4fe8f9861db21152f049db65bae3d3597ba0cc588757df714de43bb9edbf6c7d

Analysis

max time kernel
2566882s
max time network
157s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 16:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4fe8f9861db21152f049db65bae3d3597ba0cc588757df714de43bb9edbf6c7d.apk
Size

7.4MB
MD5

28cc66652c04adf0d90646d521963e25
SHA1

58bfe73090fbf3c6ef0340ba5e2e08764d21f2be
SHA256

4fe8f9861db21152f049db65bae3d3597ba0cc588757df714de43bb9edbf6c7d
SHA512

e31fe5e0e924ce1a5812f92db299a00a3e0adb3b44dd01c994300f1574bc8a62286057d568427a444eb9a64de7333e580cc36587050bed4614f29fc6c91b6a93
SSDEEP

196608:eTuGf0WTH3lGO8KuxLig+FYBkveDpasOpHCC/:eSGf0WbPYhig5BbDsvCq

Score

8^/10

Malware Config

Signatures

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	cn.gydata.bidding
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	cn.gydata.bidding

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	cn.gydata.bidding

cn.gydata.bidding
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4266

cn.gydata.bidding:mydaemon_service
1⤵
PID:4292

cn.gydata.bidding:mult
1⤵
PID:4321

cn.gydata.bidding:cancel_notice_service
1⤵
PID:4362

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cn.gydata.bidding/databases/hmdb-journal

Filesize
512B

MD5
cd6ed59f775f1bb1d5da09c6359e44e9

SHA1
8a8c80694aac82444e851ff772f38a6f74ad4ae4

SHA256
82075f7050702e69583ad403bc41f7837e4bdcb9c65e61f25e1709b23a58970e

SHA512
87187cfa18e6ddb84b2adcb92653907c23f3bb97fa5b9136bafc6380387bf0cd13597f117264265d3b6ee2e39780716ebe2acef00530d96e6116b70619324fd0

Download Submit
/data/data/cn.gydata.bidding/databases/hmdb-wal

Filesize
16KB

MD5
777d1e93f06794488e5d5313d8de54a9

SHA1
48a7abec3930001a08b3092690b144c7879374fb

SHA256
91f2ad2da07a8a3b4b427a6cb9e600897ee431bdb033b42aa6f92b4ba9e97246

SHA512
d75c66e6679a4778f2ae571c8d73cca46677d1d992626d128919a3ff37947aa3b83bb60e87343b25f213813897a4ec581cf6b598b3be46a4df599820092cd61f

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db

Filesize
36KB

MD5
60e918a66670488ae5e111bdcbcfa95d

SHA1
ee81e2f5ad9a7301adfce5999095370e532a43d9

SHA256
0126f776c2c01bb621001c4d80787b706902fa8fdd89fd1f062d063ec74d5313

SHA512
1abb9311fce204649d299a19efab820981c427a8f3778a9848fdfe99aac19fbb3d62bdc4f5fc93bad66c090d198e9db33c23066041207272f2942272167796d2

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db

Filesize
28KB

MD5
ea8985a75b326163e0c57f365935a741

SHA1
65ffcd52aacf9bcdb776149626cfaa9c9556f147

SHA256
b096245a8bdabebe026ddc838db0b4f9eac5f0219101066b318c024aa3a50421

SHA512
a8a6489f1825e71a73d4d96d27d0759b410b78684c190511b2b98ed4741b18cc6d03412ac994bddadb862c5dbc433a2e7ac34419ee50d2b0179933a72866943c

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db

Filesize
28KB

MD5
959177b652430ececcad3cebf98ab4b6

SHA1
e10289fea59894e0f876657d735314b46bfb9f3d

SHA256
da3b572632962dc0e1536124c3eb87d509e05f72d7f734d81816593979d4d03e

SHA512
6389bc2c4092da1a7bfa969e6d855a91ab840a9b358b5205428fc5de5e8dc87c7369d925c16abda5d409e54c3c7389c9ce63b72376d0354a3a7815da310aa551

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db

Filesize
28KB

MD5
19d9a140951c56b6c1569cae45bbea7f

SHA1
6b38ef2e8c036064cc070034238c950ad3841a26

SHA256
fc2a02497d3a15ab7804d6b0e133816768664a773869aef97a296bb95a19253b

SHA512
fd2f2fc08880996f97c6bf4a86f3b98fe5590143468ccdb42c2cbee7a74de2952be20bc93a1ea2aacd8213c55f8b753b3be0bf594f01855daa15b279e5166498

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db

Filesize
20KB

MD5
ff2bb925f2b4a70d5c0005a1950e9dba

SHA1
2ce2b51978456a1811b130c421de9c4c4a26af20

SHA256
777b8dada9d7b2823016e9572b94d2ca8dbae61a60865c07bcbc3f9f814ec9fb

SHA512
0a984aa5c9c49227fec916c79e89e60b9452b1ac884addd2099592e721bd5a9f4b3b1687b0f7cd177b9654725bcf9acbcd47c62c2bebad2755234e6351c242f6

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db-journal

Filesize
512B

MD5
5e64143b5e76b2bf087abdf2d0825072

SHA1
bca996eeda2a8e5544c8dbfa7ce818093ba9b4d7

SHA256
92c48c1a9a5de19fef2441894ecff16d3af7b9d30ab6e83e8f88e37265f20a10

SHA512
f77cf4b581118f894e6e786c1fef20f3e88a6bd81fc121dc20718fcbac0ceb056b3725c0cb43aa6f52f41976a27b339e448f1119b2cf813cd19517b02b68d897

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db-wal

Filesize
8KB

MD5
34291d28ee898caf56e24e76d921f57a

SHA1
64fd68b853db8484c1f8335f3ed9b21430b2550a

SHA256
7197c91d59c2f4ae8534e28d89b82c3eb62833ff2f5f750c19d9b1e99c8b61ca

SHA512
4cea0dd0bb664d79145c091aa160d73847724168db082ae0da9d474f4cb6ca6822881def9c7b1bf14a36b2d66216d6e2cb701636fccb965fc1cfda54915b32c2

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db-wal

Filesize
8KB

MD5
29690760dc1b0ce2cadee867500e8367

SHA1
6d4910499427c86611d6ad2ef9ccd23a36740576

SHA256
1cca805564b7624e5a2ee8869f164b19490f51baceb7b7a52e6f60c6414050fb

SHA512
cea4ad5a85f29ec79852cf107d9c0b76dcdcc7b5d22bda64d900bb301fda5b7c59ec379efc8e05f33282c04ea596f89c209281bb1a367bd93e833118d3d3551c

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db-wal

Filesize
4KB

MD5
348d41a32666ded21a7427c4f9c570f2

SHA1
db30921dd8e185ba0afcadc3456f218939dcddaa

SHA256
34ac821bb6c855b3d6963118b6f668e43fb04c0b0c89fa5b1e2b8537983fdd00

SHA512
c1607f6f51e212cf6bdb4044ebf3e49c43241405a248e67b2a8948b6dbef276cae9ed95450bbd9dae9353db6a7538f93041bc7e535288030a6885e65b9e14d77

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db-wal

Filesize
8KB

MD5
cd02f4763f55f7b19746384558693b2e

SHA1
67d88e953ecc9e1c339bec60c405ebab5f1f2215

SHA256
b55256dbbe10c28a714140fdf9d1b95c8ab5701c3312c3fa2b4480a5f1f7961a

SHA512
9bff8d32e994e73443eeeedaf55c85cf7504513d59a1cefaaf0ee27c8802d0cdd853defb8c6ea63b94e6afb331603d05b405b8a1d49141f173fe2a10de605174

Download Submit
/data/data/cn.gydata.bidding/databases/logdb.db-wal

Filesize
8KB

MD5
49f50fad63e003336a4aa642addc2c7a

SHA1
3f46c5e8ac53ee8e77dbdd335989e744a7494810

SHA256
171798a0df7cee29e878355e2fe35692ef1e7a18c114544f15191a29abe61900

SHA512
c9bffb96443013a69a26bfa3d874651312f22f925829fa12fc213a4592c6ec73407a7acc45396ff0441fe2e840640948d73cfb06286117237f73ea3cd17ae8e2

Download Submit
/data/data/cn.gydata.bidding/files/a/b/4c984fe24161907e5b5b9423ecec3163.0.tmp

Filesize
564B

MD5
5fa891a0666f48a2e1237c36431f170b

SHA1
9dc21329b23306e53b74ad6bc7fe2bf102bebd1e

SHA256
ba73a1b2f681e54fe4c833802f9e1e158ad2075d32728627d46bec431c1cf9b6

SHA512
e00b974b0964f02dfaf231917541a1cbe31501d6603f92ee587b365023d98567526c3cb54758939095a382ad4833e9789e2eef9e5e8f7088eecaf48b35034407

Download Submit
/data/data/cn.gydata.bidding/files/a/b/5ad6cdbb45b4a14283563bba26a5e0b7.0.tmp

Filesize
564B

MD5
c1da67bb585ac8b65ec55be20c90edc2

SHA1
b755b9e63f4fdcc7bd69395d3e5086cf5b63c297

SHA256
9d8dfd94ea40ece334370cca456c6b6718b6c62d712760365eefc8cd4664be95

SHA512
0a4ee452bc6255039deb57401f272d72b27e1426631cce0398be14f1534cf43be6bec3dd8a525175c441663b34b0052a265f734725b9882ad449e788443e2a32

Download Submit
/data/data/cn.gydata.bidding/files/a/b/journal

Filesize
113B

MD5
adf74c6eeb18424ae96792f31795a85e

SHA1
2a1791759434831de0bde90fb1016ae02fb44875

SHA256
9dfe39523699289bddc58b5d35346e131916607ca6cba18336133700429c065a

SHA512
e39604cf92527f820533f60fb94ec3bce2a75d5192e9009bf1218b6a570fe53c791a0d23860ffe33517431d00d7e98763f9c930992b68ef430a9d7f72ec0a5ec

Download Submit
/data/data/cn.gydata.bidding/files/a/b/journal

Filesize
38B

MD5
5e35c852bb1cd4d3321c28193e135856

SHA1
27b0569d4b298eeacb67d0399428c0eae5490b79

SHA256
54fe2f86841cff94835c1390c315464e40258c1b2486bda31251e99c29e9d364

SHA512
3ca12fb5e47ca8b77c75c23284719ee1aa8edad4d4124ccdb9c9e8fd21b2cdde4e4425ef9a6a31d41eaf0962345dd09ebea0664ad841bb97b9e70db1adb76fd1

Download Submit
/data/data/cn.gydata.bidding/files/a/b/journal

Filesize
233B

MD5
f4a98020a103b00e74abadae06f2445c

SHA1
87d6ee6ff238b968e5ae9dc6acf4f355cf9859af

SHA256
b1ec2833f6714dde2630971a9eebcd2c043b55652180dfa5b3d9c3570f108483

SHA512
75942fd50b9616e5034128b48f9fa6b6f757be238631a0bfcba4ced2704bf9d8cdc7963e88502ba23f6e48e7de924be0b9786fe044f6222cbed83b16bb53a167

Download Submit
/data/data/cn.gydata.bidding/files/a/b/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/cn.gydata.bidding/files/jpush_stat_cache.json

Filesize
124B

MD5
32d4bf5bbc102065bc0a2b1602bdd1ca

SHA1
e5dea8172bbdc92bcc9ce856d154dcecb519d2dd

SHA256
de55cbca63d82c3bf6c120896d8946a47cb50d8d832ccc4a475998f69b4c9df9

SHA512
46cb46398e41f1ec84ba53f2a20e9b16d5c0bc82fd4e8895243377b06f80c3d998099b756789f95903baec5a51bd2730eb84338ea401cdf15b49022bdbb33391

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db

Filesize
8KB

MD5
26507affd3786e8568a3ab556e1f0502

SHA1
e35ac3355d24440278366ff12b8ff2b5efdf536f

SHA256
107d48b134fbd8f49052a3d085118fd1df0626863b9ce937ad65bb7a4f5b31c0

SHA512
106bd3711c84e4deb3ec802c0e2295abbc37cf1690faa825c7f88dc4c788460b9ad179a4cf3b53122106877c1ca528f9e4ddc3497dcdb2b5b1d68139545cc52a

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-journal

Filesize
512B

MD5
adc66a3a72ace8a755b661f52c6bb14c

SHA1
3911290d6f53b821df19bb665e37e87671353a78

SHA256
7ce524f01f20e776f9d0edd1edd9e5af50cb9e6e0f13cb8c4a6f6dbbb4641c2c

SHA512
e4773c8ad5deea91568df69488f299997f3ffda9bb40dd72bba3d73e3042061a8490f9a15aeeb0144c2b96e2f3adc9087e1e7c40510539d1f9fb4b186c1864a5

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn20170807.db-wal

Filesize
32KB

MD5
f85b96967dd43e46c4e247674e1a1e44

SHA1
40719a68b7764ae68cdadce89c58026648323cdf

SHA256
2d7a7e9cdcabe0f25f7511c8e688472f9f0a9ce56e71a1070416a1c02a5aee42

SHA512
e5b5b5e6cdbcfd4015a466044f7e636fea64a22f8e4761a440c86ceb46c1a139a53c12dd3c3eac7f52c1132d60f8622dff26b67d2976536a75b61332be0d654f

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
32B

MD5
4043e37e3be2d74c23dccd4189736c94

SHA1
15507d6d0ba22142887b51083be35641d5fd62f3

SHA256
69b733b51015f5bba15914a94bb1abe5aba60ec4f932b4f7a16b26b43edd1594

SHA512
bfa9dd615c324506c8f9bd73646d3abe82befa4e8a09f8be844381dd66f51393fc44ccf3beceed4254657d2be16de237ee702b11e8e06aa0ad1824fe7c516187

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads