1b821916b0f79091bfdc9d195320decf954ba5a679ff19aa198bbe403f36a2e2

Analysis

max time kernel
3034503s
max time network
158s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 13:07

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

1b821916b0f79091bfdc9d195320decf954ba5a679ff19aa198bbe403f36a2e2.apk
Size

15.9MB
MD5

e6311f43a545c5c6fbe1b9f1852c09db
SHA1

211bc7ad7907c59537c48619932260453fe44d28
SHA256

1b821916b0f79091bfdc9d195320decf954ba5a679ff19aa198bbe403f36a2e2
SHA512

3dbef31aa34eab2ccf07db86135ab53ba824ec7fc36d834142664291b664bf5d2aafb02f69b80ec52890d251eab785d5ee9aec5f41c33f95e844fd848ff846f9
SSDEEP

393216:X7VWHbuwtIS16zuRWKirZkcPQ9iGprQhZR:XObuwOS171i4IGprGL

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.glodon.constructioncalculators/app_e_qq_com_plugin/gdt_plugin.jar	4260	com.glodon.constructioncalculators

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.glodon.constructioncalculators

com.glodon.constructioncalculators
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4260

com.glodon.constructioncalculators:pushservice
1⤵
PID:4294

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.glodon.constructioncalculators/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
200KB

MD5
832bd7a96ab6265b880c73f3fa3ab555

SHA1
8705bc41b8bbc5cd8153125883d148c6ebd03196

SHA256
cc770d97d711e12e1c5c954defb09872660dfc626a3ec9bfb9fec22a91877c3d

SHA512
2f2d921af508a6ccbe4f1c8650e6d17ec00adc224570c697cb99f05f617c03c9c844d40728b4d5c32e1ec51b2b17a1b962b0952df4e197d1060e6751c7858bf9

Download Submit
/data/data/com.glodon.constructioncalculators/app_e_qq_com_plugin/gdt_plugin.jar.sig

Filesize
180B

MD5
c824a31a320ee9413d7451f81b1b3c2d

SHA1
f22b403463fac48e79e968e29820d9848dc5dba3

SHA256
b29f2e2b4b3922800b43814fd12236646babb24575deec3eede4bc9bd543c075

SHA512
ba7a7fbc84bd7a3a0c89be406ec6bd4c7730e943407abbfb855738295dd371156c3461b19663a3a14898cc0e537f463e8c9d602130668de152bf652530f56afa

Download Submit
/data/data/com.glodon.constructioncalculators/app_e_qq_com_plugin/oat/gdt_plugin.jar.cur.prof

Filesize
626B

MD5
3bf00b9856609e52f59fbe3eb260a8cc

SHA1
ba099abab07af6fc03631a8cbfdb644dc5293c4b

SHA256
c9d1842077f36edb17c9ba2d3463407bdf17f550527486eb315be8bea1b16f59

SHA512
ff4d2281cc75517c953a7b78136625865ea35dbcda147edc2dda8c4216cbb69765a581103cfbd4f3ab05be81117242d4d82731a16869127253a5002bb3f8bd2c

Download Submit
/data/data/com.glodon.constructioncalculators/app_e_qq_com_plugin/update_lc

Filesize
4B

MD5
dce7c4174ce9323904a934a486c41288

SHA1
e117797422d35ce52f036963c7e9603e9955b5c7

SHA256
0c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f

SHA512
d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143

Download Submit
/data/data/com.glodon.constructioncalculators/cache/android-test/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.glodon.constructioncalculators/databases/GDTSDK.db

Filesize
24KB

MD5
755d1d1b0599d7be973031b5a9ed3373

SHA1
3b13cffb97005729fc20cd9b9a8547e0fa32632d

SHA256
90bc14445f887f7dbff548bdcc44145362d7fd20cc8ad8568b4d5c9372ee9b46

SHA512
afbd3a1c76a41015b2d4523d1c08dc14a3a75dfea3a5082b5e0552d750a498fd316bc98055b9f0ad2992f28b820ef15254461fb5df4cd6c21573a96f17b24ae2

Download Submit
/data/data/com.glodon.constructioncalculators/databases/GDTSDK.db-journal

Filesize
512B

MD5
6842068f69538f8526c7f8a1dddbade9

SHA1
16c42a050b53232dca7354ab1fb61d9bd0ef32bd

SHA256
a2a92370b9dc3f0cf62f211e0df96b6b0775b63ab5eef45c160a493635f346a6

SHA512
2debd486131d4c88fe8a1503a647b261d4e5968877ee7339937d20f984404e74413b742143f74b33d4363d8d9551918502fa0b3d29c87793c16c9c4604580c2c

Download Submit
/data/data/com.glodon.constructioncalculators/databases/GDTSDK.db-wal

Filesize
36KB

MD5
8512e082182b94669226b964de76576a

SHA1
eb6ea4000b80b0a30a36f36ea3c5200166915b02

SHA256
f50d1e981aba1e7b8796f4b45f1a65150818b29bc667cbffd2be2624614c822e

SHA512
512abe654855b0abf1a40f80487c48f55d4e21b81ddc95b99276463788f4c2e0b955eda9d6b40897f90509ccc797c21bbd9844a9a4622816b91205a5f6600b94

Download Submit
/data/data/com.glodon.constructioncalculators/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.glodon.constructioncalculators/databases/cc/cc.db-journal

Filesize
512B

MD5
2f9dc5333fd106161f4900783b4d4ea9

SHA1
5552bee6a3c23ffd8aef2f1516b35e1af831a136

SHA256
740fb98be150415be5aa419961202c4c6e8f41d807e01de2d40838ac7e498a0d

SHA512
da0aa0cb27689e563ae75a13e013bedf71006594ececfe8847d7aaabdb7ad5ed7fad5e39684f8c31b78d9044ec2f72ea3fcaebb3387e13262f4bcbe792b834fe

Download Submit
/data/data/com.glodon.constructioncalculators/databases/cc/cc.db-wal

Filesize
48KB

MD5
26396a5dc06acad4de8e6639bbe109a1

SHA1
5a4c49e4a9cbf8677ac42a0c832ce091bda63de1

SHA256
ec9e60983998f3e0fc9c5de8166347254f14571ad18833021e732451a2677f46

SHA512
7a0ec151ebcaddbd215b82193a0a1ea2ab3d1152ebc5da085c27f61ef27cf4742c911383e748dfe1e8edc4b04e7d022f23fd5a3e4c44625dc54a550e739c016d

Download Submit
/data/data/com.glodon.constructioncalculators/databases/cc/cc.db-wal

Filesize
16KB

MD5
fe51432f4eef8356c37c73b94937f438

SHA1
3ceb9abe94a63a6bb83ef56c04df31584db295bb

SHA256
830e7080d2c937c4fbb7fc915dc1c9b495a4882ea496f37fd3cd357152b53507

SHA512
7e8509f6a2b0d03e15488c98610ae3eadc64ed869c04ef30b34c1cb26e2397b9933a4f553f0b4ac87c07a37319a94824673cd6d51104e300f33b75fcb7fb1e21

Download Submit
/data/data/com.glodon.constructioncalculators/databases/geofencing.db

Filesize
28KB

MD5
1deb6b895a2280f63ea2f3783f0a5ebd

SHA1
c01eee51a200d2007d3972b551e2515fc8f96d95

SHA256
c14b81f1de9ea7414f9ab576df19d63c1d4f22750ab37f0800a7a0ee6a15a70d

SHA512
269affd56d83a323141c44f786128a60d501d4e0ede0c4b7d9b5757a2e40851872c801dc1355c62c0607b95b1e42e2bf0b824d0230e1455655d1bb020c6a45e4

Download Submit
/data/data/com.glodon.constructioncalculators/databases/geofencing.db-journal

Filesize
512B

MD5
80ff7e413a1282573a585b776af1c476

SHA1
902ba21ecd437a83ae854ed09d870eabfc6e1135

SHA256
883ac15590a1d20d7da363fd4231e3e34924aee810d08d4aa8efb6863c72d275

SHA512
8b10dfd69a62be0e850d3cbffe62696b259e5ca9b42623d67c8b2e8d2ed687c8ceb9aef934056322d3fce9c820653500d9568ebccad5123490d1b088977bdfcd

Download Submit
/data/data/com.glodon.constructioncalculators/databases/geofencing.db-shm

Filesize
28KB

MD5
f4771f0a3588714f6d2f462564f9e4aa

SHA1
eb1fefb986c1b37214578de6210c75f2a6062a07

SHA256
dfc9facda8e139df02a49cca2ccbe41bb4d1e7dda119445d0653093df837c977

SHA512
caa9c2d53401840bb2a7d37658b6722ed1f714b1854dac80462c10c762d157ef86170680d12eb933ba133d2d949d5f254d26ceb9803616cfcb4999c85bb30719

Download Submit
/data/data/com.glodon.constructioncalculators/databases/geofencing.db-wal

Filesize
40KB

MD5
4b231567df28cb506a5fdff853a37ec4

SHA1
08a38de55c21be8827582ebe6b42af7cae3ebf9b

SHA256
abaf0f3fff66879b5857fdc5c09986eb3203ef870e561f0db25a3980c07e4aea

SHA512
a26542b527dead74b732e834800827e061fd7c3d7a822604ced5d3def1f9093751a3f23ec5bd32a77707dcb6636bb314c5952fd97cd956e77d9c783220ac9bf7

Download Submit
/data/data/com.glodon.constructioncalculators/databases/ua.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.glodon.constructioncalculators/databases/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.glodon.constructioncalculators/databases/ua.db

Filesize
16KB

MD5
a374a25a06b6507a4ae0c940a0821663

SHA1
8fe8d6422b7dfc445c248380c1159fa043308f82

SHA256
452e6b17ecd4e1fe97822049b6d9513f470d2d3191a99eeb1af08a3935f54339

SHA512
e9a24e0a19bf475c6db4c8832f8335901b1ed26e396a138ed345d6e716c3a5ee6a7a65618ad6e1256e6c5d15c117f8f75e363016d4b4ee2e98fbeba0b2c00871

Download Submit
/data/data/com.glodon.constructioncalculators/databases/ua.db

Filesize
16KB

MD5
1c82c527763a61cd0dcf273edb60323e

SHA1
48fe73019ed3441643f243d4807d815a2257d7c2

SHA256
5fd4d1e1e63cdd0245d2256ea1d7d5b2990e7b35c7a7c4335f5b70d899a9f41a

SHA512
12f17a43cef038023079ec1d7e5f523ce3e21df9f840cb876d054e41a8e44fbfb4343531e6e3338a52d8921dca0441f0e4ba8890fcb601ef912df2fb672b6bc3

Download Submit
/data/data/com.glodon.constructioncalculators/databases/ua.db-journal

Filesize
512B

MD5
e97c87ef095243dcb441f9db24cb4658

SHA1
7bb4320134c8a067c8b64fdccfeb07b37a32acbf

SHA256
b90732e186a018b1f0af3fc49a7aa74fd4e84628998254c7e6e7d9062c2fc467

SHA512
cf82eb73c7ced650bd9c4e42904f2671d11463972142b4de4cbbf0662c2c107df4d56780cea98398f5a3a1291ac25a2863eb44d7cb1cb1e7e7ee8eed97ceec18

Download Submit
/data/data/com.glodon.constructioncalculators/databases/ua.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.glodon.constructioncalculators/databases/ua.db-wal

Filesize
56KB

MD5
dc737588f2f4c938fd8348019c880f50

SHA1
6e1a90851bd3f99e362665977839a2e501eb8c60

SHA256
f2a6f5dcdf39f156c423ed2ef82b35a5494af534f882efa017295604beb681bb

SHA512
50a085879e3cb2c78dc347a2498f312f514a6977c8933dcb0e348c93637605bb1ac66e06dff625321ba6956bfc6f2ad9a7bbf36f0de026ff48f48f6b93cdb354

Download Submit
/data/data/com.glodon.constructioncalculators/databases/ua.db-wal

Filesize
8KB

MD5
564252915e56d5cf4722f3d28329cd12

SHA1
52326ca28e9839656ea3c7a753e4e75e24cb24f1

SHA256
3366675e343e15fd0ebecf144946708b1435c84ef205b87086e6ec8e41d03bf1

SHA512
d2c7180966f8c70b92993a3fb85dec6b9ca35f8ea29766422676635a8a2b271f8a5a1a18bd786710bc507a047005b268fdcf5b11c9972d2ce312b49bd6601220

Download Submit
/data/data/com.glodon.constructioncalculators/databases/ua.db-wal

Filesize
4KB

MD5
71d32d0dc8b20d88ecc7ef65b7cfe643

SHA1
6813badd87f6269d101bb485903677a7e99692fe

SHA256
c022691e14e8772984ff18f8cb976c3e6a5e653ef666a6c04a87279bd1641a84

SHA512
86f096d58da502699fec27cc11b25e0d931b857ea426a91e45288e0074c05612e9571f4d7ecf48d368c63485c57f3a142191c8b0decb80d2144531a362607619

Download Submit
/data/data/com.glodon.constructioncalculators/databases/ua.db-wal

Filesize
4KB

MD5
36a65cb3c17736c108c499b739a626aa

SHA1
334356930824c5fbc9a0fed0933855aa553b7a6c

SHA256
445f275c4fe522790e9f79749fd2a7503d5ee8668beb4356bbdedd534a6c9010

SHA512
819338b3580d70f1d15bd4ce3b1899bf2ba7802c08827d41dfb8831fec406e2c5a391f25a90f29f2b930688c44db2e5b43b26b9efd2fed2623bef00a8d3af1b5

Download Submit
/data/data/com.glodon.constructioncalculators/files/.imprint

Filesize
1003B

MD5
b525eb9cfc24010390e5de7860899918

SHA1
c8554dcf91d625b273b34da0b0cf4c74c9574d10

SHA256
e8940ee2e7b9eb8962cc8ef0a42b2ca30a18147bc3b08f250cf5d3b6588a9c00

SHA512
4da08a1d8cbe8faa1f01ac4de118640be7b8f17be64ed98cf16dac70e220d3106efee2a17dc43430dc8ba93fe997bd1add1126daaace4845cbc7aea88cb2ee74

Download Submit
/data/data/com.glodon.constructioncalculators/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
efacb512f693ed72de746775016d11e2

SHA1
80b2f1f2c419ec29e9609e499503bf4b5d7c6f64

SHA256
fa7e9fafbcfba35cfe885c6180635cc029fe8ce1479dc5a155d0d5c021993858

SHA512
05b5295e617ecca4cc179d69ba2bf329b6de72b0251f14d85ea9673b9bb5f7866badc5a4198dda6a05015ceade6e0e54a208638b6bb458103a36358a369173b6

Download Submit
/data/data/com.glodon.constructioncalculators/files/exid.dat

Filesize
57B

MD5
c9ee5f7c2062b7769aaa14f34b2bc65c

SHA1
8c99304ab5e4ae7d6bed9d2b87bdea21322ed8f7

SHA256
296715934a5b4e5a6c7b55e39202b0d01e4a0c7e00d7350f200b55231a10512e

SHA512
44169b87895df364efcd3070182ba33ea44847aa5ca2348c2996a3e9e1b4ddc5c0eac3268ebcc51c197926b0e086d54059fcfe7e2d4c1d2cdd8fd220ac949293

Download Submit
/data/data/com.glodon.constructioncalculators/files/umeng_it.cache

Filesize
413B

MD5
07fdeaf7d7eca2247fc6286b5a6cfbdd

SHA1
6de334f8ae046eff22cafa2a8489994727ed4277

SHA256
ef80259bddc988852926c4f5831347d6e20212101783c487cfc17df1b961361f

SHA512
9b5f1dbcb77e719b3217f1b3f12afbc8d1dd0b9643cd04718086e8210eac08b563d6fb2b9a4237e329c1d4ab88ed8bbe249f2837d4a3e08ede67f467e56f2fe1

Download Submit
/data/data/com.glodon.constructioncalculators/files/umeng_it.cache

Filesize
210B

MD5
9eaf78e1d9ec3fe16bbdfc6fd22cb726

SHA1
f68a6f1b6d05f91efdbd18b80d5f5f30f211ffef

SHA256
d549f5433da9d7890ec489b978153faab15c48b794b237ff05746e8bc6d38924

SHA512
51b1ebd23413afb05dc882783891c8776c35cb65596182bd7129a6d0d3412dd3515bab79237bea87708eebb5e52880482354382d2e6025bfc63ac4a01ad2a6cd

Download Submit
/data/user/0/com.glodon.constructioncalculators/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
447KB

MD5
78e63f35801a4158ba942363d57deed5

SHA1
9c5840fbef9a6dfa9e023e024e7463f847586a88

SHA256
6f7f78a6e902a439ef058ab59f4c57415c44150a1ee01ca51a8a6915f11b0ac0

SHA512
9f08440992df14d934c735e2a6daba56b3c6d4da330b79bd4ca179746fbd8e63ea15ba8853669e5fff919f3cf4f3c27108c27b920432c1de3be32dc985707caf

Download Submit
/storage/emulated/0/Android/data/com.glodon.constructioncalculators/files/databases/wzcx_4_0.db

Filesize
634KB

MD5
9d196f68520ce224703488537fae92a0

SHA1
03505eec54ec14cc292fd0e8a51d425764aefb1b

SHA256
26364c6c4ac8d25f479477c832890cf1d049810f46a78d882f6660ed009dad35

SHA512
72e872e240844380d025bdb275da28911fed8dc644a890ea6d896d07f2554f1fd382a82dfa11cf704d58e1fd08a57a17c861007521380745aa2bc7f744a82110

Download Submit
/storage/emulated/0/Android/data/com.glodon.constructioncalculators/files/databases/wzcx_4_0.db

Filesize
1024B

MD5
4965c5ffaa914fe3261fa3a29d321900

SHA1
7e7a4fae4ff3ef99077ad9126e801df7ff4a84b8

SHA256
2f3479f350a1f5ca75c2081d9365760b6c701bdee6eae61b471afe85216a684b

SHA512
f850547ca3cf8a325a8bd2f52dc5f729a6377e972aaa10fca9271d0c42268026ec13199bc06333689af5d78e51036871b4a5fd4fb2293f26c832f1ba12a4ec62

Download Submit
/storage/emulated/0/Android/data/com.glodon.constructioncalculators/files/databases/wzcx_4_0.db-journal

Filesize
1KB

MD5
d51ea19b71118ebc53637ed6a3db6873

SHA1
872435ac8a9601e7830d7d7ce563040d28ba6daa

SHA256
5faa53a60452ba7bc615df1d4fa9f82a143f64bc085276681a6b03f01db44eba

SHA512
463fbb8bc7ed1cf67d602f5ac1b73c4e6ac442a5b5ba779304b08ca87d12a65ebb18a2fe4ad9ee9129cf02fe0a138d7b1048462021d41737faabcf2a14904baf

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads