Overview

overview

7

Static

static

6

7a6f764720...01.apk

android-9-x86

7

7a6f764720...01.apk

android-10-x64

7

Analysis

  • max time kernel
    2716101s
  • max time network
    139s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 19:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7a6f764720455e3efb35eaffd97ad4ee33ef72a4153961086423fa0b9dfc5001.apk

  • Size

    7.2MB

  • MD5

    8773b6786ba2f1583c1f3491082e8b07

  • SHA1

    88d5d17c9cf77e558333af150d6cedcd4e5c28ea

  • SHA256

    7a6f764720455e3efb35eaffd97ad4ee33ef72a4153961086423fa0b9dfc5001

  • SHA512

    43299f34013bbdb4fa74fae03ed6a81a1efd9f6dd5c3ba83df19fac3715e7309c3a9ddc2dc9148c74900e2916cca2e7ce24bdcb0cd15a370b2fe7c4d68b678f8

  • SSDEEP

    196608:noRBfEue4dR+KSf7OGACMVJHMQiqFxrGzXumb4fzBV8xpSg:oLrVdROCGkMQvCzd07B6xpSg

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.aixuetang.vwjq
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4245
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aixuetang.vwjq/app_dex/frr.xml.zip --output-vdex-fd=50 --oat-fd=51 --oat-location=/data/user/0/com.aixuetang.vwjq/app_dex/oat/x86/frr.xml.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4285

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.aixuetang.vwjq/app_dex/frr.xml.zip
    Filesize

    7KB

    MD5

    c51c88abce103e4597b6d1fe2fcfa704

    SHA1

    e8ab57854f7fb50a49401a6c0ba6d28e9e8c4adb

    SHA256

    80475c5f0bce99b7c43904731412af21d2e30f9806e3619d7448b86f97fe99dc

    SHA512

    1f01027b01357e5df437c6517afab7746009107c67452410710d3878fbe7185de26f4a6955f63a94d7065cd2b608a9209de9c877473da54ff243740beb6eb4a2

    Download Submit

  • /data/data/com.aixuetang.vwjq/files/umSocialStateLog/1703523096824.log
    Filesize

    513B

    MD5

    be8d31a45bdf828ed4caa5f3e8f79560

    SHA1

    77b250f589ff9f40f1099eae9adfb8d956c283ce

    SHA256

    57c33210ac00853923aefcd842d142a4f217bbf3cc216f92fa1791d20736bde7

    SHA512

    f1b6c26a9042ac783053443af0bd18c82a51fa945af5cf5cb02259b2db137b4894f2c1ab4027bf733ef8c42a0352bf7238ab3283590de2565e0fd17369f9a645

    Download Submit

  • /data/user/0/com.aixuetang.vwjq/app_dex/frr.xml.zip
    Filesize

    7KB

    MD5

    3cf46f8afce351c9ace2d62d0f6b1a5c

    SHA1

    078c632f56d44b49a1c0ce8f646127bc727c2035

    SHA256

    6bfacd778b233069ec029efdef1f21aa24045976e61d9692176412db1354c5ad

    SHA512

    b11cd7d19badfcdfdda679cd78ba2f5dafea825ab89e4e367c40ec6cea89055801b0ddd478b73f6cbbdd4b00907a4ca4e664101588991675bab1c24e95087eb9

    Download Submit

  • /data/user/0/com.aixuetang.vwjq/app_dex/frr.xml.zip
    Filesize

    7KB

    MD5

    0d35d19040031d6699756797ec67b8f9

    SHA1

    0d0fe38e24a434c6df26b7311abf09ec28c8d131

    SHA256

    7cee95ddecf5f60d87005ed6a789333d88e3783040e80f2f932e81cba64122a7

    SHA512

    274fc2f006878efcfcf82b79d9b3edd37ddced53aaff7c45accbfa4ad4ac1bb8bdd507c1f52a97025995cb49347c26e14bd2ba0e7e7682122df80fa503710de0

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    111B

    MD5

    74160eaae807c32a206c43b31824fb23

    SHA1

    a83da2bcc40a6ce7781d977371cc6ca32fa21187

    SHA256

    c054ee831d4f21e90e50bebee20f686c5912a7179d363d720cc9662f0b7aa473

    SHA512

    33d51af9991c0b9c17169dd1f1e3e4a757399440e4bce100acc36f30f35e608a73ad72e98cf6ce5d60f9e967f2bb4b92611c4e72fbc1166c77893d36d7b99e9f

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    213B

    MD5

    1c147552c1f1dc67a4a1a1753810c38c

    SHA1

    82032995e6d16c2df41a0e94d1498ab93fd7e6ee

    SHA256

    91b90f9b127a0f7cc3421950954eb5ad7fbba52c2e052b9797cdaa09126f08e8

    SHA512

    a9a2c267bba7e8c48c41de5410865440176a943b618a00d83b5902099271630e2b16a23513981f6bef11c9abb6cdf9a2f41acb148bec08f6285edde48569b9e5

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    111B

    MD5

    edaa2200d5f68ab9e86dce100078b7e4

    SHA1

    ea59f88e0955db9eecfbe11941075862707e9229

    SHA256

    d6717c22ee6c4c367ccbe78fe711eb33fff2577b3a7cbd6d9419a30ff4607c8d

    SHA512

    aad6e9930901d3dc34af9642b28019d48ca7d0e3d9abd325b26f935485d3168dffdd998e13613d3c539d5c030e0dfd34aa7e01bdf0f92960efe4bf669589885e

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    167B

    MD5

    67f02a3fe1632a2e4b71aa54ff67a9f3

    SHA1

    c912295589106cf1e0ad2cc172d49e4443ad0ae7

    SHA256

    fc506e25b314ce89290a21e4912d69901175d58c2390b747fff08a6a8985ea45

    SHA512

    95e47a2545e305867800bfaf7bd5e3af5c4cbdee84bf573a8973e219d02dfc6304a5cf933ec08655b4054f422add0d61c5d28758d6fe6a7adfd88990e4dcce86

    Download Submit