Overview

overview

7

Static

static

6

66db5c13a7...b2.apk

android-9-x86

7

gdtadv2.apk

android-9-x86

Analysis

  • max time kernel
    2636453s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23-12-2023 18:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    66db5c13a71870606503be08a61f9caa4a79cd85791827ba41daff1fd4c5fcb2.apk

  • Size

    9.5MB

  • MD5

    aa5e20642e0429b11f65ed3d202c4400

  • SHA1

    39eccecf7964dff6d4e53c664dd0612d8d8f9bda

  • SHA256

    66db5c13a71870606503be08a61f9caa4a79cd85791827ba41daff1fd4c5fcb2

  • SHA512

    e3b1488577e2d8df33bec441f541f8faf94882a365684d72bc02fc0ed0e0cb5359dfe76c18559ab33e0d060f32965fa91af94ead0ea7a7ef46400326e4d1ecaf

  • SSDEEP

    196608:yS6DIGdFPZ4zD3juE7Pc/5Acg8yMz1+Z6k9Fwa9eTvMu4wxQuVyrj8abQR:dYIG4DzuVAcg8BZpk92aERrwZcR

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.lushi.juliang.jixiangzoulu
    1⤵
    • Loads dropped Dex/Jar
    PID:4265
    • getprop ro.build.version.emui
      2⤵
        PID:4349

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.lushi.juliang.jixiangzoulu/.00000000000/39285EFA.dex
      Filesize

      64KB

      MD5

      614c3f4f143e716dca4b724bde115aba

      SHA1

      ca9b2cbcea2427dd5adfc5199c9e0fa61340d082

      SHA256

      cfd174a848c0ab7b0a91e3e68b55bb7a25f449ef0a0e1250761f06825cab2189

      SHA512

      9d68bcb885ef532b7d5f7fb246c288ff9372554944112bf6a643d872bb6357b7879eccf2dc95572105b301778f34ac5cc38dcf79bcf8411bd8b73f011a8b4641

      Download Submit

    • /data/data/com.lushi.juliang.jixiangzoulu/databases/downloader.db-journal
      Filesize

      512B

      MD5

      88d1ffe4e2bf8fdd3b285aadc6a8990b

      SHA1

      50d06630d5a6991c9f19dbed37b0ff283c7cd9dd

      SHA256

      3084c8f31cf07681d24bf0470b193686d83426d56461d4e738d48dc1bd280ea0

      SHA512

      17b56e4835be40192ec4042bfb176eb95a2600e548f7f0182cc4648d0712c3b5ec1b8bead709170e9be0b5a77fef4490f4e7dbb881cdcb512860b167dc395505

      Download Submit

    • /data/data/com.lushi.juliang.jixiangzoulu/databases/downloader.db-wal
      Filesize

      32KB

      MD5

      8c92ce111b3d60ec5a87e10f1efdd1d6

      SHA1

      b07a97ce9bf2671dedc38e524b7b179a3ae4b435

      SHA256

      c35e570222d709387377993a40aa9b1c10b211e733982e4cb4866106f6171bc5

      SHA512

      e27cc6edefa719e76eb87c578e9bc8e7b7d47f2a57c0fd6dbcdd152c4334682f153a8dcf8eaf183ec700eb8f76379dae661842cb2dae2234c064fb8b59b4ae38

      Download Submit

    • /data/data/com.lushi.juliang.jixiangzoulu/databases/ksadrep.db-journal
      Filesize

      512B

      MD5

      997ef20fba7def3cc267cb266a0d7906

      SHA1

      0e99a88277d58472cc75b5449e6b561943d5a200

      SHA256

      fefc45ad98ef38372236c2c2111ab65c9ce849b09c6440d3237523c6b3990485

      SHA512

      6a1d2b6e93d50b07413844983c713c69829cf081cd3abc0748cace64f8ef4356a54d28c19a522ae94aced512c662b07b7418fcedc3f3f5b07bd5a331bbfce2d8

      Download Submit

    • /data/data/com.lushi.juliang.jixiangzoulu/databases/ksadrep.db-wal
      Filesize

      32KB

      MD5

      9c38cede4c04f083ef1b0b8634d56f3f

      SHA1

      2f75de77ec128c5747578f134d7342ba9faa9602

      SHA256

      25e8fa8e0034a527937910dc2bd263dd9e2572ef00e2056a492a659e5303bb17

      SHA512

      bf0a0ff12fe0757561398fda05ab1891696ad9f3b1bfb436f689733f40518122b8089446afb48284be5bc91c91db59f70d87b79aa45d9b7b3d1cfe5eb5208e96

      Download Submit

    • /data/data/com.lushi.juliang.jixiangzoulu/databases/npth_log.db
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.lushi.juliang.jixiangzoulu/databases/npth_log.db-journal
      Filesize

      512B

      MD5

      9031b6090b4d4012148c759c24464c88

      SHA1

      8f92a813d3a2877b548745e085f61f8c6b7ac615

      SHA256

      f5bcaeb5e1df31637cf09c352578e8ccd214387ca537e681d8eb3215b458cbe8

      SHA512

      8e3d08dd2faa68b2dc741dc4f0698b6e115cda7f676adce251d0d4d319dd0e25513951eb6a7c62f32f234ef114153739742c5e1f1aeaea7f09de5689976c99f0

      Download Submit

    • /data/data/com.lushi.juliang.jixiangzoulu/databases/npth_log.db-shm
      Filesize

      28KB

      MD5

      cf845a781c107ec1346e849c9dd1b7e8

      SHA1

      b44ccc7f7d519352422e59ee8b0bdbac881768a7

      SHA256

      18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

      SHA512

      4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

      Download Submit

    • /data/data/com.lushi.juliang.jixiangzoulu/databases/npth_log.db-wal
      Filesize

      32KB

      MD5

      4141bde569241c368aeb42c34284539b

      SHA1

      2731f72e83dd4eff5af81ada65c3de373f1c415e

      SHA256

      3b0cc926b8631409aee6bf926665ee4559b9eff5a44d4c9c0431ae709518c7e5

      SHA512

      3968378d91367f3d2aa8f5f16874ed74dd0a7bec76b5f0664b34ade5261919afa04da1f1ff31da39510b2ddd2ee1271df5e9b233f0022cd3d78ddc874fd8623c

      Download Submit

    • /data/data/com.lushi.juliang.jixiangzoulu/databases/ttopensdk.db-journal
      Filesize

      512B

      MD5

      df3f5575d93368592e43a9c38336de4e

      SHA1

      891fad07a0e6432ad0736b2337050e16b69882d0

      SHA256

      d04330ef1554d284390d4db50fa7d2e7584727152b2332bda5c6756b247dd9cc

      SHA512

      b27b4f471cdb9c64ed204e7b0580a4fd9522ef9fa652a8ec28ff966f4b1e09ab98b9e07ad35a4871b0e98400c2b556c4dacb40fbccebb36cad84f31b8d82330f

      Download Submit

    • /data/data/com.lushi.juliang.jixiangzoulu/databases/ttopensdk.db-wal
      Filesize

      68KB

      MD5

      c53470581b16ef3ba05ae9fe96c21989

      SHA1

      b6139359a0009660c4668282668ac5b139f3dca4

      SHA256

      992a8e3836cb78b6f05f58be28e11fc78a14d53d00cc785fc2b1eda8d213002b

      SHA512

      92a1e06e218db45480a129e6fbd8ddd619841996f721a2f13e221736a689a3d5d1d1fc4f8e4545585791856b51fe789aabce3688274e319c464c812441de6861

      Download Submit

    • /storage/emulated/0/Android/data/com.lushi.juliang.jixiangzoulu/cache/ksadsdk/journal.tmp
      Filesize

      31B

      MD5

      8c92de9ce46d41a22f3b20f77404cc1d

      SHA1

      8671a6dca00edb72be47363a7071be65cf270373

      SHA256

      68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

      SHA512

      30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

      Download Submit

    • /storage/emulated/0/Android/data/com.snssdk.api.embed/cache/clientudid.dat
      Filesize

      36B

      MD5

      1712758bd36ced2d23e5e1875549e638

      SHA1

      a21155923cf48195f58f7a10914574a92ce2ec44

      SHA256

      198a15e0eccb0d6bef3dbe4296ab007bb5904383ea227408f638d88e3b4d91ee

      SHA512

      9994def2e5885e2c9f1e1529a9c6e1b6f318ff24586400967d5e1a5d4c46c71f01d79cab731767ae3984d7e0e4482c2a1c5e4cb88652b58d3de90a5d54bb6b5e

      Download Submit

    • Anonymous-DexFile@0xca528000-0xca53974c
      Filesize

      69KB

      MD5

      02f69eb4fe05ebc6c9f736d83e5f7e26

      SHA1

      777d75e14a73f5721fc4ae34f49a9a4b82311373

      SHA256

      13502356b7d3f910107aeff131e9c4a2b892744a125a2d1a2a206b219dc36042

      SHA512

      7c1f5d68d40bf37aef2e59aa9a4f96d1ef642a8db7e53295953b0b5fa3a63cd7546c5cf8ad3fc17f6b84a795a08e13024d8dcb3db828ca3fad634964cba69bcc

      Download Submit