Overview

overview

7

Static

static

6

7eef826fc1...2b.apk

android-9-x86

7

7eef826fc1...2b.apk

android-10-x64

7

7eef826fc1...2b.apk

android-11-x64

7

SogouAppMall.apk

android-9-x86

6

zfloat.apk

android-9-x86

zfloat.apk

android-10-x64

zfloat.apk

android-11-x64

zinsert.apk

android-9-x86

zinsert.apk

android-10-x64

zinsert.apk

android-11-x64

zpop.apk

android-9-x86

zpop.apk

android-10-x64

zpop.apk

android-11-x64

zpresent.apk

android-9-x86

zpresent.apk

android-10-x64

zpresent.apk

android-11-x64

zpush.apk

android-9-x86

zpush.apk

android-10-x64

zpush.apk

android-11-x64

Analysis

  • max time kernel
    2732784s
  • max time network
    134s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 19:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7eef826fc11c2fb695c733e4f9232cd1ba61826844998b8c03ef3373ed66262b.apk

  • Size

    3.9MB

  • MD5

    c70cff7f7378ca785d8bb5a015351cdc

  • SHA1

    2442acf965607f3213b4f07493a06f9e272dab76

  • SHA256

    7eef826fc11c2fb695c733e4f9232cd1ba61826844998b8c03ef3373ed66262b

  • SHA512

    c05b01ee2fe92d058e39cec8c1579d5b907e0da212ac52782a2477583a535b0e55adfd0e714984e38b41b07b4a4c9f5eb892a7b9814431a15b6a76e78cb2d76a

  • SSDEEP

    98304:a8Y/Mx8QLO5Gg+vvKRG0vwiTACKyqSOcxFC/DU8w3dlTGiax:ak8YQ+vvKRPw7dvcxFC/36Thax

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 15 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.superpao.seawyzhga
    1⤵
    • Loads dropped Dex/Jar
    PID:4249
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.superpao.seawyzhga/files/zpresent.jar --output-vdex-fd=48 --oat-fd=49 --oat-location=/data/user/0/com.superpao.seawyzhga/files/oat/x86/zpresent.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4339
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.superpao.seawyzhga/files/zpop.jar --output-vdex-fd=50 --oat-fd=51 --oat-location=/data/user/0/com.superpao.seawyzhga/files/oat/x86/zpop.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4365
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.superpao.seawyzhga/files/zinsert.jar --output-vdex-fd=44 --oat-fd=47 --oat-location=/data/user/0/com.superpao.seawyzhga/files/oat/x86/zinsert.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4391
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.superpao.seawyzhga/files/zfloat.jar --output-vdex-fd=47 --oat-fd=48 --oat-location=/data/user/0/com.superpao.seawyzhga/files/oat/x86/zfloat.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4418
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.superpao.seawyzhga/files/zpush.jar --output-vdex-fd=52 --oat-fd=53 --oat-location=/data/user/0/com.superpao.seawyzhga/files/oat/x86/zpush.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4447

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.superpao.seawyzhga/files/mobclick_agent_cached_com.superpao.seawyzhga
    Filesize

    159B

    MD5

    fc823244ec6e38832f1261d8700fdce0

    SHA1

    94de31157d03458b952bf8daa25f700ca4e266ba

    SHA256

    b9c87ee4c135c0fb584db0ae442e127968c3593cf9eca69fda9c9d7db00909a6

    SHA512

    abe49893f979b26ae141a0db10731955d74dc580c743f1f189067927fe9348f632beb37e57f6c28d209065334ebba10a0d39a04d7b8a7e966ec6161d83aaa2cd

    Download Submit

  • /data/data/com.superpao.seawyzhga/files/zfloat.jar_tmp
    Filesize

    105KB

    MD5

    3854205f5d68a510e1d6e77606bcc3bb

    SHA1

    e2caabb234e5ffd0dd62f8b464372071d0cac867

    SHA256

    99177d119682782939abe48f5edce541847abec65b40423caa21f2af541b53ce

    SHA512

    824d45db97c1e9f7495941834bc639a5427b6bfc5dc7d13498cbf651300d52f309046a58cc76f5a7f74773bb458a2ef012e092a3ac49c3aea0085572819472a5

    Download Submit

  • /data/data/com.superpao.seawyzhga/files/zinsert.jar_tmp
    Filesize

    65KB

    MD5

    cff3c7f1dddcf21a5988e0a31331ff66

    SHA1

    83dbbc699aef863df933a1f135cb2b578cfaba90

    SHA256

    5d8be9a58314190f89786191cfc89a31fb149f4d902b8e32ad3c1f21088728ba

    SHA512

    71f39b7589a65d733acc5d8115bb6215420da9cfe5fc012e24e5bbda204f7857ccb0abcd592d84cd492b1cb8b4d98bc3317c6d59ec79849023e333dd5c4b95c3

    Download Submit

  • /data/data/com.superpao.seawyzhga/files/zpop.jar_tmp
    Filesize

    103KB

    MD5

    ba1533ec039f3afeb7628c358092c07d

    SHA1

    b9c990db384c1cb3c57e08c7d551537852bb03c9

    SHA256

    dcb83b398bd46930a7da45e2405432a53c8762169bd8f453f8d943672ec9cfe9

    SHA512

    2f33bb242e6da888e9d3b19127a34fbd421dbb515657cc2936edc7d87478172035e5fecf1599e9269898ffab2762907d23bfdb94b1bcddad3236ce6328b00536

    Download Submit

  • /data/data/com.superpao.seawyzhga/files/zpresent.jar_tmp
    Filesize

    98KB

    MD5

    0e93c02104a3c6ef70d2b8ed417c1641

    SHA1

    c62a2c30a6f1915898c9aae9403e337814bb908d

    SHA256

    2fd52ebf245c919186df3f9bf2103d9db78160c184046cdf4b0402984a3d97bc

    SHA512

    59ff667251967cb23808baf23b35ef068f4164333f8e800a0f4e0a4ad1f28388b8d7a01eaf8832a6dac45d19c3461c1ea44fd480db7f41d7e7ad84be49962d3a

    Download Submit

  • /data/data/com.superpao.seawyzhga/files/zpush.jar_tmp
    Filesize

    62KB

    MD5

    286dedbca01a4e1063b4730021ea4c04

    SHA1

    1c2cf604e78a3162ae9005844d593c2477312750

    SHA256

    0a2dc57548d77a8e822df1b8bbf84817ad9ededcddb45f900076dba07b45e4cb

    SHA512

    1cb36ac58e4456a0b70d870aeb1499cee9739f8f7e20cc27af15b2e1ce155fcc969b5c282bf78c773dde3b7b06c92f4fecbc02b8c8f297215923986d7c5c6a27

    Download Submit

  • /data/user/0/com.superpao.seawyzhga/files/zfloat.jar
    Filesize

    175KB

    MD5

    42daffaeb7e7da74c0d9c415ed7d5b57

    SHA1

    248dc159d2b9a3bc9f31f3a77633982e9dc06b30

    SHA256

    2c639e5edfe2cbbfa92c7b631e505ede8d93726be06a8864b9200433acad0bb7

    SHA512

    01c65c9d8b183984d492e858fcbc284e77eb7f6b0ff7c1f7841596bc09403eef6e5af44daf182fc8bb5ffed2a956ffa3c160b6baf739fea951c1642fecb7cb73

    Download Submit

  • /data/user/0/com.superpao.seawyzhga/files/zfloat.jar
    Filesize

    175KB

    MD5

    a8f99f3e243a9643ca3a71275b923191

    SHA1

    33c6edf8c5b1d26730f6b8351de9de04a5456187

    SHA256

    e366704e89152d046cdd4cb4ac87bf22da8af67329ee4fdc657d95557a57f955

    SHA512

    a3a98de370b3b644ea8d4ebd221b04377ca974b3a4722343a8983b4014d9f3e616cdeb913bb9d998b29e3638765734ed6cd376e0bc400eb98b51918f7cb8541b

    Download Submit

  • /data/user/0/com.superpao.seawyzhga/files/zinsert.jar
    Filesize

    79KB

    MD5

    3f609b0bd2675acbec914ce121e8ebd4

    SHA1

    df84a214cf284cd4194ee600c473ebd62f9fc70a

    SHA256

    f05e80c8ca42e8b1656903d948669623dafc17cccc2edd8c5d0bbd72918ead31

    SHA512

    2bad457a9d694080c8b19e980efc5feb40400e73f85e730013f20adce3e43f0d21225a2e01862b8f1eeda9c97c4e028952e552c223e2c736944dd5c860395041

    Download Submit

  • /data/user/0/com.superpao.seawyzhga/files/zinsert.jar
    Filesize

    79KB

    MD5

    0a286abb712b853d26dab4845567a4b0

    SHA1

    1f1eaf4a750983a65dd49585323dbc07345e38dc

    SHA256

    5f04d44f9595e0bb0797179bf47360306df3532033bb83e433c02de4127c9baf

    SHA512

    538013472bd46933baa9b59e6a41d71c14f239c06b800cf97945e26fe242a7f2d829c20b3ef4ab05efda2019cbc59840ad3175bd76ec63b857533a93bcfea1c8

    Download Submit

  • /data/user/0/com.superpao.seawyzhga/files/zpop.jar
    Filesize

    169KB

    MD5

    8421124ac890bcc80384f1e5b7c63fa0

    SHA1

    40bf9f5ad6e2c831d3afaae50276af45ba6ad1c3

    SHA256

    50681952198b46751c5dbdd737be6cd97f2278d1a72f1286c8e0f462042befbe

    SHA512

    4bc3e416186b3c406c333a1354a8d049b87ec3188dba729a22c8f62ea8024f3c3712795116188e36ec496fb2b6931e92ebfd275873f62d4722a68d0253aabb16

    Download Submit

  • /data/user/0/com.superpao.seawyzhga/files/zpop.jar
    Filesize

    169KB

    MD5

    66445ebef3bb53fa349493cff9e1fb59

    SHA1

    157407a96577487dd87e9c362adebb9bd2a23e0d

    SHA256

    56ee195b19eca922f31c90c16da64ba7558d32a254d618948d58fe0bbcc405c2

    SHA512

    513707c7bd6331c25719e5dab1af059fc1028ea867740c083b6273320ef78f74db6dfc6739390bdda7056e1d7e4628024832485c91eb66621f31e82ad0ccbcd4

    Download Submit

  • /data/user/0/com.superpao.seawyzhga/files/zpresent.jar
    Filesize

    158KB

    MD5

    8b0735efb4af8b736edc8ee78d2b82b6

    SHA1

    5d9cbc6039d908ada3b5f2d47d8f35e2d7427873

    SHA256

    c079e53e30347b90bddc07eacb32a60ef2cfefd7812c2827dcf7108f92a8fbb9

    SHA512

    c831c6ebca936826a3def2c428bae47bbea3e85f15fc17026bfeeaf91dfe23136882393ba5e1e1c9c76886b6a90ba1920a274961b7b841364512f95adb9374c1

    Download Submit

  • /data/user/0/com.superpao.seawyzhga/files/zpresent.jar
    Filesize

    158KB

    MD5

    cd4fdf675089364235cae8364b1ad31e

    SHA1

    3f2357c4b0b776e97cd25a1a987f1c31ef6759bf

    SHA256

    1dbb6618eff60b149ebbf12819bfd5aa1761665271e1552786b267781830ef1b

    SHA512

    6d4a8bfdeed5eb6e4d0cbb29c87e2dfe083613e5242a3907e3b7bf27f25d2f2fc602467efdd97d30e879b6780ca551913c509ca9fb36814c329e99c2800e1915

    Download Submit

  • /data/user/0/com.superpao.seawyzhga/files/zpush.jar
    Filesize

    142KB

    MD5

    9919d52469bd2548c857daad990be606

    SHA1

    5ebe0af6f3ba04b2ea9c0f138322cff0fb697b77

    SHA256

    7494473ee061c978a5ee4fe150151ea350a65cfec6a02514cb951cba93651540

    SHA512

    7168f242ae9405643271308e364e5a61ef9cc6776678e55ddb09bb436638e9a27598b71c8420f5a6846a564262e70a39320f62e38861219905c7abc83c013607

    Download Submit

  • /data/user/0/com.superpao.seawyzhga/files/zpush.jar
    Filesize

    142KB

    MD5

    460963168cfabbea81c2c61f4c0c2d99

    SHA1

    5a1ea1921c0d65bfe02280c9b956c59dc749f0b2

    SHA256

    b8ec9e2aead0aa2c2ce258dfebf0e8f136128c1020de24c187e2e478aafb9381

    SHA512

    7cdb5165e95c2c22d8d9287a975ae07eb4b8c268d4c37c715272cf525c23d991d11c1250f7f0b7900e0f8842f521022b47d9aa988dcfef6c22d539e8431dcd8d

    Download Submit