262063d02967969c8ad29f0c9d1ef273a1f30b80bf4c7562ebd7a08b40afb603

Analysis

max time kernel
2817530s
max time network
142s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 13:50

Target

262063d02967969c8ad29f0c9d1ef273a1f30b80bf4c7562ebd7a08b40afb603.apk
Size

19.3MB
MD5

65dae7d3dc72657327c0aea774d1f708
SHA1

c500cadacee0618b121aba21cb5ffc378cdfe82c
SHA256

262063d02967969c8ad29f0c9d1ef273a1f30b80bf4c7562ebd7a08b40afb603
SHA512

2ec398bbffedaea67343f6035487f724d494c84475f123cef1f39ae0f61b875f411b05666b7d12cf7c830ec81146dd81fc3b94d5fca1eb0896cc0c686d0ba221
SSDEEP

393216:JEk1e9R+qZKWY98EF7IK213mOcJuBCUuaJdLcWgohI3OJEx3vpHX/WjYWTY60w:Jje9R+UU8ENzESzUuaJd4f3OJE5IjYWj

Score

8^/10

evasion

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	org.unionapp.zgyyxx

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	org.unionapp.zgyyxx

org.unionapp.zgyyxx
1⤵
- Requests cell location
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4499
- ls /sys/class/thermal
  2⤵
  PID:4536

/storage/emulated/0/Android/data/org.unionapp.zgyyxx/files/tbslog/tbslog.txt

Filesize
2KB

MD5
052d828f50a74bded8f31ad9454bf7a9

SHA1
be8f2533251dc5e83432d0dca9cb526c16e18fa6

SHA256
102578684ff7e35ddf0d724e740f12c00fefbbf66876b02dcdff8fca75c5700c

SHA512
bc3ee0b183dd289900099ebeeb697a52e812c6d610b078ae1faa3da95abe34fca77b8c2007de4ff3effad30e31367c80a1eef6b462051ec20fafdae75ebe0220

Download Submit