Overview

overview

7

Static

static

6

656a6b1ca9...9a.apk

android-9-x86

7

656a6b1ca9...9a.apk

android-13-x64

Analysis

  • max time kernel
    2631806s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23-12-2023 18:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    656a6b1ca924d99b1260da370579d5495a3d54c2c7c1a2008d6e99c50e46df9a.apk

  • Size

    8.2MB

  • MD5

    12f64e8bec2b81fc008b979caff5cf92

  • SHA1

    567c0838531405d1c4ed82cd3895dce1c20f271f

  • SHA256

    656a6b1ca924d99b1260da370579d5495a3d54c2c7c1a2008d6e99c50e46df9a

  • SHA512

    677acf3c39a694c391c2fa8574fe6bdaaed708d52e6e9394ed7a6bb6336b71a971338791db53eef1bedf62036a279db09552d1107018c0312fc6219e520e1428

  • SSDEEP

    196608:XcdaaJHXcwTg/typh/vK4TL1CWqFvQtlBqx6AyQrwK:XXa1cKg/GvKwL1mvQnk6irv

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.jiyuan.hsp.samadhicomics
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4202
    • /system/bin/sh -c getprop ro.board.platform
      2⤵
        PID:4260
      • sh -c getprop ro.yunos.version
        2⤵
          PID:4281
        • getprop ro.board.platform
          2⤵
            PID:4260
          • getprop ro.yunos.version
            2⤵
              PID:4281
            • /system/bin/sh -c type su
              2⤵
                PID:4312
              • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.jiyuan.hsp.samadhicomics/mix.dex --output-vdex-fd=48 --oat-fd=51 --oat-location=/data/data/com.jiyuan.hsp.samadhicomics/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
                2⤵
                • Loads dropped Dex/Jar
                PID:4330

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.jiyuan.hsp.samadhicomics/databases/bugly_db_legu
              Filesize

              4KB

              MD5

              f2b4b0190b9f384ca885f0c8c9b14700

              SHA1

              934ff2646757b5b6e7f20f6a0aa76c7f995d9361

              SHA256

              0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

              SHA512

              ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

              Download Submit

            • /data/data/com.jiyuan.hsp.samadhicomics/databases/bugly_db_legu-journal
              Filesize

              512B

              MD5

              e10db07fed6c8a62be050db0275682c4

              SHA1

              a024b01d3308744c94a774b363199b2d16cf79aa

              SHA256

              a5b47f103a82006c880c20ee1f29b570ca25368038c9ac764424495246bf8f97

              SHA512

              04ceb1d858e28408880ccde12f549ed0861f717c6b5534f2c5dfb7caad620a1db995c36d82c967ab21dd5613427a4332be13bfa772a8f4606aae8633ff452740

              Download Submit

            • /data/data/com.jiyuan.hsp.samadhicomics/databases/bugly_db_legu-wal
              Filesize

              16KB

              MD5

              ac5abc46283309dac1888c2dcd311126

              SHA1

              90ccbc127f9bb8831c5e5672909f379a7d1b7dec

              SHA256

              5c186b54dca0f95fbc8c715819ca594ed569181772211556d30950e1fa2094da

              SHA512

              f82702f87cb730ab31d6ca7a86a7d2a19aad64f234bb6975829090100d8bbfb49409b315e5764765ae3226bc2404c381533db2d462404b981952185dca1240d2

              Download Submit

            • /data/data/com.jiyuan.hsp.samadhicomics/databases/legu_tencent_analysis.db_com.jiyuan.hsp.samadhicomics-journal
              Filesize

              512B

              MD5

              b64afe481fdbbf0267cbea1356157a2d

              SHA1

              46ad7eb6dc1ab78b1bc88099c8511c4ae415c056

              SHA256

              a492107dd88af16c9592d38baeeeadc34fa3977704b83bd5ed7e5d10427546f2

              SHA512

              c38398987e1cec0df0946fbb7e25fb66abeb135d2a4295ae68aef2e683874f6308613c4ffb84159c526a7b64fee25c606eba06a8255b5ae29acb8aec8b9c1d3d

              Download Submit

            • /data/data/com.jiyuan.hsp.samadhicomics/databases/legu_tencent_analysis.db_com.jiyuan.hsp.samadhicomics-wal
              Filesize

              16KB

              MD5

              0e01c89e8ff4819390423235345b683f

              SHA1

              b8011f7d8bdd8e77be1bead782372f7bd474298a

              SHA256

              5f2a6145594c073d77015b9bccf5aca53313b91984abb8dcd4037a86c92b26e8

              SHA512

              47e997ca89a968f3d9672cab7cd658029c24dc7acf04f91aec4b8ab1348af6b45f6472eca3ef74adcd6466b0ca765425186896b07f6f4c00869b214f8ea27b40

              Download Submit

            • /data/data/com.jiyuan.hsp.samadhicomics/mix.dex
              Filesize

              292B

              MD5

              63f77f99bd2c2b772a479923bde11974

              SHA1

              c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

              SHA256

              4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

              SHA512

              3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

              Download Submit