Overview

overview

6

Static

static

6

1b4203af3d...c2.apk

 

1b4203af3d...c2.apk

android-10-x64

6

Analysis

  • max time kernel
    2893888s
  • max time network
    173s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    23/12/2023, 13:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1b4203af3d94fd3edb8cade461c0ce3e2ecce129d099276dfee59e65e06e2fc2.apk

  • Size

    15.6MB

  • MD5

    a3cf1997f0dfce4175890e6c8492130c

  • SHA1

    fde707e4518b567b860a80a7e6c98a6b49a67fcd

  • SHA256

    1b4203af3d94fd3edb8cade461c0ce3e2ecce129d099276dfee59e65e06e2fc2

  • SHA512

    b0eb2713279a84f296644119a8bb3f21956340d8775782ac791fe3e05831c9fea8518e692496d3d57a6c5fca4fb4b927fc969f62f5b33d65b9ced2491712a142

  • SSDEEP

    393216:PcjjGLTWVX163/Ad07hC4TZTV32nRJBA7PqHvGy9irf0qsNR1I:PcjjGPWVXdutRZ92nzS7PovGbrf0PO

Score
6/10

Malware Config

Signatures

  • Queries the unique device ID (IMEI, MEID, IMSI)
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • com.xiaoyachong.api2
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4987
  • com.xiaoyachong.api2:pushservice
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5145

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.xiaoyachong.api2/databases/pushsdk.db
    Filesize

    48KB

    MD5

    31bcc3df2980e40cc3bb8232f6e7f760

    SHA1

    e6ad0400d2018eff130213d836f9ee978a486fdc

    SHA256

    b782f7cf9ef30657b689915beea626fa566b12166929d570abbc0c50be482e69

    SHA512

    d94ecebd57ff94e8676329c2b31278eed2cff72cfab5f3ea59a62c49d4c03ad8a6b72c42ecf240878f28d5df344ad96699b54c3fddfd400bf203242ad311c92a

    Download Submit

  • /data/data/com.xiaoyachong.api2/databases/pushsdk.db-journal
    Filesize

    512B

    MD5

    66128b415dcbfacccfd5dddda7f3a408

    SHA1

    17d369c2fde4f025d2c240dee994ec9a72caf636

    SHA256

    dda567ed39caf6b9bf192306f2e7dec670b29db658219b4157c5b5b92245aa5b

    SHA512

    8052d1f72ee2ff6e2f2bfb4d163cc3243ed4257465ea450c82f4624f3d11266586dcf0ba841b296995837c24b095cc9e45125e194fdea9fbaec2c8a121bd235e

    Download Submit

  • /data/data/com.xiaoyachong.api2/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    5ed6ed447c64feb022e1c8da69149982

    SHA1

    450f8df27aeba1e0c9661e0e94c50e8f7672b721

    SHA256

    550a2ba151a4293647cf313eab15edd54211cce8b700aa49bdccad4cc414e796

    SHA512

    f44498b2fcd129199281b5c15c74fc4f8a13705b590fd49ca82b57bdaebf9f05e5df902e201dfc59904b5a9114842def5ce3f2a55e12fe543c59d826ea5dbe8c

    Download Submit

  • /data/data/com.xiaoyachong.api2/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    b5eccbb7f9f04ca9fa90fc818c95b00f

    SHA1

    9913e03be034a09005f7d3e07d5c9005f33b640e

    SHA256

    736200ac26bd662d1db6b1b1699570ad248de5fda9fcdd56da10bf38da1c7242

    SHA512

    db05574167f1bbb050096d9670e4c0f4a0e4ac8bbd738fb7a461aa109559bd14d015c8d6874c2fd2340dcf6c33a1e5d8544c458867910a4ed5c0f3af93a6b1e5

    Download Submit

  • /data/data/com.xiaoyachong.api2/databases/pushsdk.db-journal
    Filesize

    4KB

    MD5

    295530879b31461e10f1cd4d297a5d94

    SHA1

    fc9a50038a8e0ffe2fc6eb22a1d822b37ba3f248

    SHA256

    9a42ee289d2519824e7e66e3c25fb25162009104f2bd10318f467cbec242fe32

    SHA512

    439a000e8b52f076ccf199af9c6b608834803851c34dd88e8c5b46190349d41e297a3152bba345313543fa63f61756151b94bcd07b5e3ca283ceaf9c9d1ca902

    Download Submit

  • /data/data/com.xiaoyachong.api2/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    07ff3bf10a3f18a4f4b6c6fb55003b8b

    SHA1

    aee935085cde7766724ee78b1257afb6e6379f10

    SHA256

    529de6ba3eb9ad89d15adda35c9e0b5d4f2d1c3f2415eb1afb301510015f9279

    SHA512

    9ce03a0142bd85388aa31d8fb7f054c0ac7c5bf41ac4e99d635becb414d24c8fb8974ab93dab9a7a3c57da15706f3f5d21206231da7b7a57149b8ee3e1b5bacc

    Download Submit

  • /data/data/com.xiaoyachong.api2/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    a33a11a25350d11e504fc741fb8eb041

    SHA1

    d62ed3c4fe0d3adf56f2cebd67555bab7225fce0

    SHA256

    990022e06caa42be1b5bcec2b2f4f1a73b96c1c8b445fd88577ae3eefec3a791

    SHA512

    c38b5678e7a3687a174a43ceafb327afe468b6d183d8b2a5981f043a8d03efd8e1d51fe8b61b9d512031972bc651304d95bd9fcc8f2e9f8de9eaf2376bd11866

    Download Submit

  • /data/data/com.xiaoyachong.api2/files/cnc3ejE6/eje3cnc
    Filesize

    335B

    MD5

    585839d66722cfd02e40cb740cccb633

    SHA1

    374c19200fee201b26d0153487a281a934615884

    SHA256

    86a9bb4985cca6c9636c4fd071bef4b70ba7b3a5eb51af869a1299dc2b1574a8

    SHA512

    09bbe1bf1455861fd4732f2d1945c84bac34090906ac2fab75d144c22ffcf6bc585c8209e94a2b1919c8402df53966081a1af2993e12261ae4c4ac5568667d88

    Download Submit

  • /data/data/com.xiaoyachong.api2/files/init_c1.pid
    Filesize

    32B

    MD5

    4d6c5c6aea263420e1e658171d9b8f5d

    SHA1

    a2325bacc738c2c710f897a2712c330b235c7f74

    SHA256

    a45bd15607c8ac2e1a119de395a91252b279209c244f639fccf6cfb28541a495

    SHA512

    a7f5c5518ea203a336868352145bece63ede45bf96687f6a2cf9e12d9ed649696749d44b65c720dea1f96a888333062cdc396f94e2d6f8a8d77a3114381a1ad5

    Download Submit

  • /data/data/com.xiaoyachong.api2/shared_prefs_ext/test_app
    Filesize

    29B

    MD5

    0591e47b0e7bc8d10ed305ec95542fff

    SHA1

    f819bfc967349d381890d718d5f18523175b63ee

    SHA256

    89d6b922996e6e195d3d48591c5ee441d2375904f3b56f4d7d18d9541840ec3b

    SHA512

    e2dacbe421f1853c21b57bea8699f243f218e0dea8c2f2fd44ec62b630437f29f611e9782770c114ef6d7c6a70f340f6b03fc701f86bc30724ff5f35a262cff9

    Download Submit

  • /storage/emulated/0/.imei.txt
    Filesize

    32B

    MD5

    0b40727c96b484e294af062b7c0d256f

    SHA1

    1b6464a3238745de3fb1aaaf26e2080b74fc529d

    SHA256

    aece4a445a50ada24e00580fa72a602c8fcc4ebda3e85dd6d153947aebaf5af7

    SHA512

    1fcd732f061181d7e6b88c77acba888125fd1391d6ef3b2bcb6ab7e0c4651332133540a2ee496e8df71556bc435c32226fc8511a5688193bfbf6d917623778c7

    Download Submit

  • /storage/emulated/0/Android/data/pushSdk/defaultLog/2023-12-27.log.txt
    Filesize

    1KB

    MD5

    dec0946193ef00f59f74c309216b1ce3

    SHA1

    02eafb2a3b3e1a4848e7123841200368eaa3f428

    SHA256

    1e4653295efb51c0176b4ae410a697cadcc975586920c2aa65193014588aaeee

    SHA512

    2be75770994a932380313eda2ad5402b5e3f5f8ad081269e8c6eb806c74887758c513cebcdeeb5043699a2a449f92880e6eb357236d327f9e1b3d3d57bdfe1e9

    Download Submit

  • /storage/emulated/0/libs/com.xiaoyachong.api2.bin
    Filesize

    79B

    MD5

    b1a9de47dc900dc63d18e743495a34f0

    SHA1

    896ea9ba47533545b64786a25a6ed492199dd4a8

    SHA256

    22d762509b0292340993df2e732a449918e81c02e910eadefce0d471a655be60

    SHA512

    0aed1d5c2e9c0f2ba6641628b68ce9c2875aa2405a370945a915e276384f1fec377abec5f3b691f7e70a488c8275780435ebb57bb9a077901d0747dc94844fce

    Download Submit