Overview

overview

8

Static

static

6

20a9749e2f...a2.apk

android-9-x86

8

20a9749e2f...a2.apk

android-11-x64

8

Bet.apk

android-9-x86

Bet.apk

android-10-x64

Bet.apk

android-11-x64

Kaijiang.apk

android-9-x86

Kaijiang.apk

android-10-x64

Kaijiang.apk

android-11-x64

Main.apk

android-9-x86

Main.apk

android-10-x64

Main.apk

android-11-x64

Query.apk

android-9-x86

Query.apk

android-10-x64

Query.apk

android-11-x64

ScoreGuess.apk

android-9-x86

ScoreGuess.apk

android-10-x64

ScoreGuess.apk

android-11-x64

plugin-deploy.apk

android-9-x86

plugin-deploy.apk

android-10-x64

plugin-deploy.apk

android-11-x64

Analysis

  • max time kernel
    2537542s
  • max time network
    159s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 13:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    20a9749e2f0914e69ed9ccd2c8576818c801376fccdbab3ed4831c813e814da2.apk

  • Size

    15.7MB

  • MD5

    f8e48ddbe13dca9f7b92d1835fe1249d

  • SHA1

    9403a59239e6123253a5ae2caa111496fae55c61

  • SHA256

    20a9749e2f0914e69ed9ccd2c8576818c801376fccdbab3ed4831c813e814da2

  • SHA512

    74186310d0229d05b483783a2e08f29a6ccbf192a4fa69108c23b58104d6c5d85c1d9b9e5755ca16bc1839a1d3f20731c9c90bd09b65eea5f3419945519dc848

  • SSDEEP

    393216:Sc8sYF26P48qGuWyzcMjWZz3Mkw49rEpx6ePr7e:Sc8sYF22u/gMjWd3MkworE36ePW

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Loads dropped Dex/Jar 12 IoCs

    Runs executable file dropped to the device during analysis.

  • Requests dangerous framework permissions 16 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • com.acp.main
    1⤵
    • Requests cell location
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4244
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.acp.main/app_push_lib/plugin-deploy.jar --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.acp.main/app_push_lib/oat/x86/plugin-deploy.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4272
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.acp.main/files/Main.apk --output-vdex-fd=72 --oat-fd=77 --oat-location=/data/user/0/com.acp.main/files/oat/x86/Main.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4352
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.acp.main/files/Kaijiang.apk --output-vdex-fd=101 --oat-fd=104 --oat-location=/data/user/0/com.acp.main/files/oat/x86/Kaijiang.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4448
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.acp.main/files/Query.apk --output-vdex-fd=76 --oat-fd=97 --oat-location=/data/user/0/com.acp.main/files/oat/x86/Query.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4473
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.acp.main/files/ScoreGuess.apk --output-vdex-fd=103 --oat-fd=104 --oat-location=/data/user/0/com.acp.main/files/oat/x86/ScoreGuess.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4502
  • com.acp.main:bdservice_v1
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.acp.main/app_push_lib/oat/plugin-deploy.jar.cur.prof
    Filesize

    202B

    MD5

    9b615d88f9c39e12c46e1668b2bdac16

    SHA1

    334bf12e33e268c47769197d156d64ee1d0cd45b

    SHA256

    604ba6e3c35f60004586e8749785de9c85b50e635de87e3f7b16f21b963e0ab9

    SHA512

    aa59071b263ccbc45335be60ca7feeda9262ae8c50f4b574696bfea2394d36aed6af03dcb6473d2f00f9d48e572800e4809bfe7b0c5a508460d73de7f098051c

    Download Submit

  • /data/data/com.acp.main/app_push_lib/plugin-deploy.jar
    Filesize

    213KB

    MD5

    e70723b8f6c4c7c09a6019733022cf53

    SHA1

    e3ca32166c65e4dc73c21347ab22d54a7b5a9a83

    SHA256

    32d35cd80b0302e3fcdd7349b4ff9a7b689ce080435109607ff79a834ff710d5

    SHA512

    461c0499193c5ef5aa4e2e5d358031e7d28c98c8e1e38d22b710271bf3b561c28232bfaadbc2c275357e31b7b0ad6bca798008328ac3cff3701c1c9cca2ddddd

    Download Submit

  • /data/data/com.acp.main/app_push_lib/plugin-deploy.key
    Filesize

    174B

    MD5

    1ea8459a688352c3573a8e80727c2644

    SHA1

    9b47864e96eed98798a6da2b8860c8f8a68f089e

    SHA256

    be2c0f9e472138a78d35f29013fc43dfeae991806dfebbc5be5c8dc86b8a1093

    SHA512

    99a26c03e760fdac91546a47e18e58851996b7e38e93812a6be23f1eee64370323ac492c4c224bd419d91566356fcb8eca3989ff4f2ce41db3d16301fa9dd75f

    Download Submit

  • /data/data/com.acp.main/files/Bet.apk
    Filesize

    4.6MB

    MD5

    0ee2e2ef2cc4ac6fd3e9ce335a42ca54

    SHA1

    412f48ce97c344e425d077470fea4ee4a2925695

    SHA256

    98ea4e6b79e09bdb3473ab18c87549f0db4c6aee7198808dc3eba4e3a4dae512

    SHA512

    b88f9b1964252b0b45b32e667cd811a5079beb3fb7b0c3c7494c8c8e6734327b598ae5eeb07f197a8e947e508eb304a907ea3f78877a2a4c58bdb1958b6eaefb

    Download Submit

  • /data/data/com.acp.main/files/Kaijiang.apk
    Filesize

    453KB

    MD5

    8c13553ca168b0e70fa02a154efe147e

    SHA1

    f8724c92f5415afc4b1e7b0e2e04018f0efa4836

    SHA256

    8f50aee0b345688b7239aa4a9b1e6c138c442b5dc167cfc6c943132bfc5bb19f

    SHA512

    22af723f7dd1e3d429e362c4d0f1b1e56387cf3bbb577edb40600d828d9e1c09748887035d1bb8a0df60e9ee8bdb1d293af6395ae735f5bd056b7be6e2a8524d

    Download Submit

  • /data/data/com.acp.main/files/Main.apk
    Filesize

    92KB

    MD5

    77bbf2bdfd6b5c145f5ac68e211a0292

    SHA1

    e5df2ed2faa41aa00c753291830d44e24066824d

    SHA256

    fd088736c94ebe7f194f81dbf36a0531ca93a5ee3159a13b14729df9f6c01476

    SHA512

    1771cdee95183567c9d6f090d40cf65cb8355160799ff18db628d2c56ecab29c55535887b560a85934173f16e138c8957f92c9deb333d4bc00a6771aa9256f53

    Download Submit

  • /data/data/com.acp.main/files/Query.apk
    Filesize

    537KB

    MD5

    7869d5f28c808b7dbe00a93477db1c23

    SHA1

    30cdfdf96a20270e7614d4d117840693dfd0a6d9

    SHA256

    a4fdde8ec2430027167d1b1be6febf64434fc63ea3e02d932306112e77fdfab7

    SHA512

    61dea52cdc44d2163cf36e52e700c3345ac83351b07bbc74835afa3fde0a2845b3ca733be4351c6c215356747e36f1b4ef847412cbf21375f46a4bddd519ae8f

    Download Submit

  • /data/data/com.acp.main/files/ScoreGuess.apk
    Filesize

    1.9MB

    MD5

    f6b535f3f97f5b4528072fa5a15aa183

    SHA1

    6581d15643cc9a10ce422bb0b78e0971e12273d4

    SHA256

    ab710462a572f7c8456f868f960bb1f58e4555bea76e3687f9ad9c4919ae124b

    SHA512

    7059f97ad224bc94f734fb4f2f8801d2dbfb5ead2c6b4deb05d1a140e76cc76dc0c0688fce527a9ac42323fca2a5b313a0412b576589ade6a58c65a0b25128fd

    Download Submit

  • /data/data/com.acp.main/files/__local_ap_info_cache.json
    Filesize

    2B

    MD5

    d751713988987e9331980363e24189ce

    SHA1

    97d170e1550eee4afc0af065b78cda302a97674c

    SHA256

    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

    SHA512

    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

    Download Submit

  • /data/data/com.acp.main/files/__local_stat_cache.json
    Filesize

    25B

    MD5

    2d805b13f2f28dc3ca9bbcc000f49bb5

    SHA1

    9eac165b4d81258fd3967cde5cc53b53b1dabcb1

    SHA256

    c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

    SHA512

    5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

    Download Submit

  • /data/data/com.acp.main/files/oat/Main.apk.cur.prof
    Filesize

    658B

    MD5

    70408e1dd3b54dacb29650fbb3083f2d

    SHA1

    ec8ad317e50a2dc5a3417560f14d2e0cedb1f666

    SHA256

    b658a407d8592523135af7291f83a516b8390e37ce93706d43ba1daea6e1841d

    SHA512

    5ab2c5234c7fd380779d494ef55194e48c4b19f19eb8ba227f49dae76baec79504be2332b1edb2f1adf5a2bab33003a8ca1fb91ee30b08333658bd17468d4f14

    Download Submit

  • /data/user/0/com.acp.main/app_push_lib/plugin-deploy.jar
    Filesize

    530KB

    MD5

    5597a541eabd3fb792c581587550dc4a

    SHA1

    6500b0ff20c75717e1cb67dcee76b4641a4e8a35

    SHA256

    473b02216f8d2b5ffb26571e51ff322e3ce04ba45418408452bea103576ee8e2

    SHA512

    39b4acd82f67f11140cd1b0b4291e656a4a46ba63064509977f3f1de24a931dce83964f031e16ccab95cf0540ac5f613ca87d7665ce99f1c1ee4a0778e2c19e2

    Download Submit

  • /data/user/0/com.acp.main/app_push_lib/plugin-deploy.jar
    Filesize

    530KB

    MD5

    bdfa71feb08b80b649fddcd7488b03b4

    SHA1

    bcacf11199fd2c353034a7271b5dbfe2dd4cbddb

    SHA256

    f8bd07a7afce2d102976afaadd33dc70336a0b06682ac8d6fe9544a08d086d1d

    SHA512

    37dc848b995def498d0c832a76ed0ad429db18f26a5e9659c2b77a63bff555560160b6be4d22387eb529b2291bb27ae21718ddadb315bd1aa4c092d6330f049a

    Download Submit

  • /data/user/0/com.acp.main/files/Bet.apk
    Filesize

    1.8MB

    MD5

    eaf2c828fe26eb33a000ddf7db8e99ef

    SHA1

    e13397f46790407d5530957816d999b23efd682d

    SHA256

    09bc00d642a26708cd8db701e16ff875af8f5d2d499675b0dca473784a3ad095

    SHA512

    3cbc97ce1212324651f1d6ece75333192a90ba6ef48d33c0046de5e7a0b9bce2c5c092577a09dcff455445efe15302cac2790fd2a2d274b6d66ed0c396f3ad17

    Download Submit

  • /data/user/0/com.acp.main/files/Kaijiang.apk
    Filesize

    232KB

    MD5

    f9dc2a8d7b54767b63cc00240c1c376d

    SHA1

    1d382d09e86b7a94cadd55b852b20fb18d9c8e9e

    SHA256

    5dfbc68dc6b266b205faf8e5ded2df73dfd8b7b1725ae2ec44a39e173fce9946

    SHA512

    2d60a6f9d9bc8c8b2bde9d8d6b99cc077048891912c056d13395e12fb0a028cf28a23221d24e2fccd4612a750681665b9f41573c0a0850e365a4c1d08f0e31e6

    Download Submit

  • /data/user/0/com.acp.main/files/Kaijiang.apk
    Filesize

    232KB

    MD5

    23b00fe86a75762999ff6a542a88e050

    SHA1

    c8588d1ced63d2a0aecb3060b9a9f9a943f0eb8d

    SHA256

    0865a78f504ce9b1d2859659a4d2d91cbc29b35ba47f1aed8efe122cdff1a544

    SHA512

    a03d3ee0629196502f2bbd673d1086f8ca1d69e653acd2383979c6d28139a345409cec419fd000114cbbd956aabb390288c8b7970fead0c1b70b0b3a7e6456f9

    Download Submit

  • /data/user/0/com.acp.main/files/Main.apk
    Filesize

    2.8MB

    MD5

    864b5f11880593c8ec370eac0414f79d

    SHA1

    a11cedbf783dd054448d44aca591e8feaf633c17

    SHA256

    c1a83b2c55eff3b961d57be9285f410c14ed7ad3d5bcc89af1e4e752d5fe9257

    SHA512

    c226347307ebd51cd4ae4263e35182f70078118db3150d9c5c4df67e97dad10e32e4e8949b319283f6d43e5fa3208eebda03809e2ed9d7b01c60c7c2e2e7323a

    Download Submit

  • /data/user/0/com.acp.main/files/Main.apk
    Filesize

    2.8MB

    MD5

    93b6482530714375c686e71a046546df

    SHA1

    0f796692936ceaf8aced4257beae5b0a42535cc6

    SHA256

    aa61cf55783bc0ae58768544f49ebd132bf37986b4989e44f09917c24340d45b

    SHA512

    e55cbe94bf9c7a36668c62b5aa67d83715c5fd1c5ffa8952469acd19a7b51e74208d72351353eda382e049af0992b9f362d41bd33c694a949a28a4ed54a43c0c

    Download Submit

  • /data/user/0/com.acp.main/files/Query.apk
    Filesize

    296KB

    MD5

    1e8d42ecf73a416d5878ee1937e98812

    SHA1

    a0d5c0b19477eaca6c58a5309f56ff28bd4f01c5

    SHA256

    0db935d71550b4e451660bd7adadb764614e092b8b17d44b307f73d78abb1be6

    SHA512

    d1cdb5fc1108ace075e2fd7a02a5cda91a4c28145687ad7b0ab315da0eec8f78388fd03650bc76f4dbbefd40fef28c73513ce0b51114b9d7d398484ad0a9ef4a

    Download Submit

  • /data/user/0/com.acp.main/files/Query.apk
    Filesize

    296KB

    MD5

    75b1ce714096c8de0b341ed9d7c7a01a

    SHA1

    1ca48796beda58f025208468ceb8eaed4fd023ad

    SHA256

    6fcc1ed7a0ccceb7599b06cf8ea259e1e8926b4f2e90ce74956ee831df3bf56b

    SHA512

    f923b3851cfe53369e0b8648ccb6d75cc83245185265e3c6b5e8a91b0fb4ec53c10adb615b4e31ff551852f9ceb719489da905b6ef5c232fbb9647202da4a5f8

    Download Submit

  • /data/user/0/com.acp.main/files/ScoreGuess.apk
    Filesize

    656KB

    MD5

    f3e5a3c07a9f13738456f4e5db01afd4

    SHA1

    854505ac61cd39906fd8fa5e209a307f4aa6acf6

    SHA256

    781621c3a4755cab5bf97c02841e8e48a7143852d08f0431870a8dcb3bdf85c3

    SHA512

    d688a4ada591e1e684ae8f1a763fb469eefe36ef248097199316a1759562f78ad843ce91904d52e5242ed43ca75a48b24548f97a82d46b22c88f18e85f11da93

    Download Submit

  • /data/user/0/com.acp.main/files/ScoreGuess.apk
    Filesize

    656KB

    MD5

    8b2aba36ab97e3066e8e64810b834de6

    SHA1

    2359a19f8db2da97bbfcc79b6cbb58b37ff30435

    SHA256

    f97638b454a85c1ebb99e5b423367cd75fb6c9994fef2be1a2bbb7b36b0371fc

    SHA512

    57708eb9dc03738fe33e86b30cd3dc2bf8e387c9d0ff74983f5f0c6ba1d22eca2b62528817bc795df20925a761136360c136b462c11b2630f3a3e5a921f1fb42

    Download Submit