Overview

overview

8

Static

static

6

31b41c1f2c...42.apk

android-9-x86

8

BannerPlugin-1.1.apk

android-9-x86

1

BannerPlugin-1.1.apk

android-10-x64

1

BannerPlugin-1.1.apk

android-11-x64

1

CommonPlugin-2.3.apk

android-9-x86

1

CommonPlugin-2.3.apk

android-10-x64

1

CommonPlugin-2.3.apk

android-11-x64

1

ContainerP....0.apk

android-9-x86

1

ContainerP....0.apk

android-10-x64

1

ContainerP....0.apk

android-11-x64

1

FeedPlugin-1.1.apk

android-9-x86

1

FeedPlugin-1.1.apk

android-10-x64

1

FeedPlugin-1.1.apk

android-11-x64

1

FrameworkP....3.apk

android-9-x86

1

FrameworkP....3.apk

android-10-x64

1

FrameworkP....3.apk

android-11-x64

1

TAEPlugin-1.0.apk

android-9-x86

1

TAEPlugin-1.0.apk

android-11-x64

1

bdxadsdk.apk

android-9-x86

bdxadsdk.apk

android-10-x64

bdxadsdk.apk

android-11-x64

duo_baidu_5.8.apk

android-9-x86

duo_baidu_5.8.apk

android-10-x64

duo_baidu_5.8.apk

android-11-x64

bdxadsdk.apk

android-9-x86

bdxadsdk.apk

android-10-x64

bdxadsdk.apk

android-11-x64

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-9-x86

wpplugin_2_0_7_0.apk

android-9-x86

6

wpplugin_2_0_7_0.apk

android-10-x64

1

wpplugin_2_0_7_0.apk

android-11-x64

1

Analysis

  • max time kernel
    2851793s
  • max time network
    157s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 14:35

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    wpplugin_2_0_7_0.apk

  • Size

    1.8MB

  • MD5

    7c9fbd2a7f15b206abe818b866909d56

  • SHA1

    71d9cacce9a658996969ae15d90f29d5fe3653f5

  • SHA256

    37bd574c52eea9b2a6a29ed1790929da6c7380a62a7396e3930d2f8b576e46ea

  • SHA512

    030bb50543424687bbbdf9b51d353b52af4554ea67902da8cc042eeaa871bc8c805f968c0b698fc0b9e6d473d188d5f9d3d498b697a254a2a8e921d76f6bce3b

  • SSDEEP

    49152:dONlbwT4MtA8K87UpFBjyAZ1mE2BslCRJ0YqjyKZp/g2H:dAlbBnIi7OAZAvBslC0YqFH

Score
6/10
evasion

Malware Config

Signatures

  • Reads information about phone network operator.
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.shoujiduoduo.wpplugin
    1⤵
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4218
    • ls /
      2⤵
        PID:4293
      • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
        2⤵
          PID:4334
        • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
          2⤵
            PID:4352

        Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • /data/data/com.shoujiduoduo.wpplugin/databases/ua.db
                Filesize

                32KB

                MD5

                a53420389774cc6c145cb2ae098c8cb0

                SHA1

                6a6eb369b1a3d2a7911eb770e61e273950a79b15

                SHA256

                808be418b2c045e2a16cba4c4898ced88e305a29c7ba56047a5a5d78dc1be084

                SHA512

                351c2c8def799a0ac06c1973292c800f21f07368e5dd8009ebfd716e63e954b9bc3d2da04ff7d4a187de76f7258d91a537a823df7dfed6f54440e742f3f9564f

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/databases/ua.db
                Filesize

                36KB

                MD5

                ae79f278d21fbddb8e48204aed3a14e4

                SHA1

                4a620f9b455c7ba5914be02a17b1e05f00b8718a

                SHA256

                9ab9b7b86aecfac477d11ad6c393b220543c81a73143088e6d964453e96a9c5c

                SHA512

                90b89e44eea5bc8129fdbeebfa1bbcae19f046065f36f925f59c3dd39df4554804f7f9c163a9c478d7a2091cf204b29544091d6554d3a29edd3386e43be12dd7

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/databases/ua.db
                Filesize

                36KB

                MD5

                a5fdf0f0ff70c015ce60ed577ffddcab

                SHA1

                da174c3862c5449e83e86b624c744189d89836c4

                SHA256

                317db2988b37b60a3af369ba721ac518c9032cda51275396c014460301af16a9

                SHA512

                5f0ce32c9f0b0aa8fe3d49b1a775d9cc2bb6a17f6a112f4d0512c5285b69ddb2b26e77d0fef7edab5698579308749a4c9e70450698b9369396cde9ca1f18a8bb

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/databases/ua.db-journal
                Filesize

                512B

                MD5

                48a882398252a0bdbf00dc40e364c53a

                SHA1

                4b32468617c838bc05517af5a141a9594cc87a8a

                SHA256

                998d101b30bd5b15b5879fed7b12d0d24db920c2bec0477c0214155bd2616113

                SHA512

                fab39ce4594793f2885be7cbabddde3a0d525ccbb6c311a2976993201460f6a978cead6947fda34d2a2facaf8ab79a1272dabebda3a198630289a6d16b90777d

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/databases/ua.db-shm
                Filesize

                28KB

                MD5

                cf845a781c107ec1346e849c9dd1b7e8

                SHA1

                b44ccc7f7d519352422e59ee8b0bdbac881768a7

                SHA256

                18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

                SHA512

                4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/databases/ua.db-wal
                Filesize

                16KB

                MD5

                fb2bc39b1049a291a52a1c7f2667cb42

                SHA1

                718789cdba04da6ea41618240f273969f42d0820

                SHA256

                2afb15526fa445dfd409285874d2fb81ecaa8d3f0b7ed60bff47c350c92d043f

                SHA512

                e6482bc1cbf6146bbba31014962ea66cd83f239e2adb35e1feb6d251b1fc35f5f728385507fbf712033b9135435d1199785e63da2a1a666949d2c84f74a5a802

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/databases/ua.db-wal
                Filesize

                8KB

                MD5

                636743abb927b6e148c7325c64f6df67

                SHA1

                ff11d78728fe971ab32633a4a4453ea7f233359c

                SHA256

                d316aab09a2804fbc2f833b0a59195b6d6bd1c994547be5b29d5054d561a5dfd

                SHA512

                f4dd28812bce986c13f8fcf0b27d4425ca06b3adbbeded8cabcbd74572e96efa1ca62e4889f9e396c4b4b3e582f480204921275a4ca5d9e32ff3813c43d378df

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/databases/ua.db-wal
                Filesize

                8KB

                MD5

                6365434fdb25dd49148e1809ca06702a

                SHA1

                ca22b3d3acdea3254a0fa4659d60b9b3a1379871

                SHA256

                125db3596188d7638f53d7ac507ae888fcafcb2e12a9e60279524659b6281d77

                SHA512

                a67a81813120367c26d03b33755ae208f7fad3f9a0d899eb306bbdb29bc45998b50332f3a8c8e7f04ff4485192e74e5936553ca625bc28ac32bb3c277cd478ec

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/databases/ua.db-wal
                Filesize

                4KB

                MD5

                6d6d5fe68aa89b026c1b9e89543f75d0

                SHA1

                b86b1727b44e2384e8dd1b87af75dd4ea9703590

                SHA256

                09e55dd62dcf1d24d4ceebfefa2fddb2f69ecd91c55a572e1b0964f606b00298

                SHA512

                16844fee6c6c4ecf7cab0b1276f1d8b42e078111be748458009d423b312df238739e777a59eb9f50644b8406d6cf7677f4def3d238f216b8098cad4bcd0e1481

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/databases/video_greendao.db
                Filesize

                4KB

                MD5

                f2b4b0190b9f384ca885f0c8c9b14700

                SHA1

                934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                SHA256

                0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                SHA512

                ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/databases/video_greendao.db-journal
                Filesize

                512B

                MD5

                b2a26e942d036e63b7a4a6332e4905c9

                SHA1

                2046fa82f7dd9a4030a03923bc933b11307f4c58

                SHA256

                dccecb084f10c7513517a6058668c4b562054e40d391989dc54f4b1600498df7

                SHA512

                6b53b601f7141b080316899e3abd28944f272f35bc191d75d85a55d50998d76848c484538bfb6d4a2ed5623c68ed8ad09f0c0e2267fd630317a227e5e4031099

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/databases/video_greendao.db-wal
                Filesize

                36KB

                MD5

                fabc846628ada9d6f1d7c3924f94dd4d

                SHA1

                61a769bae322f5310e6638462b96027f735c5e04

                SHA256

                34baed79a8673f2dbd05f416f78af1d40c7a558e25f38e6b2b4355d4f8e04617

                SHA512

                f3ea6a70769e6ea576a0b298be411e01140abd8b09d9d5a69289e3fb892d104d9d203d1b82936e3607e843f808ca72d1675dff18070bf4cb9d2a9a3c5b43183f

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/files/.envelope/a==8.0.0&&2.0.7.0_1703658716411_envelope.log
                Filesize

                1KB

                MD5

                a86e49d545f2a428b85b923ae6c06d54

                SHA1

                0e9cb301d4e2ccef5ce0f6e91c78335b6313e97d

                SHA256

                2afbad1eedf1bcf46f1a3d930fe627a1582d8616ab9f9db4096b8432d1f89faa

                SHA512

                cf24c08ccfc069c93252eb9eb8a81a7b558b160d819259738ad55fa0ff6340d0adb42b5c37a2884d62824ab3a389b234e9c3e010e9197ca6cbe6682ed900918d

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/files/.envelope/i==1.2.0&&2.0.7.0_1703658713233_envelope.log
                Filesize

                2KB

                MD5

                cb1e84a5d9c477a87cdf8001798e1e92

                SHA1

                326d819f081e9cec2c5d96b3f613ca4096ecfb01

                SHA256

                ac280e9cbbd22d9508c4a9d3c71eff63ab6a38659e1095ab3964beee0658b008

                SHA512

                652866e6251d0160098f717c3ab3afd92d47fb303e22ad9a12b445280e0b16b66cf7e5a8f98784af7bf6291a0a264b6459ca49112867267f7b3083f19da4f7f0

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/files/.envelope/t==8.0.0&&2.0.7.0_1703658715257_envelope.log
                Filesize

                1KB

                MD5

                b3cbd8dbddfa5b17a5ada7358887c4da

                SHA1

                8c332058b3a1ccef2cf8d38b5ce9e220477b5872

                SHA256

                1d383984cf3298526fc13ee3692debcfcc636aaa18969d3ade09fe2faaed5e26

                SHA512

                2c74773382099b1a071466137076773817de6fa096c4a2d78e293883725134cb54ade592db130bafde6cb315a3313049ba3643c400aaaa3f571bc8c867b265b8

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/files/.umeng/exchangeIdentity.json
                Filesize

                162B

                MD5

                028f3bf29d9e6f752feef24a00bab8ab

                SHA1

                5427f8258ac3c77edd678171c5fba07b041e1a51

                SHA256

                fcb9cfcddbb994787f4fcd13149890ad563e8884394e19c32255ca5fa3d643ea

                SHA512

                fa46a0100304cd49a2d44e82acb2a50dd37a7a5111416356d6a9c44f9c7bd5dc1dc306e9f294d23b6b42e763420e6d77b61319e987b5edec4246d81ef8ebfff6

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/files/exid.dat
                Filesize

                59B

                MD5

                e56dacf42ca5583240842bb177e92954

                SHA1

                bb4293c89545ddb02a9da76302c5217e44da28ae

                SHA256

                ba6f678a500ea51e59c2438081080a79b137689b82ee384d4db21aa430315af6

                SHA512

                1945a6bb9b9b34f5f713559242e708faca83979cb24b52aedc0f841c08a4892a0dd553e69625ef0d840c9b914f52126fcb1abb61dc03c550caeeb44aa6e6688c

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNjU4NzEzMDcy

                Filesize

                1KB

                MD5

                c0b01e6dbe96cf1b2b5eb1b02da421cc

                SHA1

                e86e0c92c56f64d6470e60d1772e97d7a907248b

                SHA256

                1461e8ff870c964d778b175321114d6bc87aeace958bc08e902c712e063ff903

                SHA512

                2c9505354a9ff362bf3eb10bfe99ece9da51837f6340a43f2068c1cda37e5064258804b99149b74e40a4ff2288665ee130560b0fcb5c883df0e2e625adab6ea6

                Download Submit

              • /data/data/com.shoujiduoduo.wpplugin/files/umeng_it.cache
                Filesize

                415B

                MD5

                369b301e9af05176503e65e397dbe26c

                SHA1

                ef26a282803cc62c32664e7b89e87dfdd178d4fb

                SHA256

                d4e9c142736ae048fc15837836f26c8ccbf49a7b696e5c2c81aeba6ac84e54f8

                SHA512

                5b604c050099597472d06f8d82b949bd22b82c988ee7799f17b687c4246baaf7e8747aecd6e00f3a0fa418a4582bd3fb2db16b42d2f746e301885a50abc4e836

                Download Submit