Analysis

  • max time kernel
    2703868s
  • max time network
    154s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    23-12-2023 15:00

General

  • Target

    37de6aa4fa2b404ef3f4d53e34c195e397e5c4c69bcfcb231b33315696ecf41d.apk

  • Size

    12.3MB

  • MD5

    1e5795d111db9ff11b2b470dba2b49a7

  • SHA1

    9e73d6aa633b5cc5ece724293ee5e9bd341132bc

  • SHA256

    37de6aa4fa2b404ef3f4d53e34c195e397e5c4c69bcfcb231b33315696ecf41d

  • SHA512

    8146c3082c815968d974d17bf6923bf5f16ff7972236f525ce0be5f1944cbf517a3bbcee1425744c00bc146e67145ec77360865e15d9379a5518a649723cedf6

  • SSDEEP

    393216:KGgdaYTClcx9uICa63bbJw3zPzoTvy0l5qu:KFQlc3uIJ6nJw37zoTaKsu

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.lushi.zhuanbao
    1⤵
    • Loads dropped Dex/Jar
    PID:4983

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lushi.zhuanbao/.00000000000/37CF018B.dex

    Filesize

    48KB

    MD5

    4e93a7a07efedcc6e3c741526d2d89a7

    SHA1

    e25833d7a51783c17978a7c5e7953d7cf1df80f5

    SHA256

    26fd97dcb56a0ae4ffee7b9514cb697de101ad39e3b2af2933b1eadf409b740e

    SHA512

    94a5e0b50c0efc69b79fe9b46513537b798a45d00234a7fe1c529e7d5eb153704ec9966a0e0819983f726260579707d7b82e7b31f845fa7602e06c078b98319f

  • /data/data/com.lushi.zhuanbao/.00000000000/37CF018B.dex

    Filesize

    48KB

    MD5

    75d46252620a12dd7343e91c8ba209bb

    SHA1

    6615b67e21963e5689685f8494f442dcd729d4d1

    SHA256

    c433c8e3f847da2b98ee8b704ea3b7d0f38d6249626dfe26a22bef0c08e5fa71

    SHA512

    9ae5f0ae0a77bc8c9a27a43252ba01d4bbb69a326eb028d2e887d701b202b66a7065765f2f0214d2b0701493634ff33c2104becdb80bf7e8c2657175857b7af8

  • /data/data/com.lushi.zhuanbao/.jiagu/classes.dex

    Filesize

    6.0MB

    MD5

    9c033bd10b44e5d5131977e80ecafc1b

    SHA1

    77a150c14bb65f172c5df57b4b303524a9d4ffe8

    SHA256

    b0d84fc74b15d0726030b79fe0b72c02515c3f4098d4947ef6aa86cbc4c324da

    SHA512

    e0dd9ea7c661f965e641085d90b88f0548e4751161740d60f212ac57745088eb09b19c45255b517a3436308632605ed5dcf9553f658189e304f88eb272404b49

  • /data/data/com.lushi.zhuanbao/.jiagu/classes.dex!classes2.dex

    Filesize

    6.1MB

    MD5

    7a640e93fe289fda6a4b087a1924de12

    SHA1

    440183491f1f3f644c755cd38ca7f1e04e00462b

    SHA256

    1589c969ba5be207938c9483fcbccc27a660f29a56d904753a05f0a134158a4d

    SHA512

    315d58dc78ceee663f64ac7f312cf505d3b318c197aa190061d6b7cf067a39cd820ce921b91f257504f7407b649808e29106005cadfbe6a513a30ca4674bea4b

  • /data/data/com.lushi.zhuanbao/.jiagu/classes.dex!classes3.dex

    Filesize

    87KB

    MD5

    e3cca5affb2b13e55b7bb73c397b11d3

    SHA1

    25110f9caf2ad6bc62bdafdb4e3b70cd93396d23

    SHA256

    10dc27451938c6a4ff8874099824dee1ed9dc23c74cae0924da7f39ccc8c554f

    SHA512

    917425ed6e8ac57037867b98f93d786b1162806ed18765b20673103471d6eae331840ff5e81f5d3ff166fd488b57947e345f5cafca16b4f63b5694d23e5efcfc

  • /data/data/com.lushi.zhuanbao/.jiagu/libjiagu.so

    Filesize

    558KB

    MD5

    98736de515958ae37ae93a0a0e997098

    SHA1

    72d0f9d43f7c9bdc9f19d13834c0872f5652c0f9

    SHA256

    335091dfc73a9f792cb720389c5d94eb6642764a38d70d4b6b7a8afd34038421

    SHA512

    cc4974ce398bf7f4a20160ad30e4c4b5821ff0d7f2cc9fa0aead73ddc036585266edf429add276b53d6db8dd24a344d709469b9c839451deead6b621e70c92cf

  • /data/data/com.lushi.zhuanbao/databases/npth_log.db

    Filesize

    20KB

    MD5

    6aa2221283e2f6a24a1c148e8093c4d4

    SHA1

    d757b8ca71e249c536d7ee6c9abf30a83205f5d7

    SHA256

    6aa4c467e4c4b25f7a3b1844f3b1dd4afeaf625282f1c14ce1d8d818bf8725b1

    SHA512

    f88555a33dac3ec698c8f363e2f9185bd08fcfd407de64625d57a7dfdb4c727a1ecc306565ecc74eabc34c4b84d86ab40b42417f33685521e49c61bc238bf979

  • /data/data/com.lushi.zhuanbao/databases/npth_log.db-journal

    Filesize

    512B

    MD5

    aa3ed0a81fd7626668d247108ffa63d4

    SHA1

    7df4cab4f73403a58cc7ce2735f1fad03065b57c

    SHA256

    63fa46150a43267a4ec4166e82dae0d3ba8edbb7970763720ec9a0fdde86cc53

    SHA512

    0becea5bd0133fb18f2ecd3957b309d889c229bc067752ca9ee1c11e9825a85744c0653aa9f808a3a122e014c4b803f96dc4b544bfca56e68274cd1d7a29b7de

  • /data/data/com.lushi.zhuanbao/databases/npth_log.db-journal

    Filesize

    8KB

    MD5

    de8f60bc3be749250f82096e6244fab9

    SHA1

    bf941154cceccab6e81255322aa1e97356944a83

    SHA256

    b4b018cb5cf219da545285765f0fd571dba25ddc802c06be2675cd8dd17c92de

    SHA512

    0a8f16ae43b940dc28611baf3374ab8514ec100a9e498b9191cf82209dd16c4f14e5e282efc95b487ad043c0efb5a8fc6905d2a1b92c262158876f9d257944c4

  • /data/data/com.lushi.zhuanbao/databases/npth_log.db-journal

    Filesize

    8KB

    MD5

    18979b29bac7692a573d421ee34a2312

    SHA1

    b7233d18387944056218c2d3db7e0da75a431b2f

    SHA256

    e42b4a799e999210651fa8db8a7e096bada4fce5b2b210298d8880e140b2c485

    SHA512

    a2563e12dcda39639aa90567ac4c014d64ac4746f1f6864f1d5ba88d08ee7ecf6deb07f272b510a69f473d187f4fdca6ec98680aa809547b28f4a573588973f0

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ac

    Filesize

    32B

    MD5

    b9c64f04129ffc89111b5e5d879dc0d3

    SHA1

    7fd48d28f8720e82108283d95d14b277731825a1

    SHA256

    9261dcf52bcb9f2c8cbeebdb93f6f6d1ccecf1da6a5600d06afd3c78003ad89f

    SHA512

    1c3c28f3939fdfb3a06729c5d9d77f1c7a58b8850abbdbf89ac2eaedebcccbef5db1804ac07ad56224f9e060b2f2eb7e90bf7b450b89bd4bfa939646237ec9e4

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ic

    Filesize

    32B

    MD5

    c45c23630cfcf468ad03b4e9877aa5f2

    SHA1

    cf30d569f48cdca48b50e4081915ea9fb9afe1a5

    SHA256

    db2142b77a6511c1f110f2e65c5b13e8456309d106e33b99ad7a7e3eb2f9fdc6

    SHA512

    a17cb02f69eb27f0ff3215380b398f8f16c8f3ea9fb787a5004ab6fcd0263fcf819f8e8fb19e8d529fcadc57b190f0191ff1c3ae4da5ed03316c29a5bc63dee2

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.pk

    Filesize

    32B

    MD5

    7185cffb69741d6fc9101133221a287c

    SHA1

    c1f4fbde37dd4ae43c7f8b50c5cc079f4bc51f0f

    SHA256

    a7dda74b143acfce1a566911a709d137d0118dfca53b03375cad84ed90d3631a

    SHA512

    eea9e239065ae3965f8e4c531f189934563ee06692fd2ac8c82dc348069be784961b33bb7432c75715814ed92e04202cbd8b7194497b9f7ed6d2ef35ca0c9ae2

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.pk.h

    Filesize

    64B

    MD5

    46e3c28430cc64537a5232cc3e598cd7

    SHA1

    e8a8224eb5e46bff62402f1ef62f9a29a918d4c3

    SHA256

    713cb7b63568f54b5c71fc225896226a848809fb22dcb7f292edcfdb8f50c028

    SHA512

    f9d9f67af302dd79451204c2791c3354058e18813737b6e9047187a0c88ae46005668ca1f36bbba557f31bde00de92cdcd2e2e8167ef2e436454210d389cfbc0

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.rd

    Filesize

    32B

    MD5

    1d2ea4b5d937561a94a9a3a39976081a

    SHA1

    6e745905dd297b4ac6b2d423777e84cba406bfa9

    SHA256

    472d7e167a6f26d7223a7ff84053df9b1d083484ba1299223551bccb31ad7537

    SHA512

    109deed33298ff01e28dc7d44c04eca3dfbc94c1a7ed034920c60be4ab543f501485f65e9a963857b3480cb85191ca6714a8c94c5f7a619733f9e1e1e99fb224

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ri

    Filesize

    307B

    MD5

    38005f0ab6acd13235f6275495884b14

    SHA1

    9e7f20c9fb8e54a352bcad463a12166507f779ea

    SHA256

    834b2fdbdbae64162f932208c9b1b8cc4ec2e89a238172112a69a106b240a5ae

    SHA512

    65976ee2bf64478b49fb1f012ab185882fde39ed22e03cd366f5e1ef9192d27d73c622d18ce2854ea1573451092b7a869e47d2e93d0aa12e536b228b398ae5b5

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ri

    Filesize

    314B

    MD5

    5aa6a4b005fbb0cc7e59a673845d7e45

    SHA1

    029d4210b97a792732c7479fbb5c17c69c1cf02b

    SHA256

    38b6b5d362c95085106710592ad36f03d1c3043c20243d7d021994658ce28a20

    SHA512

    ea8fb9fb77f3fbf221b65adaf32f9fcc2429bd8205bcb522d69c6ae4718292f9f91b89bd53e1997722c79f72c4277054549d7451f8aef6eb68832ca17fba09d4

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.store.report_pid

    Filesize

    32B

    MD5

    ef5deb235397f07548506e64c37f7677

    SHA1

    00b24a7cb177ba9db01d6636058c72477f0bd7b9

    SHA256

    af7b021d73886155de7f474f254874043c81cbe14983c6340dee71714ac23cba

    SHA512

    76ea307987f6e0c8c9a03bdea8a32c9b93f44f6a8de6891aa6ffb3e3a4590d6ded4ebffdc98c3fae2edca7e1ababd44d5dba5996a19d7e60125fd6c28f673be9

  • /data/data/com.lushi.zhuanbao/files/.jiagu.lock

    Filesize

    27B

    MD5

    2ecca03ad1a859b8affb844964b29065

    SHA1

    56f6a4be5674495968b00703814971df779a3b7e

    SHA256

    f02f40834efd4d5b95a3f579cb1ce61d01ac47e1c37542c3479267e0c46c7ab0

    SHA512

    d14fd5c0d6b70d1841ee86ec63752eceb3d89c2defbe56defc477a63a655ff3ef5d85826e351fd3adf72ffb3574b657fdb3584508890dce0e6075f9fc5711e0e

  • /storage/emulated/0/Android/data/com.snssdk.api/cache/clientudid.dat

    Filesize

    36B

    MD5

    cf67272e016a226315927215280d91e1

    SHA1

    84092c0341e55be1f5462c5a840ed9c71537c3f7

    SHA256

    92b79aa1a0dcc741ebd31c02b512f0e12af9030be3ce69a82e66f8023085347d

    SHA512

    d5e0fbc6627846e8b8c34ee3e2fcbb39b91eff71a7e981348f69fcddd7cc783f199aac64522191a0605a525dcd431b9a0797626ee2bf9a2c61660366fb04e3e8