58be14fb1aa031b7c7fc637701ca3a2366f482ce13c8dc273ada3acd6477cec8

Analysis

max time kernel
2563070s
max time network
165s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
23/12/2023, 17:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

58be14fb1aa031b7c7fc637701ca3a2366f482ce13c8dc273ada3acd6477cec8.apk
Size

3.9MB
MD5

8498bbe4fa7b80455913911646639ff8
SHA1

7a17c9c66db52d67ee394b4193d78583761baf8e
SHA256

58be14fb1aa031b7c7fc637701ca3a2366f482ce13c8dc273ada3acd6477cec8
SHA512

dbb01c2542b40665627465aca74c25c1b881cf4c1dcceda7caf41e8702cbda67d6ca89c08c11e4c7aee3bf7ad75fdfa51df5f522b0195b629635ce9fcef769d7
SSDEEP

98304:f/BWpC9wI56Bu7Z7875m6aPPkn7A2uNVUFZa8WbatEQCqxW8z:f/z9Um5P8Ypx/Qhn

Score

8^/10

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.mofang.mgassistant

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.mofang.mgassistant

com.mofang.mgassistant
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4590

com.mofang.mgassistant.push
1⤵
PID:4633

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.mofang.mgassistant/files/__local_stat_cache.json

Filesize
88B

MD5
6ca5e3bf2b2c5d393d8e32417198d035

SHA1
9a6c8d5ab300cb57739210f74f6edfed21e96911

SHA256
bc719baa17b329fb010d5dd8543aab0967bcb2f4b4ced86ff2ee6112e27888f7

SHA512
7782d585ce066326dbcc18f9bbfe929e81ad317d8dcc3b21e4caab608102b52bead476a7ac8cc0557d2825c94acd5ec65a35abc273a5d1ab07931d23bf68300f

Download Submit
/data/user/0/com.mofang.mgassistant/files/__local_stat_cache.json

Filesize
160B

MD5
74db80d9e0083ccb381d3e13ada9f482

SHA1
78370160ef3d17da8e9936092d58fcda6d38938f

SHA256
f324521a47c963bff245b79c0eafaad4d5ce98867916b46a3a081cc1c772d4f9

SHA512
de4041a4f6dbc5fa4efcea360e7cc3613c7e07428df2b37092c0d59a3ac7cffa5b2c9d7a82d1c90824553f40cf9342194572629eb74acd389797c825f081a152

Download Submit
/data/user/0/com.mofang.mgassistant/files/__local_stat_cache.json

Filesize
25B

MD5
2d805b13f2f28dc3ca9bbcc000f49bb5

SHA1
9eac165b4d81258fd3967cde5cc53b53b1dabcb1

SHA256
c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

SHA512
5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

Download Submit
/data/user/0/com.mofang.mgassistant/files/mobclick_agent_sealed_com.mofang.mgassistant

Filesize
586B

MD5
ae7727271094ae0cb06ca047415fbf21

SHA1
240124f193da5fd9aeb494924953beac9892a13e

SHA256
4ee11624934f4eb843a40dbe7902c81e08a7418b686126a104c37b6af6c2dda0

SHA512
338d7078a4ab5daf14d24ccd6f7aeb6435d6b09daafeb769412468ff9881390841f81992b363dd4a2094b31f2e7df31f5174eef9eaabce6215b4844380acfbfb

Download Submit
/data/user/0/com.mofang.mgassistant/files/umeng_it.cache

Filesize
148B

MD5
be61c7aacdb94095d74b62f789091f8a

SHA1
b6fc9caad9f68b1a1d7909bc064a0d078db1cf40

SHA256
6de330f2987c37793fef86fb899a37fb4f4384f852baf6205dd172208a55d308

SHA512
dec4b93eb0137f2fb79140c1620560923161960fe20f4cad9506385e4b5103186785fbfd17313f218b2573e3f8d3e94bca7b3f3a278ef1cc03e6d2557d6eff34

Download Submit
/data/user/0/com.mofang.mgassistant/files/watch

Filesize
9KB

MD5
90440f20dd3b02e90a1160921f31fccd

SHA1
cd6802b20853c52349e4583f24750bc0ff078eb7

SHA256
c892a0657b07bd05cba8a86c35aab11b34c26d9e5583691c64ce524865e71ee8

SHA512
2da286e440f2f042bae76c238aa82abedef224881eb7180e996879fbb5ada48ab68ca0fba7e23b1b96a792b5bce8393ce5a0205c536b22bdc8d2ea858242635f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads