75b11074bb0d785fe16100cd229282ab025fd098c594b3bd080c8546c1de1059

Analysis

max time kernel
2693106s
max time network
144s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 19:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

75b11074bb0d785fe16100cd229282ab025fd098c594b3bd080c8546c1de1059.apk
Size

29.7MB
MD5

f517840371d9ba836772b71fbbbbd08b
SHA1

68f2770ac5b9a2b022b9fa0d66c0786d4d103c52
SHA256

75b11074bb0d785fe16100cd229282ab025fd098c594b3bd080c8546c1de1059
SHA512

9a21a13f8c1c6b2deb0acebf920d06e5ee93bd801cf7818920ca9cb778d3832f7f99fe4f1c9c7938a9d8502a0ba1b207f69786fc47b3d0eeb78f2872a8be5a46
SSDEEP

786432:IQlkumBzdqidXNk4+Xxj3tR7eVivHW4FHerNsbd2uvlItm:IQlkum7bXN7KxjdRA14Re4vll

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	io.dushu.fandengreader

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	io.dushu.fandengreader

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	io.dushu.fandengreader

io.dushu.fandengreader
1⤵
- Requests cell location
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4258

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/io.dushu.fandengreader/app_crashrecord/1004

Filesize
232B

MD5
f8dd15c92718c40dc276e25abbd7b18a

SHA1
30393f7f2cb0553176761b6ba54767edd6102d26

SHA256
65abd250f010584ef4604fbe91d75ba77f10159d4265668a0b8ad1d6c2ab0b55

SHA512
7dd3a728da0ae2e65d0f1e02501b99a95f2f8bac5c58df5fb7e998e888cec0f7762d555fc218324ff22d05b3752ae1077b048bea9788d69e2a558d48be1ba91b

Download Submit
/data/data/io.dushu.fandengreader/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/io.dushu.fandengreader/databases/MessageStore.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/io.dushu.fandengreader/databases/MessageStore.db-journal

Filesize
512B

MD5
18210fed314326903a83ca5f81f37c3d

SHA1
5ffae1ec8f643c5519abd91299815caec67bf73b

SHA256
d8294b54bf517c86fd9bae1b8ebc030eb84be576399f5d867af8c896e5b3d61d

SHA512
b52b83137a8383c951c9284228774905c39df9819e5d93f6eeaada85c161c856ad14f7debcb20e57475ed81b6ec9dae6e2eef4069634a7285d2b22f64cca370c

Download Submit
/data/data/io.dushu.fandengreader/databases/MessageStore.db-wal

Filesize
16KB

MD5
7d518ebbe70b0f6599030280fe016ef7

SHA1
00539f5221e762a556ad3d04931c30e83a31799a

SHA256
34ef5ec8f52410f0e71c03095073a72448769f3fdb65f5f1fd7b1ac96f832910

SHA512
54808d0fd04ef98eb87b21b9c2b1501d26dc9ca475a5002726531cfe2d127e2b37a93957b50e0c452d59ba876f9d1f377782712d78bf1f856bc6a65e54a05b78

Download Submit
/data/data/io.dushu.fandengreader/databases/MsgLogStore.db-journal

Filesize
512B

MD5
79b575118a016cdfbb449b726d169fa3

SHA1
1a8813f85401e08cefe3a5d03dc2877d3d69d361

SHA256
aba88e493f8541c31cdff9fad916aa78bf0c95a586fb09745abc5dd0d4d9f7f9

SHA512
f2c993767fd452e81ddc7f4d941b111ca30b55e3e0c4577b54c00c046dffc2326c1314720bab8258356b91198d977e89000332015aa5e39a5a5dda31b49046c7

Download Submit
/data/data/io.dushu.fandengreader/databases/accs.db-journal

Filesize
512B

MD5
c7ce3fc34b99d698ec720786e5ad7ed0

SHA1
05b700ac82d62f81fb8554200d0028aa16949c7c

SHA256
6d92c1b4ff8f4d66540d92e8c21292e04d6c6012172695acb7c1b3ef2f99fa8d

SHA512
eed2883588a35e5e545735f55006b7035b4759da29de466ff7fb711da7c5f4c292dfe84d23bab7b2d4a8e6983cbf11216131eac67ffd97cded94369c2b9e2d62

Download Submit
/data/data/io.dushu.fandengreader/databases/accs.db-wal

Filesize
32KB

MD5
ec7efe9aa4ab1919cbfac90c91e18033

SHA1
91984ead8621f9230360b988d8b50061023c5884

SHA256
a7fec69c4eb9bda7af5147f415258b4b3b37f834ab08167db0f7a41b21417210

SHA512
2f29717ff89cc3b6550d80ef915303cbfd23e1dd975ab2db063a846ac292182280588bf40f08c133a94a4abdf5c94ac331c0fe9a5763445e0d01d830676072b0

Download Submit
/data/data/io.dushu.fandengreader/databases/bugly_db_-journal

Filesize
512B

MD5
b81f4f6ca858423a9c1e3d8b3fedf0fa

SHA1
0025f792bb8a2e1e6de7d79eed8e646517f8dc85

SHA256
2e7e2a4d50c2c5813e8b8cfd2c157e1e24d50aa170bcaa57a31a61c5cada4937

SHA512
bd7e7861848cc64a8b2a33321a9df67809767f42a4a0ac8abae4ad883dd13980f747105e451b3dcaeb1c6c404fc5c7ade04f38fd8aae361252f507ec5bded443

Download Submit
/data/data/io.dushu.fandengreader/databases/bugly_db_-wal

Filesize
72KB

MD5
1a7d11fc987d4762567f9968143f4f9f

SHA1
d57bd6723970bfdd4151e3cf283b5d47694e4e59

SHA256
684eaf79360d40f0bc05ad4579de9e85e043595495d263af0028963303da0f06

SHA512
7264ee41f2c1bd27c25f354eb7da9be7c2b20d2e3912f53553dd68d110ba071230960985d7c8436b226ad937d4d068a9ec8025af0243e2bf64c3a70b97808519

Download Submit
/data/data/io.dushu.fandengreader/databases/fandeng.ubt.db-journal

Filesize
512B

MD5
617d541c11f1e5d57088160603aef07c

SHA1
35387711488e1d86427be026f924a1d8169f4e1f

SHA256
ecb958b69f6207ad516dc8e3e1252be65a0f1b3d9be4187decef71110fd4f074

SHA512
2f726017523b44ac6476191c7be22451525ff32b68e9d04edb05b3aaa1d8887ca092d5f8ae861365bad21f04b683b886fb3249b31c7670fc65ff12dd54e9bcb7

Download Submit
/data/data/io.dushu.fandengreader/databases/fandeng.ubt.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/io.dushu.fandengreader/databases/fandeng.ubt.db-wal

Filesize
40KB

MD5
fa950fd12f8cd2f9e3b0d4d1dafc75b4

SHA1
1ba9b88624194fc40ed384045041a982b93f5a1b

SHA256
4be884afc162334fae752973154473296d379eb2bec8ec7143a8f8213bed9926

SHA512
8dbdec4adad07ff52750c2e75652eb820670713afff22fa7f7442f79d7e642faaac361aab422c0b9de77bfd623c8a04c8795f9a22017a288ef644f21f47569b0

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
435e1efa65a2b4b071d53996a6681b62

SHA1
53cc8736567ce462d66b012c3743c345a9957bda

SHA256
4fd4fee6c5d47c2c34f271f001f01b1952d9884e361e1b7b00051e3698a6a77e

SHA512
44f681d479fdca1bff20ed4c25adaa0a58db452cbf335113d04c7e762b42768552f4f0763434aed846db58f925502834e8eb588e749f26c0495bb2f6c9afa02d

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
66cbbac2b3c638c78ea72e0c55bf6c91

SHA1
3414fbd5e9b3da26f5286d732e61de0d1f5d0322

SHA256
8a7d90667a01ae26242958660a8de18a89742740445b60605e859b048817f798

SHA512
731d2a8a72f6e7f0bec296d56e243c423eb60b89037d9af9779ba407ab41733bed812d9004095a40e33909cb39a96674c12cd6d85cf9dbb7878243c99aaf0f22

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
27d064f8547c28d3f08ac0c3338b4017

SHA1
fe52a0af0e22bb3860c7b07a8d47e0716ff7ec7d

SHA256
819dbba7e5e28dabbdd409e7dc3d47befa845ebd98219f49d2d6c2c9295012fc

SHA512
af3b57b41252a534dfa087de2a5808a0eb7d35914370d0aa55c03d4a95b523eaeb0e51665ce99ab8613f1034cd7a3f5f06b91766a03539c78e36bb4dbe1cc56d

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
a9864787e5d94551c213a9dd4c26b76d

SHA1
4dfa8feb12d510cea1d949699e3f2ea43c7006e6

SHA256
87993a02d95252b1d169cbad683b32660504d05ac2783bba720a37b4b4860728

SHA512
75913990b55101f2a34356c74da22eb22d3b17dca4a60125f1f54fd3a61e847ccdc95cd20050e229b26ac4c5bbc4cbf3e16ffb09894f49772f2718e9eca80079

Download Submit