746806a1da26f3d5b5fb6e57630067d155ce19e0516217547b8fae2bf45c812c

Analysis

max time kernel
2687261s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23-12-2023 19:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

746806a1da26f3d5b5fb6e57630067d155ce19e0516217547b8fae2bf45c812c.apk
Size

4.6MB
MD5

a9e8514a3ee290eeaf466dfd51827682
SHA1

5057382032d7a1089eaa44e3e18cdde51f9c8fa9
SHA256

746806a1da26f3d5b5fb6e57630067d155ce19e0516217547b8fae2bf45c812c
SHA512

b595b7d879804bec53eec4f240781f3d64f461d580470cbc27cd7a5ca7c1c531c12c1a15cc7e7b54c0e556c640d3f53468aa1f1ba208eee4ba355f653b733929
SSDEEP

98304:bPMOQ7M+fbjtLItafmNecwKCzft5kJRBx6D+vNiDyKDqBnea3Z+OH:bPRQA+fvruNLibLwBY1AJF3wOH

Score

8^/10

banker

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.ijinshan.kbatterydoctor

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ijinshan.kbatterydoctor

com.ijinshan.kbatterydoctor
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4250
- ls -l /system/xbin/su
  2⤵
  PID:4318

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ijinshan.kbatterydoctor/databases/alarm_modes.db-journal

Filesize
512B

MD5
0934c69c4f9368a0953c1fae6dbc51b4

SHA1
df5292d34f79e8960074150d2a882b9c8f895a8d

SHA256
e54c662ecd2aa6ffed55cf863f4ebe7a5f27148a99a7e95b72770c22620460c4

SHA512
7fb020e2a0415771a426d5ed2616faf7e8d2558ce19ccb7c51ae78c12a6d0295cfe2557180755379cac1dbcf736819cfb3da4929f9b3c8b03df6becdc5c92b9a

Download Submit
/data/data/com.ijinshan.kbatterydoctor/databases/alarm_modes.db-wal

Filesize
28KB

MD5
2f1439cb7c13796fe64094f22dcd02ae

SHA1
19bd27548936f5fd0f3c85768c4747d50ac294f3

SHA256
e97e63464bc42c928179ced40d8fccd947f942e57ce4d6c9cee01503a912960f

SHA512
99541ee698de2e630a8b9074b45ad7f8512987e527add3b6233c34f81f0049db696c954abaa5ac445898f340bd7b661ad2b5b450d1f538129b2e1ed2c53b1ff6

Download Submit
/data/data/com.ijinshan.kbatterydoctor/databases/chargerecord.db-journal

Filesize
512B

MD5
8232dde88e589b649afa6139bd024b37

SHA1
da367289341445e4933cce430cd6e9c30fb72c76

SHA256
6b6ba516f028c554e87cd448f21e8d2eb0b965927b0396b02d05a404afd31592

SHA512
054f2f3ec96668027e888e9f3e365e6cdf24dc21b0bc415c7bbacc0a034826913ba917e92a8d240d2f168271f7eaf27129ca09c425382ef482bdc89cede1b64a

Download Submit
/data/data/com.ijinshan.kbatterydoctor/databases/chargerecord.db-wal

Filesize
36KB

MD5
c4f1e9ef7ea2a5d00aabaae6e953a81a

SHA1
66b79270fe8d732ab22c1407627b3210cd4289a3

SHA256
2160a2f5445ace8daca07b8bf00fa29db72028632c33fa7434e65d71657d2b70

SHA512
63f8347414e5ef240af53af2bc840dc8ab1fc8764f5b2ecaabf04c539d3c26c0cc179c4f17e76677ddce7a19369be9e9764519c139e541470f2d097a88a918b2

Download Submit
/data/data/com.ijinshan.kbatterydoctor/databases/messagecenter.db-journal

Filesize
512B

MD5
877ff090debd23986d0d48ecec917755

SHA1
b1c4ce4a504f44f94e44caeb1a93dfa884bb6327

SHA256
08fe58cdfd715f2ebf772fae455742f1825409e6c637bd8365696acecb561a1f

SHA512
16a84b56dca130e0519fba1ac48c522a865d3cad032157461b022c0c42b25e4bc06495313fe8dadc8ec31952e743bc03f9dd2b853db252b8d439a3bb4bf8c7ed

Download Submit
/data/data/com.ijinshan.kbatterydoctor/databases/messagecenter.db-wal

Filesize
56KB

MD5
d3d8b4494e737eb00da3a5579cbc3728

SHA1
39c0f31848119ea49e8f3b72aa154ff743894023

SHA256
e2caa31939b7aae020a1969e15532c1605673590a124363752e6cff9618fb40e

SHA512
7a882120ed49ca7f20470fa2ac928f1d11460e65ed946f986135df76cbc77b5ecba410944a3eaba7c62072cf9e7306684684fa267f53e6597c325b8febed23b0

Download Submit
/data/data/com.ijinshan.kbatterydoctor/databases/shoujikongDownload.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.ijinshan.kbatterydoctor/databases/shoujikongDownload.db-journal

Filesize
512B

MD5
1c0b875dab138d91c005a3ea0a8f8ccf

SHA1
f6c4f6b544750712b386ee4b721a41ed320372b3

SHA256
a352cceda665e9e94b2295a71fa9b6c489bcca365b2790ede336c35916e01a06

SHA512
fcab824c2dd7c56114cf26a971c65700478e16d9b98f4cf5fa71d0fe7ef65f47b3090677c62258c48224a1945895afbe48ec3ae798acd190476ff3053a639bc6

Download Submit
/data/data/com.ijinshan.kbatterydoctor/databases/shoujikongDownload.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.ijinshan.kbatterydoctor/databases/shoujikongDownload.db-wal

Filesize
36KB

MD5
b522c9c5dfae57152d1aaccfb97b655f

SHA1
094cab94a22d811928c8c89859ab803d0697a5fa

SHA256
cbf0e2f929c853bf6eab3ef76ccb16ba0072228fed644841ffef269a6382365b

SHA512
029b2727ad9e7fed56088fa8ab76622b9e2ab23be4addc202e3ada51bad676fbe3911146536618e751d511c83d7a4cb350af6449a732e5d1a83adff04ce43b67

Download Submit
/data/data/com.ijinshan.kbatterydoctor/files/ksdk_kctrl.dat

Filesize
183B

MD5
4719d4ece09ea656c08a620006e67ca2

SHA1
ad0da7a7e140a57ca16a9a71c14a9581197c153c

SHA256
6548288feb69a5ae7ad8061d44f7e0b77d2ff07aacd6a2b7db2ec73f5fc2f06a

SHA512
689726fd8446b7ab48d1847a93af0916c4c8362949e79a6a2bee26100607869b1282f5b60bb26a7738fce35dc8117820dde5fefbb7042f093106fb0029c5fc6d

Download Submit
/data/data/com.ijinshan.kbatterydoctor/files/ksdk_kfmt.dat

Filesize
869B

MD5
07856fdc2b38a717c61bc7dabe16d109

SHA1
d88b7c034aec6fc7db5c4818b193bc7b5740db94

SHA256
341b6d6f74d1cf65a65fd75a666e96e38d705b8811722ddd39211db682a5ddfd

SHA512
8d4e935d5f78c7bddb458795fac00789cde414d3e62af0f98bef38d63782255a24606c05549038290a80759204a755caa4a56e3785c74d5b4c88749e243f7595

Download Submit
/data/data/com.ijinshan.kbatterydoctor/files/sjk_cfg

Filesize
28B

MD5
9466aeed75c20d506b6e60d85f516610

SHA1
42e1efb7a24ce5717301633aacb77c704c442d95

SHA256
aafe9c56919512f8ece3f0d7da4eb2a6642fd46988f46cd575a7987b18b6e64f

SHA512
b6778ba2c0c56ec1072eba1f5fb08dc5bc690026d5725a918e8cf79495f5cd90459160a5c9fca38abbf6f0fd500879a095b3d314d701ee985ad84bea285abaec

Download Submit
/storage/emulated/0/kbatterydoctor/cgstatus.txt

Filesize
7B

MD5
b9da8b6b79ec35b04d8b9b4d8592d4d1

SHA1
47594b91f617f48316bf0c0b49ad8e53e6229291

SHA256
4324fd7a6d5da9fe1c10f4bf9c3782b873d8660308744cc830586140b7bda25d

SHA512
3f4480f2723d44bf1ca4b952fed3eda331489f50a4bb186355e1470f08ba6a0e2e28adc315a51dbd89fbfd899c93e6b815d387eee58b3b79c157d21ac7c0d853

Download Submit
/storage/emulated/0/kbatterydoctor/history.properties

Filesize
63B

MD5
48a39d12fba6c5970cdebfbc31d45c3a

SHA1
6dd1b0c0b8359585b1ae89298ae59f189d1bca18

SHA256
03ae432c00b0701597dbf53821d8778bcdf6e766f6077384a2cec4f6532b5fa7

SHA512
b2a0ed0b374606111f4baf82d11f6f5ce5e15bb914e1ae28b1ff966e4f72f2798cbb73c63e4fd4159fc60de3b26e7a5d3f74d7191e3431a63aa4b5b6fe28ec33

Download Submit