4eb023aac4be3fcba31f29021ebe03751ee9ed9d11583bb27160cfa5862bf503

Analysis

max time kernel
2568912s
max time network
161s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 16:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4eb023aac4be3fcba31f29021ebe03751ee9ed9d11583bb27160cfa5862bf503.apk
Size

24.2MB
MD5

4c094c555f4605f69d4963da75609e54
SHA1

dcd0ce0dc6421ab9198de283f92fabc142ff906c
SHA256

4eb023aac4be3fcba31f29021ebe03751ee9ed9d11583bb27160cfa5862bf503
SHA512

1acfa9ba30c875efe4210e868d48194d3f3665ed8021871d8e6e87032edbf988f91cdbc1c51d4c20493adaaa992f2614fc9c2ea38a758e5d05c6c51978e4b910
SSDEEP

393216:Ru306n6HYfFq2k4DoJ3b/HEjhDiu6KY1EWubNFZZPSEy0a7T/O0ifyw9ecuQR55r:80mC4gba1iu6KVFzlq/ODywR35m7O

Score

8^/10

banker

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.pplive.androidphone.sport

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.pplive.androidphone.sport
Framework API call	javax.crypto.Cipher.doFinal	com.pplive.androidphone.sport:pushservice

com.pplive.androidphone.sport
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4257
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4283

com.pplive.androidphone.sport:pushservice
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4507

com.pplive.androidphone.sport:channel
1⤵
PID:4803

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.pplive.androidphone.sport/databases/MessageStore.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.pplive.androidphone.sport/databases/MessageStore.db-journal

Filesize
512B

MD5
7320f7a36d0d5f29ae6534c96297d404

SHA1
06355fb75b7d51ba1d7ca201038ee09c16529ae5

SHA256
59027a0b38866a903aff8451252548227a419c2d345a66a18c139b7d46edacbd

SHA512
6a8fe118f56685da347cdff602782027122379c3352b00be7d7621617bcfc5c501679da77ce46561d118f2a49a0ad1bb49e02ecfee2645b2a4155f648ec01fc8

Download Submit
/data/data/com.pplive.androidphone.sport/databases/MessageStore.db-wal

Filesize
48KB

MD5
fce02fb9e163f79722a2a090d22bc8f2

SHA1
557bed9ed6e122342d1f040f5737a1367141ff85

SHA256
65845b7df95025c28a994bf8993b2d3487570fa2dc7ba9fb760b8f2814bfc14e

SHA512
381e1451f259d6418dd3a7bc66997ce607c18e737e1eb804a4c74d563521ea2de58f26f53825935f4c447e8323c9c8fc5f948600efe96cf14e14155c99dc2b92

Download Submit
/data/data/com.pplive.androidphone.sport/databases/MsgLogStore.db-journal

Filesize
512B

MD5
5aa327c36b0bf017914caeb0d5dd5c4f

SHA1
2f887981bf3c1f286c68ced2e1890033cb386866

SHA256
4c601673d87bb22383773cca38312d83e0c170d3396241be6d7b731c752c5490

SHA512
e488bc77a3272ecda26729f0dcdcf7ad377e28276f7fbafd8bfcd35564785859d74c2e8659f3155d1f731fe6bf216deaa7be21fd9c57d087e8f0fcbae3f15668

Download Submit
/data/data/com.pplive.androidphone.sport/databases/MsgLogStore.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.pplive.androidphone.sport/databases/MsgLogStore.db-wal

Filesize
68KB

MD5
441b2f326542059ca9f5d299bcf5acfb

SHA1
18512aa414e95623d37b27a5a0cd3ce3b39a4c69

SHA256
c9b5746aa4bfa59a50cd451710925f1fe250c91f5e515721dcddcced3c206980

SHA512
ad6dafbdaf73d27a46e05da57b003b3153c8c9107ec4aef4cd0917ab97f5fa8893ea7304d08772226bf6f87018ad1e77be1eb8524890f456383f306ea3aeb1cc

Download Submit
/data/data/com.pplive.androidphone.sport/databases/accs.db-journal

Filesize
512B

MD5
850c3afd967daf8216439d7b0d0400dc

SHA1
a788cc2360f5ca2306ac932907414384df2d7c30

SHA256
e4c6df185d062aed1584097c548e53580799f195124d84dea04fc84533946ceb

SHA512
503bb1593675039a8618142b9cde1e94fc8bb44120898988671bc632e8276649194a9109ea5a8a934b0769bbd64ead919d83d808442756cbd45a941d09cc521f

Download Submit
/data/data/com.pplive.androidphone.sport/databases/accs.db-wal

Filesize
32KB

MD5
6d9fade9c83a1b39341bc4515aa75fa5

SHA1
8893e25f3f49aa1737ab1965b1f728f76053de81

SHA256
093fb196167640ba8466104e07c30b54eb517fac86d22bb968526d7ddd838c1e

SHA512
892ade78a4f3aae39933834c91fb9e7fb9743bf210bfeec3747cbd819eff361e92fc7281c5a940ed703b53a5bf09164940ff8a0d50ad0576b58eb5169fc55871

Download Submit
/data/data/com.pplive.androidphone.sport/databases/message_accs_db-journal

Filesize
512B

MD5
5a2cbb8879968a975d7e17b13997e5f8

SHA1
ae5258a5fde2c735e5c4e12b68a4431582fce64c

SHA256
2eb995c519fa0a178dc40dc0d46343a5bf5ebcb0f7312bf319c832b553d1f4fd

SHA512
d2ac2f58e4af3d08bff83eea05fdbaf7addce2e66acf2b29cde28aaab92a7c039e1367b6aa960f62276ee8d7f0fde75656d67ea21169fba0c4e35e210f3bbdc8

Download Submit
/data/data/com.pplive.androidphone.sport/databases/message_accs_db-wal

Filesize
48KB

MD5
daf89a4a0815c22a3729fa0369820c07

SHA1
34632265e75e1cc37517668a0a7f2e0803643877

SHA256
12255d8766ab074db19e2ed84e7dcd66b517c95d4f2b45eacc3cff60027b0564

SHA512
2831a1bb7d8f06bf79b87a83d8ba0f3974a7dc8158547ea80edfa5c237833ab43447d4ca8bca457ba6e6a85f3eeaece499be95bc6bff6c19d49c34e0c7fbc902

Download Submit
/data/data/com.pplive.androidphone.sport/databases/pushsdk.db-journal

Filesize
48KB

MD5
0169d93414f8d1c037f22a25dea4ca1c

SHA1
fb0810b908f1a8cc95831a5bb51a54e0dddf9eb4

SHA256
ee6d40969e42a1ba76490f316401d280d7cff33f5c0c752999970e1e60cf2d56

SHA512
a394493b45bae429a6a9d4b8b469bacb75e65fc0a967e3a83254e1e98ac562480c9027030a38a553aa110c7c9babda200388baea7a1b7994f92a20fe7cd9ea9b

Download Submit
/data/data/com.pplive.androidphone.sport/databases/pushsdk.db-shm

Filesize
28KB

MD5
670d8bc46551c40a1fb9ff8ec4b72092

SHA1
82253b089122b4d8c7ae61dbbeabd9d037ddd49c

SHA256
ca2684e4da544d08c906c70f147d8dbc91da3a7972d255e6a00e1c99419f78e2

SHA512
4977d35230c533e26162cb0e4da38345a23a87ff41510685e755a52152fc78d0b027e8e8942fe10ae28fe332b16bb9a7ba0c0644ec0efd635d579515c3d5df67

Download Submit
/data/data/com.pplive.androidphone.sport/databases/pushsdk.db-wal

Filesize
76KB

MD5
aa54e9fec2f101e5d86127c9820ecfd4

SHA1
718725c7c38f184d731efe607394d20b9feb5fdf

SHA256
a0ed353ff91692ea0a932548c1c4064365207f50ae6f97b542430708c01a8f00

SHA512
4b86aeaf77d127a6a30e7374ac74b125176a2b351909be50f62abc4a77a7049b6e37ec244d23f04a1f49ab9d4a7562bf8e243c40bce40dc58957af4ac11ac9e4

Download Submit
/data/data/com.pplive.androidphone.sport/databases/statistic_cloudytrace.db-journal

Filesize
512B

MD5
4a4471d35f9bb0cc668c7d2b2b1cda09

SHA1
cbe68d9faa278571d6954b19e1afb40e845bd32a

SHA256
d011784b48b669120ed33b515afe863c5cf9c0fb0bd50ae047eca7e3aa125b91

SHA512
dfb483f74c60d26fdb827e7fddbf7a5aeac86d8b125b7b3725d166044193ca9e2e5a93b8312247b8420b054c6ead677dd58a92e07ba9a36751991b350fb58412

Download Submit
/data/data/com.pplive.androidphone.sport/databases/statistic_cloudytrace.db-wal

Filesize
108KB

MD5
43d0a292d6590a1ac07097ee5194173c

SHA1
9fae738d50eb6406df4ca4c0737cb76131e53b14

SHA256
69a5cbda27790ea84bcef418534903026964cbed529d3b120e43ee62c14aef4e

SHA512
1cd40d56f6e07429086735fe692a79ff13b7f438e0b6e66575816fc14b1b8a842bb0550c023339867c63288e88316596cd2b16faa490bedeeca1f2900c336964

Download Submit
/data/data/com.pplive.androidphone.sport/files/agoo.pid

Filesize
4KB

MD5
c17f2ccbf68700bd1b0047bd571a1ff3

SHA1
1b0c4cb4db0cf229718fad805dac95c73b8a1b3b

SHA256
96d55461642e83b65fc72c129f8f39170729ddcc63d863fe6f2c4acd47964f4b

SHA512
838405d92574f1c0d5cac85215d29245369c6b856559366f45ca55153558b8274467389a5088e4ce81bd3dd540222c580e041793b75109d91531bb4deb8a866a

Download Submit
/data/data/com.pplive.androidphone.sport/files/init_c1.pid

Filesize
4KB

MD5
8d3cd8c2c240d222c7f72c85b593722c

SHA1
b66ec945a837fa31bcc3e4db61f3a460a98930d8

SHA256
643c582dda6bcbccca4cd3b2ab1682f3671bd3c9c06e241c0c4d0edb5a5832c2

SHA512
10c26788c554b9b7edf64a0f9f60e4ed56bfa8ea5d2fcda90ab87d85041c7dce502fdaf12a3ae224cfec6ee995c689ecbfde92e386c11667ec97279629c3f96d

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
32KB

MD5
40688089efb848ac26ef85bca3e4def8

SHA1
9fc8b92c66d81b32cfac2e33d6b364ba91f4cf1c

SHA256
954857af738edf55779dd3211e03f431f956de61e583a0b855a9a4ec2e009fe7

SHA512
788d1368769f2ec59e6d55cb1e737ce7a9ee092a2b217fc6c93ac51938a9bf0f191d39679e5387cabcd8d994a896b8db144e5894719ab8ab32b5f4bedf9e2e4b

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
68KB

MD5
2f344c96872d7654b28c0889513d3817

SHA1
5d16c95e569eb3c712b6a53d721ecbb9c5c6cde0

SHA256
31b18d53fa81acb686c0f071f03e12ddfc052430ea600586afdb569d72d8842d

SHA512
64a7a313392bec9d69fdfe414587b69847e50fba3d00e10495400eba3e7af756decc42635bd9cb237e98ce642cd410b20ea20fc4778e5c4e359bdd4ae55cabe4

Download Submit
/storage/emulated/0/Android/data/com.pplive.androidphone.sport/cache/ppbox.log

Filesize
1KB

MD5
cf0ea65c56d919098180da8a64d17a6f

SHA1
b7cac36b0b3cd1f1743a7e262d293e1e837709df

SHA256
c6d1c95c3a34b33a6a2ef4e8251eff5c56f29c1da6881b90bcd617bfef933777

SHA512
e40c1522b3729aaf73ecd1f5392e68d20be06dc8e699e1d1f0859784027f666ba8465411c078260e29aafec01819a8ecaa40f140366f99806fe628a54425e9eb

Download Submit
/storage/emulated/0/Android/data/com.pplive.androidphone.sport/cache/response/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/storage/emulated/0/Android/data/com.pplive.androidphone.sport/cache/streamingsdk.log

Filesize
668B

MD5
fa079ab27a879cd994b47b0db0c08664

SHA1
5386e44900d48bd7f44b9acc8e10448a34969d8f

SHA256
db1673794c39c3c86f1710d87562c124a5389ff8b166315afe7e200eb30615b5

SHA512
e42580bbb253d8dddc373f01fc5220012e662b3ea8e3dac92f01e085c813a71c6282b8e70c203ec6c064b44c970b8ff6e453c006562d2ac05610439c63113446

Download Submit
/storage/emulated/0/Android/data/com.pplive.androidphone.sport/cache/streamingsdk_jni.log

Filesize
328B

MD5
86256bbaf351fabe7c0082862cc0d242

SHA1
0689eef97022eceb095c2a45fa9b9118c1b184b7

SHA256
ff199bc74b6256689a39a66c516864d12b96225933073c8855fdf7e02cdf66a9

SHA512
b6f3d34a195b038e84f799ed267204dcb4d898c74f0178f831e3332863375cd4f727cdf59f0d2d796242ea3589cbe51ffedc6c7b7149d3b4014bb131e469c160

Download Submit
/storage/emulated/0/Android/data/com.pplive.androidphone.sport/files/tnetlogs/service_20231223.log

Filesize
543B

MD5
fddcaae9f804dd84e482dc99ec2fba65

SHA1
5b86c1fe7de5dcc15b91ef2d977b43d3c21d91fd

SHA256
64122f62d2c128d6a5d5129cb0aeb53b14daf55e0e6d6b636d4773f70e52101f

SHA512
c0783a6726e96d4b2e1a5b6d874b31531175c3b367293d2bfaf4ce44ca5b7ec1fd33932ab54af9c2454fd765a2a5058d3b8cc8c1ecd7685a72003ca02076f342

Download Submit
/storage/emulated/0/libs/com.pplive.androidphone.sport.bin

Filesize
80B

MD5
8a140afd12afefbce9b2989360b26e43

SHA1
fc1b560c7b320f56b3ff64d7bfade98ee130978f

SHA256
dac334a55215881f1892b00ae9961b7801af7fa80c90b013af8edabf321721d9

SHA512
47cc487cfa6b20580a26f7c6bc574318e5ca056ea500cae3364babba438bce667fa48e5c602b7e9e3d19c2b7c5a4a359304ec3e176e3fcc0d3e623905bcc2343

Download Submit