Overview

overview

7

Static

static

6

20acd0eb3d...31.apk

android-9-x86

7

20acd0eb3d...31.apk

android-13-x64

7

Analysis

  • max time kernel
    2797103s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 13:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    20acd0eb3de56cc522f9e4acd22ad586deebf143c0a6280fd58c16c67ea78631.apk

  • Size

    19.7MB

  • MD5

    d0ab463416f5a2bb6713ff0540a8ff02

  • SHA1

    dbba790966f68b9d7c6254f9be93836716f6b1b3

  • SHA256

    20acd0eb3de56cc522f9e4acd22ad586deebf143c0a6280fd58c16c67ea78631

  • SHA512

    982af3b0970cfd8a316eb15daef8d10b993931425cb2f12770388f9cb70595fa43fab3db42e2cc71dcfbcc69aa7c9290b47e215aed7cb297048c31e025462fe5

  • SSDEEP

    196608:IA+pi/GOdylF49dwrBHDRnBe/vbtDChyf/PV3RVbudd1uhwJdXe3Q6+/XFu6w6VW:api/GOslFy4Re/ZDndsdze37c1uXv41K

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 6 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.mty.android.kks
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4250
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.mty.android.kks/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.mty.android.kks/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4283
    • sh -c ps
      2⤵
        PID:4363
      • ps
        2⤵
          PID:4363
        • ps
          2⤵
            PID:4423

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.mty.android.kks/.jiagu/classes.dex
          Filesize

          6.0MB

          MD5

          617a362080baadea4c1b1a1186ba2ecb

          SHA1

          eba846975e756d60fff3482ef3f968ef5fe49946

          SHA256

          672eadd2c1442a75d1bb6dd215ef877473511dd04a2f3ca762255859e848f090

          SHA512

          d734b309af8e371b9b2ed44dbd0bbef39b1980700ddb5d08b3eac460fcfa58412baf488f314d9a826c6d26a52f68006d5e1dd1213664ae981d2f8044e9c5e912

          Download Submit

        • /data/data/com.mty.android.kks/.jiagu/classes.dex!classes2.dex
          Filesize

          6.0MB

          MD5

          762aa8d052e3ac2e27e0074ff1b1ff2a

          SHA1

          f5019a0369111491c3e629bd65df730dd1151cb9

          SHA256

          26300f6351aedf8653b91cf8fdfccadde7dd438add86be17b8e4079413bd4d2e

          SHA512

          dada63ed814065ca3b39f643cc30716337a04b8f9a4cdad3f06d2e1ee5bda91acd6be597a10da3b54a4c64ebaddd8b1777c37a217c247bcc89e789d910ce5989

          Download Submit

        • /data/data/com.mty.android.kks/.jiagu/classes.dex!classes3.dex
          Filesize

          856KB

          MD5

          1197d1c549272d5057d9ba55ff785272

          SHA1

          08609abb6ae40f709822efb534703d147f175ac1

          SHA256

          48c95d2a958a0cbf44a52e56426756c42bddacc6dc0f0c960d6dbbf898b96c86

          SHA512

          04f3e08b52b40fffe1ead64ef26e2b0aceffdc1b0e134b59e4de35f1218fcb29ab08d4dac301a79119788133942f65995d8628fb2ff2c1a4abaf280b364a8b08

          Download Submit

        • /data/data/com.mty.android.kks/.jiagu/libjiagu.so
          Filesize

          485KB

          MD5

          1da618896802fdb4b6f17c92703424f4

          SHA1

          b48aa81ac014a5a7f6e95e618e4f951ee12d34c3

          SHA256

          2cbf986b5e1357e00347d75d6f631539c0f368208079df36bb44603ac4e6973f

          SHA512

          620a06d8df24597467318582a12bce45e2e2cb66069ffbd6fa27ac5a164c58398ddb9c2348e6ef443272a22ca85fcfa03439d0f0f22109a93708d562e0737cb6

          Download Submit

        • /data/data/com.mty.android.kks/.jiagu/tmp.dex
          Filesize

          284B

          MD5

          f1771b68f5f9b168b79ff59ae2daabe4

          SHA1

          0df6a835559f5c99670214a12700e7d8c28e5a42

          SHA256

          9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

          SHA512

          dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

          Download Submit

        • /data/data/com.mty.android.kks/files/.jglogs/.jg.di
          Filesize

          340B

          MD5

          9492e2f4bf715c2bc0d29d8eb0fa3705

          SHA1

          9fcc6a0f5ed28a2aaa2180a0d1d25f8f193d89a4

          SHA256

          b58e0976f7c18e2bed73fd567a945a22477ba7c9fe1942d15c6d1f4cd7118ef6

          SHA512

          7c77eeed768f5a764f9c43fd4c68e14f904be10419caa8fb25ec6643b1a250435b2705aed5e189c35ce4dfc9e1fcaae4b9bd0b161b8ef0a35bb76f5baf896dc5

          Download Submit

        • /data/data/com.mty.android.kks/files/.jglogs/.jg.di
          Filesize

          340B

          MD5

          43d9e0eed924d20e8a4c1c0d57874fce

          SHA1

          51472364c3d9451977e7cebe9b7de3332501c387

          SHA256

          80b56586c815208712e9782f010a522626fcbc1a096c075ca2ee1f9afd087c83

          SHA512

          c740d7e443edcd7c5680f699c355d8e6866ef0c5ac92d8d1d43a31747f440ffab6f5f1a3f96b3bc3ffedf6dea43224c8e0f421466108cb1cdb6d39160ed82386

          Download Submit

        • /data/data/com.mty.android.kks/files/.jglogs/.jg.rd
          Filesize

          73B

          MD5

          adf52dff8158fd567b3e27b481acec9d

          SHA1

          4c9273ee47ea64bc0dc61966e8291208e75f49c5

          SHA256

          fdbdb9658fca57c96ecdf16ac70d6f8c411156f359450ea5bda14d12e992f7e5

          SHA512

          91b2570cd172c4b0fc98d6b5043a1d45228eedd050bb98e60b1c2d75b271d79c6d534c49ed2f369aec358b52fd16a118b69d35eeb2ec7cbefcc489b4cc94b509

          Download Submit

        • /data/data/com.mty.android.kks/files/.jglogs/.jg.ri
          Filesize

          314B

          MD5

          75d618b570449c8230b27c0d41b71070

          SHA1

          ae086041a4c7bcbc611c5791de8c87c70e08b936

          SHA256

          291694d961445d77e58a920bf8400bd78a7d5f3b2952b102ef855b80a8ccd0d5

          SHA512

          47873524b10d32bf9aafe54d6708eb051707bc9311a8dabb7b8a2b81714ab41c31421fc5f615fdf215a78e230bcc572b68a332ea84040d40d1f71126bd816a3b

          Download Submit

        • /data/data/com.mty.android.kks/files/.jglogs/.jg.store
          Filesize

          127B

          MD5

          6c7258f4b4436368a5e18a37d61f424d

          SHA1

          1ae449cd948f92643f23c05ed4a8a5ca44af96bf

          SHA256

          da46d6ca373af3d412bb17f5dea86eab7f05a69bad5979ae75cc8d0692b85b36

          SHA512

          cc3a93a6d9b361fb0a0108ae6658fd1cc95f12c01725b5a2a13a6c0bd6757ca79c5fdce9ddd332c0f02cdc7e5337f17a3a8a4a10a48dfed8c70fa7ccd5e6dfa1

          Download Submit

        • /data/data/com.mty.android.kks/files/.jglogs/.jg.store
          Filesize

          32B

          MD5

          448e391c59eef34ee1defbe4dee4c41f

          SHA1

          df1f890987371d7d8e6963c68b787856e42bc146

          SHA256

          55612e17689f4bb05f27e18b4f6d06ffef92a6a8893a5cfdd3d5b99a6028b549

          SHA512

          ce336ce895ba861dda7da27e8869dea065eb3c3403cac55cdf1935409e5ebc95b495370f87ed7416af20af533b15615472e333ae9f2fd2713040f526835399b7

          Download Submit

        • /data/data/com.mty.android.kks/files/.jiagu.lock
          Filesize

          27B

          MD5

          9e89e81343da5dd0f874744fa9a9b2fb

          SHA1

          5ff02069c01560d3005bfcf179d76b3f36f0d364

          SHA256

          f17846ccace12ca67b1b7a24157bce0b395ed27ba95d7db39c60d86f43592a11

          SHA512

          c9dcbf1c671b080446b66d2fec46d7b4f25a0f2397690c78331c1fa8520b4b51e1332edd074f1d25cd104a818a375dde99dfe5b7f0d8489bb5b3f4720ee9e48d

          Download Submit

        • /storage/emulated/0/360/.deviceId
          Filesize

          48B

          MD5

          1d8d16c4e3b19ebf18988530d9b9a757

          SHA1

          bc94c1cce05cd848a53271ecb9c5311e27ffebf5

          SHA256

          abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

          SHA512

          4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

          Download Submit

        • /storage/emulated/0/360/.iddata
          Filesize

          32B

          MD5

          77e5bc74484b4d92103cea83a6536570

          SHA1

          0e9254429211cc2f8a212bce8fb4d44c6f7a9b15

          SHA256

          5fdd76e3bd8890b66a55168c16f8351d025479fe49c462411f1c100572096c58

          SHA512

          1be1864de78214b831fa7f76bedf5191d36be30c1135c22e97bbdc3a6c7abf51dff051e685616c6e51c201362429642eefa4a2708893d5ec34d4edcd1e3b7330

          Download Submit

        • /storage/emulated/0/data/.push_deviceid
          Filesize

          32B

          MD5

          84f7528fa1b592dd29422a0632864ac2

          SHA1

          f17ca45fbadffcd7a547ba7c4e0fb1d97dde98a9

          SHA256

          5220a595aa6837eb003e0ed5afea8dcba41bd503b26d1d28620bf8f71118f92a

          SHA512

          83c08a538822639bb90a5d794dec92a5680de4c3440e225530dd7ac8c66e9820e1f4f3d2b9da151d22f4b77b5832e6aa30b1e78707164a8c1c99dae313087c4e

          Download Submit