35e0d313f3f0aab3f903352a5f8064e01cfc267c738b477ce3eacd72a45189dd

Analysis

max time kernel
2864409s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 14:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

35e0d313f3f0aab3f903352a5f8064e01cfc267c738b477ce3eacd72a45189dd.apk
Size

23.2MB
MD5

ec3722d6c72f11cba3e62fcd0040733e
SHA1

3df4351d7fc72755684bb0ce7ffe15552f14872f
SHA256

35e0d313f3f0aab3f903352a5f8064e01cfc267c738b477ce3eacd72a45189dd
SHA512

e72998287046270a745f061f70d669a1e2d7ea876551160e67136c5985e510e1f01d34634188e372cbd72b8c81a18ad3752700325403fa306cfbbcf37c9ffce0
SSDEEP

393216:GEhQFcJJ1Q7mgRE8FMGOxfDJbgJ01roqzzp5VaDPO3p8yNbKysVgt+MK37rd:nhc0H5CEWVOxfFb2kr5ireKyFKVgEM69

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar	4239	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar --output-vdex-fd=46 --oat-fd=48 --oat-location=/data/user/0/com.qingshu520.chat/files/beacon/comp/oat/x86/1.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar	4208	com.qingshu520.chat

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.qingshu520.chat

com.qingshu520.chat
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4208
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar --output-vdex-fd=46 --oat-fd=48 --oat-location=/data/user/0/com.qingshu520.chat/files/beacon/comp/oat/x86/1.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4239

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.qingshu520.chat/files/beacon/comp/1.jar

Filesize
70KB

MD5
fbc9ad99563091d07cfdfaed823bcf3b

SHA1
906f5b3e984ddec5208bd01468901cd0262cc1e9

SHA256
d320347a935fb3a98ac3858cb55a9193965cd5f9b04ad97838fb493c612d1010

SHA512
ea259833bf55b9174f55b84ab62aa9a586287e0c1375f266668519d8ee273c7fb5c7419cdaaedcf1ea40c758531a65353d5c2a3083858d7c65f553b1f80149c0

Download Submit
/data/data/com.qingshu520.chat/files/beacon/comp/21.jar

Filesize
2KB

MD5
81b45de6a47986d607e660539f02e21f

SHA1
d2f1961e00bc48dfcbbf76a3d5648544e5812afb

SHA256
43919275b8694ddc0de13559603d2b8fefaf80aaab7a596d0617e324dac130af

SHA512
7e99792b4d6e6f0f35b4966a934942a1658c6eb27341905cda65adfc5d8aa496c33229f3bfdfeb7fb8a047e603bcf5463efa34c233800df723b26943f7c28466

Download Submit
/data/data/com.qingshu520.chat/files/beacon/comp/9.jar

Filesize
5KB

MD5
07e7f8974d3ebde93b2d85aca8d96470

SHA1
72afb51e234cb6f6b99c50739b2b73d0182d78e9

SHA256
15c5291d63d9425aad8a2374804589ae6a0d377af59319715f35e09bd7fd1674

SHA512
cab58123d458d3b37880569b5e6b40dfd711a4ce259a17292a02935c885866e440704f8075cc2485108c425b79ff7fd032fd7bae6f09264fa5ec9de204a61a54

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_deps

Filesize
292B

MD5
1826bbb346662514649ee8bd82476123

SHA1
310a03aa569c341c47e516c59beea5cfd2b70cf1

SHA256
4a3941517bf85891f21d3e693a0ed634a0af2832ff831353bca30f799bd592ad

SHA512
080f21657734a68e7a7472a8156dbe70450dee74b7750c2505649e6c5edd7e30c2dc84518379c5be766e113db280b1439ccb6f2d8afdc6f1090c4c5dc71bb0e4

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_manifest

Filesize
1KB

MD5
12e4ea7cfa4da5f515e1846c84bf3acc

SHA1
6d6a64ff5512003d56079176c067f8ec790e2112

SHA256
3677926fa57d1286ec9c2f4fc5c97fcb078cfd3d7d39f27fcaa2d68ccd0db06c

SHA512
b6299ca3aa8e6e635f8c199779ecba5ed1a56591b4fec677fe931777f1be8e4f8c0c4e2d56d9ffa065e9bf96959b171ea47f6d121eac025bad4409cecd11543b

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_state

Filesize
1B

MD5
93b885adfe0da089cdf634904fd59f71

SHA1
5ba93c9db0cff93f52b521d7420e43f6eda2784f

SHA256
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

SHA512
b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

Download Submit
/data/data/com.qingshu520.chat/lib-main/dso_state

Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/data/com.qingshu520.chat/lib-main/libBugly.so

Filesize
141KB

MD5
1c70f8fafd4617a603b00eac5233dd3c

SHA1
b30e472514367b91518b3304971a6c9b87c289c5

SHA256
64d4362d15c363d281f5569a40c1a8e746b20a5aee08b1d3f6c8618e00252969

SHA512
75c7438e8d7464b9cde1dc6b79c62f40ec8b906875adc8321ced86447eba698ff38aef62c7cf225efa89d01639cee7a9475c2b3f97c8ace6dd091ac65950a96b

Download Submit
/data/data/com.qingshu520.chat/lib-main/libQPlayer.so

Filesize
390KB

MD5
ecc7dca4bf1fb69309c3a5ab01721022

SHA1
b2955bfd302705b1dcd1a3c8602c58ad10fe8503

SHA256
890fbc8038bdd1189426de5e56cadbe370cfca543d68d7ea19fae08b65ea03dd

SHA512
341264cfea2f03a17819df82efe6f19b7a6e7df7d5c52f909a786fe69c7772e4b1b9684ee280068a863c4995255d91564514688f958b144b21b74ec05435289a

Download Submit
/data/data/com.qingshu520.chat/lib-main/libavcodec.so

Filesize
5.7MB

MD5
9f1223502338f1680c1b9f887de91ae2

SHA1
cd928cfc805ae47e510e641b3d342b9b632fde63

SHA256
8b1de1ae8ef2268340ef3c83e9b488247eb29a5314c702e3f5471e7629bf158f

SHA512
58305b78cbf813db3de601ed87b68383fc7ae6c61d91440eb200612fdb6d2c1be9c680ac516dab310a8fbc714ba8e3aa436a23bcbdffe8288d10cd945ccd7888

Download Submit
/data/data/com.qingshu520.chat/lib-main/libavformat.so

Filesize
1015KB

MD5
95858ce09859ded9b9d77665e25d1b49

SHA1
1e9f87e50c902d7b37fcd4e5457f9efcd7608899

SHA256
49919cb937caf9a9af67b977eb1c1e893ccf145b4bd4878bfc16fbc495314d33

SHA512
509b469ff86d21fefa579008e4a73cd295956060a22f07b5991440d8ab2d43db9667a61065d81ebeb1f96ef3c100231604568802bd625124d7c981f512558450

Download Submit
/data/data/com.qingshu520.chat/lib-main/libavutil.so

Filesize
249KB

MD5
6d89546b9b4f21907169272d34301ddb

SHA1
3bece0f6d4ed1340a0204a66b4c7ac7340c62206

SHA256
7df0e3dce972509f75dc569885cb9dae13af1a5f57b5889cdd5782fa8383d33b

SHA512
82d8341a10f65c69d0f00ae057a7787d929fafb3ee8e9c73d5e4e4e4ba2535faab82d9d0aad1f3ab74ecb6a89f8e12a2f87dd1feb19fe8741873ca2e55cad315

Download Submit
/data/data/com.qingshu520.chat/lib-main/libffmpeg_mediametadataretriever_jni.so

Filesize
49KB

MD5
1cd16ba815473fa7a3f3b0dd7739ce1e

SHA1
7d511f9d6860e519ae3b7cc6d471925394f3c088

SHA256
e539e7b86e7f22700d73055f5df0a96df7094a77a21684f7806eb6d7eb3c789c

SHA512
daf8aaba8e2277d269b257b0b7980aa7e3286425aed5c6cfe5b9b0a8a7dff694f98955a5a38aa469066a55e036f06790414ef755c18a132919840bc63f11cc67

Download Submit
/data/data/com.qingshu520.chat/lib-main/liblocSDK7a.so

Filesize
33KB

MD5
3a334bd0ee8562fe5ea137979c3da025

SHA1
3ed0d42733657f26a39ef39cc9f653b3ba448e10

SHA256
c1864e9f029d477609487e27c36a862f306a1077ba1ebbbebb8e88c882616d5e

SHA512
feae0f3633d84bffa6ba21214de2cdb2d9b0c0b41943625171e40c06883926df01c68655e0b2495f863d8e65a4dd383b82f506d0de0f0ba4ea4a87193c27747b

Download Submit
/data/data/com.qingshu520.chat/lib-main/libonlywechat_plugin.so

Filesize
53KB

MD5
3d7b0b2ac561f3d9f2e8b3658ef00a47

SHA1
726c6e3fe35c75596cca114499d0300267f5dc1e

SHA256
82999caf761218fc97717c8d7521381f47fae9028b1f3a7d2204d8e423440388

SHA512
bd79c5c11e65ce6c59021e216cb22e84cd1960c442b42089564eaa0579ca3e7f499d31def43993436bb2d17a4ce010f1420ce5051cacc92fcdfec9f0af9e2bd9

Download Submit
/data/data/com.qingshu520.chat/lib-main/libqcCodec.so

Filesize
2.2MB

MD5
78fb6510a4efbdfe4941c4460b26258f

SHA1
5a2f409bde21dd5296ceb698019521b81286be44

SHA256
8e9f366f4fc61837c3ab4fc26d0e4bf6e572a75f2db517bf284a77e094c732d4

SHA512
5b36a4d3a2cc3012c81131a137d3c7685be3045485be806ba8253de8372ace113f61c353ba184e5979126c0b636ebfdc7e3a7a783815fc0b855b772e4d72b048

Download Submit
/data/data/com.qingshu520.chat/lib-main/libqcOpenSSL.so

Filesize
1.9MB

MD5
965a504dada68cd8fb606841c6e3b4e6

SHA1
9c1594233c1f56d54b891649d6df54f3873e45f9

SHA256
b769f67db02f5267c373679add48fb6bffea346a549b5d3e846ec012e00a8842

SHA512
b65e7e8a91347542a8e25db3b1aba3eec7ec5f55cb18175725556bb9c4311f1af101af96c7f5c92d72292b6a9a1a3a04f8bdce34858d500307c59d7c93b12285

Download Submit
/data/data/com.qingshu520.chat/lib-main/libswscale.so

Filesize
317KB

MD5
b6482b64907448b8959ddfa4191de569

SHA1
4fb7ea8ffdef2cfe056b855786be94e303462c23

SHA256
38ca644a9d568438b5ae4780077d06701873e9f1005f6bf17900fbb7bf1cb80d

SHA512
3c256a9d25963b97c481170f9ec4e32c3fd05419bde3a83aa86180a402377877821c1137033ccf580c65f6f0e9fc2a481a8750d53b1ead3f2ef51f8056365cd5

Download Submit
/data/data/com.qingshu520.chat/lib-main/libzegoliveroom.so

Filesize
10.2MB

MD5
4baa8c82bd905e0eb2437da0fe98e7f7

SHA1
9b58839d0c03e3eb912133f6e12339519973b69e

SHA256
c72c87556a2b3ebdfaf1cd205b78802e333f889f571da30798daa2770127458c

SHA512
0be7690a6d4b132d652b359e81c3c94a4dd118f8c112f7a8be60542839afa2c39347c14ea8f5817702302d77b63c730227d3a7ff2c362b3528bf0ccf3b3afbeb

Download Submit
/data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar

Filesize
149KB

MD5
bc070e04636c3f0de3721556101b062b

SHA1
f573b0d0e09da82236dd82da38687c4fce74405a

SHA256
876b970e2a2556f34fa8431cd373d64d5c7faaf12a4b9fc35e482b1edf49933e

SHA512
d2037ce77671a4ebd64a71cadf20a51f2ab6501cc30f258305192d15f175a2c0c1df9099f0937932774d8a6c1557b484f1b33898cd1e76b8c8fe42264d6faee2

Download Submit
/data/user/0/com.qingshu520.chat/files/beacon/comp/1.jar

Filesize
149KB

MD5
400bed053ad682fd97b6b6c29ca56850

SHA1
6510943291adc21449784053910d1c6b3b6ac25c

SHA256
2d6b9d05d52ac688020ab87693a919766d3bf297206c73414e265e9fec20bde0

SHA512
0aefd2f3364f92c69e9421c0c072c61e5d3eb786cec7ac4bb6229af24374153f73fec537bc61ad16c838f489179c1d217ff40518832f9ffe5d9ce5c62ae31dde

Download Submit
/storage/emulated/0/Android/data/com.qingshu520.chat/cache/uil-images/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads