54f70a30d42606ac2146cb042577aab18f8ddf07503b9761702e3e94c68b4560

Analysis

max time kernel
2573898s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
23-12-2023 17:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

54f70a30d42606ac2146cb042577aab18f8ddf07503b9761702e3e94c68b4560.apk
Size

17.5MB
MD5

505d03fcc2a4abee29333f482cc589f2
SHA1

44c220e4171aa6ceec332033d0be583d76ea58e3
SHA256

54f70a30d42606ac2146cb042577aab18f8ddf07503b9761702e3e94c68b4560
SHA512

c01b7f7be22f5f68a12ad43eb22dd2ac0c93f79bbfecdb2d01c478e5f70f7c383711989c7c24f027fdf0617db8a07f7925739fbe7cf73fa2c3554cb0d46846ae
SSDEEP

393216:BQqI5DZDK49Gu+kUmkY/U/jsGMocW8tjD72PnBEIan+uFfNGaDr:B89GeGu+kXkOMjMoKjD7gBEIED9B

Score

8^/10

Malware Config

Signatures

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.ddsy.zkguanjia
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.ddsy.zkguanjia

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ddsy.zkguanjia

com.ddsy.zkguanjia
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4512

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.ddsy.zkguanjia/files/AntiCheatingLock

Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/user/0/com.ddsy.zkguanjia/files/td_database0TalkingData/1703380947641_4512

Filesize
3KB

MD5
0862c0214a236c8bcedf2a8c9cdb7d61

SHA1
fcc7a855437c91af26634b95e35bc3e65484fd93

SHA256
49da1d896e57c5a4102a06862348fb9f18799648cb7381fb17cf7561d42317a8

SHA512
ad2ca39308be25e4799dc150d369d838723fb1e0156193d7ecc3dd8c347995da7ca3403fe9372eb4d8fece1486abfa4f70c62df4952f7e47ab6073f5a48ef7d9

Download Submit
/data/user/0/com.ddsy.zkguanjia/files/td_database0TalkingData/1703380947884_4512

Filesize
1KB

MD5
5696d127dd49b5bb0dc4de0c9a516e35

SHA1
95d030aa81423bee6225b88d93f4abf74a62cc93

SHA256
24c5d137fab6eda5610d15bf499390ae950b17086147336c81ed55f78346347e

SHA512
bbc47883c9b073332f4c2f0a1bbf5b73dccd1802f1f1650dea82a18db4e25b0258d56c55c15ccc85a5c2e542a2595c7a48875744ae99f76f4618df03efb2c61a

Download Submit
/data/user/0/com.ddsy.zkguanjia/files/td_database2TalkingData/1703380947777_4512

Filesize
1KB

MD5
39cf9e93ddda54ec719331506701116a

SHA1
bb164cbdda90723f41a5c6e15a26de1d49033b11

SHA256
180687dff69c9bc4f49187d90d66291880c2f48c731d5d74fb53a8d0a008ac25

SHA512
7b893a9b39725837ac52eb621fea69a691ee7e8aa3920fc8ee622a72650f108455b0d237ec6d1aaedb49db80c4e5707a073583a5bd575569f6868551ba734eee

Download Submit
/storage/emulated/0/.tcookieid

Filesize
33B

MD5
52dc15442b71660e091b9d455b631de6

SHA1
036c1757a2c260ff3267a2fa22882d0419ab04fa

SHA256
95fc858e8514f88940f99f4faced419e36bc7d02fbfdbb789e8e8ef489a6253f

SHA512
363c81d13e8eb4174bbc805f1564182be5caf3c09fd349e8b9e2370c2872b2ced4b48cb54c763922dba9063c53a8f4ef71410567b81d62283f9e952276c56c83

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads