6171a72db2c8306844e22932da696e1cbb6890ff23dec346f23c3fbc9484ee74

Analysis

max time kernel
2622507s
max time network
150s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 18:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6171a72db2c8306844e22932da696e1cbb6890ff23dec346f23c3fbc9484ee74.apk
Size

23.8MB
MD5

061399a28f4df3724ddbf1e2cc0e3a09
SHA1

c9c2b72a4eed0168c87ab93590a367f983523d66
SHA256

6171a72db2c8306844e22932da696e1cbb6890ff23dec346f23c3fbc9484ee74
SHA512

919799e1ef44d94083d467fe2c76c3715a48a512055150f9da81baf7a3afd198276784138911f188275b4e50c49bda35529a404a661ed9b53e6f59ee0cd89042
SSDEEP

393216:Vsd5GpmU/yshIy4FxhIWMnTpRI4+DMHexOpyari/oVbjphPwgbb7M2CuvTYXGAlY:VsLGpmUcyI6HTIdMHOICSwU7M0cWGitp

Score

7^/10

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 IoCs

description	ioc	Process
Accessed system property	key: ro.product.device	com.mych.cloudgameclientAs.dangbei

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.mych.cloudgameclientAs.dangbei

com.mych.cloudgameclientAs.dangbei
1⤵
- Checks Android system properties for emulator presence.
- Uses Crypto APIs (Might try to encrypt user data)
PID:4261
- /system/bin/sh -c getprop
  2⤵
  PID:4300
- getprop
  2⤵
  PID:4300
- /system/bin/sh -c type su
  2⤵
  PID:4337
- logcat -d -v threadtime
  2⤵
  PID:4365

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mych.cloudgameclientAs.dangbei/app_crashrecord/1004

Filesize
238B

MD5
9eff034886f2785bf81654aadd2a7f5b

SHA1
d70633c0be67bbd38d3ae026aa035927a0e36a8f

SHA256
aba0b6d75faa5d9197b63af824392073b5689110b104a8f162b3c17cad6d34a5

SHA512
1c1d4487ce124f63465c02e4ebfcc4209b23fd9f0db49a5b20118fbcb0304e774df83257bc565fa22e85cf9ad5c4f6c649b0866bc342d8824daffb1c66f9fe54

Download Submit
/data/data/com.mych.cloudgameclientAs.dangbei/databases/bugly_db_

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.mych.cloudgameclientAs.dangbei/databases/bugly_db_-journal

Filesize
512B

MD5
f9d04f0ca654e30fcc7e0d40573e6625

SHA1
2aaeb6ec91bad0bce75570288b7e8a962859fb07

SHA256
a34b3f98196c44a8d4a0531f4739e8d67a043f784930a41d94860cc9c9fce89b

SHA512
242990e8aeb16bf0f384943e42d616f0caaafb9618e5acf49b915e739470a362dfed8d6b8a3c2f78cc983aa85b09282714d75e0ac7c6f902a8801cfe39399805

Download Submit
/data/data/com.mych.cloudgameclientAs.dangbei/databases/bugly_db_-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.mych.cloudgameclientAs.dangbei/databases/bugly_db_-wal

Filesize
16KB

MD5
82c9f332e36d86c3aeb1679cd5d61ad2

SHA1
4caa71fe8863fa31c45b9f91b09a8aaab03eaeca

SHA256
315754f32c857eaaab83579b6825cc8a3738567695c68af76199ccb72d50d442

SHA512
02ea6c19a13f72dc57522d94337c73cbec0865f1e4818aae5438bdea0f0c9452e5ce2f009518ecc6daeec1fa37cd4d40ee8ce196de1fe2b51511f896b9ab93d7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads