abb3748d0df9b9bc474f86a139b3ba00e3c972b2f0d044599cb789d735a8d67f

Analysis

max time kernel
2725469s
max time network
160s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
24/12/2023, 00:42

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

abb3748d0df9b9bc474f86a139b3ba00e3c972b2f0d044599cb789d735a8d67f.apk
Size

11.2MB
MD5

ebbeba5353c9a5561f28e6b57c58350b
SHA1

0ac4b7708758d782aa567aad39e7142ae951bb8c
SHA256

abb3748d0df9b9bc474f86a139b3ba00e3c972b2f0d044599cb789d735a8d67f
SHA512

1d18a3d94e715072af35314783acaac29f6e79cf9c97a519187dba634ed811a0872cd8ffb18e4c8294e4d35ad2a80e8ad9d30de7fc06086ef5e0977626b4714d
SSDEEP

196608:7WMGED9Rx6tjyd/8HupTmcY34EMiSafTdC9FwNdueb4p2kid7EJ3h/4irvMKLVx:PGIUt+OHupZKrMiHUuK2rI/4iI+Vx

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.tieniu.lezhuan

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.tieniu.lezhuan

com.tieniu.lezhuan
1⤵
- Requests cell location
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:5010

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.tieniu.lezhuan/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.tieniu.lezhuan/databases/bugly_db_

Filesize
12KB

MD5
163b0e3f017becbc89b9d7f330b78f09

SHA1
1ef9cd8ac8655190468d0ccece0a4738634ab0f9

SHA256
cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36

SHA512
6a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd

Download Submit
/data/data/com.tieniu.lezhuan/databases/bugly_db_-journal

Filesize
8KB

MD5
aab8541fbad05d2a1281d7eb25e97e02

SHA1
35a73f1224d60c562063279a3531294cb81ed60c

SHA256
aba7a41730c0f83c8fe662de4c6b4cf880fc447d87c4467675602215b614f250

SHA512
163d5001f2823a5d888ec50f69b0676ed5cf77038315f246545cbbfe463eab959b83d9bc26daf86511bd8df532b79bd184cde7711a27ce071b48e282b2c3c569

Download Submit
/data/data/com.tieniu.lezhuan/databases/bugly_db_-journal

Filesize
8KB

MD5
7a59cfef43f274b25f8b7ec41a0b38e8

SHA1
4f98d1e8b202cb3de8c3a54cc22339785ac69bf5

SHA256
6eb50940a164754f748ff772e39489504797878dca892b4d9909bc6f983c08f5

SHA512
3503a5c715f831452666a28517c5fc6b80bcfb28b891e654c1670155478eabb95385155bc0c771da79786691e0d70959406c7dafa1fca039fc317408135dbb99

Download Submit
/data/data/com.tieniu.lezhuan/databases/bugly_db_-journal

Filesize
8KB

MD5
c54a83a91f6def587e482019b8581874

SHA1
659bffb936d621bc393c542107bcbfdf806b9ab5

SHA256
44e391a16627aeb098cff55a52b162d613a0bc0319e20d0865edf422239aa972

SHA512
49324c68c83490983f9a1a28d5c0a780cdafd29751318c2f312b69ec46956a2de439fe6598b91691ff2153db0b356d387e12fc84b825b2eb52ae152cb4974a01

Download Submit
/data/data/com.tieniu.lezhuan/databases/bugly_db_-journal

Filesize
512B

MD5
c3f0ec71f96b64f51cd9e8aca17cba3e

SHA1
dfd86ae4e602daa1b3d623e51c77ad3f142693ab

SHA256
8fd7d2444252e5ace71006cb4358e85e4ed8b6e5acb72d1eb30b928ccb606bb3

SHA512
14ca9fe86c2fef570958c9bb125ed88276c5d4ad2daf7ed1cf6c9e517ab6833f1cf9932f742d874e570e1edd12554bb41d27b07a3fcd3ebcde3b143112b4f7b0

Download Submit
/data/data/com.tieniu.lezhuan/databases/ttopensdk.db

Filesize
12KB

MD5
ea628e04765adaf4238a5dcdff4bbd51

SHA1
a801947619ea8c368efe9c006a324dc6339ac60b

SHA256
885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

SHA512
c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

Download Submit
/data/data/com.tieniu.lezhuan/databases/ttopensdk.db-journal

Filesize
512B

MD5
05fcb917f357635a7febcde05bf532e8

SHA1
4cef35e45fb9bd2ce69805690d186a15426c9953

SHA256
b86865c3725fac84edbfc7ee67cdc97e1c3a6f32e4c050cea19f8da9f8fc58a4

SHA512
b348f86a1ab8eef7963db450cf4bbd04556c1795f124f7ebdf6d291dfa304c1b34adfa75659ee558f8855a0886e3948688a203397dc4cfc643b95998292af4be

Download Submit
/data/data/com.tieniu.lezhuan/databases/ttopensdk.db-journal

Filesize
8KB

MD5
c7b8c10192a3f5cff10f446969a29b99

SHA1
3924a33c2db2c6c0eaca9cd8e738501a01331c9b

SHA256
2b32f28a63cd278373b391c55cc488f34bb142496517f8afa4d6d8e58c684f03

SHA512
484525758c8c996911cc0854dfa901e665c2ed7561c6ad3b4b9c31a461673f1a8a4152700c184ccf1f468ddfae3786633c51758f22b5631229f52cbaaeeed500

Download Submit
/data/data/com.tieniu.lezhuan/databases/ttopensdk.db-journal

Filesize
8KB

MD5
5d6e1f86f90676b553cb969f4828f2ff

SHA1
650aeb640b42aaab899a7c795e49d4633a8c474a

SHA256
84aa0a34a0c982409bb92b47ccd4c72a91d7efb92f95b6dfe5eca21473ec6942

SHA512
3d84f2c727f9bee30b1dac32f29f82f84b674ca75f81234259de7aa45adcc026fba0e52c5ea1fdb6185c50320fa4571e0ac1a06c83df3d4b09ac5bf12a5759a2

Download Submit
/storage/emulated/0/com.tieniu.lezhuan/config/5ac714da7be6d534dd74c84a097f98e0

Filesize
344B

MD5
7b02f5221ca80ed5c00d65c2f79c14ff

SHA1
915bcf226531d77309194d3ac3c606fab37b86f1

SHA256
775100091611ccf2b5e2d2bca7d4b3759875eab6106a153da75d6b5ea5aec610

SHA512
c5c406635c9f61da6f0fb1c90000c3a1e7e781812edde5ad115292a5fd3ec117f77737f4af7f6a6fb7c918a975766c79ba31b666d2078dc313f45eb5f2f67e40

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads