55f27dccaccf32c0008fcf8ac2921c76c049d31645230e52afce25bd0aaa77b3

Analysis

max time kernel
2556021s
max time network
165s
platform
android_x64
resource
android-33-x64-arm64-20231215-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20231215-enlocale:en-usos:android-13-x64system
submitted
23/12/2023, 17:20

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

55f27dccaccf32c0008fcf8ac2921c76c049d31645230e52afce25bd0aaa77b3.apk
Size

8.9MB
MD5

317ddee75661828911724226b90d72be
SHA1

d15c5795eb8c5dfb07dbf0e024b843b9c8eed3a2
SHA256

55f27dccaccf32c0008fcf8ac2921c76c049d31645230e52afce25bd0aaa77b3
SHA512

e5d2807e00840d5f847da9135343eaf6e8f0b54ac398247ca1f264cdc89a992a1117d3681314b2c1e449fa675ec94e2b7dd812264c9cd75ab2587c6ad98d30de
SSDEEP

196608:NmfRW/tss5R3xmzOP6cRv2jOzIb1+CToWKQDDE/JDRABS5Ol0:4qDxmzOCcYqe4WNDDCJDRABuOl0

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.hz.amk

Queries the unique device ID (IMEI, MEID, IMSI)
Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.hz.amk

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.hz.amk
Framework API call	javax.crypto.Cipher.doFinal	com.hz.amk:channel

com.hz.amk
1⤵
- Requests cell location
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4270

com.hz.amk:channel
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4542

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.hz.amk/databases/MessageStore.db-journal

Filesize
8KB

MD5
a06b07e53719cb6204167a5ce336302c

SHA1
5c0b0f015dc1cbe9ad37b78be0a2c0adc675a96a

SHA256
3b70e23122200e57192f3a05b244c9bf80dc5550ecc894102c29071a9f5a0e76

SHA512
f3d6612a429370058663eefa72c83ea3f63db82ebe14e1c06511e917179add5420b37efee3a9ccd71030631ccc0afd0e63e1b654be09c4cc403b35b48d5947d3

Download Submit
/data/user/0/com.hz.amk/databases/MessageStore.db-journal

Filesize
8KB

MD5
632f022300b1f0396e259338c37c14a5

SHA1
fd0e0f8e9a2e67db76d57f1620c2f4705cdbb713

SHA256
fccd634c97e82d663e27c2d9bc942550b5c111f83247a07606b8138c781c494e

SHA512
1accee590ffbdcc80446b096d1e3d35398c43fbc169b13e686bd5538eb1fabec43dbcf174e5f21b6187995ed0d02ea92a95fbe4c14ce1df40d13233d8405c763

Download Submit
/data/user/0/com.hz.amk/databases/MsgLogStore.db

Filesize
12KB

MD5
edb655088d1ed9f33f9d0d499b7a3ef5

SHA1
565c4f4e43179dbfc285cd6331dc8ac75a901af8

SHA256
bb9e45aad35b43e895393e7a66e4ead6a5f728f90b7627e3c741d391bf65d4f9

SHA512
98cbf923880de82921c38973fbc6d711dc39884428d1eb4ead33658a5a7f163734e5121823d5b043ca44554d19c5b6f966674ac7291513944a94cec97d5be599

Download Submit
/data/user/0/com.hz.amk/databases/MsgLogStore.db-journal

Filesize
512B

MD5
34b9a45162f535b4a9c62dc8b9c1bb0e

SHA1
385969c6300e5803476f3efc53499522853bb487

SHA256
d3a6d321e04d542947d6b649d339f49b13830245030398b4f804c38e53814ad9

SHA512
6e450f2aacbe3f7f8b901b4daa3489b2ed9fa5f8ba6190f6048fff6404730b8722a877a4cd37bf85c9575939ffccd55195428d4b5644639d42ccfc0f1548d97e

Download Submit
/data/user/0/com.hz.amk/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
235411995f6c4954f55cfedfa20a75c2

SHA1
31657444da799f981ba396a269701c005a41d97c

SHA256
5f5d0e45e7a73322027e15e8a0af85e55ec45d36202ca12f440613e648f6ffbc

SHA512
3d643caec01ca83b5cdd08df6f671c19d666bae5ac6bcebbf29cbc3ba5667d6f942edec7ec7586b364f14889ec3d72481538c11c30ccac7713f85692dbbeea24

Download Submit
/data/user/0/com.hz.amk/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
0d3a73760f6a7c8059113f5ce7e9b3dd

SHA1
a5da07df73f4ab35d7fcbcbfb2f42b6bd330e420

SHA256
b43077b40510f1ab20919be4b0b90ac4f1d4c2329017b9f474f4c17179e9a734

SHA512
845cea6a6aaa6e2f90e6b3e2edeefb6e6715a91461b1d92a026ff33c2bfa0269ae794275e3160b230c098f44c5e7d4257c8ebd8480949f942d9cbe2d3aa58418

Download Submit
/data/user/0/com.hz.amk/databases/accs.db

Filesize
20KB

MD5
558105926688c7d4f4788f6b593bcebf

SHA1
d16091461bb6ba14d9de002f0e32feeb35fda9dc

SHA256
51b2b66764ca441ef1a110abc89f5b8251be8522e0a9bda462a9375d18594616

SHA512
1e7c7947765f949be950a73be089c256b52def43f6621357548a88449ffb6cb128f99bee382cfe8c8c786c3e9ac2a907c08f38e2ff9e1e37fc9138360533b55a

Download Submit
/data/user/0/com.hz.amk/databases/accs.db-journal

Filesize
512B

MD5
7b41a4c321c2553c254f834c077c3a7e

SHA1
fc88d7f6667088dc89678c957702062cbd83ddd6

SHA256
c81898e09371455c52f466ab0fad12c12dda3ed10c576cdc6508c4f04c07d49f

SHA512
25c049d0e0fb40a1449dfbe6debfb3a472a314828d9a058c19abaeb0260a1b0c65bf322dee41f3f34c82375e4b2c4ff7580c2927f53285ea5add13614cbe7b99

Download Submit
/data/user/0/com.hz.amk/databases/accs.db-journal

Filesize
8KB

MD5
c4e8aa7a5d097b83ac01ab1d3e6a36d4

SHA1
ab08c60d8d0df8691b59ed750e31eafefc8b46ad

SHA256
dbe147f179dad0a7ca0358fcd5af2cffba8e714a71df61bd40773afd0db5cfcb

SHA512
fa73bcd19905622857ff36d3568dffa9d5e0022244982e684e5fa5d57b0062962b00fb3d0e80dc2a13bcec4e9eb49b8766bd375044ab2c36af57755022c6ed59

Download Submit
/data/user/0/com.hz.amk/databases/accs.db-journal

Filesize
8KB

MD5
de37059d90f9516b9b3716ff394a3b0b

SHA1
98ab3540e63f66879408ae0d3cfb00b7d9d84ce9

SHA256
f58a3cf65f5ecaeddf3d2575ab7b667e32ae5f213a77a1de7edf81fdf6b3b4f2

SHA512
8945dd18ef0ea5942b5b1e66d14b21e418885f40522003383ec262f175fe4f37c2110dc2a05336e9742a4c863fcf942398cf1960a2a64ffa6709ce5d46562ba8

Download Submit
/data/user/0/com.hz.amk/databases/message_accs_db-journal

Filesize
8KB

MD5
ed29d12389d2491ab395ba55dad373c9

SHA1
c5ce3f2f64973f96dd7ec351b8501718f2d66545

SHA256
24146e506e6a86b20dd05734f39d5ec06b68e9ed38d515cc16d9733f7bb2c011

SHA512
c8c09b1b785ece7f1946a0b0fff1182629e072aac8a30d93ff8a5b3ffcab32934f7169ae9d971b0f59c98a50a0ba0be64537f186ea8625050a2d529f42244b83

Download Submit
/data/user/0/com.hz.amk/databases/message_accs_db-journal

Filesize
8KB

MD5
0fbbb1a991c4e23018976e7603a384ef

SHA1
20bb64813b76a73a87c4896a510ff5c3ffad76e1

SHA256
198711e408145491c8e0b7fcc64355cf1a6237dca17f5c38754982e9e3895897

SHA512
2dca71d7e3e560f11b0f65b39889de76dddb0bff3ffcd74f78b2e1f3391aa9ee495b1cdbac4e1d5a39dae8cb4f198c50e331a70d7bd7524127cd32c0fb3f0ede

Download Submit
/data/user/0/com.hz.amk/databases/message_accs_db-journal

Filesize
8KB

MD5
eaae72b028220d04eba3b40503287f83

SHA1
aa583cc28fd1ca18dd2c6d92287465686b211e96

SHA256
87b978b3b12758504be4ea0445759c75d6cabf1fe8b1366958239ca8a77a0b7f

SHA512
98737dbba7cce56258c767ea7dc83a688a30f18ebcdd33845377dd3f8496444cde3cdd15c5b50f8cd5b020b5e2c54e94c5c0ca9bfb7efa0080e1cb95ce1ec871

Download Submit
/data/user/0/com.hz.amk/files/agoo.pid

Filesize
8KB

MD5
f6afaffb6727f997b1b8000841b3b8ea

SHA1
e44cdd649bb5d290d530fc59697b69172532d692

SHA256
f44854daa71de9c87bcf25d85efb063ca940b9c3df5c1b245828fc143fb02ba1

SHA512
7e76942d2018b99ac56259d0de4f3744bec8590cbbae22b409254ba558dd7b2112687ea2b691012ced14b55ec3a6f9181d896ef89f87c8401f4a63840a89138d

Download Submit
/data/user/0/com.hz.amk/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzMzYyOTIzNDQw

Filesize
1KB

MD5
59c14c242caffe7c093672b8e30a5735

SHA1
800d25a03dcd242a8b01429e3bb2dba0082936a9

SHA256
791b0c43673a6d5856a3c2dce1b8d84da2045f9c4b458891aee8d26ee33fd34e

SHA512
4bd9b6ac5bdc29c6552d91adf8594040bbc5d3f4d2dbb21f0d29873d482a83d74576df63ada6ebb32283eccf81e5dfe194c9cf291586e4c659a76a870d644985

Download Submit
/data/user/0/com.hz.amk/files/umeng_it.cache

Filesize
433B

MD5
778461a2b1b662bd99dc612caa01134b

SHA1
b7c2efe5b8af6490754505090b6f6737bb8b42ca

SHA256
ead6262fc2234b8287c45aa01ec7bd0450ded81887c0c9dd47a791639db2c533

SHA512
33f5c682d6d6f43f78d68e79bf688f40d2b6adba2c794894459b99759ff6a12562c65a4eca4b235e25be664137122c5137228ab40ea3906d2a505fd43c2ed737

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
1705861beb345be0e1606d9d9d294d82

SHA1
49cb5c0720cf8f16c18406b0f5eccd4b283c70a8

SHA256
31be4c3f6d409f317dd52de44246a1d37d620e099537c10598ff42179bf4fa3d

SHA512
c3279d00fa01cb3cfaed96c7c9e1b5b7da7b9e1c9199fc73028675277637933f95944b43eed05b43e633aab4db7f89585567c9f319ca3ccb7fa8846a37477a91

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
badc81a2a33a0533a7e6f3edece7bdb6

SHA1
1c54d49a90f3149a226b94ebc913ab1117b88770

SHA256
e234f16ca0b58a110335b7b982b57c701b561f99ef1edeae362874b7f57419f1

SHA512
1999fe715061c01f484e65302e6de0504fe332beab435c5467053cfefb97e98db23d913bca0747725250ad07dca7b25b80b0b0efdad2fc94559916b04cd37a1b

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
56KB

MD5
1f9864ea8affe1b13c586b5c04cd405a

SHA1
468c32f54bc50929cc29346b26f9e7a134a2799a

SHA256
cf2c7c391acb37d35a57dfb86fcb01246ae47b37ebef9269e061bc0c082c63be

SHA512
8afa4572a6e215a0fa0353f4431ff1d9e5f160128cbbdd53b2519f0053eb2ab88142f6a54d740e5a116883ad0725d3978d2f85c72c0dc50ebb176c674e6be098

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
79b31f6c43414adfc3af948dd8d868d0

SHA1
10b952d3f0886d18186bc5578f8b0077e6e9a8d6

SHA256
c5c2fbacc453540265d2f0f101985c007ded1dab473ec0250855268f93be8bf8

SHA512
6319039d9df33289eb67ff058ec6d527a2f9448470ffff2c595aa9b071516a8bea5c54ff6e6189c3bdf36f6ab2c16747f339e8188b08a2d9df6edef1a9b9d45f

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
2fbc1cedca23ceeef27f6520e6f32504

SHA1
317dfa9255da3adfe9366023c21c032cb6d9befa

SHA256
f9e9c0cadb3f468e1184835e4c6a9abafc08a434651f3847c89b0ef34a223d12

SHA512
0da82f88c489a25c2aa81a94e81b9488ef98a20aa6c8a39440beef43ccd017588309954d7c718be99d2a8434b1db1928ebea73c7d92d12e2ba1f39bd79967f2f

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
512B

MD5
33d8d6fc78ed9187ad4e91c6d4ecad5e

SHA1
f5264638b4b21f5feca55a620053fb82cb52d27a

SHA256
1f9b4032399de3a3ea5f8a827d5949df33153bd162ad6f2a6f0ca533e20beeee

SHA512
5e677a2eb02280ae9c17788327bf72f86ca4460e34ee2a517f802272f4dac3430df28d8ed6ff2f94daaf309237869dd273345d6675a7c43df7a4dc3d73fff682

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit