3d57ad74aeb3584065214a2227de760e2b62b0a7e63337276ca2d022cd206a45

Analysis

max time kernel
2657242s
max time network
141s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 15:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3d57ad74aeb3584065214a2227de760e2b62b0a7e63337276ca2d022cd206a45.apk
Size

11.2MB
MD5

a64d5c8af335890deef7cac36a3369c0
SHA1

5d8e99b24d8a37c720df49254d0cd9f7e208970d
SHA256

3d57ad74aeb3584065214a2227de760e2b62b0a7e63337276ca2d022cd206a45
SHA512

a5133aca615734149b38a81fac56438c89d624131d72fb455dd112e6eaa563e1106e337760a80aa2268c28d8bc14645a7f014f6a298ad73d9edfd404fcf95acc
SSDEEP

196608:YMGED9Rx6tjyd/8HupTmcY34EMiSafTdC9FwNdueb4p2kid7EJ3hp4i7vMKLVj:JGIUt+OHupZKrMiHUuK2rIp4i4+Vj

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.tieniu.lezhuan

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.tieniu.lezhuan

com.tieniu.lezhuan
1⤵
- Requests cell location
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4254

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.tieniu.lezhuan/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.tieniu.lezhuan/app_crashrecord/1004

Filesize
228B

MD5
a6c8aa5ba088ffbb8e5cf301ec034560

SHA1
5e7d6564b8f365629b62c69f9982fa388b477791

SHA256
572fe59041a3e16b6e14e5b4c4ead814867eec18dd3e2cd3cae10df9458a62ae

SHA512
71a7d29f27dfb473420c88763084b68581f2198262dcfa51073bb36574fa47c04d2b460fda37f58568b9673c965bc5250170778cee05e53e4bae3ed8b696159e

Download Submit
/data/data/com.tieniu.lezhuan/databases/bugly_db_-journal

Filesize
512B

MD5
54505689de21432c3a683be95c48e945

SHA1
5ddc7d5727324e1221e5caad2916557d6a5dfe4b

SHA256
4f64a18fcdf331eb9dcc0bcd3acf4a36fd26456844ee3343003689fba8353682

SHA512
caf8be9bb185d4f54245eea6f74cc3d5ecb47192d4814731d181c3fea906981fa2174d50e53761287b716640635f1b9781a01bb298b31264b236a7395fb853da

Download Submit
/data/data/com.tieniu.lezhuan/databases/bugly_db_-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.tieniu.lezhuan/databases/bugly_db_-wal

Filesize
68KB

MD5
505e260b0f7e528595886eedbee5d125

SHA1
7a089020ed54718677de4a1be9107e59256e29e7

SHA256
4c351fdb4638f653815b22f9f9fcd6f2addb53dce5900b0d353aa9a6a06f5dff

SHA512
37bdff02c10ba70d4746479260b8b6cb84c86aa6219ae87a14dca13eaddbac0fda02280be8ab5c03b51e8607718d6c39d8b11b9ab07391e71533bf65d26f1636

Download Submit
/data/data/com.tieniu.lezhuan/databases/downloader.db-journal

Filesize
512B

MD5
9f14bc389ed23755c7b30df03d174358

SHA1
30719be102668a57ebcbc5ba5fabd5535b40ab18

SHA256
8ede9dfe04188d169801a643fa4d0e6848306d3a3197f100a19f771f61a6e549

SHA512
457172d53248ac50d14d4ee427f79972365b036bcd32cb111c6470a1ea48e8cf5afa3a047fb9c0ed8c4e2d5287eae544e5ab85c3a42cda8502b2bfa9178dd2ad

Download Submit
/data/data/com.tieniu.lezhuan/databases/downloader.db-wal

Filesize
16KB

MD5
92131f58048003239357962fbd96084f

SHA1
fd92d2ff076fa9687c2eeb9da7d4815761f42f97

SHA256
88fda557c58b6f4e1322a6d1bebb161a003f88543581d365226049d781e3bfa3

SHA512
bb11faed59b9f7d2406e7787b1a7f9c582dd9b3b86a900e82e470ebeade1fda3edd4f9a905ab018a3b085f9f4dbd30e23b6d3192579e0de7e7ee94ac7dabb000

Download Submit
/data/data/com.tieniu.lezhuan/databases/ttopensdk.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.tieniu.lezhuan/databases/ttopensdk.db-journal

Filesize
512B

MD5
a200cb66ff6c53692e6b2c807755a342

SHA1
1a66635ec942270eb780ce8926ed033ebb157aa2

SHA256
ba729825803aff2cd08a08d6fa9222da6731bea9c3e1e76dfed539f0698bf527

SHA512
3add440ba7d917c092120b14b5a51ccad0014b03a40631aec5b6de5194dfe7457e047edf6e76f19ce5dff5d2c1e466e1ba7f57c87f99c5c1ce100602104b31e7

Download Submit
/data/data/com.tieniu.lezhuan/databases/ttopensdk.db-wal

Filesize
60KB

MD5
0f3715c2dc6f5fcc77b4a30124b7ca23

SHA1
1a832491d300b30f8542605b1fd0efe26f3e9a6e

SHA256
9855731f032812865ee214472e6055bc9deac0b273a001fc40a2bba0e6aa3415

SHA512
5326ed88309a88a2eba0a9c1caa4a2bd9882feeda8191367758fddcd0c4c8ee39b585ca8450d9472281754895fed4e36fc283426362d7a377fa1e43a34756bfc

Download Submit
/storage/emulated/0/com.tieniu.lezhuan/config/5ac714da7be6d534dd74c84a097f98e0

Filesize
344B

MD5
47ab2d4557ec190835df5c0d1a3157bc

SHA1
bf644230282570b0ddd6ba4cbd42147bdd2bed7b

SHA256
4fad6f8d04b1471d64cc33f6a3ddb6111a6387ef34d3820fa3cdc9f0ae91c593

SHA512
ee7ca935a4a9468ec64a2dace6b74533ab8264d93ff1478a8a891396f876da95cc5c141dec6de1a1e9ae9b7d031163092264c458d0decbca3b630908eb4542d1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads