14f677ddab9af31f839e74a73337d8593c9e5c7e656556af19e5b4dd67061ecc

Analysis

max time kernel
2883622s
max time network
153s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
23/12/2023, 12:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

14f677ddab9af31f839e74a73337d8593c9e5c7e656556af19e5b4dd67061ecc.apk
Size

14.4MB
MD5

e32b84216ddbf8d20b200c0a12fc5e78
SHA1

f0a7fd3f2fc26bc45364157fd9df5e48f0d9b620
SHA256

14f677ddab9af31f839e74a73337d8593c9e5c7e656556af19e5b4dd67061ecc
SHA512

d8cbe81000b97390d1f43979c1538f2374089f4421eb062450415c530fb376d98e6154979b75d8bce7ee94f1c152b0a37193f0c916b547762ab68de3e9ee38fc
SSDEEP

393216:ly43nHhyzOEZkpBsa2SfWt9A0AQRDVKnatXMw3TmqBXs1vXBw:I43nHhyzOmoBsaafcec2TmqBXKm

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/data/notepad.color.pro/.jiagu/classes.dex	5068	notepad.color.pro
/data/data/notepad.color.pro/.jiagu/classes.dex!classes2.dex	5068	notepad.color.pro
/data/data/notepad.color.pro/.jiagu/classes.dex!classes3.dex	5068	notepad.color.pro

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	notepad.color.pro

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	notepad.color.pro

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	notepad.color.pro

notepad.color.pro
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:5068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/notepad.color.pro/.jiagu/classes.dex

Filesize
6.2MB

MD5
f277f10b47f05b8d2e527384025c363d

SHA1
fdd9a2c0a786767849ae4ec7712b11d65bff7040

SHA256
aa9f28098758920083343235f94e37d117d5f05133c429a9dd4ada9b410e65db

SHA512
c6d7f104bc40b6dfd52fbec897a9fc5c10cbe289342c3aeb5e6420073378c919a73856d4231b6d26703e851b4b740ef069aa0ef706004a3629709e68a1e341b3

Download Submit
/data/data/notepad.color.pro/.jiagu/classes.dex!classes2.dex

Filesize
6.4MB

MD5
5d03abc495278ffe82e4acf82cef3cca

SHA1
af67b2d2ba7b54c02a0b0eb10edd1d5a82579c3d

SHA256
9fda039447f28298a195d114bad94aa6a304b419160750e089dd1070095b3101

SHA512
c28f223eb393b0b58d24a1ba9d53d4043583a11717604bf7d5b25006762e7d8a393660100a19782eff047d34b4bd0868794057e2dd19d4f4ea3e642f6f3f2510

Download Submit
/data/data/notepad.color.pro/.jiagu/classes.dex!classes3.dex

Filesize
2.4MB

MD5
853754ce8fb0608c710f289b47e6b059

SHA1
f2a94b03e9871ce22a7ecb9b74c51dbab6ef3130

SHA256
ba65e93dfe231476e23bd7f35e9f097e77fb5bdcb024d5d72e5cdac483cc0077

SHA512
95f276e60612d545b77db220b6739a1d6a566592175a0481488afbb79a365b73a2392033b597d641f4b3f68e65af1dedfa65378ab6c06c7cfbe31059a3a7569c

Download Submit
/data/data/notepad.color.pro/.jiagu/libjiagu.so

Filesize
477KB

MD5
39d77dcad8e2a44dd7226f442b3a6c92

SHA1
6560fa96c6b5a038abaeee5f139a16e46088d9d7

SHA256
99cba035cae818dbdef989e70e738463798528b8ca52dbf38d2b8a72152680c0

SHA512
7ddfc6c05839160813e58e8f8c50d2dcda7e7b5e7f1d27cffb802ee91de4bb664bc5c257137d39152ed6e8cad0d3c1b067bf8aeb7e53f884893887b54480a5e5

Download Submit
/data/data/notepad.color.pro/.jiagu/libjiagu_64.so

Filesize
513KB

MD5
db22c5992479681884ab1805a6c9c441

SHA1
8e7c8a8aea4a6f7630871c1525355fbc0d7e9500

SHA256
eff32c4751a44e601ada9133b68c81ea5fd4dad5e3e88fb85d6b452f1dcc8324

SHA512
4c46486f7c8be5848197776a65d7c1f4f9d898c2278cee657a2e6e2cfd003c2efc4f6e76f48511ca1c696ec0339ce649d601bd8c3abe5c7a2e6219e263222e54

Download Submit
/data/data/notepad.color.pro/app_crashrecord/1004

Filesize
226B

MD5
f31e05511ff45c79b973df6a542035cc

SHA1
88d72319ca6e2c3a7cbc2548cedd39ad1d60466e

SHA256
438a23e396edf907b280ac6fcb4a5fa90e5fbcf5c9ff9fd1f516702af62080ba

SHA512
b09038bd44a5a3794987ba7b01dd3cac90ae899f714163f4e2c7001d7d80ba8b3ed575fcf74bac30545f658ff84e02942633a02131c32431b70432a2af62462d

Download Submit
/data/data/notepad.color.pro/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/notepad.color.pro/cache/com.parse/applicationId

Filesize
10B

MD5
116edac2e3727343a0416584e063d5d5

SHA1
a0373390d542f44c2cdfe9aa15c866de767d5f8c

SHA256
fc10a9aceab98be49b62e5357389b78ff6db4078e6e593417b57fd3b56bfb7a9

SHA512
705bad3cc982a5ff19c7a4230b7b8921ffaaa7c99aa73c838d3b5ba028e63edfd42c3b3bc0333711b2d3e625a383c66a510db13ad4bf0df0c8eb6bf89b881dc3

Download Submit
/data/data/notepad.color.pro/databases/bugly_db_-journal

Filesize
512B

MD5
2bbf2e25a779b778218857039fba20e7

SHA1
0b3ff1ad6a0b9659d56692edc122ed1a3f0f6cec

SHA256
4ac660797eb328de7fbe375c81582b0ae7d556d4096896e3f005e0776b55d7c5

SHA512
c6728ead80107dbb43e8a0fc06aa2342ba01cae2e5b6dd25f4f23a5f8d82f64a54f3b537e6d3340cdb3d199e69a17065e7f2729c09e8b59eeaa2c6665f809856

Download Submit
/data/data/notepad.color.pro/databases/bugly_db_-journal

Filesize
8KB

MD5
367e801f96e5b7e35e82526f5b13b1c3

SHA1
5b5a0ffc9294ab32008649a1432c8e827035d681

SHA256
38a92b467bbcf13249b6e0be66bc050792fc6aa18f3638565b9258aa27099506

SHA512
e851febf26933404ccd3f310ad895791ef06672a29b7e5f59be4d66c9a93ffe08f97c4b37eef80e3ef0f912609365e9a10ded57641e3c0b8bf7a05509fd8a3b7

Download Submit
/data/data/notepad.color.pro/databases/bugly_db_-journal

Filesize
8KB

MD5
20866ffc7be47f9bcac312cd862d379d

SHA1
cd9a3ca854aa0caeced10f1bcabda7c7c6eccf90

SHA256
a4435510385ab039d572c85fb3fb18a5c82c48c73df2276b1098c24808eb921c

SHA512
cda1f11fc21de4e1a886d713228cbf73643b8c117f536939a2797f261ed5e39a699b6dade2e82333917eff3125d6265d0721ec78f969594f6236c24f34cb1c26

Download Submit
/data/data/notepad.color.pro/databases/bugly_db_-journal

Filesize
8KB

MD5
23eae38b9061d4a9dcc692d0a108f3c7

SHA1
949b57d3ca744e112225c84901e6ebaedf098bfe

SHA256
b72dda4720dfedf37167662c036f819db256390ee60c60100e89d4bbd895b17c

SHA512
9aa6fc1f50ae113e8a13ea0c84d566bdef5446f22e787e65133733e40c31a1a9d4ad230d1f45e534b898f2a8da2beb1f760de2492b7c5aed7ba011807e61aff9

Download Submit
/data/data/notepad.color.pro/databases/bugly_db_-journal

Filesize
8KB

MD5
c0d6a127b00b3b7e4b0917a471be2249

SHA1
eccd902e049879a77ade0f23c080d0bb8c73c80c

SHA256
3b55a837c6d95ade2acf787ae5cafeee9c895d783e0684b9e3b5a0663d7dd0b9

SHA512
55a80c0643d74e9d3487804d7307183608753c827d327919e2fd9302a749c1f14c2afd3be3db1aa2382042eb29d94e35ab3c3161f31e22f206cb9df59f955b14

Download Submit
/data/data/notepad.color.pro/databases/downloader.db-journal

Filesize
512B

MD5
2f3aeb0a7a5f5910d31c5b495633661a

SHA1
ae4937eee70948e6c1fbb3f3a4062a6d8fc8dd92

SHA256
e8f860f9a8890ec1a31994a57c5cc4f718debbe687398cd2d1d95108fba17e1f

SHA512
2fd56d36306579242d301add2f72f7a4bd88b687466b1f4ce3000cbdc3f4cff2ec528c4bd9a4736f0aa9ecc38a47f49f8d53fc3114261c7674773798e6cd8826

Download Submit
/data/data/notepad.color.pro/databases/downloader.db-journal

Filesize
8KB

MD5
77219cc9ba0fc8cf58ff92d3f5199485

SHA1
2a9f1618551ec3a395129bcac6e2e67336ae34bf

SHA256
8f9fd4e62c65e19bcbaa678e80295009c75a377735c8134abfbbe4a75dc1e50e

SHA512
08456d46297cbc3def36c27995db447f98bcf68f784b70ac9c637a3b5d127fdc4d994f9da67829fe859f1a2dd46af50d41fb44573c7ab696374a1243091612b4

Download Submit
/data/data/notepad.color.pro/databases/google_analytics_v4.db

Filesize
12KB

MD5
ea628e04765adaf4238a5dcdff4bbd51

SHA1
a801947619ea8c368efe9c006a324dc6339ac60b

SHA256
885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

SHA512
c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

Download Submit
/data/data/notepad.color.pro/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
1a5264d60277b2eaec6891af103fa0f0

SHA1
68b01ef13e647a6249c7a9cb486d4961a44dd02f

SHA256
e0dba74de26a74ec9e048659f606e9e8df5b0171389dc131628cd44d801c8969

SHA512
dea5bdeaad3f95776b88af4eda2e40920c8d92ec07b17a834035d6332662210bd640305e1f81c98c7e3c7323826cb92fb1e022951c739e6fdbfd2e556cd05832

Download Submit
/data/data/notepad.color.pro/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
1d334633d6dc9b218e4af0818084acb5

SHA1
7266ad8c3a0fc7183351ddf397ab4c7d228fe7bc

SHA256
4b3ac7dc6ba5ea89db8483478d6ba401424cad3b340a7a300aacf9089bb57056

SHA512
d166789f7494a2fa90df33af0d43df4ec495ab9c1876c8e6721bffb5447fcccb06af7ba45e0a0085f8ace0d6314a5170e59f0e3e163da820f9ca283d8e1f49cf

Download Submit
/data/data/notepad.color.pro/databases/google_analytics_v4.db-journal

Filesize
4KB

MD5
40e2247a8ed9bfcbe54068fc326acdd2

SHA1
f7a18fff203a621ec4aa9cb745d98a231502cc09

SHA256
ac26c5a998dc71b782cd0f3c15ccab70df007406bcf642294e5b7325dacb12c1

SHA512
0829e8296ceb030dc909d703c9636bebe2893c99381248c69286fa093bb2609aab552114b8a8d89334cf07478f4787b709ac799ff9e0869844870ecb4f030675

Download Submit
/data/data/notepad.color.pro/databases/google_app_measurement_local.db

Filesize
12KB

MD5
6da302a2e5fc0263420684f38a00e3fd

SHA1
9e1c35e91c3b84600dd8ebc10e072ccb91b5895a

SHA256
a9b2f6227429fd83edc4db9e62c5e3f8c45b55598f7b10c3132d6b339283c8d2

SHA512
6e91d3076e4f382a5e4119e6429b90bd4d604c858acb4914e8b67226f4ad0626e29726e09d12965f075ac6aebc49eb22faf0f5c6a286913aad9515887f91fa1b

Download Submit
/data/data/notepad.color.pro/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1879b303a313d529fdc6dd4323d5c4b7

SHA1
ead1ea66837cf99b7e74af6d9bba9555c7863b32

SHA256
e8ece14216691b03882b8a38a0de1391ed9de0d988082d813623f20ebd083341

SHA512
a540f97c5524732cb5858e9952c42f1a7f839cd7cc831bf8a5ea59e76db817da281ab6acce1c3a40e3b111a2c77657d5454f371381add160569101a706d3ec0c

Download Submit
/data/data/notepad.color.pro/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ffae59105216071c1515b737c5a7f599

SHA1
42a6c9155efbb524b03e22d4a51473be8ad54654

SHA256
8f12ace5e1ec8d7e2040b2ef014889089d4092350d9c53d6250a54d041e30f06

SHA512
311fb2f2225b5ffe977ac01ffcce9b0eeedaf996d2248fcc435e642f78c8c6f4f57d0735735d095396fa224d12214b01381a01ef5b8298025b5195898cf961b8

Download Submit
/data/data/notepad.color.pro/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
364b914cc79ff3ad9dfcd097d6b8fbd3

SHA1
f6ffaf3c3391248df9310d53a13b6679d6b0e5b9

SHA256
e99eb3bfc1df88c4a6400ae460e5823d70b73334f335b00f9b7a8a6d9974c411

SHA512
8e4197d8cf457532019fdacb7ceff44dde77e5ff0f8e7b3328d2bcecded6d1723a417639895c59061df501da9dffee66d044e94ef890dd5d59ed0f4367a9915d

Download Submit
/data/data/notepad.color.pro/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
36904fde3edc1406b0a54f8a49418f64

SHA1
88b9b4ace91eb9696f9f9b372b0b2c7c11f95e9f

SHA256
ee6641f79913a645c2a52181660bef8ee2cf2b139a41ee7364222aab76258bb1

SHA512
2bd4eaa8876611a371a9c0092a37b9e82c2ae7bd3b5af58a0031685887f4a1e89f89b135bf4d584ede2a0223f15ba1312e5261d1d9f3f543bb267e7b8838868a

Download Submit
/data/data/notepad.color.pro/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
7adbec9f5fba8d3ef0dff02f4c705c90

SHA1
2a0e8c33cbc37710292620bccd7e84f004c54dba

SHA256
c8220ce199aa522d9fecebec0fbd7ea41d07a9e10f999ad422e19f405c5af693

SHA512
4759d78a6df2bfbac433e3df6196dc72778ed407db15a61f634d981a864a4cb3892ec17fc573baef7971db605772939447150653130e33494014a1495b5cc4f0

Download Submit
/data/data/notepad.color.pro/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6706d0ecef1a782735b1c69a8bc64c3d

SHA1
b10f0ff874a41b1746b1b6324fb5168ac8c64912

SHA256
bb9e6d9f0a3c521229928e1f215527f063fa9ed1136c7e54780c6bb01861e594

SHA512
64a0c5d1bb67497005543638c55fb90c8ee6c0add3a028b3b70d2c1251f92949bea7f011735c779b4ff5c7fc5f008005817a4d6963790fcf636bc26450bcd34f

Download Submit
/data/data/notepad.color.pro/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9ee6f001bad08d18df684328bc51d3b5

SHA1
08514da1e921c195275eb2f436b20267699da660

SHA256
55d9acc29cfef628acd3d008c9e5fcace8864da5ee2b59e97b56e6452e1b30c6

SHA512
320489415a0bbe5beed6d59c9372b69c45454e88c33f6549cc85377fd54fb0ccc947728a1e8b08a7e8144d27674f3d6dda4cf2565df813cb5f73372bdef91dea

Download Submit
/data/data/notepad.color.pro/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2dcae1439acad1e87e9997c6e80aa939

SHA1
b3b1e1aad225c51b348b878de2b15ad88fb7716c

SHA256
a4cee4e5c6a65a3e078e62838124ce31dcd98b247e5eab145912bd7c482d5e9b

SHA512
6937a6a3800965ee990264f4bc76233328eca2e41ea8a321d6c30bb70b5421993b289ff4a486207f479569f3cbae48839979d2355bf75886922893fca9817355

Download Submit
/data/data/notepad.color.pro/databases/notes.db

Filesize
12KB

MD5
163b0e3f017becbc89b9d7f330b78f09

SHA1
1ef9cd8ac8655190468d0ccece0a4738634ab0f9

SHA256
cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36

SHA512
6a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd

Download Submit
/data/data/notepad.color.pro/databases/notes.db-journal

Filesize
512B

MD5
22aa28894d170fdeed15752fe30f62d8

SHA1
e349cc546b10397bda3eefea3777868e1b538ac0

SHA256
cf913bb182b0cc9b10cc5e7bcb4f183afd846a8ecc93b91fb9706f29e2fa2c82

SHA512
537d5e6584c1c06ae1ba8a3b2b5e911ed749d5fc1a6c14f576e6875e9db582453afcd1a55f904ef856afd72ada9b20c12127d4b0e2fe1ae83cc3d4326fc76b3d

Download Submit
/data/data/notepad.color.pro/databases/ttopensdk.db-journal

Filesize
512B

MD5
4ac163fe042a8c3c2f808132cb206cad

SHA1
cb56ef044db19d1eca2c1c02ddbe7eaae870ed1b

SHA256
8df9b551c4fd9beda92d7a5d07c2b1cc43a29863206ea830e8e460fee2fd6cb9

SHA512
95feed8e9166dd913cf01dae186a3d0486c19fc84151d08fc30fcde5c91156f183ea6f4b27fbb968d1b6b348ecbfb5eb037e7269a3e5c5349e676abb38522d2f

Download Submit
/data/data/notepad.color.pro/databases/ttopensdk.db-journal

Filesize
8KB

MD5
a05ef1a00050ca09196d431366166030

SHA1
734fa2d883dd84d76dc14e6841d6daf7ec82991d

SHA256
adc8d618b5a5d5311f814b035d3835c36c264e2a2163434076b5eba58a72ee67

SHA512
dbec184e8057ec2f2502e25e9eb372e8955deb11865e9f3c8ec33532721a512fff3274958fa90b88b77b1e6a31cf7c2cf2c238e0e20db3f17060b4e3fe2fe126

Download Submit
/data/data/notepad.color.pro/databases/ttopensdk.db-journal

Filesize
8KB

MD5
840db1b4e403f432797869520f3266dc

SHA1
44141e066e56958961e496473f090de6e7f86e65

SHA256
cf9746e60dc40a359c452d74a7dd5c2e1fbe3d4f21eb7362b882f0bc753cf3ae

SHA512
9a0964ab740e92f3bd4f5c14cda8c32686852b9b75aa2579f6157759bb0a4c95d433ce854557c97ef719ffe69995758c9bd15faf1b7fe56444a95673ef8acc99

Download Submit
/data/data/notepad.color.pro/files/gaClientId

Filesize
36B

MD5
5eb52e455da80a6193d1c730b1c87438

SHA1
801b4ffba8ca5f81c99ab2bf011879dc8630de35

SHA256
9c9769983a31bb16c9d95dee7077a571625df1b4d25a2f5d229db19cbad65432

SHA512
46b2400229b521072a39137b4c607e1b4fbac7ad459278395fac84ffe620ef3bd12684b0f98ece524743461dff22e0662d0d5e6e29c5bce04974ce6e3a772c1e

Download Submit
/data/data/notepad.color.pro/files/persisted_config

Filesize
238B

MD5
4e5d0afaafef674afbf88f7fc0205470

SHA1
8101306e6a4be6ee8d9e475fb2a7328e41c4bbbb

SHA256
73c52a93bf29d61b111558f96a35e1a8409b53fdd7a976fbd6b89ff412c5cea9

SHA512
3ffbd0a58ef58887ebd738dcc70688c7c7e0018a9a4ff4d8f50339850e4fd772978dad8f3e9ec513bd029ff41c8162050a38f4a9ab4db242fc0d655d47f32912

Download Submit
/data/data/notepad.color.pro/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
5ca491f692a4c9146338f7dc2f498de6

SHA1
3349bfa77bdfe5b0c6141aafa4f3e8fbac005e80

SHA256
84974150db42c46e30af7dfc54736ac7df4401e373363be832662f81217237a6

SHA512
df408cf9fa4b4d335e0e5309ec3ecf981af20a181d8888231c6e4351ce381bf4864f7b97ba8718c6429617514b0329ea4870de8447f5f98c144cf38059348f1d

Download Submit