Overview

overview

6

Static

static

6

74aa3b9fd5...0c.apk

android-9-x86

6

74aa3b9fd5...0c.apk

android-11-x64

6

Analysis

  • max time kernel
    2612432s
  • max time network
    171s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    23/12/2023, 19:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    74aa3b9fd5ad7bbe599f4f7ac570415b11abba60e94d854968b6e44cb29ab00c.apk

  • Size

    21.0MB

  • MD5

    da1a09c2e6b05fcb53a985a31c39fd90

  • SHA1

    b635a7c26ab5ea28b6d75f69371261a3ee7308df

  • SHA256

    74aa3b9fd5ad7bbe599f4f7ac570415b11abba60e94d854968b6e44cb29ab00c

  • SHA512

    3eb7ffeb663286ad3f0e655b49613725de859b8c9512a79954980ec20bdaa7f24d1a2da96a91cb992de01781f3907dd847f07db20048c15a5fe55189c0ddaeeb

  • SSDEEP

    393216:g35rcIeyQFIGN9g+Q2LCG+xxe2C4TZQ5fV32nRJBA7PqHI5SGy9irf0qsNRGB5x:6jeyQFZPQ2LARZQ5x2nzS7PoI5SGbrfH

Score
6/10

Malware Config

Signatures

  • Queries the unique device ID (IMEI, MEID, IMSI)
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • com.tiyu.app
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4478
  • com.tiyu.app:pushservice
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4629

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.tiyu.app/shared_prefs_ext/test_app
    Filesize

    29B

    MD5

    e100d29a40b21c6750265edb5c6c6384

    SHA1

    885bc72aef8e9995903117dcc4a8d8b23451aa94

    SHA256

    7cc03eeb86636fffea844b0dda512eb975e885c594db80e6f7edbc221a5a1f3c

    SHA512

    5ccbba271678e89ba6874bcad18ff307ecb510b639ea103112909d20046dbc991d7edd8d9bf6600a137931d29ab40b1f023660b9d1a3669fe8e42592f00a07c6

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushext.db
    Filesize

    12KB

    MD5

    171aedf968e17a2744d2585715606cb9

    SHA1

    bbeddeb3b89fcf809619c35b4a318a80e7d5b029

    SHA256

    d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

    SHA512

    78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushext.db-journal
    Filesize

    512B

    MD5

    7cdd473180e8f61bf4dad399a6775ff6

    SHA1

    ca49f8932e9e52a3568aa7d538e795d026fb10f3

    SHA256

    48956540ceaac4a3bdee30de4a8dca6d4e2353f3ccdfd831da23cd08a0c5de94

    SHA512

    9be744cc4f542bdcfae06e621b89e2050f6e4811ea3c234f3b8ac7e9d58325c4701603f3bc681c845d23e77250b154373b45685f30d48270f5bcca2dff7d51b0

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushext.db-journal
    Filesize

    8KB

    MD5

    69175ef4b7207be45e313a5e5f10f068

    SHA1

    faeebcb267e50fef8a70b07649dbc4030cbf1354

    SHA256

    4d9e38891566fdb448d7413a31b867cf3fe15a31b8a1e1a45cdc3364dcf2b73b

    SHA512

    3058bdd0921c64ba73d2f7aadbf8e81af79261f6813307912751f804b84ddcb8ef73ad0fc2f1b6f52af9d2bf90f3573010c0441a0709af5cfa035c6623568908

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushext.db-journal
    Filesize

    8KB

    MD5

    872ba8abb9026b2c89ba7b3c3d25a1b3

    SHA1

    34593c04a3d66e4ab630c35733ae3e876e1e5c42

    SHA256

    557e0cc0c7b6abda7a17119fc1b86419b02fda59d9a999cda6f873ff0a7f4bd8

    SHA512

    c6ec5876b52f02d34d2c8b60ebb4022b2a75881285bc0d86018b1861cd93759c39e94a780f9cbb950a9f9b3cd569db680c70758f8fb65e667656441af568f854

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushext.db-journal
    Filesize

    8KB

    MD5

    b55ea4e04c8ec9817492c2a8d65fc43a

    SHA1

    e7fc2d2ea6f3784ee9dc3508c4174deb6bb3370b

    SHA256

    87562d4d2da14b68b4cb622011e175866a6a83d261b10298b39c4d5d545715af

    SHA512

    b89ba4ba4af75abbed56a9faeaddfb07a1f7cd5d574b32f27fdc66af480523a74cdedee70f2602fc1d121006020bdd317d0a4da3421e0c886d54e76d8d348077

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushext.db-journal
    Filesize

    3KB

    MD5

    25ed21e332f460d27105a1e2f6db53da

    SHA1

    651d9d6aa62da7f59a15ccb7576be20e037a841c

    SHA256

    2d5156b1417c7eeaa58c4fdcb050c4fdc2d308ab55fc2223fd8643f599e29ced

    SHA512

    2569ff89041fbe7e0d1b1bf98eb79812b20baaa75644aad35f8ff622dfa2decfea0e4baf9b1f56ff82be80de30d008bd88985f2d9cdad85c440b35d1a9dd9a3f

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushg.db
    Filesize

    28KB

    MD5

    bce452a59a527ebd8bf6ff0095516829

    SHA1

    cb84f6525cbe2175b178c2aa8d4ff81bd52bebd1

    SHA256

    3103299a93b13580069b8561bf0a8a69d33a4abe6abcffcc65bc36f4a212f42a

    SHA512

    7d223c44bdf9a2687a657d5a52ac081b56fcc055ff8131afa09a609c63d374c8218d40e73a8bbc139670847c5a6d4508da181301df84f56b318a2b4bb31cd802

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushg.db-journal
    Filesize

    512B

    MD5

    6ab0434f33c3f353f6a16ff64ddcf349

    SHA1

    f100a0b1d33deada5d66a9973fe4eb4d35024ff0

    SHA256

    d44ff194e854588ad5d9b1c510fd434eeca197272a86296a9031a4af78beec1e

    SHA512

    d720522995cf593e3e0fea44399227677d8bf49307bad4441ff1e4e7bfe18dc8da6446b7a37defd18499304b24a03b4463d1376c560259d51a6135841c9ee24a

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushg.db-journal
    Filesize

    8KB

    MD5

    70592ceb2bbca498c0184ddf240ef1ff

    SHA1

    62d5245488428ab6058d8015ca63e84473e1d8f3

    SHA256

    3975d3827783913bcfbd2e64b9254354c80cde5a315840e20614ae051f4d79bd

    SHA512

    69d4124cc297a3e046703631ba46024e7bfd2693b05a60c8a9c24e8dcfdc813493f6adc85d8bc94520fe97dbd5e153062bc34e118f1125b97f1aab4de9f7c0d8

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushg.db-journal
    Filesize

    8KB

    MD5

    df0fb0dc194a1637d9b67e56bd977ef3

    SHA1

    098e26f9d142fe06bf0c8b3ef1c39faf3978c6f4

    SHA256

    2dda59cb4978f1dbd7ebbb5eb00216d1812419b4f9b2257df8f46fcd330ebbd6

    SHA512

    6f91ff1b017fed693616b9f8d0dd74af088779387619f42605af8af6cbe298cc76fd2506641d01aa79d909fa09da04e7c2c42128ec80d4c948e398279bf117d4

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushg.db-journal
    Filesize

    8KB

    MD5

    e7f82c60c885a1333932494be48a84b0

    SHA1

    8f3837babbce106b5a509563934b2d4d56a09fdc

    SHA256

    705765ea45116d80234183524e8b847292ffedcccf56193fcf78e0cf8e65559b

    SHA512

    d2e3bb6753377942bed897f6693adca7656f714019767b157e163303950a0f414b38cb6bd1a8a8a1558de928bd8eed6b3683159df4ce8ddbea32a2d73208dba1

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushg.db-journal
    Filesize

    8KB

    MD5

    736574def51112d815c7ae4e3f8db03e

    SHA1

    29d2d892cf54350621e03030f7cd98901ffa92c3

    SHA256

    a295a00fe63a8a61562fe922b756cf77f8eb276a11d1dbf26d501ec50c3407ed

    SHA512

    3d930cc8174306fc88fd6c6e44d909c79bca8c35de3139a9ab7b041e83af14013201c7b74819b2557fe56ab8189e25d4a87ca153ec3b284c84d493f50ce3e2c1

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushg.db-journal
    Filesize

    8KB

    MD5

    f997916c08eed1a7c1c2e900c46cb630

    SHA1

    73611b5b5d194134516dac8beac157c5cf3d714b

    SHA256

    b0b1ab61f8917a372fd79497cc566cfee785b93934ee76f7a48d09af70f4b745

    SHA512

    12de44459992c866d8b1c5893b78ae053804271227bb7e5ccb67be20e96514c7447efea36aa4a1cd750b1120fdf49647e13fcfcf5d142f89696fe93af0758403

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushsdk.db
    Filesize

    48KB

    MD5

    6004174f4ea8b526a03c482fd59f5af7

    SHA1

    e5f2a5212c4f54ac291004021cf7f1e13cdb0074

    SHA256

    03b81fcd05a76c19f4c41b1c7fd1884002bf9f9e9a8e354603dd4bfbc78886eb

    SHA512

    72a858c174546d7561e7d10daa5ac8974d9e96b44cf69d1ec355244dfbdcbf0de2bd0663340620dec697a87cd9f26901d9eaf77e7fc48e777ae3544af2f7b130

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushsdk.db-journal
    Filesize

    512B

    MD5

    a4e789fd9090e3916dd113b90e07bd08

    SHA1

    12e1c87bc975ed2e668d710440d8a79909b0b8c0

    SHA256

    78de08af3b67c35192b0e5e9b427d088744aef4a58bcd49e6982e3574b7bb42d

    SHA512

    7589094208f12927ae24bfc8020cd1c0d17ad60984d93e33173b73be7239e74c9b3fc9bb969adf7fc3aa5460b1db8c9a2b8325da73804d5dcdf6cbf22e04b76b

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    f1e109773e974ff2c4dc471008a4e275

    SHA1

    5be7e08c7e0d6a2b72e7cc001fb45e607770d851

    SHA256

    f568ef50385c7d9b6a5a24e356fd8216da3f58ed683e0da3c4762aa2b2dbeeaa

    SHA512

    c4b58fd90a730d14dfa995f481f0974af94f579cec87af49ca51348c7a7300dad574847fdbe446158d0a828a9428c5830abdd84c5b85478b38625d1d5b2be64f

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    3efa71008786ec33b4a11092463ccb82

    SHA1

    34f8a8e157014feaea1c8a819572b29195df5f3f

    SHA256

    c0b940b0049dc119c5558fa670ccd4786472aec5b9cee9a0f6852bdc9593fa95

    SHA512

    447445a5e684bef0d9c84a993ff6df4d308f9b38b82b05e5b947a83f41f0c75616943246002a53f900a86363df71d5b86bb9d216decbf92dfa0b83f79b7e99eb

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushsdk.db-journal
    Filesize

    4KB

    MD5

    493422666141fb1af4400b0c536a42de

    SHA1

    f91370ad96d4b00aaeb22dfc6e9c94977f0ee79d

    SHA256

    f52f789176949d3d82fb4f2d3853f07d80eb01481d57bb484bee328f2b9fbbf8

    SHA512

    c00f93dcbcec0aab9eca4c1d09be2a7250defc62a627d9d7b99d638aefa6a221f7cc700218295a6ad60823848f89f960f762e81afd31f7b8fc30b3e504dc766b

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    2246242323d1e0a259d09bb3effcd6fb

    SHA1

    1bb4cc1322f12cdd264b61141a7f342ba9900db2

    SHA256

    e661edf96b7242aec89ea4c0caebe3d0224b7c7f701aef4e770d2d69c5f59a0e

    SHA512

    53afc717d21fb8ce1604231a29857004369b2c3354d732f70c0e2400f58dd5356b557a4cf8c76d44137fd36554c69360ca61b4f56ce83f190d27842cbf23c267

    Download Submit

  • /data/user/0/com.tiyu.app/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    dd0f5fbbd0903c2445508cc51b0016f4

    SHA1

    fba4158d9f4900d541b616d181b5bc0d1ddaaf7e

    SHA256

    dbc4ed14b9e224c371f487d5770a4231ed5cbf36b6544b59f33beaeeed3e11e1

    SHA512

    ed41a62a72ef73f8e0f515897011fca7b0f78f1745206aed939a9b71a6dae2b11dbe0c9622bf21f04d80ae089a17fbbd880c106573bf7c29e7f9705892776611

    Download Submit

  • /data/user/0/com.tiyu.app/files/cnc3ejE6/eje3cnc
    Filesize

    335B

    MD5

    585839d66722cfd02e40cb740cccb633

    SHA1

    374c19200fee201b26d0153487a281a934615884

    SHA256

    86a9bb4985cca6c9636c4fd071bef4b70ba7b3a5eb51af869a1299dc2b1574a8

    SHA512

    09bbe1bf1455861fd4732f2d1945c84bac34090906ac2fab75d144c22ffcf6bc585c8209e94a2b1919c8402df53966081a1af2993e12261ae4c4ac5568667d88

    Download Submit

  • /data/user/0/com.tiyu.app/files/init_c1.pid
    Filesize

    32B

    MD5

    84e88e9327e1cbd24c7c46ab383c0342

    SHA1

    54e8a1170d34c8602f685108becb97d85db3e967

    SHA256

    0d08eda40e7b43caaa8ccab646f871b1173c588d1a55a4593ef9fa1ef1fc06ff

    SHA512

    5b8caeef33ec1134ee5ae4e1ce9177d2ec92ddd88059a5e8a4ea14900ded68c8086d511f9846089ca32b84f89ea62bc134762cdd541a9bff2f3bedee32fe9e2d

    Download Submit

  • /storage/emulated/0/.imei.txt
    Filesize

    32B

    MD5

    4f01e8f98f5c22f45430f252900095bd

    SHA1

    4689a085081aa4cbe4f926c8912c5d417570162f

    SHA256

    d1dc71b46f36a2fbe20728d09724a5c0fad5e4923652e0a695e2694fec65e3b4

    SHA512

    a47ded9f0bfed703df896297425ad2263a26ecb125bc7cc6fbc2cebbc186ae27bfa0bafef1ea1afa30724e0f2a820181cd718bda494f70c1ab0f58cac0285236

    Download Submit

  • /storage/emulated/0/libs/com.tiyu.app.bin
    Filesize

    79B

    MD5

    7fdaba4704a8849cdb9b89bbd372d959

    SHA1

    a489c6b797c1818ac98518f175206b0e14a78bc7

    SHA256

    f772bea48117af225f7db4fd66331fa991247530454e810be0173617d61d22c0

    SHA512

    ea66006ac4ccc47b0763679abc598c456d639ebf34ab3b97399d802eb58bc8bace2fda0fce4e93a6b89f227457e216e0ebaf5b9259d8a3caf4e2a8f935c43fdd

    Download Submit