Overview

overview

8

Static

static

6

5904571da2...28.apk

android-9-x86

8

5904571da2...28.apk

android-10-x64

8

5904571da2...28.apk

android-11-x64

8

__xadsdk__...__.apk

android-9-x86

__xadsdk__...__.apk

android-10-x64

__xadsdk__...__.apk

android-11-x64

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Analysis

  • max time kernel
    2563833s
  • max time network
    166s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    23-12-2023 17:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5904571da29cf67ae748693aeb467d169aadd565edd45f3c6933764251e62428.apk

  • Size

    15.1MB

  • MD5

    68f0006a9ea0abf4cd738ace2ece7d46

  • SHA1

    9a35be7547a56d8680abb4c8f631d947f033824d

  • SHA256

    5904571da29cf67ae748693aeb467d169aadd565edd45f3c6933764251e62428

  • SHA512

    3b83d770b4e65e8642751bafb526db232a153ca8a20902ca33751ffd0ae9317e8e9725aa0b4271c3cf7235fd3fb6df86f1ed80221f122b193f780dd54a6cff87

  • SSDEEP

    393216:RVCus1MKnmk6N4QXwU3HuHeoKxjo9AVBNd/XG/P:WMKz6hXFObyBNs3

Score
8/10

Malware Config

Signatures

  • Requests cell location 2 IoCs

    Uses Android APIs to to get current cell location.

  • Queries the unique device ID (IMEI, MEID, IMSI)
  • Reads information about phone network operator.

Processes

  • com.utooo.android.knife.free
    1⤵
    • Requests cell location
    PID:4470
  • com.utooo.android.knife.free:UpdateDownloadService
    1⤵
    • Requests cell location
    PID:4532

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.utooo.android.knife.free/databases/feedback.db
    Filesize

    12KB

    MD5

    f41f531c07d4141546a531ff9caffdcd

    SHA1

    9dcac5aed06972d0ff6bd4cc1f1cdff85b36d3f5

    SHA256

    bb8dee5b5c3779f175abbd142722eb0022b98d374783aa80145b34614a4de646

    SHA512

    e0c8d1a820cb4c098e45776e8b50ea8c83944ef2e3f005cb0acbfc07688974d370f78100ae022f62564fc4c12acfdc43b710c18ca1c30f4f575bc08b9b12d2d4

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/feedback.db-journal
    Filesize

    512B

    MD5

    3fd1b7a7d325705e4e60f01c37f7e3e8

    SHA1

    66363bc44ee9ab9cff44ecfdf99db3ca4a3b119e

    SHA256

    9c83b30bf1629576021e94e25e1e7865f75770d2ef446549285bfd4226f2ee11

    SHA512

    0159111832d2be0c95429e601569223a687602b08ff34707027fbc93652b76fee5f920cf3517b39a3df4d127131f6c6da2c7794fa7cf86a29d32dff98760e399

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/feedback.db-journal
    Filesize

    8KB

    MD5

    be332ed62b3ba54814396393a3684748

    SHA1

    22e8f9bee066c9e45cda175944d156b4986fc6fa

    SHA256

    34a72322977ce1ee89888d3578378e89f7ad86da0f5fd431e91d986f2f7e7288

    SHA512

    21fd8b2c219be2283a877ad8dd82275ddb63e8829362451c7ac2dd2ae3fc6da1bfcdb7a951d98d376ccaf813d4d43ddb8f2d777a606a3e7d3e2363586f3cf312

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/feedback.db-journal
    Filesize

    8KB

    MD5

    c217159ca1a7ab23f4d7807235ea25d9

    SHA1

    b25cceb8b90df6766dcf2a143845a3e50f3f72f0

    SHA256

    9f47c47568424a68c05e02af0eab6eda7696a2501ca82a97e5284d4ab57da493

    SHA512

    46fe773a9825c70915b14892c56ebb4579a074ae677b534301ba13c9375153ca8fe4d62b2451573d4a9038656f0d1d65ec46100df5d8adc790f0043b0cf89a65

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/uuflow.db
    Filesize

    24KB

    MD5

    050b4ab02307fe295a93f1a6d4bf6a7f

    SHA1

    041f83548bab2578320bd495b1380b7db9524af9

    SHA256

    cc285b55be4f3a89907285df85455b54ccee6f0684ed38ab2347bcf3c91715d8

    SHA512

    361ccefc352a69a2e50e97e30559fdc7ff96b0c14fbfa7e3a576b76294d97b09ad11b18a4d1881f5e9ce8c6d41de58505448cfaf203d313359db5787cb601d7a

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/uuflow.db-journal
    Filesize

    8KB

    MD5

    35ddbd620d202ca39135d43d3dcd0564

    SHA1

    f48d10443b264ff96350c528d120fe016807df25

    SHA256

    d41b5e72c0c14cd3c176abce9b11a6932a39707cdd483cea54aac6fc5432f201

    SHA512

    c7c796fb81adebb2a9b3783547e31d06af9ee16a7e9c05ea546f897972e7962e367b30c2d4f260737bf344cc5dfee4dc3ace6255e9a188b9c819585b72f8a93d

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/uuflow.db-journal
    Filesize

    12KB

    MD5

    dff8ad6c74be1db60e1403956adb7d9c

    SHA1

    c667e8dfc21238beadd68ffd607d3cb951c2ab93

    SHA256

    59957d2e41813e64f35c9cb72760c123b11b989a6d2fd38f045e563635bc349e

    SHA512

    8e347b241b7a1fc18f13e095b869c30d7b7e75b049b9ca75965aeb6ad32d415069bc1e7a58b36d625604c6babaaf4fdb79fe495605facb226ef21e76edc5cb6f

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/uuflow.db-journal
    Filesize

    8KB

    MD5

    f2415d3389cc545b6d9dd0a0a46bb152

    SHA1

    7efa3604038ee617b4b6bdb388735154a92141e9

    SHA256

    481dc3f73e7d2bab490de43145c60f968f28eec147592012f9bd4edc48696d07

    SHA512

    80dcf0e1ebac1488882b72f63db55bc84d4ffbd10470542bfe14b5149454ff61de5f38f4c8f8f3f1578fd435324beb9d8a8fa12d5f102a0109b3b03d51eb2363

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/uuflow.db-journal
    Filesize

    12KB

    MD5

    fa59b3a2bef470f13196000879be735b

    SHA1

    145db1303d1c8a7d939b4cc1c08048ddea7d19b0

    SHA256

    de1e0b73d3be5fd6a7ef74cd8ef4f875755e86020693de6c97a141ce80b29156

    SHA512

    9636c6f90b953f259a2be4b284d0fb91ac85071ce37a99a84a9f990094e5fb1ec5a42d3e168723c90999f15e19a6ff6af0a21c343380e8dc5f6058b8c78f40db

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/uuflow.db-journal
    Filesize

    512B

    MD5

    0563345ac4812ab1f6ae1541d40161da

    SHA1

    c7faa4479b34213ca39ee90aab1cf29885a9fff9

    SHA256

    c32cb0e8d960de7f6cbd5cd5a860f74653727fb99de9d714dc70cf2430f39aac

    SHA512

    bd5353eedb375e255d285d616b525105d18b0480e02c067704bef4267a3e4a29a6c75eb3923a765c647c9cb91154b77b5b174f1da37b0f3b78bea3ac03edc2a9

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/uuflow.db-journal
    Filesize

    8KB

    MD5

    a11d2e0101663393f367031abf504774

    SHA1

    9cd07bb00cebd1c55213f3036744044db934c46f

    SHA256

    04cc43d5336721c721d18667f438d357df889a6d3cd0690a8712e6598b1f18f7

    SHA512

    09aa48701e61f4a890d270a954e843fc179ebf0639bc86e3df58941c58c24fb1dc1b72a486a57219b1143198c7383d444ea01a67079bb84a36f3c69d90189406

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/xUtils_http_cookie.db
    Filesize

    12KB

    MD5

    2e8d2b7e3b1a8758ee427d301314b7ef

    SHA1

    32bcf7c03fd4934e1224feaf2114df2ae56d0551

    SHA256

    67b1e827a498e60301f0b57d15e0e342027c49266e8be14c7441dc7f774c299d

    SHA512

    2a7acd5dff858b159ad5ddd05f8392dda9a0d2185dd5b2b4b20ab660d8946bd3686cdaaaeff7317d717a23a2da1d86e5e42e0221e20e55cc020a2d9a16b0869f

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/xUtils_http_cookie.db-journal
    Filesize

    512B

    MD5

    53af8a6c2e171e2778e24bb78743394b

    SHA1

    43cce0f5ebd43db4b5ef998345deef18332bae78

    SHA256

    4a376e8de3ab1f302f133b6801da49d55bc6c3b910025f844cb810277bab7583

    SHA512

    f0860bb8c9d84cfdc77b73e3bb3820cc70be29b302b3effc902fd75693cef73500667252b87e41b9b4463fa3c415e13a777d61a636b0798c6bde8bb8daac78a6

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/xUtils_http_cookie.db-journal
    Filesize

    8KB

    MD5

    f7243214736f7ec66c48682865c282ec

    SHA1

    80d0f6db9d01a754f5576393f590dbbe88700a12

    SHA256

    53c51c3290ddc40b77447ee4c83eb5cb7eb70d6c702af18a97740dea1b6d789c

    SHA512

    b92001fc6193876f7c0d892d001c4dc33b72679b9f0e814e39fcf213ed68a174506bb5ab50c73dedcf1d17e16ec48cac85ab9df6b0796970dcec484e4ec61f51

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/databases/xUtils_http_cookie.db-journal
    Filesize

    4KB

    MD5

    b20df93ed02824d35d3831e9711dcc09

    SHA1

    4580a7258022f3602f9f43970ef4d3a845297373

    SHA256

    4eb9f3b59873d4a491789b18d690da727460b010c80e1da9b134ebf274d0b9f4

    SHA512

    356f40836416ace75769edca87f39661644d6dcfeda604173c1aa5e628271c0e14461bcab200d3ac930b669192467bf40fd23f588f54ac5ce2ed62fcd39afc91

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/files/.um/um_cache_1703370809567.env
    Filesize

    654B

    MD5

    1eeceb791973694cd8f4c35dd3fb648f

    SHA1

    140eb37ff86b321140ccac62562549839a8e1c61

    SHA256

    40c0c0d4ee81bdfc0685bafd12cd66fe37f06d9e67d7c222b51844b7d9e8e9c9

    SHA512

    9d74daec9e25454d19d909781da57254637652fd60e9aae35bd799c20c1023a602cf7ed9319748be6ab497d1f3758680039a6a42f99f06daddf3622ac2de7ade

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/files/.umeng/exchangeIdentity.json
    Filesize

    162B

    MD5

    1b22ef7fbabe010ddbb08445234874ef

    SHA1

    044cf0d429ee70dc4b4e176e6ce30eba02a4f811

    SHA256

    3eab73c5e96095d39d8efd08477897576fa02398ce4403ba204d66630484509c

    SHA512

    5aa65839f0196273847b03fc472f426dd086e587979fee97954b040d16ed782e4075b21d5b74104e779ee3854dacd9a4f7152a45f709edf69cf6f16e35ac2aff

    Download Submit

  • /data/user/0/com.utooo.android.knife.free/files/umeng_it.cache
    Filesize

    350B

    MD5

    bad208d3b43f4f828cf650859f42cd7f

    SHA1

    557ecd1c12f10313f2340e1c3621cc32bf399666

    SHA256

    09816c5546dea45f2a010aafb1f816529f574cc050345a1c35345a80348358ad

    SHA512

    f274ec94f72b1f3f2303454bfa04c72db9657cf9150986bb6b936fda9e9dfa9605092f707e3ee7a8b62e9c81faf89bb619b4538a18ee95dc8f460b4d90ff0a3b

    Download Submit