70ec44cfe51f1ef4b3798f90f9f5e2ac77be7f93ea2b66f66996c8a6bb71dcaf

Analysis

max time kernel
2668738s
max time network
152s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23-12-2023 19:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

70ec44cfe51f1ef4b3798f90f9f5e2ac77be7f93ea2b66f66996c8a6bb71dcaf.apk
Size

8.4MB
MD5

6bf8f7658961f0409de436b21d7dd990
SHA1

e2c37cf66c9b5e2fa906c008233653cfe32249fd
SHA256

70ec44cfe51f1ef4b3798f90f9f5e2ac77be7f93ea2b66f66996c8a6bb71dcaf
SHA512

00d4d40558335bc5389f68db8a9b91c48c33c91e6f1ae9af808c96c792c64c9a3262a12a04d12ac7e2bb6bccc737b2e667b1e4598584f53cff4ae9397af9ec89
SSDEEP

196608:dsfx0C0wuuuuuuuupDDDD4DkH5HwKQRKXq5/a0aBAFZ92M3x3r46Zd/3W5qQcc:dWxS+Hw/A6gjBAFZ9Xh3H/31Qcc

Score

7^/10

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 IoCs

description	ioc	Process
Accessed system property	key: ro.product.model	com.sohu.kuaizhan.z9636254278

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.sohu.kuaizhan.z9636254278

com.sohu.kuaizhan.z9636254278
1⤵
- Checks Android system properties for emulator presence.
- Uses Crypto APIs (Might try to encrypt user data)
PID:4225

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sohu.kuaizhan.z9636254278/app_tbs/share/core_info

Filesize
49B

MD5
378d569a5828dd0f8a384d087c0f7485

SHA1
0bc457ecf7559ca71c7b3bc68f91f4d6319c680c

SHA256
e347b9d3f987c561324c96ffd55e03474b931232cbeac898735baed10339e08b

SHA512
11ca11a10ea153ac3a1a9d4ca5da1c171878ad063b3c2972f593b08337161ce3f9bcd0db960f17fec5c46bbe7b21bc1327e16c5037ead1ed97c7277f942c848e

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/cache/Analysis/avoscloud-analysis

Filesize
416B

MD5
2ea0d51a8d631332a87403b7af11692d

SHA1
34da28af03d7d30c25456aaa62ec5492d7ac0b0f

SHA256
009592b096c048ac273e2467bf5e55954ddf5a22b3b89496070fe442c2a9ec01

SHA512
f19c2cfb064d1fb3a9713dd6105f33a3304b9a8a17f5740d82fa136baf27e6f2dc17d6191736c0864e063b1804f229a19c12ee7c59cd57bd74ff6e6618aa223b

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/cache/Analysis/avoscloud-analysis

Filesize
640B

MD5
e2fbd2cf2a31e7e9b2de9e4a4fbb14c3

SHA1
72bdc558311cf15bb5b16c48a550a09411f03ab9

SHA256
dbb1baa70e1e85e7e16cfa85aa0449f9a44e3825e33b0e001ab86e713c283d88

SHA512
822c0e75b521ad6380171098ba751accbb0b479943a626512f394ecec352cacc8c172af6f7d0ddeb310b233b7e675831708786f3767059c3b93fb179ab635266

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/cache/CommandCache/780badf1d1faac36ea199a3a318307a4

Filesize
1012B

MD5
029c70dbcb05c7bb22aaf169d79b643a

SHA1
e41f327ea3def38c589f140391579cefb8fcc6ef

SHA256
865baf7db5dfd15c2a2f969f151b03314a6d2f26ddc2d21dd19dafbb78ab56a3

SHA512
2b42987ed90632deebefd3989a6143da8f0a7ab6ac3ef412b27562c07031a8e3612b557f8cf6ba20d3b85e78fde2707131601f072f3a95e5e59f0c16f21651aa

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/cache/CommandCache/7c479f1e3afc57fea1943501fbac409e

Filesize
1KB

MD5
b47a162fdad0b07980e83e0ab57fff89

SHA1
154dd24b0e91a845977d312e460adc558c037047

SHA256
307816e512b333a4d6ea5feeabee6ffd52263d01fefdb052f7bd68816a3abcc0

SHA512
e42ecf5d78221585d4ee6d7d9652a8705a86b7a17f83d2502b0462708327aacda9596d5020d561424ff442a06cad058b55ba3fb478f30f9636d4baaf9d913df6

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/databases/cc/cc.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/databases/cc/cc.db-journal

Filesize
512B

MD5
b45ed012c3296d159177dcf5ea31a081

SHA1
9862802eb1d00cd89415133f87186e642e6bbec6

SHA256
0759b30151214397fc799868eedea2010dc528ae40e7e1feec8236d168956337

SHA512
7ba561b5ac7f43be615e761de02d49ca51ba1b400fb6c6b7ab14d3e95676706ccceb5e9e04475584f8271382766c93475be71ae8e1ca0cb17ff568b6a1ce1a80

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/databases/cc/cc.db-wal

Filesize
16KB

MD5
7610528cb0e338c95d483b7fabb3e961

SHA1
1214dd78347a8434bce570861b9b5cd7280c2558

SHA256
452e18dc31a1ca5a86af2d160a5138b61e574918a807363cb188a9236d012270

SHA512
5e10f5750c96658edac0e444506961e41fba2118059a342f4c9882d6899ca964b3f659fcb944961ca54dfb728976597891881093c29673ca100f23602acfcde0

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/databases/cc/cc.db-wal

Filesize
16KB

MD5
722ad48b72ba1b86ee9955115cc518e8

SHA1
bf2e0106fef0d9ae10c656c8536327574050c958

SHA256
cfdb72fea72f949b40ac6f3aa19bdc1ae4abb23a0ad60638a576cb1d05fba483

SHA512
dbafea315dca7ac71d04673eb0917cb202ddb02496a501f86d9906447c42931f5ad61c4b9d7cc42b09298b097cc78e1985e1c7f153fec0e19851e705bb0c89f9

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/files/.imprint

Filesize
1005B

MD5
a8cc0da4b306bbc2bb8c67d6f115eeef

SHA1
0420ed21672358c96a643c9d5b7027410ca10df9

SHA256
48279576abf9922f443b7b1b508a692285a80351a1623b78405b1909d8ba6b42

SHA512
f206ac7555205887b58cc1f04aead52f799df4cef19b87034dc124bc85dd272f6e353c0066b1af246808ec68aad63b4e4afa878fd78f93a6667378c40647614f

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
36e929ebd9050957984e012c2e6764f4

SHA1
54580858738f2c162a569a15a674244206a9db6d

SHA256
a728ac4f8cd39ba00ad19864c307e637f6a505f817593c15f26c49080567e90f

SHA512
c65e0b70bd71f27bd939a6748b42ac7d5971642b2597c7f7c21df2fe869b2db0051656f32afcf373ae5ddd17aa9b17eda7c15dadbd888a1b7996150b1fbd5cb4

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/files/installation

Filesize
446B

MD5
e6219b09d16d97bc521a571edaef2ddc

SHA1
005b5a30053ee58c7235d653a0ba0d2db144e21f

SHA256
e9da1e2f62b34f4c25ddd23acb24b98126a8305ba51729058b2e62ece4298131

SHA512
af804f0040273fad74776755510437d86dd6fd0f80dd139fb01ddd5eecb6d853ebc3bb6d2340c6cec60318c4b1e5ceb28477e4e3f8155acb9e51fd8db8788769

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/files/umeng_it.cache

Filesize
498B

MD5
c24530e5915251707fcdeec063f753e8

SHA1
9fa01498e2052762ddadb679eec6dbba6265c5ac

SHA256
4618ad023137be3b802e21c31d96754cf892b5ed464da47f600ed433ee697b6b

SHA512
26cae25eba76df197e2cf566ec959a8f659d73abfa0a2df17d23c9f26cecd00ab8715d8e15120f53a8199f71afc0f310b521267304769d7ab80f1e909625de9d

Download Submit
/data/data/com.sohu.kuaizhan.z9636254278/files/umeng_it.cache

Filesize
253B

MD5
3fc993e5452ac0c2dd5a2f489deb69cf

SHA1
063b1c71f3f990957e4a424acd7b39f5ef2cfaeb

SHA256
934a4cb8cfe0e55dda69ce40d349079c622c93c8434d62ea47d61cf1f2690cb6

SHA512
880f0b0685aa5061a405cf3cc402ab161fb68324d0eca027afdde06a248e82ad0aa630d823c3851a8406e42131d4ba23e7786730fbddb7ccd223fd3eef1a8782

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
eba071cb105daab2dfabe1ef5f1e7cbd

SHA1
c613851df5bb3649b66f2001c85436cc35a976ca

SHA256
c87745d0775c790d5b623fed77d9ed3f0b0615872081fc5a778d1086b433f425

SHA512
76be71a09abd470682669f47d32d57526d63243b1dc9e154663dfd433c13cb114717c7cbb75e68751521e42619cc5e5bfd86ecd5807d5210cad1152814d8966d

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
f2d71bccbcea3831b6a518522bad1c03

SHA1
3f49c7c712368ffd1fd45d1bfbda063aea8ecc9a

SHA256
557e975578047c6e1733812716192021af52db818d010a26501bf426b2db8864

SHA512
96ed11f1a8a45185fa7e7d71b58270d4f816daf9a35f04e8ec2f32d31a37e9c8afb9a363fce9b516170b9daa6eddc4dc8021d889d0522ed64d12046b061bdf8c

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
381B

MD5
a3611aa70fe16432a53b8198d61ed70c

SHA1
425fff8cf13f9662162d9f3bba234751184b209a

SHA256
3c67a0fc187a9264c1707825fbfb672dac41b17f00677c17a45c24f902dbcfb0

SHA512
2270d37252b00f3f0e68a9a4e98942519e706c4736ac7c83cabedf6d6f5227c21e5f89ebd6a89f64e1b51e75831e2e7dedcd0909710c0bfc6ea8a9bad7de7bdb

Download Submit
/storage/emulated/0/tencent/tbs/tbslog/tbslog.txt

Filesize
1KB

MD5
2cde30c2c72d085c67733ca54f1e3a60

SHA1
152c608fe4fe9e2157f22eb1c4cba8f1f4292563

SHA256
8e78b80e84bb3b2d80cc33131e34b44e877be05265e3cd41b8bad7d5e2e3d969

SHA512
1396059ca348bb9ce3c94ae4f7f6bb0aad502a479f47657142baf4b42a443e519cce9f7af0aed52179c37a9676649ace4e05415f5c5d1108e513852f00b26f40

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads