Overview

overview

7

Static

static

6

3cb0399f66...71.apk

android-9-x86

7

3cb0399f66...71.apk

android-10-x64

7

Analysis

  • max time kernel
    2539070s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    23/12/2023, 15:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3cb0399f6674a68b5fc905722c740f1295b7d4e31f7298c722d7ce59196d6671.apk

  • Size

    12.3MB

  • MD5

    69b56c4523ac94c0c0143ed5d0221117

  • SHA1

    3b6b2965f47054f6b3c985aab920c9904551eac5

  • SHA256

    3cb0399f6674a68b5fc905722c740f1295b7d4e31f7298c722d7ce59196d6671

  • SHA512

    54422b86bd91f483b8b095acddb489c6ca8bb6af69c1e05de9b5de93a70e1b54a1f721e0aaa447ab2232e6d78b4c835e666cde89f6eb7ca023b53bd1552bf812

  • SSDEEP

    196608:2jlsDa16HdEJ8yiO4UncJ886WRFP2EcW+zIUW398UqvhSrmvwaBHcd1+btwyWP:2jlkcPJzZ7cW89P7N8UHYfedxyWP

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.ircloud.ydh.agents.ydh02466748
    1⤵
    • Loads dropped Dex/Jar
    PID:4905

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.ircloud.ydh.agents.ydh02466748/.jiagu/classes.dex
    Filesize

    4.7MB

    MD5

    3ebf72c383b1c7aa77ae079649063e2c

    SHA1

    21a41e0becaea641bbff61eb4bf7368a825aec82

    SHA256

    0c3484d9be3b3d05cc0e171f13a0f768008aa108dc7cfadd52263b8b1472b7d7

    SHA512

    ca4c44e64bbf50e5e2d2737ca77237c9f7bd3fe2075f31482b07ca999266bdc4a5213d234eb57728b79aab0e5601c6201fd5a94bfba71ca527ebcd4e4db7f904

    Download Submit

  • /data/data/com.ircloud.ydh.agents.ydh02466748/.jiagu/libjiagu.so
    Filesize

    455KB

    MD5

    e5a53000766ebc433b27d6a66ec4f555

    SHA1

    2c8f53f1c03aec2005bcad67d731f07261dabde0

    SHA256

    78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

    SHA512

    370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

    Download Submit

  • /data/data/com.ircloud.ydh.agents.ydh02466748/.jiagu/libjiagu_64.so
    Filesize

    429KB

    MD5

    05a8c3ca16893f4e6cc997a82d987fb3

    SHA1

    76d6c6d19e0bfa83c847e5d330bd144f58994bff

    SHA256

    82e708e200cebe270ec57231729413621a8904e907efac8cfe71cb2cf16a3c10

    SHA512

    2a878c39e713fb6ff5b457f94a1fe2b5adc456924d087a1b6abd59afc0b0e9bad68852eddd34c6441e8996e66eb5fdb711ed6f477d6e447dd48cfd151d89fe96

    Download Submit

  • /data/data/com.ircloud.ydh.agents.ydh02466748/files/.jglogs/.jg.di
    Filesize

    348B

    MD5

    493be92a3d3a9f82a9d439f2327ef020

    SHA1

    12326bd3b51b0e5295a1ba88fd14bc1205b97f10

    SHA256

    37b5056085f8f3c9f68bd244cc89c97edd64d2ad5c9ef784284f7a2254b33188

    SHA512

    9ee283866eeee2efb36dde192b995df6e895f5737c78a9e87fc198a7e760585139a9ab89cd296dcc6bc9aa4d0c710145c9289579029e13353918456c6be58e29

    Download Submit

  • /data/data/com.ircloud.ydh.agents.ydh02466748/files/.jglogs/.jg.ri
    Filesize

    314B

    MD5

    de53e08a4d72668b202d9a9b5e0fdd60

    SHA1

    c92af3fdf009593a8af83d57d18d2f71954083cf

    SHA256

    4f5990f23e583c600bd28ae06b51154f5296a6e9f529346e4616af53c52178bb

    SHA512

    02d9e1ef31cd9a2310e285557f3d9978175bdedd202c7791a53c6d5d374e5ed11a7af1c9be7ebbf54b98347bc635f04a8539dd1bbe444a4555547e8ed0963f17

    Download Submit

  • /data/data/com.ircloud.ydh.agents.ydh02466748/files/.jiagu.lock
    Filesize

    27B

    MD5

    620b3b92014506acd205532f3f65d4ce

    SHA1

    0ab8f4f24b01bc00c4943662ec0cf5e4d13abf57

    SHA256

    93e1a65a88a0ff4155f6e0a15ab1bcf18c25357980f3946a9b78e59f0cd28a9a

    SHA512

    c7c0321be02b9ebbfe05f381f5a1562c266ace7854f84d010339f4499825c7e8a8eaa6d5b041c1bbddc9e45ef701b67a027ecb031196e63e6ffc11eecb1ed2ad

    Download Submit

  • /data/user/0/com.ircloud.ydh.agents.ydh02466748/[email protected]
    Filesize

    6.3MB

    MD5

    637c948bb1e2b181ddd3bbaac976a9f8

    SHA1

    09bb87ee7e71650dbd2b5118e1259c966d677ed1

    SHA256

    b9eea8896835c458ba8e625d2229bf1f82944f0308b43730573fec49fb3c9a9e

    SHA512

    3e9e0bacf057d4a716201af31e9307c45c178b8b8bff768192c1da01888e0d6b487a50593c8d0d0bca70ca603881282b87f069d2442b4efe9ec4c68672dd97c6

    Download Submit

  • /data/user/0/com.ircloud.ydh.agents.ydh02466748/[email protected]!classes2.dex
    Filesize

    4.0MB

    MD5

    ad36a878f79158ef0e63b2dadf5d3c7c

    SHA1

    139051a2590bf46871945c93161212616ad14b2f

    SHA256

    4bd6d342ac45b8a31fdc1b5af067c54d457bf8200c0796953746b4f85fb91b3e

    SHA512

    12dbcdc07c3ed74d5cffd4062a0be6d7acc62e583cc9bc6f2562eb5913d7728cf17c866ba9b1e3745b89033c55efe633037410ee980b1a3350fa043cde5d1213

    Download Submit

  • /storage/emulated/0/360/.deviceId
    Filesize

    48B

    MD5

    4c4c5285293d5141f582aefa4e038669

    SHA1

    e01852a72e5a8e6f7d63a21426b515118196047b

    SHA256

    36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

    SHA512

    097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

    Download Submit

  • /storage/emulated/0/360/.iddata
    Filesize

    32B

    MD5

    84817d31b98d55fa0a8d2d7d82c3dc7c

    SHA1

    b54fb315a215eb0071d350d1fe3f23fcca2804d1

    SHA256

    2f53e7e532c615744cf053428733609098cc61893281349ffee08a3c00844c5e

    SHA512

    610158f14b7377ef57101f217414625615d23c12ad92b28c7ca6adb7884f50eace006dcb42f9145687321178e88cc005eafc4d84ca4396f27fa7fd31fe299c5f

    Download Submit