Overview

overview

8

Static

static

6

806c04c7de...68.apk

android-9-x86

8

806c04c7de...68.apk

android-10-x64

8

fasc.ics.apk

android-9-x86

fasc.ics.apk

android-10-x64

fasc.ics.apk

android-11-x64

fasc.jb.1.apk

android-9-x86

fasc.jb.1.apk

android-10-x64

fasc.jb.1.apk

android-11-x64

fasc.jb.2.apk

android-9-x86

fasc.jb.2.apk

android-10-x64

fasc.jb.2.apk

android-11-x64

fasc.jb.3.apk

android-9-x86

fasc.jb.3.apk

android-10-x64

fasc.jb.3.apk

android-11-x64

fasc.kk.apk

android-9-x86

fasc.kk.apk

android-10-x64

fasc.kk.apk

android-11-x64

gasc.default.apk

android-9-x86

gasc.default.apk

android-10-x64

gasc.default.apk

android-11-x64

jasc.ics.apk

android-9-x86

jasc.ics.apk

android-10-x64

jasc.ics.apk

android-11-x64

jasc.jb.1.apk

android-9-x86

jasc.jb.1.apk

android-10-x64

jasc.jb.1.apk

android-11-x64

jasc.jb.2.apk

android-9-x86

jasc.jb.2.apk

android-10-x64

jasc.jb.2.apk

android-11-x64

jasc.jb.3.apk

android-9-x86

jasc.jb.3.apk

android-10-x64

jasc.jb.3.apk

android-11-x64

Analysis

  • max time kernel
    2635765s
  • max time network
    164s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    23/12/2023, 19:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    806c04c7deaa243750047c7d5031e2dd34f21a312aeec70bac441be1fea4d368.apk

  • Size

    10.7MB

  • MD5

    1325669a1a73de1c21a55407732318ca

  • SHA1

    65034008ced68f5e407dba94fc11e086c1735870

  • SHA256

    806c04c7deaa243750047c7d5031e2dd34f21a312aeec70bac441be1fea4d368

  • SHA512

    392ce9d13a04fdbaab5bae935cfd5cc64cabe55eba950a33d4cf211500f90ed384a9d3a588b9af06bc1449930f08f4186af3accd42bba90a25f01f9e442098c0

  • SSDEEP

    196608:aFIz7Dge/MH3WODuWNaqH7puSv5yJ+eyCVe4YGBEI1phKV0GaCeG9Wc1:aFIHD10HmOffpuaPeyCBXBEMphKSGaYn

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Reads information about phone network operator.

Processes

  • com.duowan.gamevision
    1⤵
      PID:4987
    • com.yy.pushsvc.PushService
      1⤵
        PID:5087
      • com.yy.pushsvc.PushService
        1⤵
          PID:5159
        • com.duowan.gamevision:remote
          1⤵
          • Requests cell location
          PID:5450

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.duowan.gamevision/databases/afinal.db
          Filesize

          12KB

          MD5

          7741319185f1960f6fd9fdc35b37082f

          SHA1

          157a0d319cd66e2d4f6828ef466ebf0fdb382976

          SHA256

          0a9630e5a9f712ba8b0816ce443553288537e29ad92cf071f9c713496854ab6d

          SHA512

          7576e28231ac1fc4f7d1e8e3d5a1573bdfc1fc50986935a6e0464ff2cff23d1c39248d0e77c918fa5734ca15278aa75ea3d8bfe089506e3c65079c75d012a6b3

          Download Submit

        • /data/data/com.duowan.gamevision/databases/afinal.db-journal
          Filesize

          8KB

          MD5

          f135483dbbd12b1ff9e3c01a474165c3

          SHA1

          1e6e23ffee9574b837b3d613fcad5c4b426dfc33

          SHA256

          588ba81cc654a90264b4c90fcefe771cbee5e63b791b9489c84a4f42f7c21e80

          SHA512

          9467eb6e656286ab7e534eeb3d03148879560516ffbaa2baefd1fbfd195e7d9253eee021f7365122d8bb9692a8c45b89c4fc68f7f8719d5274f822a6b021f418

          Download Submit

        • /data/data/com.duowan.gamevision/databases/afinal.db-journal
          Filesize

          8KB

          MD5

          44445c5a7d7a89f50aa53c439f9d6116

          SHA1

          9da8a2a972607ff659caab7d5b6e26e28ae18023

          SHA256

          14e7b2aba7f9247c83339dcccf12c6a88c110e654a00eb2a98d3ee1855ea28c3

          SHA512

          4151d845cc4bcfd79cad7dca1d058f0059bb09c748b19f463c8e106c075e009844d52d9d3af9f955eb162861164b493f716fcba71349d36a2ae48453398da785

          Download Submit

        • /data/data/com.duowan.gamevision/databases/afinal.db-journal
          Filesize

          512B

          MD5

          f41f09ff928cdeaea9250e0fd3dc4085

          SHA1

          075307d4827dd068825a33677a6fa8030934ba54

          SHA256

          91d9372a938adda05b397d8e3f77f31afc0a8245ce502ab82966d5febac834e5

          SHA512

          1d0b622b53fe0cc4106bbb85293d047f3ec644172c88b1f18a4bdfa1e4ead556a05e7c647810ed9a36ada4f2a22c97383bd71097e35ce783de200832f5aa2fe5

          Download Submit

        • /data/data/com.duowan.gamevision/databases/afinal.db-journal
          Filesize

          8KB

          MD5

          47a8d100810ec19f48b7a3dde4313973

          SHA1

          0722a85e75394767b36e9928ea9870c67748bb81

          SHA256

          ef3d5982a745062e51a7c2f5cff05247828b2abf58756e211eb036ef0b49d410

          SHA512

          0a53f735e068b8d888947da7596f98565b61a0e040fee2db33ebdabea1dc2c98b121f3baee58faf8913b2e1a92bd31996c4c714ef1e4f1504ede9f70372451bb

          Download Submit

        • /data/data/com.duowan.gamevision/databases/afinal.db-journal
          Filesize

          4KB

          MD5

          1915dacf231b2871cbcaa65ab506330a

          SHA1

          f5dbded57b2e1edee2c800f2188486aee2acfc30

          SHA256

          76920660941e6f5c38d583228b5b134460c63c8da80aa65678088d3f8a5ae64a

          SHA512

          f6661925cce68db55f339f9749d6dc50db5d35326370640d84e506e9a703892df2ddba882872c887bd24cd159c0678eb24168749142f7e2c29ba1514358c91ef

          Download Submit

        • /data/data/com.duowan.gamevision/databases/afinal.db-journal
          Filesize

          8KB

          MD5

          e71a79676fd7a59eb61251c0dd3296fd

          SHA1

          340ad008c20dd70ceb0afca21028386e10cfdc4d

          SHA256

          4bd3aac66bab7ba8cbbcc043031e3b6282f2303a29d09a0ef9e1feb2d71b1b1d

          SHA512

          af8075b58b8383e9fb280195a1e4bfff37abdf265b9f92a8ce94f3c42d8be020b28ae5b02d3ee6d79a6d3c56646a93716399e18ac2e22095a0e41566e8689911

          Download Submit

        • /data/data/com.duowan.gamevision/databases/report_11b226fc-f9d6-41fa-8ba0-955c4aad9bd52.db
          Filesize

          12KB

          MD5

          163b0e3f017becbc89b9d7f330b78f09

          SHA1

          1ef9cd8ac8655190468d0ccece0a4738634ab0f9

          SHA256

          cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36

          SHA512

          6a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd

          Download Submit

        • /data/data/com.duowan.gamevision/databases/report_11b226fc-f9d6-41fa-8ba0-955c4aad9bd52.db-journal
          Filesize

          8KB

          MD5

          dee13e542349f44b47b9c52cfc536275

          SHA1

          1fa9d40be9df7c7366b78a3851f4468e82396c89

          SHA256

          3bbca558dda86184e693d92e5ab19dc6ec86c3578b0e2beca5bef95f13f48bb6

          SHA512

          2ca0d622f39be961c8ad6ab66b0c5131ce5a2875a263e4c7fb25b5f15a8fa72365afb1b582e0100157c0b4052971877c6e291f48546fdc9e6ba4d95bcc4ca151

          Download Submit

        • /data/data/com.duowan.gamevision/databases/report_11b226fc-f9d6-41fa-8ba0-955c4aad9bd52.db-journal
          Filesize

          8KB

          MD5

          f2e666c1643816b450d72c5a19c6d326

          SHA1

          ce7529ac7e3c6a26cdc2162eba51d841f3116f83

          SHA256

          9bfd62f5468e60beea84ce37e2dd189489d44c3a2ef5b69bc8f1ff6b09e29196

          SHA512

          40c025cd7357e171b7f7a9b78b4f48924ad1a5d3373f3a80df9802aa087228fcbc41f3740c377fa7edf4b033f739eba9c1cc0448362fc647676031985a0718f7

          Download Submit

        • /data/data/com.duowan.gamevision/databases/report_11b226fc-f9d6-41fa-8ba0-955c4aad9bd52.db-journal
          Filesize

          11KB

          MD5

          2a22d8a9a94bf77187c0c3bce53faa7e

          SHA1

          fbed82386980dcc7d6482dd49009606cee38477a

          SHA256

          f59f245ef732b3ba7639747675566d6f0e8e34d2cc381a83d0b3f5671a4093a2

          SHA512

          7d3a3157645c3800347a887e6bd2ab0c56bda88bb30be17603cffffc3f6009219e8bdcd5c7257257e59eb308cf6cde456b084d35a6e25a2033de6e69316dd635

          Download Submit

        • /data/data/com.duowan.gamevision/databases/report_11b226fc-f9d6-41fa-8ba0-955c4aad9bd52.db-journal
          Filesize

          512B

          MD5

          7a767ab90d5506e8c316652a69c275e8

          SHA1

          1785d85ba6f37e57ed15111b840ec159555d3991

          SHA256

          36bee80c691260b7c5a0672cd975d98daad986ed498daf3a474edbb35c64df4b

          SHA512

          2aa883fc8c70d88b79f24abd8757d9c1867686c27bec7f94453a49047a9243a9cfc29d963aa9ec18f9422cb8a6e695022026868a982fe65d137d439851b74ea1

          Download Submit

        • /data/data/com.duowan.gamevision/files/mobclick_agent_sealed_com.duowan.gamevision
          Filesize

          528B

          MD5

          49cabbd05731091289928257a25c3211

          SHA1

          2629c9aadf773d947f51a36653fd0f284d3b1104

          SHA256

          8a3496657fbf3cadd059763c3c19df6ed28856d5074d72506dcf0fd00d208b31

          SHA512

          0564a9101a3e24c5102d46c6d2ba08518e5901a85c925e95540795d9d3f34c1c3430765e7748e9193d1b6a924fc8855bfc4daceb8d8fce4b14e96c09be3ef063

          Download Submit

        • /data/data/com.duowan.gamevision/files/umeng_it.cache
          Filesize

          148B

          MD5

          466cc44a0b918279ee819b034e31c7cf

          SHA1

          298bdee69b98c2c5b31bf793100777267c1314e3

          SHA256

          faa3b5b220a6358ebfdc83f1a25e66cea45e508304c65eecacf9999478662123

          SHA512

          4e2215d236b062dca4414d425fe9c48888ca0397d2919cf5d59aced19bf44d6be73e1f767d16ac2c9e47cd185304535f057bc7bc7db1a834766b2b83617517f0

          Download Submit

        • /storage/emulated/0/.android/uuid.bck
          Filesize

          32B

          MD5

          2500fa937762ced656650a7d98ef46c4

          SHA1

          aff0bb63cb3d242f0d6bda33f4bbed4f6a7deed0

          SHA256

          42406f81cf11b0c65f1b165c2c816f34a6dd27f5f1c041089651b8baceede4ae

          SHA512

          4e1e5e27029b7a0628508a175a38dc9343978b895da1deb78cef0b60cb165d6fd71d87b82c3880764145b0c5609d944c35f46348a8ff5dcbbaacdfebee3fc6f7

          Download Submit

        • /storage/emulated/0/baidu/tempdata/ls.db-journal
          Filesize

          512B

          MD5

          04002d90a69fee1d338029acc0bafd9a

          SHA1

          c8adab208d9adf6aef5d0f669dbf1eab1524a259

          SHA256

          adce386683ad9f145daeb70d32ad09e59d880089bfa485076c347ec3790d39e3

          SHA512

          a392e75486c782c07273e871086592913c548e19a92c308272c0d528b74167271535d1172da75bcf017046ce30d80bad63a106a61e6f86d0755a650f41852a21

          Download Submit

        • /storage/emulated/0/baidu/tempdata/ls.db-journal
          Filesize

          8KB

          MD5

          5a3e255e23db1f851ad6877f9974b94a

          SHA1

          3f6b2d0247dbf10bcd87b33fffa25c8f48b4f2d1

          SHA256

          c6b0a2466aef1ebc83d01205d33a3c356ffff440fb359bca809392344cd70204

          SHA512

          0d31ad54196b538ffca6e7b0d00143cd62f7e18b48290d2fac773e191fdded91f0cbc227ff8cdb66faad3952f0dccedd14f70710298fb86bc69ecc36861ad888

          Download Submit

        • /storage/emulated/0/baidu/tempdata/ls.db-journal
          Filesize

          8KB

          MD5

          82ec6c02d4711c12819fbc70bd1a1ba4

          SHA1

          ef1616315312b95f19d619fdec2d2ea0bf3b6ab7

          SHA256

          bc05701e14115d8f159d86cc99bb3939cb4a80a30655d82a3847357a9b244e17

          SHA512

          ae567695c24d481d939d9d9b4df2a0d9a9b23030e9ba8f78beaf69a2ca710f4dc82ba82f13f3a3d9ea37e4f2593cde086057fd7de98adeb0c2c0674c6ec89d7f

          Download Submit

        • /storage/emulated/0/baidu/tempdata/ls.db-journal
          Filesize

          8KB

          MD5

          4cf54af42212ac619705126655582b9d

          SHA1

          40e32f543631088eeb0d1acee9865ff6dbae81c4

          SHA256

          39be0c08959c6966b282eeb0c3de9cf42c6091e23e64c041ca7fd0fa58c8c2b3

          SHA512

          991be08185ebb47c7c6cc1cde769de3b6e98cdf6914dcb3cbbe6ab172939f092abc954954f9175efddd539b403d746e7f8011b805a4ebdc97288da4fa7ea53a3

          Download Submit

        • /storage/emulated/0/baidu/tempdata/ls.db-journal
          Filesize

          20KB

          MD5

          cae32e7bc5d8996dbb7a46558cd0e749

          SHA1

          4408c23db2d78809651fc59df34c45336cdd4307

          SHA256

          c962c62b9a41156feceae3edab3ceaecd4b5e417a26de5f492f7e28ea3279388

          SHA512

          6fb6f8043cf5369760aa90ecbf6b1dbc7741d3c8d7b6cacdea4edac03dff6c7cf11fbcf4339a790c52b991d446c4e2f31e1df185189fa870a50ed78f5442758e

          Download Submit

        • /storage/emulated/0/baidu/tempdata/yoh.dat
          Filesize

          8KB

          MD5

          299ab18842dd3a49623fcf746e00c483

          SHA1

          7a47602218a184394086c95377e4b96d9a18f9ab

          SHA256

          bdb50cc547842305f5cd0cab5dcb443b5e3686908de4590630226b4ba39ec58e

          SHA512

          77787a0a16bea187182eee69f899bee6d85f896141160a9fb21fdd10ed48861330712a9138f33471653485b45b3721ac08efae72e5f382e302538a36cb06ff04

          Download Submit

        • /storage/emulated/0/baidu/tempdata/yoh.dat
          Filesize

          8KB

          MD5

          b59afbd4a7e4cfb5ff6cce3e1a5047ac

          SHA1

          4b0a68cd5c4b05899a08d5d97c48047b875564e5

          SHA256

          e9edea983dfb5548df1367f35496ddfc6ed436e929735613b89347cc25bf2f93

          SHA512

          f44deb0c1be05ae2ae964d85c3c61e7daf7d1e812b4eb1685462fb14d767132305672ec85f24668e4483a28bdf24f30e894bdd5d1a79ba3399033e32b95190f6

          Download Submit

        • /storage/emulated/0/baidu/tempdata/yol.dat
          Filesize

          528B

          MD5

          33b305c1aa11d0b9d66c5c0834c82ea1

          SHA1

          61cdd48a8baf3aeebc023206cca257fa1fc80fea

          SHA256

          0f2030cea0d4fa20a3f7e622756926611ca396a4a0769298fbf226377d0332ad

          SHA512

          7603a33006a699994bfe9050a336d6f6321db6ce5651fe3258d2065519cdeccf3c96a8fffe917e24000f0a051c02407802514f3bc78019b6e63b4d36cc36e47b

          Download Submit

        • /storage/emulated/0/baidu/tempdata/yol.dat
          Filesize

          12KB

          MD5

          ee0f5c489ea923c396ba9cf2f34e2808

          SHA1

          ce7002d98283d63128ecd006f0cc20d616e6a7f2

          SHA256

          63e1b8b61e4402e7ca3efd0bbda5bc8845dd547ba778ed457da3bf2032500e0b

          SHA512

          dbb14a11799662ce8d1a945a57c8a2d9fe543a16d877d9b942123d6032bb7ba4dd5cb3b341f0cd7a1bf97edd0d062f34228b5fd0c2a2ed7719414aab37c48741

          Download Submit

        • /storage/emulated/0/baidu/tempdata/yom.dat
          Filesize

          8KB

          MD5

          b7c7016320f447c12960f1e69dcb5ae7

          SHA1

          df5ecd574c0018a0204357da441cf36c01a6d14f

          SHA256

          60141270d4310c309eb218c4a506c4b74ce8e9657b85a26c608e5854652d1489

          SHA512

          5859da7372f2bf21eae8de548cf7f0a7e608b92ef1d750f387a8eb34c86208730ea7c6290fe16ab437df99559925ef2d4ff02b762f2449f56efcc55fc010f3bc

          Download Submit

        • /storage/emulated/0/baidu/tempdata/yom.dat
          Filesize

          16KB

          MD5

          78c62c81d7741942ff4139068f61736d

          SHA1

          59d028de32321223c6e530a44544942a2155ca0f

          SHA256

          68ebb428e9c699ae0c3a29aa6d2376a177b591a9617322c35bee819286007dff

          SHA512

          78a1179dbaa6f04e22487cef1d6918c9a764256005e41d96da19853a99ffd36b284fb5500b2fa4844688145791e1d29439fd0738bcc45f55a92729f1a276abec

          Download Submit