Overview

overview

6

Static

static

6

6477d85749...00.apk

android-9-x86

4

6477d85749...00.apk

android-11-x64

4

Analysis

  • max time kernel
    2629686s
  • max time network
    143s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 18:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    6477d857491d6544e250b665ce7ea052ea90448e8a9acab97f4b09147f78cc00.apk

  • Size

    16.0MB

  • MD5

    75c7ed057c67a070f079f811cf5d34de

  • SHA1

    b162de774bbd6ad33ba6fb2c0e925c04d8e56ff3

  • SHA256

    6477d857491d6544e250b665ce7ea052ea90448e8a9acab97f4b09147f78cc00

  • SHA512

    fc6c2d00dd4f7f8a2e9b656edc8be55463761e75cc94d5183c7ebd2ef2c917417b4e30d70dec7359324b5568a3fb89bf0d6cbde7d8428c62883d4e4457b0d741

  • SSDEEP

    393216:uj1wNrhS1Gy3ANYxlR3EsDUVU52NPr77eb6Qgaet2:ujkhS133JUsor77Y6PHt2

Score
4/10

Malware Config

Signatures

  • Uses Crypto APIs (Might try to encrypt user data) 4 IoCs

Processes

  • cn.com.kismart.cyanbirdfit
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4250
    • chmod 755 /data/user/0/cn.com.kismart.cyanbirdfit/.jiagu/libjiagu.so
      2⤵
        PID:4278
      • chmod 755 /data/user/0/cn.com.kismart.cyanbirdfit/.jiagu/libjiagu.so
        2⤵
          PID:4365
        • /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/classes.dex --dex-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/classes.dex!classes2.dex --dex-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/classes.dex!classes3.dex --oat-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
          2⤵
            PID:4395
        • cn.com.kismart.cyanbirdfit:ldlkldeviceservice
          1⤵
          • Uses Crypto APIs (Might try to encrypt user data)
          PID:4314
        • cn.com.kismart.cyanbirdfit:ldlkldeviceservice
          1⤵
          • Uses Crypto APIs (Might try to encrypt user data)
          PID:4416
          • chmod 755 /data/user/0/cn.com.kismart.cyanbirdfit/.jiagu/libjiagu.so
            2⤵
              PID:4488
            • /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/classes.dex --dex-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/classes.dex!classes2.dex --dex-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/classes.dex!classes3.dex --oat-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
              2⤵
                PID:4511
            • cn.com.kismart.cyanbirdfit:ldlkldeviceservice
              1⤵
              • Uses Crypto APIs (Might try to encrypt user data)
              PID:4540
              • chmod 755 /data/user/0/cn.com.kismart.cyanbirdfit/.jiagu/libjiagu.so
                2⤵
                  PID:4591
                • /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/classes.dex --dex-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/classes.dex!classes2.dex --dex-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/classes.dex!classes3.dex --oat-file=/data/data/cn.com.kismart.cyanbirdfit/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
                  2⤵
                    PID:4614

                Network

                      MITRE ATT&CK Matrix

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads

                      • /data/data/cn.com.kismart.cyanbirdfit/.jiagu/classes.dex
                        Filesize

                        6.2MB

                        MD5

                        eb7cbb7c8fec0e84c205ef745facac45

                        SHA1

                        3dfebe5e2b7ec942a530d2d6c2704c29f185f904

                        SHA256

                        f87e7b3c2f3b1557cd39b5b124456f5daddaa9e717192f4d82ff803c8cb2f56e

                        SHA512

                        f1cd469524ca21c5b61d6831d385e8a62cfb90afc28b55244d5163cd562703b41000b670f88206d9696932815025c307ae4bfd2572e63420735169480299650c

                        Download Submit

                      • /data/data/cn.com.kismart.cyanbirdfit/.jiagu/libjiagu.so
                        Filesize

                        363KB

                        MD5

                        1383b616dee6678b3591e577ace67225

                        SHA1

                        f2b0f5968b52f9c3ed022f3b3ba67e6142df89ba

                        SHA256

                        945e12ea3019404a01754579a234b21ff3c7c17c175750e514c0d404e9f30554

                        SHA512

                        72dda5b9833701c52e44260d979f6b91dface07899aa20ea686ef3d09f3225826140b7e8c336072aca21d51e88151a3fdb6952fc53b9749051f16197e8086b60

                        Download Submit