58be14fb1aa031b7c7fc637701ca3a2366f482ce13c8dc273ada3acd6477cec8

Analysis

max time kernel
2581489s
max time network
157s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 17:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

58be14fb1aa031b7c7fc637701ca3a2366f482ce13c8dc273ada3acd6477cec8.apk
Size

3.9MB
MD5

8498bbe4fa7b80455913911646639ff8
SHA1

7a17c9c66db52d67ee394b4193d78583761baf8e
SHA256

58be14fb1aa031b7c7fc637701ca3a2366f482ce13c8dc273ada3acd6477cec8
SHA512

dbb01c2542b40665627465aca74c25c1b881cf4c1dcceda7caf41e8702cbda67d6ca89c08c11e4c7aee3bf7ad75fdfa51df5f522b0195b629635ce9fcef769d7
SSDEEP

98304:f/BWpC9wI56Bu7Z7875m6aPPkn7A2uNVUFZa8WbatEQCqxW8z:f/z9Um5P8Ypx/Qhn

Score

8^/10

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.mofang.mgassistant

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.mofang.mgassistant

com.mofang.mgassistant
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4267

com.mofang.mgassistant.push
1⤵
PID:4300

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mofang.mgassistant/files/__local_stat_cache.json

Filesize
88B

MD5
d5163781f93e2f0cb532993f6204d17b

SHA1
71bf2493cfacbd85b21762a48b81e5f18317de43

SHA256
630a2701bdf00f3039105e818a7406133c453c309edc1f3433a8e941d5aa3ee1

SHA512
08a32019b4a0d396a7639422ca012fa01f6ccb8a2fc990f4426150b1c8eed2201e1f76bb02c903257ca0847e91dcccc72514944f025b51876da4953720a239c2

Download Submit
/data/data/com.mofang.mgassistant/files/__local_stat_cache.json

Filesize
25B

MD5
2d805b13f2f28dc3ca9bbcc000f49bb5

SHA1
9eac165b4d81258fd3967cde5cc53b53b1dabcb1

SHA256
c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

SHA512
5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

Download Submit
/data/data/com.mofang.mgassistant/files/mobclick_agent_sealed_com.mofang.mgassistant

Filesize
620B

MD5
97feaea8a7828ecb740f997509f898ad

SHA1
c8c2d1fc925bc121be2e23251e879eab72673f29

SHA256
d274daa299a431237dbf574e3ec90610bfe214a9331bbf7689b33c7c353565b9

SHA512
ac373290eea15659de569ec949d01dbf2c82a82b8ea42c8d8f06e7a6a1231d0142f72c24fa2f42194284b526450ff22dc7259f19ce2957d8a91ca9d78638e80c

Download Submit
/data/data/com.mofang.mgassistant/files/umeng_it.cache

Filesize
211B

MD5
8a7dced4433e37f350b20b9fb7ec8ca2

SHA1
3f23929716074e76d696503d2d6e94eda24e863f

SHA256
f351712d238bfe3f30c24dfae617d28ff961cee5afda168d8e533a99dc55ce38

SHA512
887ce6e0f0d796849958c22c232a375b54fe92af08287c577512ef7a35b68e91bb0ae495c3364202af3cca89a2e8a3c01013c5522dd9482fe3c0ecb8143fcb3c

Download Submit
/data/data/com.mofang.mgassistant/files/watch

Filesize
9KB

MD5
90440f20dd3b02e90a1160921f31fccd

SHA1
cd6802b20853c52349e4583f24750bc0ff078eb7

SHA256
c892a0657b07bd05cba8a86c35aab11b34c26d9e5583691c64ce524865e71ee8

SHA512
2da286e440f2f042bae76c238aa82abedef224881eb7180e996879fbb5ada48ab68ca0fba7e23b1b96a792b5bce8393ce5a0205c536b22bdc8d2ea858242635f

Download Submit
/storage/emulated/0/baidu/.cuid

Filesize
89B

MD5
c2b2dce40c7486f2762555ae4cb8a1e9

SHA1
52d9babc8898c19fbe96a00f6d1403ecb603fed9

SHA256
3fe0dc64177b5b227fdc50c39498d5cc239c69bb1af73a2b744c760b54161a8a

SHA512
ce7f1c251ab45632eea4ef15fc40fd62b000f9f8665101597635e83240e6cdf3b011380d0d759eff2a21fb9fc522efc99d470ec26738c05dec2341d0d8bd5060

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads