8850a4f66723db45c04764ecfa94dfbe4d2ee8f8f173155b3324e84b7ac9195c

Analysis

max time kernel
2751789s
max time network
154s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 20:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8850a4f66723db45c04764ecfa94dfbe4d2ee8f8f173155b3324e84b7ac9195c.apk
Size

11.8MB
MD5

8504ed5b1d092309908feb0e8864ef21
SHA1

77362b49f4109bfa59b066df45336ce300ac312a
SHA256

8850a4f66723db45c04764ecfa94dfbe4d2ee8f8f173155b3324e84b7ac9195c
SHA512

0fcc70048c94d1a35cf8afd409c8b1c8df94482c12217104c0224a8100add0589364caf659fad93f9f5092119aed0cef11506bb6d529450d0927786eb66457ac
SSDEEP

196608:uLq2pzhq3douWesYjFOM8UkD3oZwOFKmn7+I8hdvHKd7Adjdilgdfl9cWYaVhLFU:ue0zjuWzYjFOM8UHwOV7+ljqd7A1dddk

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	cn.kingstory.bike
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	cn.kingstory.bike

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	cn.kingstory.bike

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	cn.kingstory.bike
Framework API call	javax.crypto.Cipher.doFinal	cn.kingstory.bike:channel

cn.kingstory.bike
1⤵
- Requests cell location
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4218

cn.kingstory.bike:channel
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4337

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cn.kingstory.bike/databases/MessageStore.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/cn.kingstory.bike/databases/MessageStore.db-journal

Filesize
512B

MD5
285d533e28348b75440e506cf039acea

SHA1
4ff76db1dc5ee45f0793eac437b4b3c068579ab0

SHA256
00d129a4b6a65eb4a3b4e7d232b9b46d993ba3f95d446238bce08bdb706e8b2b

SHA512
6b3d7646c1e457fabe486be47de53bb78b97c34de1066443d848f6dbe426d2e5b55a6f3b3fe6aa7a3f5b3c0f5619aa502f252097b7264b769f3f75154f14e09e

Download Submit
/data/data/cn.kingstory.bike/databases/MessageStore.db-wal

Filesize
48KB

MD5
1fe435309a5deef44a61a9cca9bd6370

SHA1
8d0039b1eb4531d2e01b2fed8e6a4a369dc795a7

SHA256
7416230d6ea8f4bfcc02fcc0054a9b0b5f4cf3810929f567c7671564f17e98ee

SHA512
96af7ba96a58920386e2670e30fd55f6632f8d1136f9833b16637a2e168da8c178356f17d8bd801da1a6b18b80ecc68ab6a5bb5a9a26c64911cd0ef20bc1ac9d

Download Submit
/data/data/cn.kingstory.bike/databases/MsgLogStore.db-journal

Filesize
512B

MD5
c5186f03959fed68cb2618d9b44f2e74

SHA1
3af18513ecce5a825a7de3558d821c95a32be95d

SHA256
d277e32a677d0154be94d217cf9b3877aae5d56feebd6cbfa5f3da3417c2c77c

SHA512
05df3cb1760a25fa2cf88d2f764b18d4d0a700837d0c684f3aed0784aaaef62245598051be8c07d499dc834304186aafa0f7b1e7195dd17dea6c8b68af892f48

Download Submit
/data/data/cn.kingstory.bike/databases/MsgLogStore.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/cn.kingstory.bike/databases/MsgLogStore.db-wal

Filesize
68KB

MD5
8a9737b0b8ce9adfa005407266242648

SHA1
fa067f0c393488d584d376af723ed7987a1c33bb

SHA256
5de06d0b9c40828ac4436e49ac95154947fe4a0c4567e89db3dbe3a2803fbb26

SHA512
6487f854eff7438bdd3ca09590b7dd3a12426615b4cf89eea2016bc2132986b741e3badf888dc19f2e87c9056759b25d7749fa975d964ec792333ca54034354a

Download Submit
/data/data/cn.kingstory.bike/databases/accs.db-journal

Filesize
512B

MD5
b90de5505d126365c7d5a9820554db41

SHA1
dacce1d022251d405f623ebe072e8ba8430dbf8e

SHA256
bd655697b974b892035cb1762c47f5608635b2016a3bd193397a8ad794332d39

SHA512
78d160bfa86a5b7786f69e8ca139938ed765f9b370493d91203d9b572fa141e494c0d99ad18988c47bb818b6cc181076bf7bcaf575fa6acde14d3ed0971fb5bf

Download Submit
/data/data/cn.kingstory.bike/databases/accs.db-wal

Filesize
32KB

MD5
50f73af233a800f814917a71bf241ee9

SHA1
257c86c550cd217c98a39eb5ad0d85e5f88cf165

SHA256
614857872a3a2434f2d20a2d960578cabeded5179d97b6f03ee3f5fd95f4950a

SHA512
f176a8d5e6870be80bad7fe21ff0ba6712fa8869db2643b1e64545eb99f14c65b3ff7308fe3b491cec19d5e821ceb271f5514ab72b5fab333228648ac3c343ac

Download Submit
/data/data/cn.kingstory.bike/databases/hmdb

Filesize
12KB

MD5
3fe30614d7e0d11db870b4624f6c50e0

SHA1
053ff0fc621ab40f2afeddb3e7b4a73ee41ec533

SHA256
67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d

SHA512
c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

Download Submit
/data/data/cn.kingstory.bike/databases/hmdb-journal

Filesize
512B

MD5
fd27da4b8240add4b0be2a117b893591

SHA1
70d9ff80b0c7b8f9b900956aacd3c698d0e924b0

SHA256
c0f1058b4dbd8f081ca9d445f1fc4709b6cb2ddd72ed7011b4f600b56c4d409a

SHA512
97bf86bad4400667248635996e40a349360e036bc68012e78d8db87f37a55ce3eebe4bc4271da65f69f65bee8b9c954c638211f2682b2db203e23d6bb60ac5b6

Download Submit
/data/data/cn.kingstory.bike/databases/hmdb-wal

Filesize
16KB

MD5
5825da3cf29b034c6962ec894251150a

SHA1
0ad795e5f0afc8d56b5b87ed53ca1f12fb0c983a

SHA256
bbf234a78c42e4e82d522b573e03281f4099b2f10184b2f010cbfee95cc1dd79

SHA512
f7f63d153a3b7c697553f5d7a96545ac5fb3ef1111895220b3b0f1dbc2427078c4a2c5e33666a0ac9dd3cdf81d62b43b5764b6b41c3f040e46fa54dae2a1da4b

Download Submit
/data/data/cn.kingstory.bike/databases/logdb.db

Filesize
36KB

MD5
a7b5debf648af8527d38065f285c6754

SHA1
ad8513c878ca1483a2472c7f8dfc8a416418517e

SHA256
0d8f1987d41b042ee7aa1ae97d1950a40884ff4ed620fd02371017160e50eaf5

SHA512
c879b912d723e9c382e547f605dea4d77830d9300c3cdb1a14c2758cf4e895000c7ba2afe37584ed2fb94a9893e8ff47bdfda4dfbf2dc47aca75efc5d28984e4

Download Submit
/data/data/cn.kingstory.bike/databases/logdb.db

Filesize
20KB

MD5
4d7d4b91560dba357d2c03c0e2aa816e

SHA1
342c51b55f90083e876495281e3efaaec5ea9000

SHA256
6b2c6ece0060a4cef0c8724167852bdde2210ee34606d91abf59f6582a5407ba

SHA512
9f0c38cb0cc11b131b469565935b7afe29163d483168b409218c0a8004c8f2b9b412915ec3a20ef1435a08c925cb6fce1536240863e690b1080d0982611b4842

Download Submit
/data/data/cn.kingstory.bike/databases/logdb.db-journal

Filesize
512B

MD5
78bb1ccf64bcb5f6c1391dad347a9dcf

SHA1
8852db2d51d7637450e39d246b4d16ccf89f7e74

SHA256
57edb60ac2540e753f9328314f75010193631f4de9196c1e1d624e5403a0d700

SHA512
00f00b917162fc68584d48fe8cc8af3d28e27cec4f23df26b133a5aab8645b34955e8ae6aea7bc1b172b6424dff34c2bf05137baa6d79ff55984fc76850b54e8

Download Submit
/data/data/cn.kingstory.bike/databases/logdb.db-wal

Filesize
48KB

MD5
505674c108157781da8f3f16ee8c82a8

SHA1
592a8aa2248a93fa19eb33bceba20491c4f7a6c3

SHA256
6e74c5311af764cee4ac550907c2b428dc8199099bdf6e4a406820815d5d941e

SHA512
caaa7c98694f2d7537195a30bf3d511ca164aaed489e8f54f03da92b9e44504401bddabb09d11022da946661236a6a6b89ea819bf0d0d6d94847bfc3daf7e33e

Download Submit
/data/data/cn.kingstory.bike/databases/logdb.db-wal

Filesize
8KB

MD5
cf46d15e2e0c89e9886602d812a58cb7

SHA1
10a166ebaf29ded01be4fb92ee1103efb91db8a6

SHA256
ec7826109eff15f43c0f25fb4d17435e30a0f8f3b3135ac48db3eb2a7a6b104b

SHA512
29be341e014e3343b06b74a56daabdd13c1c85b213d328229597f6ce96e232625528fba62346d23d4cc29c2fe3c5d2a26624aac023c8de4d8f5a8e2bcc93fe28

Download Submit
/data/data/cn.kingstory.bike/databases/message_accs_db

Filesize
36KB

MD5
486e2bac2b3e9e1cb411d2838a4854bd

SHA1
81dd0a7537f4af319b830ae834908986be85da8b

SHA256
5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57

SHA512
c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

Download Submit
/data/data/cn.kingstory.bike/databases/message_accs_db-journal

Filesize
32KB

MD5
fe0d8b3db0fa406392cc7d99331d067b

SHA1
482c6a94f32a61bf298816f55259a1f4d3787b23

SHA256
7853bcf89457767aae11e88e67b6c13d51820aaf0d9233ea8c69b6ec8ca08164

SHA512
823466156a4f0a6212e38c5a6fdc2fa04c33e85f362e4df97f3571c67e6495fa95db36dd94691c84732d1d67b89f62dec0d950991c0d7a053c38cf0c741e0d62

Download Submit
/data/data/cn.kingstory.bike/databases/message_accs_db-shm

Filesize
9KB

MD5
0387d392948151430e18c38cfd8eb7eb

SHA1
411c5976e0ea1cb740f528f181a645b46192501f

SHA256
ea9f7f4810ce8739de1db0ad451cea1029ef2f4c2c16baed91d298e801017992

SHA512
dce0c192e985184ac909a880906bb75e052378cd1bc5ac6d4272178361321a6eb21e4990b084ab7a3b20d88b263c39b5eb544595cb27135346151377ba9d0d55

Download Submit
/data/data/cn.kingstory.bike/databases/message_accs_db-wal

Filesize
48KB

MD5
03838cb692c43ed4211b77d432970fea

SHA1
a3a4fd763d12bc8e8fd8cb657f95ff91977c4321

SHA256
183c60fbff030178edafc1cc0102695d4920068be5c323e71b78ec6e566d2023

SHA512
6ed0515ec6c7f5c211f221579b28a4a3d459ba01ba93832d87fab280c99cf2a838c87b7beb0fcfd3ef4606bb1b6646d8fa563ab49542cd0cd1515d8d2028f558

Download Submit
/data/data/cn.kingstory.bike/files/agoo.pid

Filesize
4KB

MD5
5074a68d81d4335c3b4accc9fb8ad8b5

SHA1
766ac580ff0854fd6c00788f6bdd8555f4a0b6aa

SHA256
dfb8d273e7258140e91924c080aaa091c5ff588856d98aedb08974d44ea7134d

SHA512
98c84fff5d958b7ac09641215912881de536c57cddd90ebb1bb80c1ef52c61edd1d12cbc01a5409142c348655b0b546376b5c27ff2101e6280ad6211a091cfdf

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
76f21de1a61dc164026bd58c4fc089da

SHA1
af516b299b3ccd9355f3b150ddef0292810a9b3c

SHA256
0f3c92973cd13e4ec57fe817f7141fb01a9e8f9b123ba3036ea4793c50c87a38

SHA512
fe7de4a63d9e85c8dacc6c2009c85f47906aa84de0e2f35bbb2bcc7f2197dde77154af6dd28929c481e295eda4f59df593806807197ab88b08061d6c4915ea21

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
c100137d33c37f6ad0f2a9dcef209e11

SHA1
e64c7d9b21f8229617ec6b2479c15f02cf830865

SHA256
31cf13075b6854201b8f56aefa7ac97be323498b4f61cb8af51f3ac22d54337d

SHA512
f72188752d80da590271e2add374d0bcede8da908edd414793bc61f39d93144f25e5d09d7a1fca22d68853786473d5dfe5186d9502835589cbf8c4a6aab9239f

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
512B

MD5
c407230c57ed22c328e6d4aadd7eb047

SHA1
0676cf8c0ddd4bcd0beea1316551984843818a60

SHA256
73bb89f54201ab2ccbe1b0f6abe79106c279294e6ba8efd3ea2297dfd91f963b

SHA512
983b6b73fe8610e1847cc832572b73a8fc099d0bdc4ceb5978092248097d6b67626be0d8f5426ccb3364c62d1212524f489ddcbcaf99acccb452ed01b505e2d2

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
698387b246b102fe147249612d0eee73

SHA1
6cb2807a3f3b40165b408eb16245473ac03d245a

SHA256
eef15b38a6a65459a6e7c518b56d1f3dd3a52a649ecec8c1eea397b5d0428ce7

SHA512
adeb5de45d56912717ae4a8f004414d03a35dbdec72684b13603aba6fb0d28fddf25746203624d12d05e1a1a780281ed095010ab262d4f48cba5a4f451b60242

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
f83dba72932c1697b6df09217fba9d62

SHA1
fe19052289e9086edce6a355035e5cc477c1767b

SHA256
f61cf41ee6a19c9edcd6728595b96756a746856c4d72a8e007fca29cef1da400

SHA512
48a7351ae6a9c06597b829f61cff8bcd13233c6f821c258701b966fcc74b219906bafb597211cc147b14f89b7307afcdca4a94417e7096da463b87baec407aaa

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
4KB

MD5
333a770f5e47ee9deb36ec1d7dddec74

SHA1
5fb0c2888881e80af774342ecb96c64d5f17f7e2

SHA256
2974182f0cda85e34d9cf54acf3982486b4b82c9ece5c7d0129393c9a7e4473c

SHA512
f7a44c476b0fb59143b2be4b35f52ea572e16983f9947cfdf59c8ca4b110da69321c6decc8652ffefd045f5d8fcb3af2ff5186e111c1d1867e554d5c20753008

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
68KB

MD5
843be32f81e8c3ea31616cc33f581450

SHA1
8d8e5b9830daf17d3e4b6655a2b99cd17b750db3

SHA256
ddb929253483db56ae5b44ef832fa12cb96020254f80fba8392744ad0c64cb91

SHA512
0c82fa1ceae84f208981006a5b79cc5a15279b945a6fac2d2f6e81cf9090f354eb1d5706c117e480bdb00af67db0e9579f07c6187a77d0ec4ff4f96a0507f278

Download Submit
/storage/emulated/0/Android/data/cn.kingstory.bike/cache/TileOverlay1/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/Android/data/cn.kingstory.bike/files/tnetlogs/inapp_20231226.log

Filesize
32KB

MD5
2e54d6a0181056729a42c19e9095f60f

SHA1
37fb5f3a5d1fd546dcbe7a3dcf0e18e8bfcb808b

SHA256
c3a88b6e3329973e6cf437e9d9bd29ffc00cad1f55bb464ff9f99a86a3f98eac

SHA512
aef1e326d2bf07bcb650f8b0cdc4ace6042ef3c243da2f32c250051de5c2bdb38af6b2bab21a66b1896a074e3feaee92b71b5428ef6e49fb9aa3a694ed2d8628

Download Submit
/storage/emulated/0/amap/data/vmap_engine_version.data

Filesize
4B

MD5
dbfc22c51e841252508c66609d3d5880

SHA1
ae1849c31ce313d7eb0a6294f2d6013d54c96f8c

SHA256
caca8183cd21a08afa0002352dd9574784aef05dd0b0e232d7f1c8cf85a9a2a3

SHA512
6f138993b131c2a4de93ec325549a451a480c8a77eb2e5dda4d8b7fe0d260ceb6ee59114b5fb72e8bd92ba1ac96481e33bc8122953d47a62825a056a04a384ba

Download Submit