92055e86eb75b4292ae66b8873d9a4fc939c41246a6525587ee71e895a01b91e

Analysis

max time kernel
2777392s
max time network
139s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 21:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92055e86eb75b4292ae66b8873d9a4fc939c41246a6525587ee71e895a01b91e.apk
Size

17.5MB
MD5

d760e9af53e9f0cea09449cb0886d1b8
SHA1

131d41fdde3ca155dc722a02089c96d708805185
SHA256

92055e86eb75b4292ae66b8873d9a4fc939c41246a6525587ee71e895a01b91e
SHA512

e394878d3a7e62995ca492a8c836e1a136dd613a30a1f69c77557821afde41b26a0bccb274213aa4053e5b8e6191279a975ca3d5f4ede291070227f85292bb35
SSDEEP

393216:FTPj9/twR/wW3m2OB1fQmuoTjTHX3YpKTBx6KePT8E:lZlwRJATfDTXop2x+V

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.xmei.xlock

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.xmei.xlock

com.xmei.xlock
1⤵
- Requests cell location
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4267

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.xmei.xlock/databases/xlock

Filesize
12KB

MD5
3fe30614d7e0d11db870b4624f6c50e0

SHA1
053ff0fc621ab40f2afeddb3e7b4a73ee41ec533

SHA256
67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d

SHA512
c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

Download Submit
/data/data/com.xmei.xlock/databases/xlock-journal

Filesize
512B

MD5
184efaef159fe36ee3e0aa95adcc634b

SHA1
5be539fe3bfc40eb7bdc3002a6325b8885442988

SHA256
3b971ea197547d852dbfec7fc139970bc171bf0311b7cae9ef31f874be3fdf89

SHA512
e5f97e384049da3d0f551244de25c1e053c866672f41862d340edba2f4d0531bd92e9ca33fa19ab5b57fe37a225cdf5aafff1f67ca49726c72e3b034082df580

Download Submit
/data/data/com.xmei.xlock/databases/xlock-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.xmei.xlock/databases/xlock-wal

Filesize
16KB

MD5
ecf667628b03b7adca2696b4e2c27d92

SHA1
a9ad9d578c3846ab5594d360385b19e16325b9a9

SHA256
876a420f61da052c29690f7e400c96fccd2029166d726f9b3cf06a22e1751f17

SHA512
1d03c346220ca8b4acd81e1f33b9a8beac3a673d090a5adb9c2ffa46a5a0b127d77bff95fcd27c9f6e9f3c2be521c7922072c8f75cf4214425697d079032b662

Download Submit
/data/data/com.xmei.xlock/databases/xlock-wal

Filesize
4KB

MD5
36e8755a5358e522650d339ae0b19f5c

SHA1
234e4b84a45926fa917475f8166b6b16b1204dd9

SHA256
a360973156f4904dde8a33b7ebbc39ef274e4ceec1f8e6ee1a4640953d3a00a6

SHA512
1cb1f5a06d130ed57d7f64bb740e94f3cc6edbecc9175035632305e31d88f6c5934588c8cfaf6edbf5c578ab97cb8c7032d7568bb9631cd2ecc2122bc635f339

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads