84fcb4d71fb495231939bff9fb5d88d319c86bfe505ada376f61986af84ffb2d

Analysis

max time kernel
2639761s
max time network
159s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
23/12/2023, 20:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

84fcb4d71fb495231939bff9fb5d88d319c86bfe505ada376f61986af84ffb2d.apk
Size

29.7MB
MD5

3cfb01e87d4f67ee8e2d9aa131da96fc
SHA1

e553048c06df3c86fc774c759e89ce87385f013b
SHA256

84fcb4d71fb495231939bff9fb5d88d319c86bfe505ada376f61986af84ffb2d
SHA512

e6319fd5672020eceffb0a96d17a45bb1e8587009f0765e70d837a164f2cc4e517e85f3600b7d2f7a1bd5a23e318547096e2b9c99d5544483d97cf6570a666cb
SSDEEP

786432:ADc8/2b7+gHYo7mjZTtN5NlsAC+voIlGqHc:x8/2b7+gHY4mdT/fuCAIfc

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 4 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.ctg.itrdc.ecloud/.jiagu/classes.dex	4466	com.ctg.itrdc.ecloud
/data/user/0/com.ctg.itrdc.ecloud/.jiagu/classes.dex!classes2.dex	4466	com.ctg.itrdc.ecloud
/data/user/0/com.ctg.itrdc.ecloud/.jiagu/classes.dex	4528	com.ctg.itrdc.ecloud:pushservice
/data/user/0/com.ctg.itrdc.ecloud/.jiagu/classes.dex!classes2.dex	4528	com.ctg.itrdc.ecloud:pushservice

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.ctg.itrdc.ecloud

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ctg.itrdc.ecloud:pushservice

com.ctg.itrdc.ecloud
1⤵
- Loads dropped Dex/Jar
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4466

com.ctg.itrdc.ecloud:pushservice
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.ctg.itrdc.ecloud/.jiagu/classes.dex

Filesize
5.7MB

MD5
a25a30ebdf42c95be5ca4ffc973b2d7c

SHA1
78cf9686accb2bb7676b0357266d0fa2487a03a2

SHA256
61461351c83262e0b3df6abb3263eac991ae17b8f3435965cd889b790b097b05

SHA512
db3c56d639a7728462bd9f13c04a5b59214abb05a64a424a2fbbb74f658d8222ffbe7c060d0e1085a8f270bc7d02c4e81ecd00cd79fc0f1980f82721c14f24c1

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/.jiagu/classes.dex!classes2.dex

Filesize
4.5MB

MD5
4ae3c44eda8dc14b493c5e9c37bee3a8

SHA1
6e98b06088045d8ad684ff4007102e5ba3e180f8

SHA256
0191d7c1741aa183745f8d5231a7b9957e4930d9b5770e292ef45fc45b218d64

SHA512
72efdd80c94946dd089b5fac4b0d4464ceca2a053112f78558a0f16ff65f8a40db2c15b45467efeb7539b9463a83529fb85fbcb4b72c7c9d35aa651b48bd7965

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/.jiagu/libjiagu.so

Filesize
562KB

MD5
d141f6661f27d70822c7021d752d8af6

SHA1
e545f7442dca4490cb67b745f6f13ed782b1971c

SHA256
e0313c66404c4fb7d023824265ae5a922079d422509d4b59c6fe45632c60146a

SHA512
0b2a4c540c077ed93561f249baa75a65344e75dbfaefdb3a68c0d653d79bb5152fcd42c13f34a87b09583f33f1a40231b4f31416b73c323859885374ca0667f6

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/app_crashrecord/1004

Filesize
229B

MD5
99bb18197ba4a86f7fc020fb80f4d4b6

SHA1
514c306855ebc394b6f52a47c1d2d13aefea9b97

SHA256
35f460b9d040f571111caa59089d4379e0d3e3e8900d7a89b5a8c7bd639e5c91

SHA512
32515409451c5e8cc45d2b84fc4d43907a2bf8948d5de63d682b257eadd72bd844cf5358855c7c9c33f4cdab1d370ac975503a6ad465ab0ed32d19577cc80d36

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/cache/cache/journal.tmp

Filesize
36B

MD5
5522cae4e00deafce8b588a45363a41d

SHA1
0628cc8eb0209051f82c3b4519d57c5c2f556a83

SHA256
9941864cd95031b584afc5854e5f971128acdae1b2340e4f1d50a6b9de2dc881

SHA512
c75a7cf7fc2a6d50ed1ea5aea0e0b2eb7e7a3018b37f60ce62706549bedac4e780bc862665f0eaf4f4d36b674fbb0cbee5a9a9870b601323c449d17164878f1d

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/databases/-ECloud

Filesize
44KB

MD5
1c9e55416277356346047e0a4d5ed08a

SHA1
a6b6e80c581c86141386983966fe438c22038d3f

SHA256
1a69e2ae179e99fd0187f4cf537fdb1eedf3a559ae9f83f743c15010d2d3424e

SHA512
a35ef5809f36c903799467e0bc8155be2bbfb0153706c6280263a3bb6b1c8e55d38a364efd2ae3615830e1a4e7ad29a8636a5a1f9d02f6ee510b724ba0502e18

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/databases/-ECloud-journal

Filesize
512B

MD5
0b0de3158b19992e0391ecbdaec18813

SHA1
9f51cc80943cd95d3fc4417948d33780a6b16bf2

SHA256
2d8711e3c0479c83f8852ae12998731a76668c92f0425f4ddbbfbe6891d4fc37

SHA512
fba35788dc5c109ecaebaaf1b49a692f8a9b7f5bd93d2c53564d14d8d216e965e85ba126e78483565d981437e84e98b7bdb13afe452df0bd2581cf2d27985a3f

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/databases/-ECloud-journal

Filesize
8KB

MD5
aee9661c63d0e750a9a167d33ef6b1c2

SHA1
55de93b80c9f9dba20b748349de301aaad1872ba

SHA256
67f3ef242e84899198a4dbcbeb6acd29024922824869796fc9116e9b1ef815d5

SHA512
6f18d4c0d4179905edc9a674bf814673de414a81e24deac0e9aa3c6d4bbe5b2ed0dbee61e92a05daecd5882a39085a56efdcd481be9ee7846825b40262c3290b

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/databases/-ECloud-journal

Filesize
8KB

MD5
bb666c3e9abe78c5a0808975072a3aa4

SHA1
3af82e8f1302e9928ee574401a0a87842f22d3b9

SHA256
a99c1517a23720ad486755e4427810feb00f5571609edc97872d11c7da7e249a

SHA512
52e5aa56a4b96d5ba7e0f3d3700cc78f29eef0649d1076868b4b62ff74aa4d25a411bc7772ab72cfca96d3b20ba9c35d47cc2306e3053b58a2aca1aa6c80e5a7

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/databases/bugly_db_

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/databases/bugly_db_-journal

Filesize
512B

MD5
38306dcf46988bbbd99ef800531e9c14

SHA1
8ea37ca1641c66d42f84fabd0153b90aaaf6bb01

SHA256
2c89d7bd5e35b14a5005017df3d2f430a49a383a37b5c4614099eca0ab76c8f3

SHA512
9464d9901a70dd26f0edf1b19af03d22e1bec9cb37499d894f1527620f6578c3089e1d40b50c09f93a0099ae112ba19ff9f92458676d805324ef8097de2e3d3f

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/databases/bugly_db_-journal

Filesize
8KB

MD5
477c82e74dd27cf788611dd836eb57a8

SHA1
7d7c9b28cbe4764e8034fb92e579b24c91dc7641

SHA256
b78c84b46427a36b48e597a00d112f5d9b24fa275dafc53f477c3c979a54c64a

SHA512
dbade344913495633591c6794af49aa0eeaef138354481655532f3d1627017ee5189e3e6ec6a0267143156393dbc952532ea483ba35d338b36a9f3622613f111

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/databases/bugly_db_-journal

Filesize
8KB

MD5
675e0b880263ff4afd094085640725c4

SHA1
fd5057caf0313deb8eb9e43b89f51403aea5b73d

SHA256
b26353dcce02ee94e7f50c45af062a0d9e3817aa632ebbec0f317d5694977ec1

SHA512
a507f144d9f963c2646ceebf06473ee625a5a7196b9d39e88acb365dc23c2f89d61ffc549e0ad149cbc7220a061ebe781c3370c082ccaa65d572674c3c92c636

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/databases/pushsdk.db-journal

Filesize
52KB

MD5
f38426c1b965d93dbd48ed2266082607

SHA1
11f0ae230a55d0d02baa9b1290796f4e11b13ea4

SHA256
fcf9ba4751e537ec91f9a76d84254fc36f5e92f40eb16340e48680db19815aec

SHA512
5fa4c87bb57d5a208cb07d6c280f875c87a4748aca4786c7b9f5a928dc2d3f6f936f84e8a0075abe67181f10dbc56870195897c2e02608b6032306c768fe6236

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/files/.envelope/i==1.2.0&&2.3.1_1703446681896_envelope.log

Filesize
2KB

MD5
24236e8a404ae3874c48e07b20249a71

SHA1
f3e9e9633590cda9e02d71697a46aad327823cc7

SHA256
2a976ec0937c3bb1887d9e152aaecb58e9d6714c68e49b474e4234c75cc5e756

SHA512
86e6e4c307003fa91b063a709fe5439e53b0b30162fdb962081e59dd9fa2487e42fdd49928c5bcaa657bade59acfdd7e82e02ebaae1c2c8222f6eb1ca10e4b76

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
8db5502a1f33272c0aadbf2581f651c8

SHA1
53317495e9d04dc601a610f529ae9b62df1bf8b7

SHA256
d6c0fd3b08b3a79fff11a143dca71dc4f84f2afd823a590c988fcb316b4d3f3f

SHA512
b7cbdc6050c89891386d460af6290dff9abee9f07188dada40f790e3ffefa4cc1cd30f9631f3ead32cad49c25ecee1e563a70798478e7e7c12eb41b93886bbf9

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/files/exid.dat

Filesize
57B

MD5
d0f31d9a1ac582db3959e0284c438c13

SHA1
84e4535ad9106c9e8bf293e3d122a8e74825340e

SHA256
84303a1a521cf418e3215200064463fe4fd427f3b7e7124cc66c270a4ac0db89

SHA512
13b5bd464d29059b7f95ecdae21b5d60d0d8372dc0e1b59888f31af3c3d29272135fd68a6e33ba07cb3f8496d97f0d6dc2b84fd6335468730c112c77c95777e0

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/files/logs_cache/4466_com.ctg.itrdc.ecloud_19_37_47.mmap2

Filesize
150KB

MD5
06ae8a01d80da962c7987c264af64cec

SHA1
63a497994321f254b535a846ce89f076d4e378ee

SHA256
0c5cc90b079d0d9c1ded1376357d23a9782a704a83e01731f50ccd162e246492

SHA512
8720928fbe7cf8351c9dc45cb1a9c8243939c7e3c9c6957d24dbe18c0819d05ea7475e3953018f0365461fb2987ad68d8ec9f59b03aef3adbd3e4ae8ebbd0427

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/files/logs_cache/4528_com.ctg.itrdc.ecloud-pushservice_19_37_54.mmap2

Filesize
562KB

MD5
1c4794c09edec22a3ea24e6829a35efa

SHA1
49b8eaaea13d2ed4bc372601e236a3662b6f8698

SHA256
b15ffc77387b19586782945d0bea38e3bc06e10a0de2b639bb6b132d14d95865

SHA512
3de547c122e1885efcdd60e942b4caa43623f40947286b7bee75f7ea4348cf771d4b31e571ea2372ae0163e64dcb2f7ebf14f273721bbe495c920286d8c57ffc

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNDQ2NjcxODM1

Filesize
1KB

MD5
bde4ac03b47765e5557afe6862971c39

SHA1
28663fc6401a46f1d167cc857350cecb34377983

SHA256
a59675f384a1998a5f681382a6dbec7f10a06fc87bdea428b8b2956723c9b58a

SHA512
dc305cadbeacb849093919940f701682e4a5fa43d9bd9f5a54802fa2f8dbbd1a4974bfcba600a25076eea339b086f92991d3b958cbe47b838cd699a67589b8f1

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNDQ2NzA3MTQ4

Filesize
1KB

MD5
2969bbe0b238a41b43ea03c723b68774

SHA1
e9db5da1ffc2e468e45fea290c4d73544995095d

SHA256
85fdbc7b1c0e477c39a1ba4088b8e0f42c8dd83e6ac89fae09f2162538681e01

SHA512
b39b4490bae35d79cda6446d7f64f4db86131d7bd837982338a278a316a664e08a7a417cafd6d18b55ae45794b378c4d45c1e73d1d241b5eed3717b1ca773598

Download Submit
/data/user/0/com.ctg.itrdc.ecloud/files/umeng_it.cache

Filesize
350B

MD5
9156a33fb5753230f88bd6fc9636f6f4

SHA1
fa88a890402233f585a932314060a2e40b06bb5e

SHA256
45b7899d77ed39ed4b9dd314bc0bbb422875e0cee600c10c3e4b2c0154db94ef

SHA512
14289b8e5b9b082597501dbe068520225d13e672efba5a71bb5cca446e0adc6a0ef1c2527f0973af3ccc23bd0e2e4642ceea97da4e9cd1b6af1a8e0534c61767

Download Submit
/storage/emulated/0/libs/com.ctg.itrdc.ecloud.bin

Filesize
8KB

MD5
3c5d76705d62f5eb46f676070aafbc2b

SHA1
b26eed2b54c701edb376d52f6e9338ef0c15c68d

SHA256
465a488ccfbc574ea8f9e102f87df0807805868375339e43b2b23fec27116479

SHA512
d7317a1a2c622bcd390210f211be109406e33211fd4ad6ca37cc8b2fdbc1e661fdb509f52fe172c5e9f146ceac69793c381edecbbb9c4d7ce834fd1ef175eb53

Download Submit