5d92077a1727c65bdf37d55ca3b2d450c516a70b8fd1e5f3f319d233ed211987

Analysis

max time kernel
2612196s
max time network
146s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23-12-2023 17:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

muzhiwanapp.apk
Size

6.8MB
MD5

25a12b3e3d69b621f16d6809d57e37ee
SHA1

7c3026ac9bef20aa6c274a0ae0b2894ed27a39c6
SHA256

63a4443e53422abf80dffa60c088c72921a4d839d4070613427d9165909ea7e6
SHA512

d04d3fd4fa2d0911f1831b29c5b3031cd45349f8b916a1400a1789751c341272edcdb37b20ba468f759962f1aa7da174a58ced8cfaab1ccefa27dba19b445b47
SSDEEP

196608:udfDsgl7Fo3HcMg5+knzUsd3wIm1vM4MY2oNs:eAKm3lO+kz7dg3oGs

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/data/com.muzhiwan.market/data/mzw.apk	4286	com.muzhiwan.market:mult
/data/data/com.muzhiwan.market/data/mzw.apk	4339	com.muzhiwan.market:mzwlogservice

Reads information about phone network operator.

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

com.muzhiwan.market
1⤵
PID:4250

com.muzhiwan.market:mult
1⤵
- Loads dropped Dex/Jar
PID:4286
- sh
  2⤵
  PID:4436
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4466
- su
  2⤵
  PID:4506
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4539

com.muzhiwan.market:mzwlogservice
1⤵
- Loads dropped Dex/Jar
PID:4339
- sh
  2⤵
  PID:4497
- su
  2⤵
  PID:4557

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.muzhiwan.market/data/mzw.apk

Filesize
42KB

MD5
7bc525aa5cfd71cd4d2ad570fd72a906

SHA1
b411e1b345b5e9e4a0e4f603b46277278981e921

SHA256
14b68457395896d3ffe12b777f52fe2cc4182a6c9ba383555b12522c93657b00

SHA512
5f1973360665bdeb536d8dc2a9c5d2077990fbc6fd3653747de9d54c7032a776151f39986792ab57773623a143b2d65cfbb585aa53c823197485eba9e75c8e2f

Download Submit
/data/data/com.muzhiwan.market/data/mzw.apk

Filesize
17KB

MD5
e65188742e10046597a4c648d045699b

SHA1
37b2f1e3e89d3b0d8683737ccae2ee725e82a312

SHA256
d0990058e5204d1a1bde2eff40893cb49d1e8972ee9b7e1b03ae35ac3cd5df8b

SHA512
3859b177492c74ec9448f7c57cf37beb7c747dca9580125cbd7c2e1f3a7761a3736072b1ec2ee14fa1f844f13df4163aa167b5cb9010e7e7fd00b2724553d481

Download Submit
/data/data/com.muzhiwan.market/data/mzw.apk

Filesize
17KB

MD5
d1a020921eff5f91e5900a64bc558eeb

SHA1
f03fec1fb79a3b528aced885a8e95fb0a7eb01ef

SHA256
de8599fe345c0cf878b2887a98d921051edd36de036b5c1d8595a2c8f3738aa6

SHA512
17f62c1182f869511ef89424cbc51140eddfb0e84a8999a5a4da94a6d398ccd92839a2d8a2705b976ecb59efbac90ede5122d3de8470dfbb75ce606a263b8d4e

Download Submit
/data/data/com.muzhiwan.market/data/mzw.d

Filesize
59KB

MD5
e58dc40885dac40ad368f5a573a01609

SHA1
4a9e522d1ed75c6485b0d621f93f54191e402d8e

SHA256
2bf6ae473297ac9f1a6256fe33d7ffd67ad380ef971d2e481a9b4a7f778fe119

SHA512
663d2c496a5003f644a4568eaf21d27e20e882d91d0e8cf19d82e4a7ffb15d09b360effff69d25be2c521cf03c3df3783c21ccdabf8c0266a221d23f78e7fefb

Download Submit
/data/data/com.muzhiwan.market/data/mzw.g

Filesize
42KB

MD5
c04d422c5a4bf58a127bbf2bf014965c

SHA1
3b1f3f4ad21fe0febe567e5a56996a7e61658cf9

SHA256
7a28fd857e1283e351d37931cc6e23cd6de5ad2fd4d3d23337a6f162b07f3978

SHA512
6cb2768a8344e3da470472ea906b5be2e33a24384efe35cdc3c0b0c24351c3b34444a4d2d6a9e21c48927b85554aaa3904fb0361071c0711841565222253e0a8

Download Submit
/data/data/com.muzhiwan.market/databases/notes-db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.muzhiwan.market/databases/notes-db-journal

Filesize
512B

MD5
48816ab6cffcdcffc505e6fffb103ca8

SHA1
6a7ffcf48b0380b4f2ec0e6b52d305db5ae5f776

SHA256
fe99425bf28dc64407a5ef0a0cb22dfc29f5cea0f351cbee87a31a49803d8213

SHA512
4fccf0b6ac91da25db0b1eca497d5883fa40f86b8cf557c4c497cf070f49e11761ee9e3329a0db89b9208d873256571c07aead3c0386110d50c9c140e06b8f12

Download Submit
/data/data/com.muzhiwan.market/databases/notes-db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.muzhiwan.market/databases/notes-db-wal

Filesize
28KB

MD5
ed512504cb5a18d95c089cc0ff25d079

SHA1
4c6269e194715be551422fc80b48995b454e1429

SHA256
6f329799b5c3c07f2d5a8c8e49f491ca62ec7356704c6b9df23cf2913a77ce30

SHA512
85d5413e5283410cc0eb5223eea643fa6422ee24353a749aacdd1922bfcf280c11567367f3aa64ab7744bbd7cb75017b3925d3caf2d08198413d94f1f6c7070d

Download Submit
/data/data/com.muzhiwan.market/files/install_file_dir

Filesize
28KB

MD5
e8ea8e2de1bd7ecdc9cfec0959482762

SHA1
5b33ffb252445451d07569b78f50109f391f92a7

SHA256
baf5e9b27db59d6f086aa1308d76f61e003e3cb089d8234b44dcd4185d3e48b2

SHA512
b02e5b128c150ffa95ebaf79cb89dfd30f07564dfdacdf1ad370f85ccd4e8adbc91b815125c917b210c5b9e48ecedb51932064a73bc23d21fa648ab7ac870275

Download Submit
/data/data/com.muzhiwan.market/files/install_file_dir

Filesize
4KB

MD5
9050147e2e5780e59113f1d37b4ae86a

SHA1
d5a1dbf86b82ee7d6dc9b0726fdacfae08f6cf09

SHA256
ce1883fc828f3fc4319b13b7848b02b75ae725e492edae50dfc1d7cf9da014fa

SHA512
6b59425362646f0ae0e94675ff68fbf8a3ed3f7fee4086e002d9f687d1d83eed46b0261d64ea1a3956172b6ea8ce604808034370c248b8e6f9937ee941540621

Download Submit
/data/data/com.muzhiwan.market/files/install_file_dir-journal

Filesize
1KB

MD5
2c5652683327d3e12495822c930c79e3

SHA1
ca9f88ebe4a17fb0983213136cd87c70ccf7feaf

SHA256
254f76fdd6a780b26665f3d8844a5a2c560892ef846198deeb16ec442b6e245c

SHA512
906c900b280c3193e93bbe65566a9dc1ebf7b96d1e4570851f51a23e280764c0758d5c6a0c97a161d085ee6e217fd534ece2ad8f6acfd7d67f482d73286dc10e

Download Submit
/data/data/com.muzhiwan.market/files/install_file_dir-wal

Filesize
3KB

MD5
e8870e48312a8cd8bd6f5802a09b90f6

SHA1
bdbe4ff9b5d7b5b9fe08803dc511b50a7c0fa769

SHA256
f9b5a8a3b0e2eeb925d332f461160abdf49635663d508385a113a99014125be4

SHA512
c7e4b99c5b8c1fb10a372ba5d2089154caf8924c924848e8bc88493ccca69792aea6bbd74e4a24f0c3549eaea068902d2d8b01a03e344c43724b8e5503e1cc62

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
36B

MD5
f1e229d40466e480b846d101f2882e0e

SHA1
0f49a5efe6c892fbccd4b36296f87daa1b3ee6da

SHA256
80865b04327f6ba0c1bf6d1a164d65ad15527db7dd7e07674a1200f95567bed5

SHA512
e7ec7c71540730ee8b0479a9abd1fd340f15bafdb2cbe9941db5b1bf9cf137953fe73ee0d56c8531499e9930a7b47faeead3419a78ac89b02134168ac5425eaf

Download Submit
/storage/emulated/0/data/.systemid

Filesize
36B

MD5
b79ac212b7382cba29af85b87229d9f7

SHA1
24cc76e60a80031cb14751e05826bb385955207b

SHA256
1e9278b71f05fb202d7638f633144a43f4bbab1d1cf62075f2090ff7603f9d09

SHA512
71e580ccd979e816b4d0523b8e422302abb69b0e8f9e3b7aeb9a16ea8f3814c76298a888d368ab1a70cc3049f60520783987a4d9a4e7d86f6719691372fe2d76

Download Submit
/storage/emulated/0/data/.systemmac

Filesize
17B

MD5
0f607264fc6318a92b9e13c65db7cd3c

SHA1
c1976429369bfe063ed8b3409db7c7e7d87196d9

SHA256
c248c629af1fe0a8c46b95668064c1d2952a9e91d207bc0cc3c5d584c2f7553a

SHA512
9dbd40b135b46c7be31b8c7d11c75b0b179af3a6550fca52ec447583aeb50aaaedb4b1e9373cf8826615149549a2efaee04efdc9a282e3a6b387c73099c13fb1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads