Overview

overview

6

Static

static

6

46355ba59f...56.apk

android-9-x86

5

Analysis

  • max time kernel
    2719163s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 16:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    46355ba59fe10513f7b9f39473582e95cfcce374a11fb96b5cf298e18e07e956.apk

  • Size

    27.8MB

  • MD5

    8249a8385ebcd1cb3ce0ff6f518269e1

  • SHA1

    08d01296d889d7e2f15af643ff73462133e1898e

  • SHA256

    46355ba59fe10513f7b9f39473582e95cfcce374a11fb96b5cf298e18e07e956

  • SHA512

    757ff93af706edb147ba8820723016c628a0609dfc232b67b2d8f2cdee9740e76d1e66ce8f47ca809ac7527957b2ffa03fa53e0497062e6233779a5dc315c177

  • SSDEEP

    786432:GiK6lRhIwdg/yLM+UEmcEgMGgMqbeSx+ACre9tIyIYzpdeyKQWdyv:PRyh/CD5Lg9buAtIyIYew

Score
5/10
evasion

Malware Config

Signatures

  • Checks the presence of a debugger
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.zhihu.android
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4267
    • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
      2⤵
        PID:4491

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.zhihu.android/cache/journal.tmp
      Filesize

      36B

      MD5

      37e8e716e0e2f4a0b05cd9571d95b84d

      SHA1

      f8d068f6931707bddb8cd69f706f2224ad1fea3c

      SHA256

      7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

      SHA512

      e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

      Download Submit

    • /data/data/com.zhihu.android/databases/instabugdb
      Filesize

      20KB

      MD5

      1cb112157132a01e205dfed415fcbe9b

      SHA1

      18828b27ebda3a193bf375f7987a92ac9345df94

      SHA256

      986c046a243476a3a69fe880f704813df359e88cc9e434bc72a82c2bf1211052

      SHA512

      b2d79e250d5ed01a454343b49ee0241b0eb9065306cae152765733c40d56b4c30e4efa9582ccea6ca0143efcd142218e0a2e9524b8eafe96af120c6a865e5518

      Download Submit

    • /data/data/com.zhihu.android/databases/instabugdb-journal
      Filesize

      512B

      MD5

      a1384dacda7ae9af758a7699fdcb5b3f

      SHA1

      797ad76cfdeeae441bb4107fc52c4c78a2a7281c

      SHA256

      2e8d762f4cb5497bf4d25225e02ec436c26e41521ae11ffd04eab434888d1204

      SHA512

      67918b7ffee7ea78b2e2fdffda28a03eb56789ba1ad312eec35f3288c2b783e2edb33a5d857b5e26b225714cf480fbca65420757c675a7528200a10c1c889e3c

      Download Submit

    • /data/data/com.zhihu.android/databases/instabugdb-shm
      Filesize

      28KB

      MD5

      cf845a781c107ec1346e849c9dd1b7e8

      SHA1

      b44ccc7f7d519352422e59ee8b0bdbac881768a7

      SHA256

      18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

      SHA512

      4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

      Download Submit

    • /data/data/com.zhihu.android/databases/instabugdb-wal
      Filesize

      32KB

      MD5

      0600f83c38373cd5119308ff2eb5c35d

      SHA1

      d4f7f6382ac2f574a17c2fcfb99da4227f6849be

      SHA256

      9672210a1b939ae4618460146519c0a14d2f2d3f9c644b2e822f238fd4bfa595

      SHA512

      71f41aae859d8403a5caad13db41890324aa15be8f8f27237d8eeaa6549110a970d098113ad742d2bd4719970cdf44d35a684e13f68701daff3772d29da268fd

      Download Submit

    • /data/data/com.zhihu.android/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files/crashlytics-userlog-6589BF180304-0001-10AB-8FEE0347776E.temp
      Filesize

      121B

      MD5

      d8b6ba169b29177f586ccbb0e39a0ae6

      SHA1

      59e571d11f0ee24c235b95c914bed0676318d84a

      SHA256

      b34387e5e3529251d66c2a8ffad5aa8399643c272b52559ba98b306c450ec6a9

      SHA512

      060611c8f00845125d2423f11e30e97d19a144b9bcf707f6701a4cc7abd864d7af9d6bb928f94d08f1b52b3f4537572a2ab1934bffc9a2f22b3de874e39405c2

      Download Submit

    • /data/data/com.zhihu.android/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files/crashlytics-userlog-6589BF180304-0001-10AB-8FEE0347776E.temp.tmp
      Filesize

      16B

      MD5

      c33583fae4e0b61cde1c5b9227963237

      SHA1

      fe2ebe4d27469af1460f7e852031a04208ef629b

      SHA256

      35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

      SHA512

      fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

      Download Submit

    • /data/data/com.zhihu.android/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
      Filesize

      977B

      MD5

      6a31b7826314a67ee86ea8ef0753d8c7

      SHA1

      9f1bbe28a30d241560e80f9b614bb6f9967b5bc8

      SHA256

      4e435bfaf27e08fdcdd66fe05a40288e6e9acde476bd6271831da02348644575

      SHA512

      04f926e37e6fb915f3716e1e318869653c83ec32c1f8fbcb7b397acbaca43cc5e2f614a2ede810176faf0a9fdbe356ca7efd5ca60b59b16e9e263dcff3a4ac06

      Download Submit

    • /data/data/com.zhihu.android/files/installation
      Filesize

      446B

      MD5

      65dbda9c2f4e44b492230ac83629cf90

      SHA1

      3a1234029f9debf314afcd2a2e4f2cfc0c17becb

      SHA256

      9fe500642ef0d8be9ee29428a609effc31c83cca63d4a397f6625a9dca2bd818

      SHA512

      cee93dd6f8acdb0e70e728f354d4c666334ac3dc33d6013812bdbafc5f68c8eb0a5fa7ddecf116a90462f826f9d2c42d99c49e8fd89dc5d723e95edaa9eec820

      Download Submit

    • /data/data/com.zhihu.android/files/zhihu_analytics_realm_instance.realm
      Filesize

      24B

      MD5

      a6574431b943e0bf47642c666f3fbbe7

      SHA1

      79191cabd86accd903f27c523c95ef19933c64d1

      SHA256

      60692d3a39b5fa2c7ea60c7be7014c2069f7c0a3fedafa269addd8143ec15f6d

      SHA512

      c438e1cda3bce0de04a34e3f53f17f7cdd235e80c656c31e43a21b37e77dfd90de14c17a5c6719b84a14899ff41107a75790b35306c7ecb1674d6f60de9bbbef

      Download Submit

    • /data/data/com.zhihu.android/files/zhihu_analytics_realm_instance.realm.lock
      Filesize

      1KB

      MD5

      f7fd7c1f0c1cf29df107db9dc3550cdc

      SHA1

      ac6d5888ebfb704153b7a34078034d388dd547e5

      SHA256

      3c08f775d6acde08989dab48899955fd8699683e439a56e795e98772b1eeae47

      SHA512

      964906ba3e3e3089263faa31ef364a00f481208bea1c7243009f72c05df177ce5331f663dc218cda7376ceeed2e333fc85bcaec97e188165b791fdd564c932e5

      Download Submit

    • /data/data/com.zhihu.android/lib-main/dso_deps
      Filesize

      140B

      MD5

      e9bb8afe00eb3ad20d27cf37101fed0d

      SHA1

      d661365295a89d2dd65c4b133949461386b039ea

      SHA256

      b730c631e0e5affbd41a80a3b6f0d4e2c022d5de5eca760386050c0ab9bd5287

      SHA512

      74678a0fbf837d2cdedbbaea815529fef9823a13f52fa13a3898af39eb8b366cf203cff700debdaf09f26325c4de4add8b66447dd83847a2d8bbe1872f9a6afd

      Download Submit

    • /data/data/com.zhihu.android/lib-main/dso_manifest
      Filesize

      5B

      MD5

      c06857e9ea338f3f3a24bb78f8fbdf6f

      SHA1

      c5a0a2529d2deb60fec041b4fbd722a2ebe31702

      SHA256

      957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

      SHA512

      29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

      Download Submit

    • /data/data/com.zhihu.android/lib-main/dso_state
      Filesize

      1B

      MD5

      93b885adfe0da089cdf634904fd59f71

      SHA1

      5ba93c9db0cff93f52b521d7420e43f6eda2784f

      SHA256

      6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

      SHA512

      b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

      Download Submit

    • /data/data/com.zhihu.android/lib-main/dso_state
      Filesize

      1B

      MD5

      55a54008ad1ba589aa210d2629c1df41

      SHA1

      bf8b4530d8d246dd74ac53a13471bba17941dff7

      SHA256

      4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

      SHA512

      7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

      Download Submit

    • /storage/emulated/0/.DataStorage/ContextData.xml
      Filesize

      111B

      MD5

      9356f97bd317dfa54bed9062eb25ae7b

      SHA1

      bdf02ebf0ff4645c72209b0e6d164af6ae0e7deb

      SHA256

      eec4e3c72b9886dde59412f4f413dc2e61188465df6af70a28bb6cb135cf77b8

      SHA512

      dd606c6bfd15cfa7901c29f14cd99e56c0674f36fd130bab1278cea41f5f104e3fc01c38fabf013957a675e1c4bc4b72c389474ba12d9e221a626786f954aabd

      Download Submit

    • /storage/emulated/0/.DataStorage/ContextData.xml
      Filesize

      213B

      MD5

      833817695a8c821de35e769d13a5150f

      SHA1

      fc8661e97d7d615dacc36608cb0614e953782a5e

      SHA256

      1ac469860739b6d4b855247b190e21eab438a1a3e88bc41dcd8266643db88256

      SHA512

      3b3c0a16e9d437cb25ee57abb0a6f8720e9a3161d683b8ab95af992063e9c971e6870baa02594cf4218a35b34e90995b4c3b0b1e38440d29424c5c6a6301921b

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      111B

      MD5

      4fd3bb5f4c4b67df81255080aee41ed2

      SHA1

      5dfcfbad209583c689097e4a0ee292e9b23024e6

      SHA256

      5a55f8c8edfa747978830b4c2a703c2df7905f899d2202ffa06d53c72806c2ef

      SHA512

      b37c164e57df349429ff0071d8756a07127b001240b738f918fc4ff3fecd2335ae4a26b0fc1afd86921e6452691ee3eb78bac65551f45e52752f92665f677796

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      167B

      MD5

      a854ba8dd7ce4be33975002f5935c7da

      SHA1

      008392dff2367437e9c60c3c0dcde6e7007a5aeb

      SHA256

      b7b33db822a0e5845ba5f9d46774acccec509b391d1accb67140c519af54e7cb

      SHA512

      95820fc4a9b39912f9bac4ddc7e07bcf158b002c026ac339de6c1b732740c204ad1e0dbd4359133941e08e60f75f93ce278ecde8364428ee1b23805f3ec58eb2

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      65B

      MD5

      9781ca003f10f8d0c9c1945b63fdca7f

      SHA1

      4156cf5dc8d71dbab734d25e5e1598b37a5456f4

      SHA256

      3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

      SHA512

      25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

      Download Submit

    • /storage/emulated/0/zhihu/cloud752555548.ini
      Filesize

      38B

      MD5

      e04ef74d4359816f9446feed39f1d63c

      SHA1

      cf881cd128b309e85cb4835cff4489bb39bc42fe

      SHA256

      8e50833be9d0ac2510a13fabf9564c0908ed9231e7d4142080278d8c8b842d7c

      SHA512

      2c30bae73c9cb4571b03e6f1a53d1c77d0a25a4a83189720fd3782c76defdc15f74f625e97165324e203500bb4283cdfb746e6713bb84e3596246d9c6856ccee

      Download Submit