aba720fbda

SHA256
b1e866a01e23f22f3c62b0c48db06b87ade7d171aa9f41b9d49d871d597ac3c6

SHA512
0a23fba7fb1dd95bf06831d6fc7c4eae7f6369218675e03c0e7206603f564fc99f10759ac9a00694e0b41b0b9404f1f3883cfc000186b7953723dafd50738594

Download Submit
/data/data/com.hxyh.wxmp3/databases/cc/cc.db-journal

Filesize
8KB

MD5
41a1089e19983382df1d7409e7330864

SHA1
4a412a76f6a941cccf6b52b4d510b79bd803e28e

SHA256
fcb2058ff0ec7f7661ecbe6c873611023cc14184d7ef5dda800045091b63a2bc

SHA512
d1b7e13801c5346d546ba2bbe3f5c4626f8076c59904894a540faa48ad6a722565a1c30b0527f3cc60febc5eb7be14db073a15d89336f8594a5ae16683e8cca9

Download Submit
/data/data/com.hxyh.wxmp3/databases/cc/cc.db-journal

Filesize
8KB

MD5
60284531e4e72355bf933ebc500f91c4

SHA1
611166672e5caedec01f5c27a6949f183680177a

SHA256
c775d46e97779467778969a47d5261ebe7d5eaa3e188501df9d2b643eec9c62a

SHA512
ee6967597a390caac7feb5ad324d8eeb02765e808b81cdabebe7d200fff9bce12a7515a1ced472a3b8288b7550ec77ca0d40cb2e952651df2ea4a2a669b40f1d

Download Submit
/data/data/com.hxyh.wxmp3/databases/ua.db

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/data/com.hxyh.wxmp3/databases/ua.db

Filesize
16KB

MD5
ccf7a924571f96fd574b2e47923d3725

SHA1
e1c1d1b19ec340a71e7ab24f8abc3165bf3289b2

SHA256
9b35d03912338287b1f265761695a4feff67a96003276d2e1d0f68d9053a99ad

SHA512
4b66bb4a9a2cffb1ad59689e48db2c247653690675e265ff6a663dc6a7fb476ad7a19e83fea4e866db5a0d489fd8711725055f3dca9b6505ab7a186534cc10e0

Download Submit
/data/data/com.hxyh.wxmp3/databases/ua.db

Filesize
32KB

MD5
4cd141af5f5f1ff6416e42d1aa8fd169

SHA1
121bf46cb4857e644ebf1d78fbda4c226cc9d028

SHA256
0d025277ecc531093a863bbbf75b61f5c22997f1e70fd5f8d70f3c0ec66630cb

SHA512
c2362199eb6452beb82042280a58c7cf60143881673120f7029e461bbfeccf0c3f0b668b40cd93c5fb4b0dd2eb9a3fa41307bb19f276fe3729ccfa4db12c03b6

Download Submit
/data/data/com.hxyh.wxmp3/databases/ua.db-journal

Filesize
512B

MD5
5a2129dab00989bab7840473cb677cea

SHA1
c8df553592c2a4bed02130695ee19548fb8bfd11

SHA256
f562827394ab9ffab20de7e0e7c73d4cad7e2d413c2fafbd7169aee156a80ae3

SHA512
35e0f6af7527917aa9b87ba5e854743c243b601e63dbcd3de3aca9d054c412cf43793cbe5d61eb5b52bd4abed08b23f63b829894e39084f77abbf8729f9a916c

Download Submit
/data/data/com.hxyh.wxmp3/databases/ua.db-journal

Filesize
8KB

MD5
721cef55c1fea613f7aa8b6c9fc023f4

SHA1
9665cc402bf9e5c63375f8e450d17f1dc5f078b3

SHA256
34791adbec00540781f598e06fed387623a381ba799d4ac7ff7bc00e9a50441a

SHA512
75fd58a8d6cf475523587135c7970012324c85193f0609cc4d501a6df1e7b3b6e3017a545190ca836b831888b60db474378f5ec273b2f792bb2d13f64778b7a9

Download Submit
/data/data/com.hxyh.wxmp3/databases/ua.db-journal

Filesize
8KB

MD5
974e4a64e2d967a61c5142be85fee0df

SHA1
a7b31cbdba3ae9d5b09dd3934b755d055a6f7980

SHA256
ff5a555c637ad5cb6fc09a3ab704430fd6ab85db40e20eab8dcb29e559cc3365

SHA512
c593dad8eac12ca24c26395c187e17bc8aa85faf6b30678347173fb1bb0b341c861dff5a0426149fdd59c630de6611872a905fb8351622f409769307a8ff99c3

Download Submit
/data/data/com.hxyh.wxmp3/databases/ua.db-journal

Filesize
16KB

MD5
37c1b35fe580413e9416a8cc7f130db4

SHA1
de85442dcf7f64b7461d96e2c9802bf4fe80f3ff

SHA256
85e7672fac37efcb5894b66cb69265dce280962bfd92fa353474516191323603

SHA512
bb9988e058b31b482d620073444c09a451c01663dfbb18480b7f5a9aa98029e93fa8a38ace752c311c43c6d4b0bd2d90d5ec13fedb731a8980741a28f88532b8

Download Submit
/data/data/com.hxyh.wxmp3/databases/ua.db-journal

Filesize
8KB

MD5
5c2daabfc46279c0e797b94fe927f10e

SHA1
a00acd00b69484b638c50421d8a6b4dedb1294ca

SHA256
6c1e7d9a5ee24b130c13cba7bf1a3b0797df7cb8b848dc26872893f41c8bc08a

SHA512
2f51e7eccdc691b15b67820b5f087b513686bf843a7c64b3655ce147e5c28f22638d63222d5a08aba721c761f064ac8a2b2eb2441b4a5146078ed45335a0c356

Download Submit
/data/data/com.hxyh.wxmp3/databases/ua.db-journal

Filesize
8KB

MD5
085aaca7b1c89be3f5510686accc24d2

SHA1
c0cea189d41b79a92fda926aa24bd32e2305d381

SHA256
c51791afea5518a78f67a796bc1bede363cde4dc60275dbf5559c8b65ea18bdb

SHA512
f393c20f96933e4eaf32821fa182d6609b2ec3226c905259c5ffd9bd08c10f35a059abfbb17f197e721bca69b9f2b1de3bb32cac5455ba682bed677ec9f8162e

Download Submit
/data/data/com.hxyh.wxmp3/files/.jglogs/.jg.ac

Filesize
40B

MD5
e3c9f09cd403bd689d9d139188e6fae5

SHA1
fa298eccffd019e1c2ce5729a37472361f008ae3

SHA256
ae3e1d53af8c999d7a4701560c73a3b9a5b8ec3072d7d690d53a7abaad2a375d

SHA512
344798f62f2301a859832504838ad7bbb627e1559fd254ab614debe029c07f5caf0b254ceb0f47cde68ad87814bef448ff489386492616a8af34396068b9e920

Download Submit
/data/data/com.hxyh.wxmp3/files/.jglogs/.jg.ac

Filesize
32B

MD5
1859bacd1d1e3708e7b8c01b1e1f15e8

SHA1
9dbada259a5d5d6cf8e01ef76ff9d37cfe5ec078

SHA256
830ef5b591cc7aed85db4a3f4a527da45dd614d1d5c7ef49ce3f7f40281028f7

SHA512
6f30c82a65644fb534540a6f54bfc11f39922b630751cf5234c1f50048042cd34d3d5ae27cfc5756a0e2a10d1d3705179435d4d64e821e636d7d056c27d82129

Download Submit
/data/data/com.hxyh.wxmp3/files/.jglogs/.jg.di

Filesize
340B

MD5
3c6d0c58ca6d7538a6149dbe2015074d

SHA1
37a21c744ac43168ebb2435494f53e7b08791874

SHA256
71b1d623e2789f11adf53c1abf1fd20185137c6400b44856157753122aa662f5

SHA512
70046b562e3b48ce6f9573ee2398367b0de4e138ea6f4003077697f82ede63b079ba9130373d8fc076db0a3bb598ac0c4a8f990799a2f8099d63424879878dad

Download Submit
/data/data/com.hxyh.wxmp3/files/.jglogs/.jg.di

Filesize
340B

MD5
665a07ad5ded53e0d03d37f14eaa72d2

SHA1
d349c08e4eda9408af0a6b0936560dcbde4d4562

SHA256
fdfea8b09de6f4a26a8d2ca241e22ee0d026f755a94d199cea89d0d70950d292

SHA512
c87cbf2125b12dcbe7c9a45cf41a327e38a4699cee7e013cb4c0c32daec3e195085829de65451e936837149ae1624a5ff3afd54dbe0b9266c344b6ec39511c84

Download Submit
/data/data/com.hxyh.wxmp3/files/.jglogs/.jg.ic

Filesize
32B

MD5
a7fb64aabcbfcf0caf454d5506c57417

SHA1
452fd723efa305e3be45b2f72324aa0f8aa9c930

SHA256
a5ca33edfe82ab830da2fd95bfa800bb2bc4bff65e9dc032bc01ee218dbde816

SHA512
458584c487b2e822bacec91af2647ed0eb4237bf5cf5445dfb8f51f176d56acaef9ba64109e702203073ed39d27f1f42e8e215fcb4b3e99f8b4caf4142e32845

Download Submit
/data/data/com.hxyh.wxmp3/files/.jglogs/.jg.rd

Filesize
32B

MD5
fb35862e21cbee97526f20bdb6b1fb0b

SHA1
1008bf24ab3dbce6500d9ba29b05ff8a43230474

SHA256
051bc33912da4765bbc9cd09b1012b270634f156009a8411853477bb0e8eed24

SHA512
7d72f1879161c7e935b2c040262c9fa387009e716cf88cf848419df48249d8a5b220b1442914d1b429a537cf1288d84bb01193a5bf18a3a371c4f3ed3cc43fa8

Download Submit
/data/data/com.hxyh.wxmp3/files/.jglogs/.jg.ri

Filesize
314B

MD5
dd5d4d260b6e5033c9d33a0ccee037d2

SHA1
d68e6962988be80271b11839cbb460bf2663c39f

SHA256
7bd451e21c25a9b7a5973f3d71642fd817a136ba9d66d87102321d423539fdf5

SHA512
e6c7404d3bc64be765a72a935f21d48c6be5e1716645dbfce9e8f5635126c7b33fb3ac6fb6b2cc1ae713f3587a2e781cb3510a7180398f21a72538007d62be79

Download Submit
/data/data/com.hxyh.wxmp3/files/.jglogs/.jg.store

Filesize
127B

MD5
79a7b54ed8b951756d82d8d013ce14bc

SHA1
e28d728fc2100f9841039cfe224dbaf3960a18c8

SHA256
4e5ee8840a187110693cb0bc7f087e4cb67f2c0fd6f40de37b81642181bc4363

SHA512
c8a463d494a7b26be7c3bfeec8f5205e0c96925b9899ab0288c71b51a17458df7fd1afdfc5312ad9b64bb2ee9dde880a6635e3a30359003699d4812b37a7602b

Download Submit
/data/data/com.hxyh.wxmp3/files/.jglogs/.jg.store

Filesize
32B

MD5
448e391c59eef34ee1defbe4dee4c41f

SHA1
df1f890987371d7d8e6963c68b787856e42bc146

SHA256
55612e17689f4bb05f27e18b4f6d06ffef92a6a8893a5cfdd3d5b99a6028b549

SHA512
ce336ce895ba861dda7da27e8869dea065eb3c3403cac55cdf1935409e5ebc95b495370f87ed7416af20af533b15615472e333ae9f2fd2713040f526835399b7

Download Submit
/data/data/com.hxyh.wxmp3/files/.jiagu.lock

Filesize
27B

MD5
bdacb3b03eaed1b64a6d8d44b11d74dd

SHA1
95f4eb30a3076d6864ae0e198fc697812e9b538f

SHA256
d7e7933da0d4d6921caf5671a647ec57d96a72a9ed1d4fff1dc4bc14ed00fabb

SHA512
058fd516113432e5eeb34304b3b532b132c7d697e27f2371487da09138426bf6915a9db1a2c80bded9e1a87c7f8ede955d1a9cfd68b6503e622d0eaa7016e716

Download Submit
/data/user/0/com.hxyh.wxmp3/.jiagu/libjiagu.so

Filesize
485KB

MD5
2c1a490890ff15348d2fc3815b2cfb3d

SHA1
922e1e5539c40ad5bed578a9cea9f076df02eaee

SHA256
4a272d3707e61d656a95d20b944a402a4ae39b79013e3a47a93c0faa3eefc6da

SHA512
3a910269e855c3c9a31e40d2d18d166d3c3dc08bb9b063e363be8e737181389e9cc67be8d9ef8d1a63ca0500d0d028aa2562e6fb979beb1a1cccf0fe4d1d1853

Download Submit
/data/user/0/com.hxyh.wxmp3/[email protected]

Filesize
5.1MB

MD5
a1f1dc7f71a42be5fff848da81f7a0e0

SHA1
20ac72e5d1e9e0d814d25727770c7200fe88389e

SHA256
db1f85d1886852b7d04a44a285ad92e0e5433b174577ec62306e7cd3c4b637da

SHA512
05ccb7c1ce37bac1f3d4c135b21042c665c0bb99a57ade3bbe8e83fb0ceaf85bf02cc16621f15b0be4367fbabe32ae6c52233ebae9f4a38f12689505d1684aef

Download Submit
/data/user/0/com.hxyh.wxmp3/files/.imprint

Filesize
930B

MD5
ad3e130ee68b8d3cdd1e5af3b795926a

SHA1
f4b781cd0648cd3a97b463e85d19042d556fe619

SHA256
850156c74fec892110ff4dbc8ab68c2d8383fde99bca4c6b9c81a8039081fc02

SHA512
863bb01e6b551204da401bb24c5cfcf5e28a418255262da639b19c789733254b6ea30df0528f9d7b9061b56cfab7e32068bc5d29c0909150ef0ba9ce2507b335

Download Submit
/data/user/0/com.hxyh.wxmp3/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
1238077d11c93e0e7c4c3a1a0f245a02

SHA1
f07d8b313a9a43890eca7b1e157d52a949b77e70

SHA256
34dd98b95781a04b87cb6c999690d73afb0c2faa0579042340d5bba8e37b0723

SHA512
f4273758a5e776dbbac1ad47fadb75bae0131af1253fadaa17d18846f9b5d6d66c8b392229ae034a4cf34ca58dc916518aafaf6d73c2879f4bfd160f042e18a3

Download Submit
/data/user/0/com.hxyh.wxmp3/files/exid.dat

Filesize
57B

MD5
c312cae8335b173ae777d8cd13d237e6

SHA1
be22c6c31441f5ac3ed07b53fc3f3ce01b84e0e3

SHA256
09945d4712f51ed5d0561c27b701371abc6167a1211ef2fc56aae410e09b5d24

SHA512
da2b57bd7e58ae408458af2f09722673d28642b4f8f95818783d03006852da9e1231e285d6b99642ab0572ee4f45e9702c40178ca5c3ab787fd940328a46e681

Download Submit
/data/user/0/com.hxyh.wxmp3/files/umeng_it.cache

Filesize
350B

MD5
1ac999a898224085ebdc2fcae4b30df2

SHA1
4be750ed9c3ed19949e26a6610f2b5f8fd959ff1

SHA256
f61f852ba404c6c7a05a2127b6b319975e15de42cc269aad1b2efbaef9f09baa

SHA512
d4ced4713728f4fba9c33f058ed961aebcab2fefd2915f7d25dd6b2cabd5daaf872948fef95dc24683b1673396cc902163e797e90a4d1b6553abaf4f3124f123

Download Submit
/data/user/0/com.hxyh.wxmp3/files/umeng_it.cache

Filesize
178B

MD5
25983cacb6745aed9773f565b40cc4db

SHA1
801068f618e8bea06e92d82ec976de5212e62a2f

SHA256
a2ac6734b3a841015b89b02e8a71edc6079353a080d7e519b1343b3c82049e83

SHA512
be843773e065a7dfdabdf188d5a2cf26def4a872607f6f2db107ba9b5b6d48518216267f1b089e93d41e5ce9e9ecb138850fbbeddbdc521ec6964de5611f02c7

Download Submit
/storage/emulated/0/360/.deviceId

Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata

Filesize
32B

MD5
55c4b6b62af7a46d5451634a9b2712a7

SHA1
3af27bc10355223aa2a02ed8cd95d209080f56d0

SHA256
0b7203fd22ce5dbc505172ad75ea0e0bf1da82f3ad4778e250d71c5f428cd292

SHA512
aefb00788c3836e77d712f47491c7cf90c08ecf325a274dbc6ea60c33f195fd1f6851f0c0cc8e0b720e056e442952e9b18617e3d02e69beb6384507f9df9a324

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads