764205a860eee836cfc43a3bc253f81fca4e3265ff3c37353c1ca2281cb1808e

Analysis

max time kernel
2694983s
max time network
160s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 19:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

764205a860eee836cfc43a3bc253f81fca4e3265ff3c37353c1ca2281cb1808e.apk
Size

22.3MB
MD5

b0cca5442a5ba818b5c878df73dd3754
SHA1

35dc372e5c965d661ffdf9aa3cfe8a236ac9a964
SHA256

764205a860eee836cfc43a3bc253f81fca4e3265ff3c37353c1ca2281cb1808e
SHA512

7b30165aa17e5ad29e64766200bb10c4fa31dc71f22d20dffefb337da125b31bcb86b0a950ba01ce50ffea769f59ee277d0709ef82cdbe9629a82aa806e53f26
SSDEEP

393216:Y9BRfL4giGFOOxF7fbeBQ47t1N4CI5rDTf2THVrr30s/+GbzvfEYwo1dOdL:Y9BRzV0OxF7DeviDTuT1rr0E8fo6N

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.yxxinglin.xzid1179

Uses Crypto APIs (Might try to encrypt user data) 3 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.yxxinglin.xzid1179
Framework API call	javax.crypto.Cipher.doFinal	com.yxxinglin.xzid1179:ipc
Framework API call	javax.crypto.Cipher.doFinal	io.rong.push

com.yxxinglin.xzid1179
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4245

com.yxxinglin.xzid1179:ipc
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4284

io.rong.push
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4301

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yxxinglin.xzid1179/files/.um/um_cache_1703502032556.env

Filesize
608B

MD5
282ed5202c3090ab247da59cda9de4ef

SHA1
22e42f432aa25ab64f9036e024d569ced0d52bd1

SHA256
03794e100a065da0837914d6c83848c320cb54d1ff85d7902266651f1fd976ef

SHA512
44ba9daa77874c7f8de16de7252bdea7a091ded12577edfb1c29ebc33f562815bec47460036ecc7b21ee2795c40069cea48f6ff4dc784c6780c268c7d2f54a04

Download Submit
/data/data/com.yxxinglin.xzid1179/files/umeng_it.cache

Filesize
310B

MD5
4fb307d9dbb8bdd07c917a014fbcd18e

SHA1
cab7af51b08709f6ade21330a459a4cf12f621bf

SHA256
5710970abcaa2570eb44dd35e86c44c0ab01235fc499dadf8eee20e10bde3d96

SHA512
521ad21ecd74dd72e6dc8057de9451d689b85f98953cc912dc6f1df1c8472170652fe5cc98b46f3f39b1145acfd9cfb846d271e7c9da4f366d67f95024974ed6

Download Submit
/data/data/com.yxxinglin.xzid1179/files/user_action.txt

Filesize
96B

MD5
50ba7aa797a85078e1311eaf7d2fcb95

SHA1
76beec1e363e5030964215fcd41d271023b4a330

SHA256
04b6eb9f1830c288167787c95306b8b6ab7f4c7dc239b1077bd88a7d8a1439f6

SHA512
3c1cc8a8051283480068fdcbcdded5002db65912da2f138a657ec055a7846726ce932747131b814a2fb5ee0a02cabc171c403cf3429aefbb86a92493da593c52

Download Submit
/storage/emulated/0/com.yxxinglin.xzid1179/cache/image/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads