7f208d46f367a1d8265b471ca9220d34c3488fe62e0d0538bb7266f15ba95a3e

Analysis

max time kernel
2733161s
max time network
156s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 19:48

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

7f208d46f367a1d8265b471ca9220d34c3488fe62e0d0538bb7266f15ba95a3e.apk
Size

13.1MB
MD5

bc1aaceba9d886ad22319d7d8728ec17
SHA1

3ccca251329ee75974175777dc05a6a8699cd64c
SHA256

7f208d46f367a1d8265b471ca9220d34c3488fe62e0d0538bb7266f15ba95a3e
SHA512

8fd51202bb10d4e4cbfb1cc0ef079dd46bbf52e47c0398d1d05cfade80654b11bd2b1013e11c1a297f0de26e8c6f6cd46613b4bd98c17a36773105771347956c
SSDEEP

196608:QLBCnTP+TVT/I+p6TRu3KBsHv480ovUZhvLQfc3JWmAAuPJ1qhwaWiSzfxNtNnG5:EsnTk83TRRn+UZG+7H+5RNtNnG5

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	org.zywx.wbpalmstar.widgetone.uex11807501:push

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	org.zywx.wbpalmstar.widgetone.uex11807501:uexjpush

org.zywx.wbpalmstar.widgetone.uex11807501
1⤵
PID:4274
- cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
  2⤵
  PID:4348

org.zywx.wbpalmstar.widgetone.uex11807501:push
1⤵
- Acquires the wake lock
PID:4408

org.zywx.wbpalmstar.widgetone.uex11807501:uexjpush
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4442

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zywx.wbpalmstar.widgetone.uex11807501/databases/uexJPush.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/org.zywx.wbpalmstar.widgetone.uex11807501/databases/uexJPush.db-journal

Filesize
512B

MD5
3c2b6f8cd3f753fc0601d4a8d0ea78d3

SHA1
81d9a63d86ce05a18fe9d2c534a1aa383477464b

SHA256
fe43baa97c24549bf70283094dce580078a3f80eb104b57a61afab5bb95f894a

SHA512
179e0da20cef62057a3289c86d2cb66c6c29d24c374655b091fb589599522772e408f1dca65e3d57ac5317bf638dbb38144b423810e62a0e4601a8a57e98e3c5

Download Submit
/data/data/org.zywx.wbpalmstar.widgetone.uex11807501/databases/uexJPush.db-wal

Filesize
32KB

MD5
6ccc0dc590b325415c3fcc69b2d927b9

SHA1
c53afd5d081387ab1deee7d9fded93cc53485b03

SHA256
50f02f5e35eb5a6029281cfc7b3ea701c7d010b11b0d64dd03cde9d98a51aad2

SHA512
b6819d9767dd086f95909207038cddca51493fef6480cf51b69ff13a6e3fc700bf1c9caed449136dd347fbccfaf17f777ddd0f4be27b4e890321b10202ced0d7

Download Submit
/data/data/org.zywx.wbpalmstar.widgetone.uex11807501/databases/wbpalmstar.db

Filesize
16KB

MD5
b3d23b028797b2ea9d7e67df6a6a0865

SHA1
c7d36d551efff87671c9e2ed070b4ebb8e601907

SHA256
e7bb0eedb765b42294e63f76b4756deb43964fc87dc5aa537b8062432b401ff0

SHA512
1436e8327afd14a9df08d3f6551d127e9a6df36015e678c27e8e8f3ee69fbeb11ec1a68084fac319775c535e0ef53eb1c14bc97aa046887f593cff95b22a9dc2

Download Submit
/data/data/org.zywx.wbpalmstar.widgetone.uex11807501/databases/wbpalmstar.db-journal

Filesize
512B

MD5
3f8d3be508e189681f6e47a7f8eff173

SHA1
643b36cb24c5c5ff4ad32388dc175f5e95bd31d1

SHA256
5470a961854a32de7ce4d9ecaf859fe977d673bfc300dc0f8061c4169ac49aaf

SHA512
9585d9817ef4c749e638459c07039ce947fca63a27af9963114e3984624075206efadf298d6e7fa856fa787c252081eaf733ad21154ae7fc4069e0ca904d3072

Download Submit
/data/data/org.zywx.wbpalmstar.widgetone.uex11807501/databases/wbpalmstar.db-shm

Filesize
32KB

MD5
998b9d2892dfb3bd4aa5b77233e8bcd9

SHA1
b0085116877f9a8e635fd89ef91d1698d80dd11f

SHA256
313a6350511a4ae213385c70e9d942570284692f78c830daf2cc1f7fab9cee3d

SHA512
133dd21e80a09a17c6a83e4227697591e800a1e8bb63e3d451147e1383efe8a593757527bb0f4469f292bb5a055d9d8fbb91307ed4cd8907a53f499698163fda

Download Submit
/data/data/org.zywx.wbpalmstar.widgetone.uex11807501/databases/wbpalmstar.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/org.zywx.wbpalmstar.widgetone.uex11807501/databases/wbpalmstar.db-wal

Filesize
32KB

MD5
eccfe29272c71fbf719cd8e2f27eb9a8

SHA1
657205e42ae3f10661c0903ac14e358d7df427a0

SHA256
09b85e662888a0eca5a85db9107fa205ba769a0680755eceeb79d0c4b612740a

SHA512
9f153185e9b6527a972724dafd20223db6a516372168dbd9ea25963dc9b90a56c6e9e0a2f59b3f7b5d98aa15beb58fbc9bbfb4d6d02903696cef43bb3471e55d

Download Submit
/data/data/org.zywx.wbpalmstar.widgetone.uex11807501/files/jpush_stat_cache.json

Filesize
119B

MD5
2c3159a1092317605ed82657e6e23c65

SHA1
349efd76ff241857e3b54ea4946bdc90569fbd33

SHA256
be8ca7ada28a0782c44677fdfb1e6ce0dcaba00034a70e3d132497b6ac2e912d

SHA512
09cf2657bb7cbc2f0ff822c007cf8bab71ece7155689dcea54b7e2554bcdec1fe1de1854ef700b5f6f7cf7c0145b04596569a942449bff4cff50caf70bced626

Download Submit
/data/data/org.zywx.wbpalmstar.widgetone.uex11807501/files/jpush_stat_history/normal/nowrap/980705c2-010c-4252-b95a-c0f57aa2bf1e

Filesize
159B

MD5
70546d8d051ad967c73cc2035a4e3322

SHA1
1b1e414ec8e254b12137d70c06b3fe5f54246e09

SHA256
cb845edaafd94e8596f0d1796eef4c5334ca50cb19d10b1bbbef22ba45d87b9d

SHA512
15068d827450d6a89b4ff7d0bfa651bd22ce7dfd5b9aa50bfb6dce1ce2e11ab7653b4323e22e50d798b7cb67d173ec6f508193310a2dbcb0bfdadbe4ab8776ae

Download Submit
/storage/emulated/0/Android/data/org.zywx.wbpalmstar.widgetone.uex11807501/cache/uil-images/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
32B

MD5
e6c0acddbf7a4fbd1a1610c76093c307

SHA1
6bd62bd0914c69f8ab69c10a88f4368be1900acc

SHA256
6ac6c96bdead4a18a8c682606facbccc8ed105dfad59f00820f6c1aa6ff1b328

SHA512
effa605e4981ebe7695aa4b9168967ff50229620244d41470f964a1f429f6a8e34ae336a1c359f2cdd33d39041fea61f186a8111c955bacce3c795aa74db5e05

Download Submit
/storage/emulated/0/widgetone/log/mam_log.txt

Filesize
105B

MD5
6d9af3f160d8f583a44635b459c79c7e

SHA1
decd314ac0493feffa33b67d74278dd2d2511096

SHA256
fad31647f2e294b75e34bd7fd782fdcbf120ab581025eb6d3febd47588c51218

SHA512
b3d6ea7031757ed1c059c5cf7b17c2d6d652ba985ac915263ed8074c23a407043177c38c0b7dfed5035966d8239e3854c9f5cc61f4fa588c2dc1036fa7d909ba

Download Submit
/storage/emulated/0/widgetone/log/mam_log.txt

Filesize
161B

MD5
3f523b305b3763e108e6cf5671f1642b

SHA1
af876ac7b83b678f43a55d09df6b2327c536f602

SHA256
f25dd81870abd76ea7b15b525ebbf94c95b625fb8bce35f0e7d5048471f42ff4

SHA512
a70f47eb4d7e6ad1ea11090202cb7c966f563cc18994538661d3678c184712933824e6f4a66bfab070a52cb9d6962062b529182340efad465ef45dcecb29790b

Download Submit
/storage/emulated/0/widgetone/log/mam_log.txt

Filesize
83B

MD5
26fcb0301fa893dfa340a767ddbc7286

SHA1
534a0f35ff63136ded0b64da344a7843de818aca

SHA256
1b1297169278b4cdb6795e031a83adeb8ac23051b525a26ac53fe412c520b370

SHA512
fdcc3ddf0a546e07de5611dcb8cb9b4dfdfac65a1da8bd4ee09ff278f007a3b9403617f7819ed94bedcd3eb9a67d6efd2a29b016bf059577f16a27885bfacd8e

Download Submit
/storage/emulated/0/widgetone/log/push_log_2023_12.log

Filesize
29B

MD5
f95a663e31908a7cc5ee7062177ec66c

SHA1
78259c869867d19040e71b976d02bce508d18898

SHA256
bb08335c3e90615658bce9700566f499b1d1b054b779bea77f261e020ad6c764

SHA512
86718cbd0f2d0c952393c1fa17a0c136a461208a22c97841b89f84b41f173b835947af491c6edd8e71de09e72a573f03a3f6f88819b94064b27edb7213d0676e

Download Submit
/storage/emulated/0/widgetone/log/push_log_2023_12.log

Filesize
75B

MD5
983a3e531fee9e3905f6e394ff7e4ee8

SHA1
2ce7cabddba5efa31c67256488d0d9c7ec73f793

SHA256
0fe760ffc720c9bed93d6c001f50875db4d67da90e5e42fb76abe741ee81d986

SHA512
69f7af0958eb14bea2a3ef64621d700e7d572bd95b14af63ab28f42485541006f12bbe65775ed13a6583dad4e5791030920fb98842519807c318df01d495a950

Download Submit
/storage/emulated/0/widgetone/log/push_log_2023_12.log

Filesize
202B

MD5
e886200e443b8d1ea62a9ce30f6baed0

SHA1
7d9bb8816dfef1d275b375b783fdd074931bf57c

SHA256
4c42d9bf710ae2e99bf7450b969f41112cae7a21de09c1074d421ac1a943c1e8

SHA512
3d0549abfc9764741a3f7c92f35fdba907d908f6e7f07a237887b755781ce5866d8ed59b3430bb0714b4beefab7f46f21cd966bcb1c017c27d132f9a34402971

Download Submit
/storage/emulated/0/widgetone/log/push_log_2023_12.log

Filesize
62B

MD5
02f2def9a60a65b0eb851051c7957444

SHA1
9fb8e0044800ef965049102673639b0fe451967a

SHA256
1899817ac3810aa62d029fbf7309f6a74c30f06a84f46fe212b98fe63a3b7bbb

SHA512
58819c027bd4add2297101f8186cdbfccacc3d3ce5980500ad1818889c78ac6d0c79f06c77c195119c5d768cbc5d6a1fe4a29b6da8015c74d79849ca917daa3e

Download Submit
/storage/emulated/0/widgetone/log/push_log_2023_12.log

Filesize
99B

MD5
232d7cae03ef99683cc84158db78362b

SHA1
42c3bcb542d4f848af9a2be7894bb5f7627616e8

SHA256
135a66e3f4566875f5df85752e7928930cae83dd1da33c9d8eda2aca59603255

SHA512
5f016ebdb3c7f96391cf1c448b9bf043b2c68fa8059afc2b0de0edd66ae700287c05f2cf41579e306d122cf47eea93aad5abc1d5f5bc3606d4ba9ba333341bbb

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads