111a6ce5a7eaae7c77ed84d28daab8f3c5e77d7b63f983c56fabf4f3fc90cd52

Analysis

max time kernel
2871474s
max time network
150s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
23/12/2023, 12:24

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

111a6ce5a7eaae7c77ed84d28daab8f3c5e77d7b63f983c56fabf4f3fc90cd52.apk
Size

11.6MB
MD5

6f4667b14a1ff2e6ce079e373b3fe3b5
SHA1

50c5e93f9edf364cac7df64419e68f894d39c306
SHA256

111a6ce5a7eaae7c77ed84d28daab8f3c5e77d7b63f983c56fabf4f3fc90cd52
SHA512

a538f62ba7c8abd41755eb03e94e96863766188fa4ab8a97c87f0d9737388f31e2d7f4da44550023478c5891ce2e77fcf071f97c4422f5957c7646478da304fb
SSDEEP

196608:HaMjRXdgvp5gmykd+qiUZdJUs0vb2xeN/R4O9OgfQsT9ptFOdWv7/OocsRdEK:VjRXdsTgC+qddj0Ceduk4sTTOBpK

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.youloft.ym/[email protected]	4625	com.youloft.ym
/data/user/0/com.youloft.ym/[email protected]!classes2.dex	4625	com.youloft.ym

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.youloft.ym

com.youloft.ym
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4625

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.youloft.ym/[email protected]

Filesize
5.8MB

MD5
cdeefebea160f521a4bf9732d8f4d1ca

SHA1
ac1834b8dc7b87fb590b0e648aab3f7e1fe145da

SHA256
ead6db8b7f3b575e0f703a8e7ad90baa252c0119ee77c50fbf84c958961f5fe2

SHA512
a8f77677442ebe0d876b336924d2946082e27132fc46a7273ccdc091a9b376dde727983b1c5615630e06c857a6508acb8036a803d146d7d55caffb81c27596af

Download Submit
/data/user/0/com.youloft.ym/[email protected]!classes2.dex

Filesize
1.8MB

MD5
bdd4eeda8e0b2c3a2cd240d4621392c8

SHA1
37d328319f8d2bcfe40197f2890c0a33e87a3025

SHA256
594b9c2bd1054147e4760b4a1b895c2ddd7c251d5e2c95fab2753b45e6a6e175

SHA512
dc2fe429610b316d42a56c872415589d5d9521f5ad5fc2dca9b3d090b1fb494569b3bb27a7842210701ea8502da59278ffe72f90d1b24d82da7cec9122b2b84c

Download Submit
/data/user/0/com.youloft.ym/files/.jglogs/.jg.rd

Filesize
32B

MD5
5237900a732e0a9a612c4ba383dbad81

SHA1
c2d7d6fa8f6ad460f605264b0d2a3afc27ab630b

SHA256
0e97f352848f90c01a474e1bcaa17e464da4b0066a04cac116fead165b0977f4

SHA512
8305fc25c98a602a1b776580246b2caea4a8ecbcb538751b31c6e9a0ed8148ccd2c7423f1611c50e0b2544d3f3bf7929d128be481b068dd69c6413d1286057e9

Download Submit
/data/user/0/com.youloft.ym/files/.jglogs/.jg.ri

Filesize
314B

MD5
a1b52710a783368cf7c95077a585d0ca

SHA1
c7781ec36cd0c25f656d9b3340bd2ececa03565c

SHA256
f420d97628dc2ceb64737aa1f3038e60d9bd0cdaebbfc121912040b83366d95f

SHA512
cb84624d5dd87bf117e8152f1ec8584d68240d4342402b3aa8544be52a2fab14d4ef9e1d4ca0b770f60a0a55a4905900dfcdd898a860d71c1f2a09585f94d502

Download Submit
/data/user/0/com.youloft.ym/files/.jiagu.lock

Filesize
27B

MD5
cf2763a946680321983c64944e0226f4

SHA1
8cf6267233f1d4e05c8fd641ee848f3ec9725929

SHA256
1fd55361f38f146c987dad522d730708f9ea788eb9a3560d160652540fa0c491

SHA512
ce90ebc09fc0d8dffe66e04db57eb283b5834c736e5e784df64ec5cda33b168a8e8baa96cbd00bc906ee8bd2bc85ecf575b6366c6722047318cda67463f3fcfd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads