Overview

overview

8

Static

static

6

77965877c2...98.apk

android-9-x86

8

plugin-deploy.apk

android-9-x86

plugin-deploy.apk

android-10-x64

plugin-deploy.apk

android-11-x64

Analysis

  • max time kernel
    2702242s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 19:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    77965877c2cfed98a923ca715773c775542bdf347b2bd674be32a8397c5df998.apk

  • Size

    23.0MB

  • MD5

    4e86d1655352b293a88c56ac53ce9cbb

  • SHA1

    d512ffcb8a856fa061b2c571dba8385d59930b31

  • SHA256

    77965877c2cfed98a923ca715773c775542bdf347b2bd674be32a8397c5df998

  • SHA512

    cdd458aa70e9471a0a491c536fae723fe6267c335cb9b571ed755df4cf486f6a665d73c9a39c51f0ef5e9f9fa51454c192a1a0e9c4f1448320ba044d8f70967e

  • SSDEEP

    393216:IhtfkZtrvci7aqCMKOXTz4Lx6Kcddt3cqmV0e5xKE2v6+Isn0As:IhtC9kAa9MKEEL0DbpTmV0qUJ640H

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Loads dropped Dex/Jar 9 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.baidu.video
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4253
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.baidu.video/app_plugin/apk/plugin_ads.zip --output-vdex-fd=91 --oat-fd=94 --oat-location=/data/user/0/com.baidu.video/app_plugin/apk/oat/x86/plugin_ads.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4442
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.baidu.video/app_plugin/apk/plugin_dlna.zip --output-vdex-fd=99 --oat-fd=100 --oat-location=/data/user/0/com.baidu.video/app_plugin/apk/oat/x86/plugin_dlna.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
        PID:4485
    • com.baidu.video:bdbackground
      1⤵
      • Requests cell location
      • Loads dropped Dex/Jar
      PID:4324
      • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.baidu.video/app_plugin/apk/plugin_jars.zip --output-vdex-fd=55 --oat-fd=56 --oat-location=/data/user/0/com.baidu.video/app_plugin/apk/oat/x86/plugin_jars.odex --compiler-filter=quicken --class-loader-context=&
        2⤵
        • Loads dropped Dex/Jar
        PID:4380
      • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.baidu.video/app_plugin/apk/plugin_clearjunk.zip --output-vdex-fd=59 --oat-fd=60 --oat-location=/data/user/0/com.baidu.video/app_plugin/apk/oat/x86/plugin_clearjunk.odex --compiler-filter=quicken --class-loader-context=&
        2⤵
        • Loads dropped Dex/Jar
        PID:4423

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.baidu.video/app_plugin/apk/plugin_browser.zip
      Filesize

      346KB

      MD5

      7ae682b6257826f82379db2dc6c5f20a

      SHA1

      2d625aaa383e5c125217ec5e36f2851b7e8961d7

      SHA256

      d0b02799ed32b49b3bb96612ce2e20d44bdf02d9468e151cd15ae9a81694670d

      SHA512

      ea45ca705abea708409180cb709ddd87c8bc7d9b6c9f13e8878afe22da902a54b779a15aa34baac43d6b91c0be18ed180a6a35836d4066ad147f9f0db901ef0a

      Download Submit

    • /data/data/com.baidu.video/app_plugin/apk/plugin_clearjunk.zip
      Filesize

      584KB

      MD5

      51029b91169b72856d7eb59838a40aca

      SHA1

      325f80f8b0fb6bd957de5fffde03ea24eea893cc

      SHA256

      2004176758846634f9108d516db1941b7c0110e7f2a40eee6142afff48452ee1

      SHA512

      2777860147e50bf97ab0068b8583ec63c4cbc78d013189bc858c1fe177d4aaaae1d3f1b83246935cb8d189ef8cc093698a00232d3edfb061dfdcdb5f1733fa04

      Download Submit

    • /data/data/com.baidu.video/app_plugin/apk/plugin_dlna.zip
      Filesize

      1.7MB

      MD5

      a2094bbcf5dd37e64937999af5add1c4

      SHA1

      4aaca9568a3ee2f58d26d7bcc9ef87b396245636

      SHA256

      18473ac0a56b37dd8e3d295038d2f471bf987fc08694696b9e348c9605a591d9

      SHA512

      f9f22fbaba195828dc8f78cf4e01a36919033576597fe2354c58874ff003f707329c3eb0495b1194e92c4a85b5d7f2eafcada70343a718eb2bceee97a798435b

      Download Submit

    • /data/data/com.baidu.video/app_plugin/apk/plugin_feedback.zip
      Filesize

      60KB

      MD5

      7215c336919032b5ccc922767139cfc1

      SHA1

      0aeb748a52e86695bb8f9b16d6f8257109cf77ae

      SHA256

      7c404b267dd31dfd01fe41e900c9e050c35a4ae7c2b43f2ae549d519e785b55e

      SHA512

      41a8a68d5415665f03dd15ef5f9fd37302f0cf0d59a1849c4f504a04a2577c6ec3c7ebef311b0c3a7656c1085fdf51892580a7f3eaddd8931cab4bfca13b507d

      Download Submit

    • /data/data/com.baidu.video/app_plugin/apk/plugin_imgo.zip
      Filesize

      911KB

      MD5

      7be6c9bd33f4f96764f0b5f6e61131ea

      SHA1

      4a3aa40dc2c95c01316d559888bbdc9aa01229e9

      SHA256

      e21e0508f21f351cadc29440351b836dbe0994226e5171c690fa4f7a1fb4e74f

      SHA512

      23ed256229a1b0de3caa7fd605eb9c56a343b80e5d907f89ab510a9ac52de7eb0e06ab6016656a514cceb220d8e1fc7fad6094c7c9578f7dcbc8ba14bf3d39b8

      Download Submit

    • /data/data/com.baidu.video/app_plugin/apk/plugin_jars.zip
      Filesize

      269KB

      MD5

      e8b8d3b1af328c309a04847b36dbdb10

      SHA1

      979a6925d94f3bf6189c716f9cee9f54658a7d92

      SHA256

      2215f2cac68c3dbacccf4d3d38c1a8cee8935e95fac50ba063e66ef1d838fd2b

      SHA512

      9895ac46556ff7e0880a6d44fc4be88e08b9c61fdb5cda5061d9227d38b3e99c25afdeb8b079157b1bd2563ee4123348b12982f3f1030c047937e717f8435100

      Download Submit

    • /data/data/com.baidu.video/app_plugin/apk/plugin_sohu.zip
      Filesize

      304KB

      MD5

      df3b4c389ad880dcd4bc5ecaa6bbf179

      SHA1

      e8b6fc77b83ad9aa7edfa69fc96b12a2e3de1d02

      SHA256

      1c5d92b171fa807f54b30668e440836de02b18060cd1edb766f193aa22b20b42

      SHA512

      f9e9789bc9bad58dd3848a248aa083209c27b07498f1353c88b8c1b899c25718bd5cd51eb8e7cd1a376544e0d8856987ce2c3e764e3471f370ead82642215878

      Download Submit

    • /data/data/com.baidu.video/app_plugin/apk/plugin_thunder.zip
      Filesize

      971KB

      MD5

      373b947a8eceae996692d1f4cb89cca8

      SHA1

      b846b0d681429f468be957b9484ac276b187bf5e

      SHA256

      c0ee8368b38da452a1cf990cd50146fb18402b4e6ebf3918cf8e834b244981b2

      SHA512

      d7d88c262a0ae731c3f06d6d55284002fd30e9035f515bc8b30e5481f5bffe9ae364d1ed9987ce70e0ca8da7919339599574c9b7af6ae145a7f52c2ff60ca390

      Download Submit

    • /data/data/com.baidu.video/databases/bdplayer_database
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.baidu.video/databases/bdplayer_database-journal
      Filesize

      512B

      MD5

      d3c530bd391946303fc3bbb31194454b

      SHA1

      eaa444170d4f8358f9a4c6f9f2b10e65cb862345

      SHA256

      ae769405cd332b071e135c2bbb26cbb856c4233272e812ab57b2686a4e34f7d8

      SHA512

      4d0d913af0a286312417ed694acbfdb9fe06c983ebc840301755a756733b949e6cd202871f6f48e94fa8184593aef054805f1b38b01e9e48d7a0f18ec55057d7

      Download Submit

    • /data/data/com.baidu.video/databases/bdplayer_database-wal
      Filesize

      16KB

      MD5

      cc8c9933a78056a80ff0f35cdb12e41b

      SHA1

      d3c59a7c1f3685caf9edda4bf45a482919971bb7

      SHA256

      9440e12ab4331cbb7ab0361ad7530d6d43e9951ce4340768d5dff6df1e33c75e

      SHA512

      957c2788f94211bacaad009848b9abab851028ab310714333d7d19654d34b61f77687b0d118e14ba899c0c64b70611a5e05bb394493a2ff4acd8933f424076fc

      Download Submit

    • /data/user/0/com.baidu.video/app_plugin/apk/plugin_ads.zip
      Filesize

      2.4MB

      MD5

      4f3f5a31ccb721ce6f80a9dae609f212

      SHA1

      46218d4bd657b3523ea5461a13dc441d953d133d

      SHA256

      e85396e13a843b19912ffe3e89334be607d37c72af8927330c7161083901b956

      SHA512

      0c58a383ebc432f0f38e2f4a55aef5db5b2188ee7d715c638b8bb57455c64bb26a8e213d02b9fec2a371250007617fab6f16863e2f648dfa0ebe0db429685b3e

      Download Submit

    • /data/user/0/com.baidu.video/app_plugin/apk/plugin_ads.zip
      Filesize

      2.4MB

      MD5

      b3c59e6bfe617d21a5b3a7959cd2c6ec

      SHA1

      186315d993ca489ef623d03bfa0a70c7232ce8ae

      SHA256

      11e1c56b7d02b4ea2520020a1d449f31808dbc56e9ad955a699a8a519fcb62cb

      SHA512

      022e7791b33fb612a8fc467feb7dd0161623b004872dcf3be5911957abab24ef681b4f82172f6dd49766a343840847fcd53cf9c081f2ff43daf91c6ea8c55e52

      Download Submit

    • /data/user/0/com.baidu.video/app_plugin/apk/plugin_browser.zip
      Filesize

      90KB

      MD5

      049140054038bbf67f3bee25d4cbe72e

      SHA1

      5f57db1753046b41dd9425abf9fd4ff6bdc87fab

      SHA256

      5aabebf17509fffcc563942902d6ace4e3c70490614b8b58a8468a134cfdc612

      SHA512

      e8b9f1e1d1f85017bdec5ed33db0f82669e89ae1781ff132249cef26793c6b7ba32e491759535319f94a7671d5cb7cf18956f5fe83bc1dc776aed7011b9f9b27

      Download Submit

    • /data/user/0/com.baidu.video/app_plugin/apk/plugin_clearjunk.zip
      Filesize

      276KB

      MD5

      6e67fb17ca1cdc60344f2c0311bfc0c9

      SHA1

      81084815f27715f43dafa055acd480d124a37a3d

      SHA256

      d4c0b98807e8ace1d1a0a58c5333a033cd79c589e3aa238552c8972dab7cd67c

      SHA512

      c4080ef3687875f0a7c2647737d3e78b04256042cd37b2dd7128199050df3a74cc702418b72b458de40bc8dc6b9f21434131b33e7a21c4218db67c87e7d25e14

      Download Submit

    • /data/user/0/com.baidu.video/app_plugin/apk/plugin_clearjunk.zip
      Filesize

      276KB

      MD5

      697b8f34af39bb8639ea19b749c6fac0

      SHA1

      49f9b73afd84c0aa5b443c3cf0ef4a5636a0aadf

      SHA256

      2ddb666c99cd64247c5a7a8cfbfddfefe59f04cc738090210f7b37e07c45176e

      SHA512

      3a6d36b2cca88762daf5d247a6ab2c0a1061986173d9386b5ae53827e1b5664fb083cdca9ac445933bf86a989c761c316159f66f98331ea5d1c3456f0889937f

      Download Submit

    • /data/user/0/com.baidu.video/app_plugin/apk/plugin_feedback.zip
      Filesize

      17KB

      MD5

      5db48fa52eb66a1e2e21305d3d0faa2e

      SHA1

      00daf37b0780e669c123c663f39ac109afa113b0

      SHA256

      f9d82f1eef03a5d061d0bd028c7ad8fb17e7694a43989bead58d3bf04bd03c2e

      SHA512

      d1f3218a19921c74e97c38722dca440950c18cd3361e641ae8f3c8ffb38ac9e8f3324b069141446e29cdff87340147430167d8923cd8ed7287e5ce975a955642

      Download Submit

    • /data/user/0/com.baidu.video/app_plugin/apk/plugin_jars.zip
      Filesize

      671KB

      MD5

      d1e605eb59228d2272951ee77f447bd8

      SHA1

      c588dc430c21888640ac0bf2e0c30cdf595896d9

      SHA256

      2cea2074999df4ee2627d50512ea39f2518df779db20ebda50c762a34a696204

      SHA512

      e557be609b577a2b9eea68a21e65bb1283ee7da9aef7ec37ebdce1cc10b3dd8bddf592c40cfae62214b7d4c01d797a0acef85220e13ad8aa0fbcde9782434acd

      Download Submit

    • /data/user/0/com.baidu.video/app_plugin/apk/plugin_jars.zip
      Filesize

      671KB

      MD5

      8072898221d3f4ae895f1c2a882d6591

      SHA1

      1827577f6da372b607664d2b21e3f1d6212d9994

      SHA256

      fbc507fc836c811a3e624c3158a96afa2c53d8da1a25c992fee103637e99b8f7

      SHA512

      7d31864ff4acee00db855a2b00f6f62e187ef5323740ad04e87c7b454e58977cf2a9911f2254cb43129c25f33bff1657d75ecece9c76662c0d1124c1e33f35b0

      Download Submit

    • /storage/emulated/0/baidu/.cuid
      Filesize

      89B

      MD5

      6fa8c9d0087052eab754b1964558b8d4

      SHA1

      8cb5d7040d04f3ac538662f3fda63f59e6f5a859

      SHA256

      cb966024accb4da8a5ae8ff23a84635aae963d5f5a75fc2ea91db46c09ffc176

      SHA512

      8f4620925f4189d0b8b563e719208f02e4e84c04391c369ed02f4ed1f102c1f25e78ea9956bf928eca3b06e8b0b74177e849edf2a7820f8dfab50e00b3f916f6

      Download Submit

    • /storage/emulated/0/baidu/tempdata/Temp_in.dat
      Filesize

      269KB

      MD5

      d4cfc5a25dd69b0ce5b3b242348f94ca

      SHA1

      b912930505216ee677987448f8b66d786998b0a8

      SHA256

      a4d9ad1ec87ac043dcad477ce318dd22b97d22add2cfaea25df582b99e5d2a03

      SHA512

      a45ca14f7d672e5587bdca23741d683a31d2a8b8de7d55c487302a36eadbae2245258cdb637c5860475de3bde5e41358f9de9e80192d1df6a4421ddc4b1192ed

      Download Submit

    • /storage/emulated/0/baidu/tempdata/Temp_in.dat
      Filesize

      165B

      MD5

      908b46c807b97dff4b8f19abc53a9f37

      SHA1

      1fbf24a48a7d543c468233456656c6b58e02d451

      SHA256

      14242c0de281c949cb928397f12554870f792deacd97babda5abe143a2bf98d6

      SHA512

      d7ec2da13851a706c45e163144faedbed47964020f517bbceb3faf36429c6c71809837414837ba64df9d305e1ae6620b58536977f9a3191e8ddd06e1acea8473

      Download Submit

    • /storage/emulated/0/baidu/tempdata/ls.db
      Filesize

      60KB

      MD5

      44e3c97c27ebf1c61e0914760408eee8

      SHA1

      19981e0ab7b78b598eeb51057b158c691508fad6

      SHA256

      70aa5172eea7788ebbab98ae1fb1ed5084f2a6e22a139039eeee480fb15726e9

      SHA512

      9483e820e821b768bc00bfe811bd45b035d89a927872d659148c9d3cea1c282aeca0d4227816d05e48836d8991b01eee01b94b2376bf374a2ece519046cae1ea

      Download Submit

    • /storage/emulated/0/baidu/tempdata/ls.db-journal
      Filesize

      512B

      MD5

      ce54cd6b3eed4b7bad10c48859cb067d

      SHA1

      241afa84e5f87ab4ed7821b61651aec9c684eaf0

      SHA256

      bf2da859e97d86204dac74cd613b3fe6a6a2d58d83adb4f48d8a3697ab40d957

      SHA512

      bf12dc57f34eda4e38f8a3f4b238e24b26aa27b2dc63492004f40491b94fc4b105b545770f26e066c79cbbc97dade1a1798ae27f47704f3c2e6cf96f5ebed949

      Download Submit

    • /storage/emulated/0/baidu/tempdata/ls.db-shm
      Filesize

      1.4MB

      MD5

      08958219a013e8c6f23079909e28c582

      SHA1

      102de32fafb348c34c888456752825629ee83e0f

      SHA256

      0117897dd8c31b3a40fb7be6818d96b42ddb26fc65675f5e46fff3a4f92c78db

      SHA512

      e4365ac6de55a51e89c763f1f251bfb0c8247dce2f29a0389089d1aad244897c218a97e7f54b54fca5c15ec5ac4ab404786cda8fbee62eb18d89457bcbaaa29a

      Download Submit

    • /storage/emulated/0/baidu/tempdata/ls.db-wal
      Filesize

      32KB

      MD5

      35ec5e591a52f8a2bea9d85a9daf2398

      SHA1

      3543513c2c75b8e455960f6366e5ecbdf6b09944

      SHA256

      57fcdd8da8ce463ec99bcf1bd841052bc34efb31d99600c76934e95b3dd00c88

      SHA512

      96e5a3fe6d81855aa1ce59cdd38c6472530e83f89e28737a0cc8e70fb2707651a80a8143c7adc72532b120c19b1e6d94305b1bddad6d5a41c4581f559a1a5039

      Download Submit

    • /storage/emulated/0/baidu/video/log/crash-2023-12-25-13-01-30.txt
      Filesize

      4KB

      MD5

      c31ed30414c802553e4258ff915b7c4a

      SHA1

      87dfd678f904c829a0e866f24b1a4a8419d82400

      SHA256

      8185eb2eb1b14abd4393ffa7d483439665d0cb8a3c4a8d3ed1c8c38b0ec51fb8

      SHA512

      662126f4cc145f710a4208f0d82c8e45542fce9bfd682a547133c0c0871eedd2a9513aba22dd35adafbb7c115bbd4d3a6c669e150ae8be7a9e3bbb8b391aff10

      Download Submit