61aeea20ead3004aebdd2874292a5b98b904d02196fb7240198470588193b3da

Analysis

max time kernel
2623902s
max time network
144s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 18:09

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

61aeea20ead3004aebdd2874292a5b98b904d02196fb7240198470588193b3da.apk
Size

22.5MB
MD5

0c1c79520a6e4c7aa61a7a3c27d2e091
SHA1

e0b213ca7c238a5cd51bd307db03af176fae2856
SHA256

61aeea20ead3004aebdd2874292a5b98b904d02196fb7240198470588193b3da
SHA512

77cee6fadcce3dedf64ed356e028a40c367030e7505f27dc50476d8f137a009f6387662bad61f45405d5f523308736c268916d85405cbe2c3a76b754a9460c30
SSDEEP

393216:FiBQITCpPkrV6RItakeA1Y7D5KThT+ibpnj52jXX2nSUNUnXPBemxy2F1zPSvkM:FeTCmp6Hkna2TDlnjWn4S8UnfBey51zC

Score

7^/10

Malware Config

Signatures

Checks known Qemu files. 2 IoCs

Checks for known Qemu files that exist on Android virtual device images.

ioc	Process
/system/lib/libc_malloc_debug_qemu.so	com.diguayouxi
/sys/qemu_trace	com.diguayouxi

Checks known Qemu pipes. 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

ioc	Process
/dev/socket/qemud	com.diguayouxi
/dev/qemu_pipe	com.diguayouxi

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.diguayouxi

com.diguayouxi
1⤵
- Checks known Qemu files.
- Checks known Qemu pipes.
- Uses Crypto APIs (Might try to encrypt user data)
PID:4257

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.diguayouxi/cache/image_manager_disk_cache/b3947daf9166de6031c32c0840ce860f7bf17ae9fd4a7564541cd07a1576402b.0.tmp

Filesize
15KB

MD5
1645a0637785d4e4d5368e69d6961cfd

SHA1
354fdc834affbc556a63ab03f48487be1846eb6c

SHA256
6163edc59c1df93908458e009a6b977158a3cd0e4097a24c478869b89ce5c8dc

SHA512
ef6aa7d9b63bfec77412354e48f426a8959c69389b3f62cf3da57e00b006b91066d076ec0af908c1d49b27acdf72360efa1cebae9640859bac214cf1b0484adc

Download Submit
/data/data/com.diguayouxi/cache/image_manager_disk_cache/b8b2d0fd937226a24d6fa09b71b7c0d6faa860a2f4639b96f1d8726ecc44a549.0.tmp

Filesize
13KB

MD5
5c9c52cc8f10fed2fb55f63c8e1a45b5

SHA1
6a9373efcdf71f1f5de2f2d604aa4c204ef1949a

SHA256
eb83f10665784b916a06957d062c948d8825ac61b2b1d7c7e99c4a50d4fa1ada

SHA512
af635d28be20a84d3f94047edd19e0c2f8435ce0bef0f798c0c6562f898f1218edde84c9f5cdedad0309e23daecc7363477c8ac7824db8091b2a2e0d086c4014

Download Submit
/data/data/com.diguayouxi/cache/image_manager_disk_cache/dea2d66d8bd326e6904b8d81bb2eeff2384111a40c91de788d8bdd3715dfdfb9.0.tmp

Filesize
12KB

MD5
03f6a5576b2b622210f1ff62b7ba9030

SHA1
981707bf969eaf53e4e9671a72abaa6ab1e7feb2

SHA256
5e347e6d69701ff73cc013c60295e276610e5b956878637743cccd7c630f86c7

SHA512
1de997b5dc653e62ea25a9b8c8617d70136d391aa3b63684085cfa8144d0a12eb52c07bfaffd7eed6320859bca39b47ba00d4c11d2cc05a4b3723580e1c36efa

Download Submit
/data/data/com.diguayouxi/cache/image_manager_disk_cache/journal

Filesize
71B

MD5
327f3080bde142b04de5fb320c829995

SHA1
d7da2d783f99f505e55dc195f091f3fdac534ad8

SHA256
3b3116ffa0c03f1911177adafa2da146be088ba6d2ef52d3aff0d3818feab944

SHA512
339b2847e4b16c089cf0aa3a1d4f84cd201027a3f0d94940746e72df80e9c85637ff47567dd6b5343de84e9da439d24d110988a3ec3e60fccf806cc4af6d66a9

Download Submit
/data/data/com.diguayouxi/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.diguayouxi/databases/.mgmt.bin

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.diguayouxi/databases/.mgmt.bin-journal

Filesize
512B

MD5
0be31a64d1db1a5761fb4e1cd5a46408

SHA1
f5dfde72ccb49e6ffcdc0357f598ddc4328c869e

SHA256
ec524a63c0225515ba995a67a040fde7fe9700b6567adbac9ab7f7f62ae2bcff

SHA512
22451ce01b244457dc7ed1cf3b2ae89b2f85fab294009cf3800a079f79fec61c8071abbac1f82d3cc6945d4b6ccbaa40cf8ab4fed7e96e3fee54e8a8b7e34a83

Download Submit
/data/data/com.diguayouxi/databases/.mgmt.bin-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.diguayouxi/databases/.mgmt.bin-wal

Filesize
16KB

MD5
7428146d77b8edc288631a83884c880b

SHA1
bb2674cc54d90e6e4d13dbff3c93f12749a62c60

SHA256
785e06ade73a78b6b039a94818d22001bc4522e8d7af2efe642572cbc000b87a

SHA512
bf0b9eada4cde67a9246f3dfbbcbce9b72f78bfe71bc0a6e8d56de9664790e7948e7194644083897c68ec1b7868814684db8b94953cdde61bda51d537319f19a

Download Submit
/storage/emulated/0/.Android/-631841183

Filesize
80B

MD5
29ff8236392a5066571405c1d3f2e375

SHA1
b9244f8f263f7a76c089efcd7bbfff24ffd055f9

SHA256
785bbef820dde1697c05c0bc30972b8af6c6a7719776065777cedc97b1d016f3

SHA512
43d692b11abcd0779119e0efb48d9463ed075adcd89211a5478c2599779b3337a1ed371febd75f7f3043ddf403981225ffd78df76bf0b932c745ce2fffabdc2d

Download Submit
/storage/emulated/0/Android/data/3076010

Filesize
80B

MD5
d3e9919d46acb6021212c2839840e2d8

SHA1
95fb962ea1ae551830261ffebe28865eee258cbc

SHA256
f1984b6bd6ba0046b8f6ce46cc813246b052af7ab8b6f6c8dd0f8fc2a5ad58d8

SHA512
a2dbbfe5fe6723c0c77542a85042a2d461799a354a87f050b3e6485328e9714c0b5895877845dc9b907c3fa77ac7b03cba0e1893ecfc9d919fa252e98e5bc1d9

Download Submit
/storage/emulated/0/digua/95582862

Filesize
80B

MD5
6228c6aa0bc5c3d2f3c8c40836d20357

SHA1
1318ca077e33dc0f7436098cb71ecd1d40031be3

SHA256
a09186254835b5543c1c1ab24021e1ef25549b034a81b6edd37f5b3803ed7f67

SHA512
b8ed80c0a8d96035975c26a82db2f70be0fe944c6df8f2cd5c50dab4687ae7d721fe402d54309e22c9f9d672174ba14990a3f6cb8b6f17502cdb67e45df30b8d

Download Submit
/storage/emulated/0/downjoy/SDK3.1/user.db.downjoy-journal

Filesize
512B

MD5
44b08cc4a7497646f94bab56bd6e1f40

SHA1
dd1429fe88ef3d09f753ca85b5bad0146d42fe5c

SHA256
48422b8d694af9614dfc9c8e8dc7ed905a6ec0de7d175cb974cde9b0c3bf6aca

SHA512
43e634d0923742a261ef5f77f912cf971f427010a7ba4c1b2a364b5d60a9a7260c1802e68e78cd8d9475a9ac84a3bad15cc22483714a43b9542cc70b96bf6c76

Download Submit
/storage/emulated/0/downjoy/SDK3.1/user.db.downjoy-wal

Filesize
32KB

MD5
e84dea5792c6dfee33a88810beae57e4

SHA1
ddc1510787fae855e06568291c6a748c6d3fdd50

SHA256
ad6b2eadc89a297d7fe09f3b0e33d5de3986d5eb94382ce6a7f92f5b1335e4a7

SHA512
7a1aa69493b704620c4924b12348dc0c4aadcfd1f50cad243a9e7c9b1cf3ac9c46e74939d4258bab9abfa57753ae86229ecb5ffb97895786f203a295dc9dad56

Download Submit