213b77a8a879290d222190a242d822b733fb7f41bd462689135b1128b66714b2

Analysis

max time kernel
2535630s
max time network
159s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
23/12/2023, 13:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

213b77a8a879290d222190a242d822b733fb7f41bd462689135b1128b66714b2.apk
Size

13.4MB
MD5

68321d25df03ea2c96b9a3e34b20a9b3
SHA1

6baed798a5cf3ccfaae90d3f5a9ff97795a4db2c
SHA256

213b77a8a879290d222190a242d822b733fb7f41bd462689135b1128b66714b2
SHA512

569d3c266391d76e8e21fc215e129ae6523405aee615c0a34055b047a6b413f7a89b3ac6b4a9462d8615b99109f8d4940a1c37f4aa5ccc343c13e296ab5bb6dc
SSDEEP

393216:JRhHL+2OtS9XUkLlVOHBo9GTeNBflpuuValtyUKqvm:8SllVOh4GSNLpQNm

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.amahua.oisdfjku/[email protected]	4629	com.amahua.oisdfjku
/data/user/0/com.amahua.oisdfjku/[email protected]!classes2.dex	4629	com.amahua.oisdfjku

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.amahua.oisdfjku

com.amahua.oisdfjku
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4629

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.amahua.oisdfjku/files/.jglogs/.jg.ac

Filesize
40B

MD5
838ead1a00b4e0605d530d25a9fecf64

SHA1
8e4d1e96942499b77377fd66ddb05f1f871e58b8

SHA256
57178828befd3358cd743d1a5ad338692c8408d5313b6636ccd4af1cb1c697f0

SHA512
4d38827f4775e32b52d933e51b9817600d067ba2b24358bd8f1c58c0fed31784786252ce54c029d81fde0f2c1a92ebb50f0993055df2483ed021978f90b1aa7c

Download Submit
/data/data/com.amahua.oisdfjku/files/.jglogs/.jg.di

Filesize
340B

MD5
347a5476a77c5684d6d01252d2601edc

SHA1
6ea620271b4f69baadbf5d228fd3f6f41fe5a717

SHA256
851a85b24684162a6fed1719f7a1edcf7fe2a64fc3d4c98611e5b93c011107a5

SHA512
46523a7dda90ad7b5f368d0c8be1972fe30f1110625213012aa98b7987956a9898e926b05c33c7977e06e2d282d911e00ffe2f2a7434b88e83dc8e53ae9c553f

Download Submit
/data/data/com.amahua.oisdfjku/files/.jiagu.lock

Filesize
27B

MD5
69eb24f5a970256c9360812b48b0b25f

SHA1
4ca2d87da404e5aeb0e783a073e6c8d07f3478cf

SHA256
03101617947e9b26227d96615361d8cd1683702c56f48614bb3767ab59391597

SHA512
f22a2fe54be9e0ba8d5d3d1b66a7364ac7f45cd3fe93f878110f187cdcb134f31051a6d1fadaf0315e6c846fe6cfdb43318ab5341a9fc9b61edf2d1951e2b00c

Download Submit
/data/user/0/com.amahua.oisdfjku/.jiagu/libjiagu.so

Filesize
480KB

MD5
6e8ea47d2d8500b7fb8855394fdf0526

SHA1
d3c719bda605cd787c4acf30507edb76b7fb6070

SHA256
cc3b55086867ed7136d474a21b1359f49e6afed3b74fbb4ba5f11b36ce1f4d46

SHA512
385241f905c46ead517e4e0bcaf2fe00160ba0f7f40c6926ba288bf41d46e77a8bd63ec0a97d57a5b65cf6fb1f93b5f86f51d9cb24809ae934ebdb2fd49c0b70

Download Submit
/data/user/0/com.amahua.oisdfjku/[email protected]

Filesize
5.5MB

MD5
c7a337e789aff3aa896f35371f0f68dd

SHA1
dc81a55a9d5e8f3425b3a7bf6003137f3b496b6c

SHA256
2c880a88eba787d5b5338a496b7741c7e5a3df163be46396717aed92098f5e5d

SHA512
500b53cc15b65af4b06cfcf0f5e20565ca85abb7f9d8dd00cbae9b485996c70aeb32516ae140be374e78792d751090958b72e41558eb9d37f620ad0f2b164f63

Download Submit
/data/user/0/com.amahua.oisdfjku/[email protected]!classes2.dex

Filesize
2.7MB

MD5
1d01a1eebffac27969fdae48a9d4605b

SHA1
9e880932b861692ce3b1e60abdf80ccfe6f6a6cc

SHA256
ffcf3a677612a8c700a411862deb4ac086c3aa367f6aea47db8f2a049921f593

SHA512
7a69709b6f75b9fd32a1666191a6c81a0a71662e8217aa937f05cf994b85edb1f2f0596b9f799cfc248985aaad439281d3162444843445983202df8598598d1e

Download Submit
/data/user/0/com.amahua.oisdfjku/files/.YFlurrySenderIndex.info.AnalyticsData_95KGCGP5K6N9XRQ88FVC_281

Filesize
88B

MD5
4ec978271945e89b16cd642b3b84823e

SHA1
9dd7f8cf15787afe6315379f865b8fd85b8fe14e

SHA256
4198f83541f953ade6daa5c43c293570a59f64286420e1c571e7b66fd0d2b8ed

SHA512
b5de1b8e25e94ed8aa46648eba7b84a685cbc83c5d46f4dc1056d067608b39629acb3a13af17a8a880f3c14aae36294d3e61bb21fdad00535a783850789c2f8d

Download Submit
/data/user/0/com.amahua.oisdfjku/files/.yflurrydatasenderblock.a158bc76-6f60-43a1-bb89-24b4563c2a44

Filesize
327B

MD5
c55b7260aefc582d7379bf41bb7a58d1

SHA1
3e5c28e2c799ecef769db57d9ced947693b71915

SHA256
5b17e765e714414cef03cbef846d6235f12b92fec9986118a7e73ecbd8c0f1e7

SHA512
e1461431064a7750b82bb03b717224f3769b61b26f10c2527f69d8e0673bbcfffe9953fdcb08975c3c6eed96eb6c19a7814e0dab3c2a71bca8268da8938baac0

Download Submit
/data/user/0/com.amahua.oisdfjku/no_backup/.flurryNoBackup/installationNum

Filesize
100B

MD5
de752a00b45f428c66c2d3e7ab7bf250

SHA1
4ddfe1008b26f5bdbffc1368f089f26199528cc0

SHA256
163f6bad98bc5945063cfa3365241a2941f5a3209d047cf0f6e4a45f821d5886

SHA512
4bcaa0b1ac64a38995db5910a176e9381eeb1a416a150a9faae70df4a5b3cd14c07736a56350cf11dc210411575d60c31e51b7c01e5b036fc3138244355d7002

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads