5b5fb85c22e366d0daa251ee44d69446ce4a4553eaef4f3605d8d27a7e85cd7e

Analysis

max time kernel
2602988s
max time network
160s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 17:43

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

5b5fb85c22e366d0daa251ee44d69446ce4a4553eaef4f3605d8d27a7e85cd7e.apk
Size

10.1MB
MD5

9ad86cee24ce4912858468b8253f5936
SHA1

c502e47be39ae78994d3cc75250050813fc2ba2f
SHA256

5b5fb85c22e366d0daa251ee44d69446ce4a4553eaef4f3605d8d27a7e85cd7e
SHA512

96a3563214dce42531194a44272979024075bd705dec136008ac2e5de8c1d2e74a2df1bba1403f0b5977d0b38b7eb7ebecfc82e74a656a2265ca8d105b523d63
SSDEEP

196608:RrQLaXttHbFp0VdE/nMNO0cxXsueJbCeiqcr9si:RQLuxFp0Vy/MOBXsumCeiq2

Score

6^/10

Malware Config

Signatures

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.haoliao.wang
Framework API call	javax.crypto.Cipher.doFinal	com.haoliao.wang:pushservice

com.haoliao.wang
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4270
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4396

com.haoliao.wang:pushservice
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4309
- /system/bin/sh -c getprop
  2⤵
  PID:4373
- getprop
  2⤵
  PID:4373
- /system/bin/sh -c type su
  2⤵
  PID:4429

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.haoliao.wang/app_crashrecord/1004

Filesize
225B

MD5
b4b47b7cc682a73d70bc54783b3cf4a5

SHA1
f2c7e5e7031e2199ddc2c18d2ba68008be4aae09

SHA256
98d3642a51eb9e127dfbc090198e3e3e9fd2f7918b1f6c85304577e2039ac6d2

SHA512
26235eb9266a57480abf08e0d48b94997492d43556ad698d5f13e800aa188d6ed96b40492a6d6f20e8ffc5507a6817833287723af6b793a8fcf8a9d20bf68c95

Download Submit
/data/data/com.haoliao.wang/app_crashrecord/1004

Filesize
84KB

MD5
a64c06467b07fceb5fb7a5fb206a2e7f

SHA1
2884a069d918be1fc0f4d045f3927eea1a82a3cf

SHA256
cb2afb5391276999be560303fa32e5f664f8bf6d41450a249c92a390c87f5152

SHA512
7defed0c30c22ef3758b1b76888bc71544298cec96d936ffe4f5a5d54b65f8991906187eec285cb28923b2c4f7d667a1e11f2bae6b8de30d32f7e70e308d33e0

Download Submit
/data/data/com.haoliao.wang/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.haoliao.wang/databases/ThrowalbeLog.db-journal

Filesize
512B

MD5
285dbc4ee23bfaf3e6d04ac6cc804ece

SHA1
5c6fd5a30ff3b8a643c3fcace44eb8909bf3c3c0

SHA256
452e660c4d0ae180b7f51b51adc182c0df3a40097a88053b9836eafdf0a48283

SHA512
9cccc525783e15b4259c0cc93cd3a968c017a9e43d91d8246fbe8a9641a98004eff3d4fa5b8676b9e547e4b2cf8cc8c5167c1aef65d92099930879634745fac4

Download Submit
/data/data/com.haoliao.wang/databases/ThrowalbeLog.db-wal

Filesize
32KB

MD5
a94d53ca13b3b534724bf98919ea4b11

SHA1
61ce2d44b2719f050dc401947c81ab034847f6ff

SHA256
4dbb38245978c2f3f294da6d384b963f119633cb02e2a43a041b6810db56f53b

SHA512
f8f5acb41be9e5cc232fba8423a86027b7c927ad5810dd269b940ababb665be71a20f3003d2f2ad5f0414299ff17a39db97e8504aa4e05030915dc1ad8288829

Download Submit
/data/data/com.haoliao.wang/databases/area.db

Filesize
7KB

MD5
9c8dc268bcbad918b8b9585b75a3b0da

SHA1
7c4d9cdb8e88808f77405fecb12b71a4ea43de3e

SHA256
dbedc672bc1696fc0397175684b07db31c0f6527f12d08dd85e8884631069c5d

SHA512
2a865d02703a2128b4114d57a350735abb6f65c16666714efc0f0b4389234e98f644aceb17a33ab87691025b663f16361041a32d8ff64381e5d2bc1c8355b725

Download Submit
/data/data/com.haoliao.wang/databases/bugly_db_

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.haoliao.wang/databases/bugly_db_-journal

Filesize
512B

MD5
7e2f36d143830f31103efe3ce8fc4625

SHA1
c36974e6a76773808e367e5ab177effd29ab8e46

SHA256
8675a53382531e5cbba9356109c9d9088c167821c81faa1a0227a29a5ddb2e56

SHA512
ba9843bb60f21e70be4d078f9f87081a8e1191caaf04f7485e104635ccf7c7a14e2e8b43a790002aeeef9e59115938a7787f1111291d4cc62b1f3da678d06202

Download Submit
/data/data/com.haoliao.wang/databases/bugly_db_-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.haoliao.wang/databases/bugly_db_-wal

Filesize
80KB

MD5
3830cfa2ca650c1bd306dae7d2da4291

SHA1
35ee427a8c6c00e4fc83f78edb9a77863b5951ba

SHA256
cba4bc7d6c204b5d3f90ea2852fe9befd2f7490f5aa987e2341f2f73fbc69879

SHA512
980e7174369254a01b1e8a33174a6e9dca348e4e721ad0c7c78e76b5e346bdc1160e0cec1f284d54365782eefcc7b121de7c6f5565e03ad21cbaac75587bbdf8

Download Submit
/data/data/com.haoliao.wang/databases/cc/cc.db

Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.haoliao.wang/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.haoliao.wang/databases/cc/cc.db-journal

Filesize
512B

MD5
42981bed08a5413dc0e38b162077e986

SHA1
e6b895fe18b7096d71577536ef54509ceef19218

SHA256
2cd2e19b3e4df0fcd746a4ef990206df3695465380bf3ab508e385510bc34dbf

SHA512
e1dedf827e9ee58aa1cd95302c0245e12a15fb46eb40c4698108563f354f7df2e10196beabe67d1f443788c5edb0e349c902cfe24794061075cc16f265c1e645

Download Submit
/data/data/com.haoliao.wang/databases/cc/cc.db-wal

Filesize
48KB

MD5
09fe311eae84fc7d144bbdc91aeacd46

SHA1
604408f02f1861e82923d3928d9f54deda8ac59d

SHA256
a93ed87feed133bdf5f6eb44311538b66ed31a9f8baec00a7aea630a356bdd39

SHA512
6f0ff492e6e5a7eec7b32ed60b44e88599a45c0ea5d1b69f49983ae2c7e2295dea2aff3f57d701e38b82ad23ea9e6247b6d7633457876e369adfae919bb02213

Download Submit
/data/data/com.haoliao.wang/databases/cc/cc.db-wal

Filesize
16KB

MD5
ddf55afb21d462f107e36557adde5381

SHA1
38b1565bde12ed6a48d5aa9ef5098f3f3246099d

SHA256
a83f93d09959117e8eee2889e71087399991a8e6529baa4c0dbc7e1a5121acc7

SHA512
4ff1e881f20f74dcddb48577ed7ad7ce08dabd0299a2c66df391ff6f398a8e8259c9dceaee7206f10a2e9c5057137f06bf6951e6072305276f30a5b5fab1c0e6

Download Submit
/data/data/com.haoliao.wang/databases/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.haoliao.wang/databases/ua.db-wal

Filesize
8KB

MD5
452a0d6c7ab576e9800202ed8c69a682

SHA1
0252f11ef3ecd05c27c36e910576f8653acf5d81

SHA256
1f300ea104aa01510639fe8ef8d53a3b72e6225838bec5a59d6e346ffa14cd2d

SHA512
7077a05b4c1ad0b7faaf8517fbb8b8098027e9e4bcd4c1e4ff22bceeed0e860169bcffbe854b9b1bdb262bfc070386084832b0c8910c100c56cedb5a5d3e8d14

Download Submit
/data/data/com.haoliao.wang/files/.um/um_cache_1703410017960.env

Filesize
1KB

MD5
e04d63254a72f87560506c632c8edb32

SHA1
803024db938274b56263a1d97c3a132f43c43122

SHA256
649dbc8e8a2ed256aeb188e60c6de83e3dc537e7e151b6cbefd4457bbb01fb22

SHA512
fdaf7f543b3ad3182c0ab230cd4e26ad0acecb2939e5b0223e06588df1c3c6b1bd1b3236e8ee42fdd790807feadb0347ed7660ccac4965933856abd7fd49fa3d

Download Submit
/data/data/com.haoliao.wang/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
adee2b533315396f4cdea39e260293e7

SHA1
d3e55bdffc9b1f9dbf8f5e68976df9651163b2be

SHA256
2cc9445016e179c284f408bdee5698d5350b23cb9671738aac093c498d894599

SHA512
e1d28556c2d9918b729d05cae24ca5c98ac04202b0dd8957c5e802ac9a0c473d2bbac25c1a42e5ef293d27dd5ea325d7cf6b0cd0d552e867b3a4d852a38876cb

Download Submit
/data/data/com.haoliao.wang/files/Mob/mob_commons_1

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/data/com.haoliao.wang/files/Mob/share_sdk_1

Filesize
23B

MD5
8e24e79baab91c4d0604eaa9006a0cb3

SHA1
e427afc94a4b957a7096f73e395a10ea404c076b

SHA256
65ee797326cb9d94a4c8b13fb114a7273d80af9ae547496bf56556c479f75e4d

SHA512
45bde5e1b5da5e54f7f5baf24cf4d9158ccf5813f0babc05677437bfedf1d54c4707090a1c425089e8f9582a85fed80b25c1e1f30ec2051afc6fe68bb8a76bae

Download Submit
/data/data/com.haoliao.wang/files/exid.dat

Filesize
53B

MD5
45132d9c724eec80fb02ed38211ad37d

SHA1
82bd94d7df5fcec3e6075b1c909bc9006fa07030

SHA256
a07287e1011daf4039aefc04099d0a1052e8136fb8bd0705f63e3fd854186ceb

SHA512
3f88745a5d2278e0448a8dad10e65514baefa126037727e2d108c5baa02f967045d88b1de9f59ee4d943717cd1ec5933377392f89f35ccd7b2e931def01e5b00

Download Submit
/data/data/com.haoliao.wang/files/umeng_it.cache

Filesize
413B

MD5
5a7ab1df4afefb91940f53f0dd1a0f6e

SHA1
45c43d5a5d40671cce91e42972e62d851e89849a

SHA256
aef31ef7862897647523553600e9ce4d068082e912743b8080f5be64b9cced65

SHA512
be5c5ee779ae1e74436639cde18a692d82d344ef75146b384b9b83d0c4e1b298401720b1b353a4858a0d5a4584c04b66ee505026d3ac9ab3fd695605492230ea

Download Submit
/storage/emulated/0/Android/data/.mn_410185822

Filesize
98B

MD5
23c6328a43191b2389dbe74745ee6fc9

SHA1
e61b5938ca00201651b49ae5136c7b775616870f

SHA256
ab33108a8c686024fa4568818a5f6e1c30e319f3511b1e1f5d8f8a9a8fcb775f

SHA512
44880098633d00a28a4b0b80aa3a286ac28618c0e1331b1ce35d347bc4569a48dff2e68d5abeff362493fe8eb1f5dbe380ea26f49fb0c5ae1bf4039bfe05814a

Download Submit
/storage/emulated/0/Android/data/.mn_410185822

Filesize
146B

MD5
06fbf3b6656d675b8a555660a296d4c5

SHA1
72c4af3a3d884977827729f1dafdf3f515e30d1f

SHA256
038e79614270d30f1dffff143bec4fb76195d45a5bc831ea0c4afc3becd2fb33

SHA512
7fb8751b6896fc1619ae9a11b1794a008381fd44a215053732d314354de10088619ad6af7f49710f81f3a810781d99e024813343edc2d78e7c06009c904edf09

Download Submit
/storage/emulated/0/Mob/.mcw

Filesize
80B

MD5
853ba6ebddabc41a5059bbef30c8497d

SHA1
c5a6573cabecc62fdb3c0fd133c35f0d9d23ea2e

SHA256
d397b9d5628850b59e6b1d036dc14b867a9fda949e15fe0b5eadee4d9108f66c

SHA512
f6c8526b4cc4eae05136ba77fc4483b99c9ab2d03220efb6de92df5de569414da7e33d0dd5df7e2dd19e9e7ef5e4a657abc818345445a3ebe2f7c1faf4945c9d

Download Submit
/storage/emulated/0/Mob/comm/dbs/.duid

Filesize
132B

MD5
735e94c74dfceca0985456e98b79cd5d

SHA1
16d0bb664027cea445a23b8cd5e8779dbd99bbe4

SHA256
f92cbd95d1aef373a38247c12c95897e2b7eecc1a21988259dadc105f78f52d2

SHA512
3e327f51f3d915f0d375220e1682639d09a6c14551dfb02c0defae7b469d8ff9222b5a9a735dd3ab0cac0f140671b2626461fd1335d15e7167f610bb2322d73d

Download Submit
/storage/emulated/0/Mob/comm/dbs/.lecd

Filesize
772B

MD5
1eaf0c7c5da18ddb05de1e9a3bce6ba1

SHA1
67d256b465db219a1591a5301a7b18afc4f1e96c

SHA256
7193088f5d03c81abb42805aca5ec247044fab85a9daf23bbae04cea192a6d91

SHA512
8b169f871a2e551a00705314108b155c9c2d371109b983205467a2919e317103f86ffca919328c9b096704a217b36450d08277e3c5e36acc0128ec9821be1292

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads