5d92077a1727c65bdf37d55ca3b2d450c516a70b8fd1e5f3f319d233ed211987

Analysis

max time kernel
2612251s
max time network
142s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 17:54

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

stasdk_core.apk
Size

2.1MB
MD5

6bacfe7c44e9f86700711fb051cceea4
SHA1

6727cffa12d2f6a870f99cc3b3443a4f552f4513
SHA256

50b417f6a0b261458a858d152adf728914eddcbab1bd83ec25dd5fbad416c77e
SHA512

4ceb590c6a9f7ec2c6959fe5cdd0b4a1ea3720134761aad47d6046d646af5a040510cf738ce540569ab25b83a4e79d1dff24376a78855641cbc01511b4a0ecd8
SSDEEP

49152:gLrcZzVCuSfl9L1RoYfIpVWoTqK9cW8sQtwSmhM7+WRSdlc:gLGzoN9L1RBfIuoThKswmhHQS7c

Score

8^/10

Malware Config

Signatures

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.dbgj.stacore
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.dbgj.stacore

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.dbgj.stacore/app_baidu_ad_sdk/__xadsdk__remote__final__builtin__.jar	4239	com.dbgj.stacore

com.dbgj.stacore
1⤵
- Requests cell location
- Loads dropped Dex/Jar
PID:4239
- getprop ro.board.platform
  2⤵
  PID:4274
- getprop ro.mediatek.platform
  2⤵
  PID:4295
- getprop ro.board.platform
  2⤵
  PID:4318
- getprop ro.mediatek.platform
  2⤵
  PID:4337
- getprop ro.board.platform
  2⤵
  PID:4544
- getprop ro.mediatek.platform
  2⤵
  PID:4564

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.dbgj.stacore/app_baidu_ad_sdk/__xadsdk__remote__final__builtin__.jar

Filesize
8KB

MD5
bbe2533c09b458fa46bcb4ca29442c5f

SHA1
6399fd09a7f6d2b6ed3b2c20d2085fe364e79e94

SHA256
16553c2eb53ac3a10df8c0e34e189a0c299112c8b36b5314ce2d0a8298afa536

SHA512
8fc9b38ba092fc32b49f3315bb8c68c2e9014244bc2f485dcc794cf7524af1c06a44f94360fbd27309ff600ab27a87e034cabda9898240cd36eea5ee8bdf4ab4

Download Submit
/data/data/com.dbgj.stacore/app_baidu_ad_sdk/__xadsdk__remote__final__builtin__.jar

Filesize
33KB

MD5
80cdde4d90322966cbaaea833f09335f

SHA1
689b83c9d494de0616d7eab2cd235abdc20efbd7

SHA256
77b62f91b9db143b726f1e03ad224e77b2907819bd34789453db4132fa96fc2d

SHA512
089447b882c6c511702e83ee26b83362f40aa49dd80e932e315846327a8e962a382a434157eee993981b6a3fb5f042b4bef75b2ad73f04c0a7f13007acf2242b

Download Submit
/data/user/0/com.dbgj.stacore/app_baidu_ad_sdk/__xadsdk__remote__final__builtin__.jar

Filesize
208KB

MD5
8ac0f6e404323d80b3aa5d7132125463

SHA1
547b41a4d04b4448a57a26ce9a4a612743153523

SHA256
1cc33691b0bd133bf03839ada68ee4edb4e9ab3e06621e4473a4a9fc34169a0c

SHA512
50b539515417a0013b1d02d19d58721c6f0613d5009ee5d879f57454c650691cd995d9ce11c293ec95426821fcdc0f91b5a49481eb27d5e30968b87939547566

Download Submit
/storage/emulated/0/data/.systemid

Filesize
36B

MD5
1041c7baa1273191ce519ec348ee047a

SHA1
e8869638d2f72a846dd8644ad5ef97e034375924

SHA256
010419009351d7efbd4697dda7fd4555bcf424c7eea142036eeb2c4de011d651

SHA512
0bf41021344edacbef751331a8aa6902a08724b055ac412a503d8a28cf80ad600b6bafb1cdeb473c43405a7c5f71ae87288e6d884a57a2e8381338577562fc12

Download Submit
/storage/emulated/0/data/.systemmac

Filesize
17B

MD5
0f607264fc6318a92b9e13c65db7cd3c

SHA1
c1976429369bfe063ed8b3409db7c7e7d87196d9

SHA256
c248c629af1fe0a8c46b95668064c1d2952a9e91d207bc0cc3c5d584c2f7553a

SHA512
9dbd40b135b46c7be31b8c7d11c75b0b179af3a6550fca52ec447583aeb50aaaedb4b1e9373cf8826615149549a2efaee04efdc9a282e3a6b387c73099c13fb1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads