Overview

overview

7

Static

static

6

49da71be8d...ba.apk

android-9-x86

7

49da71be8d...ba.apk

android-10-x64

7

Analysis

  • max time kernel
    2545353s
  • max time network
    150s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    23/12/2023, 16:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    49da71be8dd4a3cd3e3c9bf7bb06bcee94eb408e7ac88e386969ffb2b824b0ba.apk

  • Size

    16.7MB

  • MD5

    fa01f5a83797076ecd87d6e8c92278e1

  • SHA1

    5027c506a3afcbd4ca7d54252a36e0c5c7a3ae76

  • SHA256

    49da71be8dd4a3cd3e3c9bf7bb06bcee94eb408e7ac88e386969ffb2b824b0ba

  • SHA512

    a7c2d31dd4d1aad25f92b114b19737d44be4bcf6c11dd117997a44b5f070699fd306af8f8eaafb781e1c817952f267470faa512a235eac9778d70a8917841911

  • SSDEEP

    393216:UQmGHQ+ibVd+e37HFzHZnU+51cmE9dl2aG4a8Umr447AVm:UKHjipBpZn751cnPG4DHH

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.xiangzhan.rhsr
    1⤵
    • Loads dropped Dex/Jar
    PID:4962

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.xiangzhan.rhsr/.jiagu/classes.dex
    Filesize

    4.7MB

    MD5

    d07845fcf2a425e6c54a4f07a43cda40

    SHA1

    1ccd358a6535d6f27a9c78b4b724cd8e8501a719

    SHA256

    9dce4ad286266492b4540c51a5f089c1e3257296eaaffbba701077879362eec0

    SHA512

    903d763550f06ece419f3ffbe36d98d06504b79b76c38579313485b99a1dda88e5917f13919fc3da3c9ac971a9e0bf9c0327ec638ef32544769e1ce451e6554a

    Download Submit

  • /data/data/com.xiangzhan.rhsr/.jiagu/libjiagu.so
    Filesize

    446KB

    MD5

    8f55d5deb281d8aa1a0b9f72f7185e58

    SHA1

    5ce262af6a74a11931bf4b1e92a59b9acab27f37

    SHA256

    b57aa883bd4a8241fe2ebbeec0988614da1ad453f5784f3439335a6f800c7944

    SHA512

    4d74f007dc4a19ac3a8ae3434f06d2509397301c0a9b0288475280801c8907ce48248459436416fb14fc5a3a6ce790d680b6b9c95d35afc49c2f0639199b56f6

    Download Submit

  • /data/data/com.xiangzhan.rhsr/.jiagu/libjiagu_64.so
    Filesize

    421KB

    MD5

    2ce1a111996a46697d6148e64e73e3b1

    SHA1

    cc2d78819eefb0d81a5f1832570a238dba0d4c9e

    SHA256

    9fd458c7d7cdfd8bca36141ccdf7d2be1aae2d6a9e74bf978e90f7235efe6100

    SHA512

    b674bff3aa4d42a2ff4c59d6fab7bffff8d121fb13a1aec30d087fa5d3791de16df7d54e698574a6a462266ad77126a9ecf9648d4c76463f548248e26581d6b9

    Download Submit

  • /data/data/com.xiangzhan.rhsr/files/.jglogs/.jg.di
    Filesize

    348B

    MD5

    e21db82223dd72d61f3ba48d6f14daf9

    SHA1

    09189fc851c3bc7e4ae40269af17e8c175571b45

    SHA256

    be81b6583719e61320678f837caf53b01951efcc835b26092ebeb66861bba489

    SHA512

    53db9961e2c793f0a284f2f44294fda20e7ff5cf5582df737b82d705d1fed48b6eeb7b42b1c9e4c49b1a4fc6f3e991346d07afa13be04a06cd654c6cb918bdc7

    Download Submit

  • /data/data/com.xiangzhan.rhsr/files/.jglogs/.jg.ri
    Filesize

    314B

    MD5

    9b46c97d46a8f8765234e5ea1bbe9bf5

    SHA1

    1cc57062af9cfd94c261e38ec746536635532864

    SHA256

    11b0c4af250d543f61ac43a8f0e675d07bc21d611966beaae8406c8d7376a006

    SHA512

    e18a380f55c15ebe7f3fb54a846a83d767d6dfe292a4aa6ad48673d96d7c826b9fcc285ee8e9ee2a2b3d21a5eeca9d5c9fdbb545be55d8cd62c4960d345b33f9

    Download Submit

  • /data/data/com.xiangzhan.rhsr/files/.jiagu.lock
    Filesize

    27B

    MD5

    550a6f7f926bab86c79f3c115df7533b

    SHA1

    efeed2e704d50247030361d6553667de24975c38

    SHA256

    2157842080edad4a847391e54c357edf0c41b7930f73b0a4589501174c3f513d

    SHA512

    6bcdb20c37e88a0c8e36b7b93e40ab50513cd807d1d64503387a314a7ed266a8dfbdb15147b23f46a5be472bdaf40c8a87f4655baa2e6ced6105b1d18bfab88d

    Download Submit

  • /data/user/0/com.xiangzhan.rhsr/[email protected]
    Filesize

    6.1MB

    MD5

    34e622a395658f38a145b81bf08501e2

    SHA1

    ced302ad24d7b8a79aac716d476bfc954771eb0d

    SHA256

    edad2a905b5d23934926a4dbd3f4d6d0a52818a8375ba94685d98e9957048869

    SHA512

    2f2f3a6a0c94f502e1665b949fc1907b37ef7bc767361e85c4262416a584b9ca70f8c17f7dc2ee0e9605b08b2dc148cbd9413fe992b74cc84905c26c8a26784d

    Download Submit

  • /data/user/0/com.xiangzhan.rhsr/[email protected]!classes2.dex
    Filesize

    4.1MB

    MD5

    6d8321b84cc542128e37305d024d9adb

    SHA1

    f687e2ff68a17b9f8488d35e6f726eab33a7165a

    SHA256

    aa120511c1d3a47ec051b48780dab4c610af4e9ae81654db1d1e323f7156be3c

    SHA512

    bb25e2f3ce48bf08006db50c490b0a0d76f693b5c42e4e58ab54168129370ad6e8adad5c5264353d77a5f1ec2563f1c04851736bc520d70a7b11b1ae531b1d92

    Download Submit

  • /storage/emulated/0/360/.deviceId
    Filesize

    48B

    MD5

    4c4c5285293d5141f582aefa4e038669

    SHA1

    e01852a72e5a8e6f7d63a21426b515118196047b

    SHA256

    36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

    SHA512

    097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

    Download Submit

  • /storage/emulated/0/360/.iddata
    Filesize

    32B

    MD5

    702923babb437fe852c6798bc0475960

    SHA1

    e0ed3b0bcfff8afe4624f26eed1818e47627c03c

    SHA256

    b822d47d33489b0a7fa807341842c135e68850ec0f7d649d66a2182a331ea1e1

    SHA512

    748973d81a3bffe9ce709b32ce5a7bd067c27ce9d8c41ac2a959088af2f75bbcb15e86192c42d9648e2f084e64adeb6a8b3739e86c3a1f9054a5fad44e653f92

    Download Submit