Overview

overview

8

Static

static

6

4b456d8836...7b.apk

android-9-x86

8

alipay_plu...sp.apk

android-9-x86

8

Analysis

  • max time kernel
    2556701s
  • max time network
    155s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 16:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4b456d883683838ebdd1725bff624d39e36f714bcf287ab2474e5cfb9019d57b.apk

  • Size

    22.8MB

  • MD5

    fbd24c29eca16e047c2ea4ec5e6c18b3

  • SHA1

    8c013c8ef64f3506e2e8df77f9f3cacc9de8fed9

  • SHA256

    4b456d883683838ebdd1725bff624d39e36f714bcf287ab2474e5cfb9019d57b

  • SHA512

    f2b5f4ca4af60ecb5a6871e8bfb9e15fd41e7d06dd4de2baf1efb3c749cde62f8b36c2b0671aae65873a7320a0b40c9d9b3e0d737817ccd9774d0d28408362da

  • SSDEEP

    393216:Or/wZdrBFK53VkppXds3p+bP0NJReBnZELCcfKHNlYFpKsmuqXrhweAOrIyzNJjD:OrIHry53VkppN6p+T0/aZERfKHLPsU7r

Score
8/10
banker

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs
    banker
  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • cn.nimostudio.chengyu.two.android
    1⤵
    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
    PID:4252
  • cn.nimostudio.chengyu.two.android.pushservice
    1⤵
    • Acquires the wake lock
    PID:4306

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/cn.nimostudio.chengyu.two.android/databases/TDGAtcagentgame.db
    Filesize

    24KB

    MD5

    5ce1a592fa6231f3945fa73e9216af25

    SHA1

    aef89c5e991c9f324cf66b2398a0ea08479bd5c8

    SHA256

    7ef0e7fbb9f889f37620cdf589204ba63cc91548907a90e926028807ed9f9e16

    SHA512

    d1c0e24afb7287dc19c8518432ab9365c761c41b4ddc1036709c8ea8019ca06e7b0f91060f7e76bbf1c6f4374d86ef7ebe2526f61afeef1f2609b69afcf60120

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/TDGAtcagentgame.db
    Filesize

    28KB

    MD5

    0e33912e71804cd448e70be8e84f1053

    SHA1

    51469f00ae9d51f9f788ace9f4313b4e78432eff

    SHA256

    0e4e7a6a5159a7357f4d8c9f3b9ae6c049b1e0fa1ed809fda1700ac4dab7a359

    SHA512

    e0734403ae9391491cb656caf098a9f26fd310624057d157776bf3859ddbab305b1ff35d479efb6e7debc0ecbec3242159568ba36b38acf6e88e14eb93fe13d0

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/TDGAtcagentgame.db
    Filesize

    20KB

    MD5

    0938f0ec30dfa336b6efdf98331915c4

    SHA1

    d263870f01458c6f6b7186e35b4f6025412dfa55

    SHA256

    cb66534e3826e0a8ce43d6fa634c37c70a94ba6d6ca1d074f8bc9a118f4ad5d1

    SHA512

    acacaf5b12d007ce72aabff93d95001f151a14dd0eb10057ae0a8e5241e704ddf478879c4d601f17959a3cd9ff83cab5d6463b6234ede5198ed5ba0495a9d141

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/TDGAtcagentgame.db-journal
    Filesize

    512B

    MD5

    9ca40e6b771c9970a554c7a4495e0848

    SHA1

    25fc398922bb78766e1a1fb162269267e05aa20b

    SHA256

    1d0c605a613cf7eed44406f2c96e5d9ae9cba7d54a408b6f0757bcc92f219cfa

    SHA512

    db620d4024efe00f664cd0fa4253647172d311dff11a774b174b573d5212ed59dff10cd0f4143c0374302aed6b62cb398332a2fcfc4f81bb225145fa29dfe393

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/TDGAtcagentgame.db-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/TDGAtcagentgame.db-wal
    Filesize

    44KB

    MD5

    24290ac786b1a67e61c1efd6788136ca

    SHA1

    bbf3cd71404c615bf6e02034d39f4e3693a06dbd

    SHA256

    64bf6a422735ee053c575e30b92bd2a03149cf258810c2856b166e0607cbf35a

    SHA512

    a76fc91d2dea2fc71d2fa76efc572976d4b5b934d0a5f35c810a4401b0bac78e84d0edf6552c5166c852ba591615caa074729cbdde04dc4ca83b4553a18a03af

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/TDGAtcagentgame.db-wal
    Filesize

    20KB

    MD5

    c9beac5c819daf57fe0c41e3a9a15e26

    SHA1

    9a8b3fe66fb9ad185c073ad5b7fd93fea415ec38

    SHA256

    175192e48c477b8bdf6510ad718c6948c495e88c6c1032bacd4f92fd29b230e0

    SHA512

    86744e9646c917f6f2d86801d081669037be5de9da9c3c50d57f610aeb37fcf1becb1ca145b7d821661cb4e5ea8c450d80d4a510338ce54d729a2dc26fce3471

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/TDGAtcagentgame.db-wal
    Filesize

    8KB

    MD5

    02f9f96a9dba1bb49f9189712ea30369

    SHA1

    defac11d1bfa2ceb34e1347078ae34849e0be8f8

    SHA256

    a1477925df3bb2183162232641d48da03ef95c68b7c584db32fd629bde9095a1

    SHA512

    1aef3c1de6d6c1e961680eb5ae647e219c79a82daf48f6caa6aa97dad6ba6b175a649a884bc0063005e15f69bd4576bccf1c2f675c91c5c5a0674548eb008705

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/download.db
    Filesize

    336KB

    MD5

    3f05f8bf793bf12b1e3ca59f9cbfb714

    SHA1

    c95d264d75c8c776d9fb96b648a3a218c8380c4a

    SHA256

    d35c739d00afb043fe41fabc589a9aeb79c93a4772b0665e4cc016ea8e1c59e2

    SHA512

    5835e53dfec9695847d04825baf4579df5ad9e65bf9d334cfa1b70089e3e2535cb9116d6ef58456452c25fd414d938de11ad25f72c7668fb23ad0290bc6a5599

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/download.db-journal
    Filesize

    336KB

    MD5

    040cfffd3b4d226edc06be7caa7f85fe

    SHA1

    037ca33dfcfeb8f15c01adafe1bce7c683c7f9be

    SHA256

    41920eea97f4549565adc793a79338bda13805116566270131cfb24c62782a33

    SHA512

    5e72cdd02038fcee48ab05cbf2f933c57873d6b624323a5679391ee9c49b538a103f3a265dfe5bf416e8997e80b6fbe5060f3471b770f5a0f2ffefa747e93885

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/download.db-shm
    Filesize

    28KB

    MD5

    3334d4aaba5c6570065a4d5ecac6873e

    SHA1

    3ca2943fa9d0906f5205a1382f04adff1560e290

    SHA256

    590d1b03fe9d995b6556ac4dd6f2ac5329649e26fe1dc24f835349553e334022

    SHA512

    379cde566743ae80ef4fca0299285246e64db0bc1942ea26274d262d12aeff98f0755e41d5e0a52f0c2206cb5a793cb3a4a564104405b2f27cefcf07c1fd25e6

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/download.db-wal
    Filesize

    32KB

    MD5

    9037c620bbbf411aa25e7a8f87cc0f68

    SHA1

    428d6a56199dbdb033398a81041f058ac9148f05

    SHA256

    c10b6e1af7e824a135e14edc760f633800e45ad1a546e49a32e50b39575ea6d7

    SHA512

    a8d64cfa4605856d72807489a28f283af6d3f4c2ec0777b2a53a0ade54e531b03d3bed4ea075de2b5a962b78e5a07a79dd90acfe29bbe7586e5eaded191b707b

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/gxdbapp.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/gxdbapp.db-journal
    Filesize

    28KB

    MD5

    95a2b283997bab47208c470bf5301847

    SHA1

    daaa18c043d85857241955dc067521e6f055d2f4

    SHA256

    76d29289b4ab6b458dc9a239bc7b8b9e2e5bce4fc34e1436b5ebe071afb9f7d4

    SHA512

    183ef2bf68c4b25e7dbee24f940f6ad0ca11ec92da6372d1afd8079b971cbfa40603778c1c1650369d30dba2fd5d9bc6510b467b77af9c7011529ded3188f6cb

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/gxdbapp.db-shm
    Filesize

    28KB

    MD5

    cbd6b262b2583711196e115b30b8c799

    SHA1

    40b6dd4303aa1d99bdd1a5b3238b421a7d5bdfd4

    SHA256

    4627ec03dd48f6a671cc6a42601b55360594ebe8790fe2ccb3d9cffbd2444138

    SHA512

    420dae82021feeea511822bc682bfb7a216a834e61d69eef79786dd0c94d9c4223bc45c8b5a5f7004df450b5b10cf1f73987f307384953a2ef5a31e17ea353d9

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/gxdbapp.db-wal
    Filesize

    28KB

    MD5

    e0ad035717a6eb6401707352c7d33fac

    SHA1

    f935a13ac15818240bc36b2ab1ad0e1638dcdd8d

    SHA256

    843b2042b6f0b6530c64c6f8798387c05bb9c94db8019caa6d60d5dd0b5065c6

    SHA512

    33aa0a33ff6a7a4b8ab2b67a0f9dd635bf55374f6d2528e94e9f6abf2b85f4113538edddc51ef7053ecf695fc2aaf225dd65cce99148a419d0a1eb8363a2dc5a

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/gxsdkdb.db
    Filesize

    24KB

    MD5

    9d2843a82fa9f3f0298b7906bd299934

    SHA1

    a7ea72b1eef3049fdcf98ef7c1e41ddb13fba948

    SHA256

    40f7e6ea802b0b8146b84d206ea278271388f093f28b2644fbe155504d85d93f

    SHA512

    5f3e4476f7febb77401ad4fa5369a8dbbc3c3e6c51a2e7966a20149463d8b59775fde18e2cbcbe66004d6feb6788373f830b93542be7036c2969a713fcf1d55d

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/gxsdkdb.db-journal
    Filesize

    44KB

    MD5

    4eefb58da06621c40310f3ad2855b6e6

    SHA1

    f0f41c96d44656417a305af0aa80e66d8ac92f0c

    SHA256

    f700070250253b265f7cd84931ef659da9d449c7701ee6c01d5db74460f9482f

    SHA512

    8b0d5c178f5ecf51e80094d922cc67ef9f91ce442494e9064cdb37a4a220966c0037c493d388601441ab3244511248b03061ce511cd3c3738fe5843750400809

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/databases/gxsdkdb.db-wal
    Filesize

    28KB

    MD5

    0b158a9a192d7db20fbfe8bf1d972c92

    SHA1

    fe109c1070a33f6fb610a9732de53cf35a0ac1d4

    SHA256

    6b2184ab0a2941b209670108d674d17ed3372861e77cfb28e3208d8fb3008aa2

    SHA512

    d85e6b2102c7ae66be91df54ce6c5d61cd0b84c55de6c844d8dc043f50e3eeac374af2094cd72a0f1e300c5224c7d4d953f5f00e0d93a2b3fd05d86cdf40b5d2

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/bigstage
    Filesize

    285B

    MD5

    aca7c25efcef8347725192b9d53b3387

    SHA1

    66c6a4f71f51cc8aa69eab3cbdbbadc7359f97ff

    SHA256

    fe4893fe6122cd09a48e13d4a4a517efb12874302114a0568f52f27e066fb41e

    SHA512

    684b513bf7a9c96f15996608ff8cfe4e356d7b8e8a0ac0c7e303ef654e9d247e9d88b1faa8efcef4e8459ab277858a317586089233a2a25a8da47f2d711f187d

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/bigstage
    Filesize

    794B

    MD5

    168abfa8c3e7d3ed6acb7a97259e79f8

    SHA1

    c65045ebdbc391b75af74e4bcf00e3c0e25ba3d8

    SHA256

    a37276d13724bcc82b712a76c7bf6447a4353050257c1c021f06d7272161d220

    SHA512

    e121d0bee4f6acc9307b43451cf04a9fd24411b405e83ac65476a9b8ab31078e51e990dfdbde22f578ddbcb8562754049468b3af5ef9188cabcbdf4936cb864f

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/bigstage
    Filesize

    1KB

    MD5

    0b4c739863270fa9e0f9cb032fba1cef

    SHA1

    f972aacb4d63c24ddf01b3bc5e31ced0a2d8fac4

    SHA256

    34d8b02fe0129529abebc9f937a144222fb0d2b8214eddb70cfbe0873fd05173

    SHA512

    a29c5b39d2899abaf920c70c6cc62e03cb73a67f1bdfe7e854de48efffb127f102c3afa64cface6176d657804f795263df7d51f3d3c6ebd999f24efe7dbe1150

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/bigstage
    Filesize

    2KB

    MD5

    99cfd07dbd0b38b4da16c2eb2dd5b92b

    SHA1

    127d1f1d8df5490bd62be77fe2a06c1188bd9cc0

    SHA256

    33bbc86993bd5b6eed4717c2e2eafc3e9428222941ba44ea554b3be4bffb94f2

    SHA512

    82b72ed662e4055dade92a41d26bdb62d8e1332e1bac28cbed3215730b006ddee85c52997c8730a1d0c733662d447fcd383f06397d35abbcaede01fcfddc57da

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/bigstage
    Filesize

    3KB

    MD5

    c5fcf5ed29d5c280dca1351212dd1f42

    SHA1

    4d81e82d24fd7a0e2172d050d94d7fc1e3b4ee44

    SHA256

    6e4c6c85bb637bc9506272effa81c53b22b0336d1423b03fed46b3f7ab706bb2

    SHA512

    c3d82d5c205a6107cc8e1470c92f9709da76e2634975ddb491e0b4c4417cf4e89850c1a3b552f3a32c4247f365cf728f7a238543a716e882f246aeba0245191f

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/bigstage
    Filesize

    6KB

    MD5

    76f748bf90ca658c943946ae7fbf8da0

    SHA1

    047bc419129343585448b4c87ccc8eba4b675938

    SHA256

    84919e3e5d9e79a7cf75c9bdd3bfd982d98ddb52debc9b4b229f894adfc60e9f

    SHA512

    85b737c294ee9c9c3cc3b462a442dd3bef0274b7173e934305a8d6220dbbae083a278ce74647388fbe447eb7072d349c069f76daaa3e46719f855ed89e3086d8

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/chengyu_1.05_cn.pdata
    Filesize

    63KB

    MD5

    3edaf94e5c5f2f7437dbbc8c383dc58d

    SHA1

    c7ff984d5a6cec207e69b1994db4fb0423f29901

    SHA256

    8c4d6cde0855a6ea805c07a8a5ebb2b2be1391cb6aace08187342d207bc5d007

    SHA512

    cd301e29318b4e9fea5543021b4b2d669a2c02296af2b1b39a03ad0c153edbfe60633aef46d78629bed9aa97877d54964ef75d0010df9c546d482666566404e5

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/chengyu_1.05_tw.pdata
    Filesize

    63KB

    MD5

    d2f85030a9f20de51ebc26d4c1417154

    SHA1

    0224dea7d5bf605e13fd4fb93cd4710d71ad3104

    SHA256

    2e0af1cb98e9561da492d577bc35297ff1a0e25a10aab96a97d1f09a8736f63f

    SHA512

    6080d145501323a0be26b925a7892bbadc9ce04d0c935f52f73c8ed7982ba1d05235f3121caefe94ee57e1579a844b61245401f561c1824ebff10ca497a3a92e

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/explain_1.05_cn.mp3
    Filesize

    336KB

    MD5

    7081bd3230a64a03cafb0571ed34fdad

    SHA1

    0fcbc6550d7beb96d80a2240f8d8b7ef78509218

    SHA256

    9d10801477417f51c20d7ef9215b25096b0328d5532f0cfc88f53d1db7f0cc33

    SHA512

    0bf10069b2ee391ea3022b202436e3491f0d8b8ef273a4a860829ab5aef961065e241368bf6673e6df9448f858e4f6edc65cbec1d19ed7b0898d717546075f9f

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/explain_1.05_tw.mp3
    Filesize

    336KB

    MD5

    e09a3ee35f4b14fda79758804b3d8a79

    SHA1

    f470f988229a4f18010088236a85d8fe386e8c49

    SHA256

    d17d90174058b651e6eceaff0b5614616d3fdb07139135f728853d7e163faa17

    SHA512

    e638414fb4c762d1e9e5655b030f1cd870d074fec1bf79ab391ae34b4ecc9b9c87e0ccb45037af45821bb35e6df8706a8d8b47ee1a4d31176d892ff365210af2

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/name.mp3
    Filesize

    32KB

    MD5

    00b62d56df77025ade2dda138071620d

    SHA1

    41f30eeb32941ab3f93bb29dbc84f17261c7d7b3

    SHA256

    46b537240e05cd871aef2988da87366f088a6258b6399006eb770ab82f030c9c

    SHA512

    3365a0c08bfb5986d2a9cd019c200c38320f2b0cc70f205620efec815a29fd89466a144942b6c5eaab2ac3ad86090218db2552794d6ab16a2a4b81fb47fda78c

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/orgin_1.05_cn.mp3
    Filesize

    3KB

    MD5

    d520b2df60ea0d01ab02076a4b3f2c31

    SHA1

    7e966aa08986ee461e622f03c1414f3ef3bc9575

    SHA256

    281fd4e1803f8f064431f5493aaf48df5f997e6462c3e033e5c1215ce2f5531f

    SHA512

    f806c915ea86372b18e612c4b36442838cc054b8626e8b281965b12436c848e96686717e6f6dad8d5e23542c3b58215adef297b51b56c1c92778d8eba1c3d709

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/orgin_1.05_cn.mp3-journal
    Filesize

    512B

    MD5

    a6a421acb80b0324fa2e7b70ce6f1686

    SHA1

    7d0e2bfcc99db17bdebadf39bf29be14ee22dcec

    SHA256

    1cccb919055854a062b3f0de9fffdd93196c6152be107605dcc72f43ed7e0fa8

    SHA512

    7c988c88f5a2183251e2de1a4c6b376034039ae42c2c1636a62d3f04f7f2b591674f71cd45baab8922f75a6991321f3584fda8133d5ba5456e102a2df0263811

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/stage.mp3
    Filesize

    3KB

    MD5

    5fb0b869b23bfcc7bf551d7b33306c6a

    SHA1

    77d68d9985b25ce4c03b48e603b06430fa3dd509

    SHA256

    b55fdbebaa43e246c529e30a56f76c103ade9bc786fceed62bdcdb1dabb4aac7

    SHA512

    def6d3ea8b1dd04cedfb4b1fbe721c8974ffbe797c92f3f2e5ed2881faaa52a7a82fd7767aa29d57eedde1e86eaf69a9094e93aeb704c7d206eff7fd1d33f8e4

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/stage.mp3-journal
    Filesize

    512B

    MD5

    b8cece9302e314bc54435570dadb558f

    SHA1

    8b00758ace4b3eff1138e8ef3da296a5096557f1

    SHA256

    40b55d978bf6f398671952e742678553ef48508018f0a0f97183d3dd71d78fe9

    SHA512

    c324e897510456adf164cbf79cd863991b4ba6e185e4dec3821c455171aa49d7272a870a69afca2bf405bf28cc67eccfb4c6479285b9f481cb3785aebe28fe9d

    Download Submit

  • /data/data/cn.nimostudio.chengyu.two.android/files/uconfig
    Filesize

    1KB

    MD5

    ebd7e5282222d489413e2c0e7a402608

    SHA1

    6af74924c0d91ce1bd54c24318462f0026b616cc

    SHA256

    43768bd9f1c6f5fef51b8072457081ebfc77a8fdae1e34e527187eb239ee65f4

    SHA512

    7fc359d84245e695380c5d6ee0f030f09922bd8eb3b60e0684285df4bb48c76806d61de6845023022fa9fde1d3ac3eaaedf71de1d3b78598f7d42f1251be242c

    Download Submit