Overview

overview

8

Static

static

6

462604d1a1...9e.apk

android-9-x86

7

462604d1a1...9e.apk

android-10-x64

8

Analysis

  • max time kernel
    2718656s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 16:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    462604d1a1758a31fca11665d4e5570305400bef432e01516c47ced8753c8c9e.apk

  • Size

    28.3MB

  • MD5

    2baae2962e8283316df6c96099bb2595

  • SHA1

    527273e8a9ec58ed4f16e86a0af6ae7c08e3a190

  • SHA256

    462604d1a1758a31fca11665d4e5570305400bef432e01516c47ced8753c8c9e

  • SHA512

    6dc35793ff29e6dda27424966292f01a1aed845de3132d20362a4b15085c795d041a05961b8fa9a5d94aa4cbce3e050efe86cb9cdd42ae3ec2a9066978697752

  • SSDEEP

    786432:+8i3tXCM4BwIzD4usIBDl+PTTUcfIp5TPRSWAwp35Gr:ri3tXCMMw44u9BD0TdfaRRgwp54

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 7 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.example.cifnews
    1⤵
    • Loads dropped Dex/Jar
    PID:4258
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.example.cifnews/.jiagu/tmp.dex --output-vdex-fd=43 --oat-fd=44 --oat-location=/data/data/com.example.cifnews/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4292

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.example.cifnews/.jiagu/classes.dex
    Filesize

    6.0MB

    MD5

    b53495dbc3cde4d092774acaf5864efa

    SHA1

    f22bd8fa0a5b7f07f683d69e66d2c08bacdba33f

    SHA256

    149313e1fdb0022a0946d3e3d1d67a8574ef27c37bc22f724775c06d66e50466

    SHA512

    75d8025dfce9cb70feb9df5d54b7116794461ecde230da3bad501cc8356b5a0ed7c6eab6e31b689d1f48201b1416a01bebd8880ac73afe144740fecc86d48395

    Download Submit

  • /data/data/com.example.cifnews/.jiagu/classes.dex!classes2.dex
    Filesize

    3.2MB

    MD5

    6c40a5f27f246a3aba2d1f3b9a92cce3

    SHA1

    e5563c09405ca9f20b0f639f1de8da6c49a0e3ea

    SHA256

    64b023d0dabb7cfe85d62e9b324fb86ebe9a96854558c06e3bbd7567d5ff1648

    SHA512

    d0290d0d9656831679a28aacd3659c1a94d259c7a1c33f81a105b5ddfd8d16e6af8ce763318394a4309882e14fbec7d89222370ee31ce8f35f3d769780a57d89

    Download Submit

  • /data/data/com.example.cifnews/.jiagu/classes.dex!classes3.dex
    Filesize

    6.4MB

    MD5

    999fedd3f38b4d0a11b38784e0754375

    SHA1

    599dc7500b9b041021eb8b6c85efda7efdf9b303

    SHA256

    3ad425e4632c4776e32d0b9f25f14f8b3f2947c62e071f8ceab7fdecd08a79d9

    SHA512

    c73b4bc56b27cf414bd197404c0d6e3fb6600cd63463c4f1da6aaa4b44b8ea0abf901a0fdd6f280a0f9f5a37b5d578c27622c61727265ff0f2c9ea804de59f0f

    Download Submit

  • /data/data/com.example.cifnews/.jiagu/classes.dex!classes4.dex
    Filesize

    3.4MB

    MD5

    1b50fb48fadaced2b17d9d16f068c827

    SHA1

    e469d5dff751986a2207a9af0bc154b7c1ab67a9

    SHA256

    73dd746fb78b169e2b40327719bb63bb58778893bd20108a977933c111fb42aa

    SHA512

    f19cc3e4dfa6340c0a9238c1f60e935dc93d5e1d7de7592ac09cb9f6d3e1beef71d80d8df84fceacf02f072e37d8560576437ec5f90cd7aa2503aac447f35b48

    Download Submit

  • /data/data/com.example.cifnews/.jiagu/libjiagu.so
    Filesize

    491KB

    MD5

    940317093cc329d45cf45ea8713b1c1f

    SHA1

    3f9ff8cef8e41d03ea714b8d5f030ad1fcaec0be

    SHA256

    57f0ffa7062aaa03074648a0c9df78ed9d3f78c2f07fb846b11bb1b667e246bc

    SHA512

    3f40076d241bc3a2b83e56d01e826b8cb7d310a67128ac8b1165bdb93dd917c6a7219c1e65dbd8a40432fb38331828c7171e266e8474dfc69db2675e29e2723f

    Download Submit

  • /data/data/com.example.cifnews/.jiagu/tmp.dex
    Filesize

    284B

    MD5

    f1771b68f5f9b168b79ff59ae2daabe4

    SHA1

    0df6a835559f5c99670214a12700e7d8c28e5a42

    SHA256

    9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

    SHA512

    dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

    Download Submit

  • /storage/emulated/0/Android/data/com.example.cifnews/files/tbslog/tbslog.txt
    Filesize

    3KB

    MD5

    4125b907d2eb77e27142431fb6f9824c

    SHA1

    464bfc090bb091e8ddc31d1c4cd1a8eea53162e8

    SHA256

    8357c9fdfa8cc0240c728ffc9f6de92ac6132dfc4de83a7d181e725b1171aef9

    SHA512

    d9cd305d0e3b816e712519a07762f3c82fef7e79f990820e16c8d6aa03eec30d37205e32c3bc066936830519bf1954ea7f6338a5f733a65bd260a9b165682bba

    Download Submit