ace196fa5770a389b7099fa39a5ae067f572d8440af0a6b1e98d164ed164f15b

Analysis

max time kernel
2919332s
max time network
158s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
24/12/2023, 00:48

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ace196fa5770a389b7099fa39a5ae067f572d8440af0a6b1e98d164ed164f15b.apk
Size

10.0MB
MD5

595ca640a82c87626d64831894b84b72
SHA1

9d2d3df9b31d8e5123b01b91d5b5976ea824d1dc
SHA256

ace196fa5770a389b7099fa39a5ae067f572d8440af0a6b1e98d164ed164f15b
SHA512

762e3c7372068f3984c95dcfce90679247b6cc010b972c1e97d873085dc7e17da51737d9caace334d96c58952b1ae0c682ea8aed4e03ce4bbc42d57df4565b31
SSDEEP

196608:ynDGCUm7qt4oqdpVHkHN/BntiZL1ppuuHxFgTQyG1C+5rJqCGYxSnvF:yJFqt4oqdpVHkHN/Bti11ppjHP0GN3x2

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 4 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.duoduo.child.story/app_plugin/PlayerUIApk.apk	4311	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.duoduo.child.story/app_plugin/PlayerUIApk.apk --output-vdex-fd=49 --oat-fd=50 --oat-location=/data/user/0/com.duoduo.child.story/app_plugin/oat/x86/PlayerUIApk.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.duoduo.child.story/app_plugin/PlayerUIApk.apk	4261	com.duoduo.child.story
/data/user/0/com.duoduo.child.story/app_plugin/PlayerUIApk.apk	4298	com.duoduo.child.story:pushservice
/data/user/0/com.duoduo.child.story/app_plugin/PlayerUIApk.apk	4552	com.duoduo.child.story:push

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.duoduo.child.story

com.duoduo.child.story
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4261
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.duoduo.child.story/app_plugin/PlayerUIApk.apk --output-vdex-fd=49 --oat-fd=50 --oat-location=/data/user/0/com.duoduo.child.story/app_plugin/oat/x86/PlayerUIApk.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4311

com.duoduo.child.story:pushservice
1⤵
- Loads dropped Dex/Jar
PID:4298

com.duoduo.child.story:push
1⤵
- Loads dropped Dex/Jar
PID:4552
- ls -l /system/xbin/su
  2⤵
  PID:4681
- cat /proc/cpuinfo | grep Serial
  2⤵
  PID:4704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.duoduo.child.story/app_plugin/PlayerUIApk.apk

Filesize
129KB

MD5
edfe0144f60c3fba009d29642ceafef0

SHA1
f95ab4da89a09c009f68c9f029b8d6c24acc502c

SHA256
3080299cc689f3de4e271f94c23ddb21a0069843d890d06cae166279c6a511db

SHA512
4f3f117ea5c2d2bbbc7f4da28fad6af82a7dc68cb82e7c6bcfb528c432c8da933ffa341fd8812e91870fda5fc842fe423097462d05f31455c8fe47212a31c083

Download Submit
/data/data/com.duoduo.child.story/app_plugin/oat/PlayerUIApk.apk.cur.prof

Filesize
156B

MD5
3c67a6b45d0cb69762aa95de43cb3f76

SHA1
f30e2f3ccbfde0f5ae98496b2d796642fad5e525

SHA256
9eda21c29b8b0a77482302362259a738f94bfa4ef5bae6f5e9e55f3a0d591dd8

SHA512
c3c64f77715804c72e5a59cc12ae79c459d3e4510f50f6967f3cc4f3e628fab8f8af7cca7665c23884ee3c27c1296abbbbda31b6e0e61d3c2b2d12fc1808339f

Download Submit
/data/data/com.duoduo.child.story/databases/UmengLocalNotificationStore.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.duoduo.child.story/databases/UmengLocalNotificationStore.db-journal

Filesize
512B

MD5
e4afb276882c1c301586674d8725fa1e

SHA1
c70fcace5199ce04e31d01135d2bf744883752dd

SHA256
269fa7cf79b83c81e628a96f2ec560b466cad1926cc80d718fa68de183773da1

SHA512
9c8f84496dab18f5a4d055897edfa76f54860c1af7de5aed454aafffabcf8af4f58bb2e13dd3d15f735ac7cbc157e16b12767c55f58d69caa2db561e0fea66e0

Download Submit
/data/data/com.duoduo.child.story/databases/UmengLocalNotificationStore.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.duoduo.child.story/databases/UmengLocalNotificationStore.db-wal

Filesize
40KB

MD5
7f8620b02e0f5bde9e9720a8b8244d70

SHA1
9057cf3c59b5c20d5c2c15cd92a45ccf3efa2f4e

SHA256
d0574fe663b33adce486734a1c3d897911ade2ac420480b6a2997465432b01cf

SHA512
ebd907d8033323f6201d5c30b95dc203ea2eb08bd026c1a2fdd0a2fdad3603283e6fcd1ec8143e50e3273af687c97a5156cebf7b0e278a1a3d72ed1ea270a0af

Download Submit
/data/data/com.duoduo.child.story/databases/duoduo_story_house.db-journal

Filesize
512B

MD5
e5ffec451552cc67cbf9ea1b313fbd81

SHA1
ebc5c78d2b37f453a1045f7fd9c03b82f0a7bb73

SHA256
a9d27ea8dad9e930a5757dddf9e9a983345098ce1cf0882c712f444e6a819e53

SHA512
b709ad0cbc6e4735ab872c7b11076850499094159a43785b682e8f7c6b4f0c950e1a8c1b626b1cf6a5a958c3193994b7c8f488f539cc7ad2f5a16dfcbd43bc1c

Download Submit
/data/data/com.duoduo.child.story/databases/duoduo_story_house.db-wal

Filesize
44KB

MD5
d245a31b460d2f1abd5c4bf832d9aabe

SHA1
31fa2f081410e8fd312891566044331aad16116f

SHA256
eb374b4b85f8e22d1217d28b6cf8c0e365b007a60091efd073c634120d7e4b59

SHA512
670e580fd0d82c5581d1f3653ff40098bc9bae60783ff243b779805cf350d21c118621b0c095fa1f7da7c7e555381016880121238b2d39940d8d173c2e633b8f

Download Submit
/data/data/com.duoduo.child.story/databases/pri_wxop_tencent_analysis.db-journal

Filesize
512B

MD5
1b117727a1bd623c6c7fe93d684795ab

SHA1
3147c5afeee130e78067246bee91501266b21388

SHA256
adc61455f8d20e2856e7341565c8394fff62d178ced50a096d3579b5a6ce2735

SHA512
e64a0bd7aa90b17a863fd3f148244f4ecde1d2383be3fd9f6d7f4dc3197f2f23324c28c16447fecfa425269f56ca3525f932171d607c02f5ccacded223456be0

Download Submit
/data/data/com.duoduo.child.story/databases/pri_wxop_tencent_analysis.db-wal

Filesize
56KB

MD5
d4d0ae702dcf6a4dd5e1b581c3b601e3

SHA1
9f5607c5ffbcd3cc52489ade100d115fa90164a3

SHA256
dd7a1a8923b33f4e66126d490c799f86b73cdabda027275235fff244b6f49f0f

SHA512
82ee52c9a2c3dad8b647b6ccb16beae675201da3ee148e8e248976bba255065a85a2454605801db3e799da83696a6e174d1dee5108bf83d8ddd21ed9692b6043

Download Submit
/data/data/com.duoduo.child.story/databases/umeng_community.db-journal

Filesize
512B

MD5
6f8b5f931892a4b7c9b8a9aa35924262

SHA1
36619b7c5a14543da99f0fdfb47db4f2554a790e

SHA256
3dff18b0daaf84204ce4eb92d8914d5a299e0127d25169bddc3e594c3b478220

SHA512
d09c2c4bb306c902adbe60277ab3d2a2a4aa9f10cff64ff30e4806daac72d37918d8dd6088abb0dda6b5b43b30ea288db2c14162ce70d5c6dae2374ebcdc94e3

Download Submit
/data/data/com.duoduo.child.story/databases/umeng_community.db-wal

Filesize
16KB

MD5
d0948aa06357f881856763e9f72f7cde

SHA1
d976441ecbd277381577731f85ae7325607357c1

SHA256
c4506fe244d191e142ba6e0c58f1aa5473aa23b1e45e7ea35db6a589e54e72d7

SHA512
e0099855dd57d95d167405fa06b00489226875b54dca8bf6282c2cb763dac8dd9b7442e37e2a02942895f1c9ded75079891c70ce8f8767e87f8279ef4131e9e3

Download Submit
/data/data/com.duoduo.child.story/databases/wxop_tencent_analysis.db-journal

Filesize
512B

MD5
2532901535569f67ad3d3e1c55834536

SHA1
ea9e1d1bfe32769fd941aba54275d40e184b3b4e

SHA256
7eb156dc8bac6074f928bb4109571b065d001a5d47882173e81dad9f3009ae37

SHA512
b5eebc0e78b9afe87e1729acc78356d52d5b0512cef13a8b0dc73eeaacf9ca982f8db8dbe1f984631c5c9b5bcdcae93ea444a034ea8393dc80884fb8a57c08fb

Download Submit
/data/data/com.duoduo.child.story/databases/wxop_tencent_analysis.db-wal

Filesize
56KB

MD5
3152433fdf103571c2b7a3df003f1531

SHA1
ae8338141bf1507d617a15e0231ae22538793a0b

SHA256
383f6420b94f77a565d466c29dc0ee48a9636e86f950dc8fb3abc7027f19d123

SHA512
5439a32915277e42b817d31741666c29b442e5c0d62dce5d130abf35e69976542c57e36e3a5a752be87372282993d9154884023a99a861b73af2f3c0d21fbe6d

Download Submit
/data/data/com.duoduo.child.story/files/.um/um_cache_1703726324272.env

Filesize
707B

MD5
280c57f649516cf44165d948510bf086

SHA1
552f4c81b326ae577cd0ff332cd60f69172ecf5e

SHA256
31a12a61d79cbb34875f0df6a7053d60cca5f72ebb19e989d7e32ee82b61262b

SHA512
c285377ea9656d64b837fb3b2ed7ab04e7ced7843122d59d6949383c5f3a838a84ec107518236c53076b7a2e499673e32edee0664b5a1e846b7917028ea81b4b

Download Submit
/data/data/com.duoduo.child.story/files/libsecuritysdkx-3.0.39.so.tmp

Filesize
327KB

MD5
3f3560b8cb3957ac2066c2ae587b6afe

SHA1
44ec56efbd17f922d211c4827cd3edc7b8fe9369

SHA256
cd4e1d5be6e1222b8fabd3d94fc2493c5dc47bc395fa2dea7f82f52a17ad3ee8

SHA512
a0a0080c1d0d98f0dfeb41dad67a813446704c5f682388b4cc8370a119ab8b9d059ab65242ffe6adc085a300e1758ad1f2d61fea319f8db1ad70409d9cb93cc1

Download Submit
/data/data/com.duoduo.child.story/files/umeng_it.cache

Filesize
393B

MD5
47cdea63ffb91c380e737c34f6ff60ac

SHA1
6c45f4ac69a61f454abbffdfdb08413e11894264

SHA256
d7a6bd066bd56d480f2eb74ba4db17e01936087a361f2f9238e962dfdde52a65

SHA512
d16ddecce1a1e667dc834c2bc6a86ef54cb4ec68aab81d919ce3cba08d598a3a34f5111dc40d3356bc6767c11a95a1f869ad015d86b8b31e8a23ba7aaaf48add

Download Submit
/data/user/0/com.duoduo.child.story/app_plugin/PlayerUIApk.apk

Filesize
262KB

MD5
7f2f667dcfc070cd6d7d7d24ffd4f6b5

SHA1
ad8a6364ea542c54fa3d5440f09748821451b19b

SHA256
abd4493485718d306316f72b937a4b7a877f13c0f31ef3f4cbe27a8fa8e59777

SHA512
4dc591f252c91626251f9bcc249034e7c862ff44f7d8d49fe451108bbb1f4a67a9e9f2c8d0830e2d9343cf8d08d7877f5670c4d95217c07d85b39ccd85cafad4

Download Submit
/data/user/0/com.duoduo.child.story/app_plugin/PlayerUIApk.apk

Filesize
262KB

MD5
e7d7716e88942e6d8ce8b7841c80d751

SHA1
234561d598cea0b574bccb7ab722befb2cba1d80

SHA256
ee522fe23c08a199be03731c046decb734c91972fa751de330149f697926ce2d

SHA512
0ef65788b909779b0baf94a713afde9c95ba9ed7624e9387fdd03dd316017d8c5f451fcecb25ee4faac29f4591a57747e31e7bc8eb6cb4de47b66805fff64fc5

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
f30b8f25e65cb6d80be919ad691191e3

SHA1
e377160e3a49c4c1b91854938fbf659543ec1156

SHA256
94b1e10d3fa76fc837f42576e441ad0d80dffa0a20a11b43d85bd55c41679df0

SHA512
ddf6c42d16c4295141f2f3911b0ae08942d1f8741b673dd38ba8bec4a1c3d49d9896988bf42d2d1029ce7ccd1e7c7af35a676e5c33a0457e7a143314d25ede90

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
129KB

MD5
b088e8ebb69accd2ff7ff3d7ce4c3765

SHA1
87b166c8c4460797a6c9f64bcf5c1fb7b1059352

SHA256
d8b4c12d11eb9085ab6157a543733623ea4547727a9e735590b680e5b1e86e80

SHA512
794d28bf531a303c458a2d31417c69872ebfddf206a5cc0db36b29170a739d0944453882bc42af388f4534938e5a34faeef204b04826a27d45825963173a37a2

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
723ce132864388e10e6dc39debfa4700

SHA1
9c2227ddcb1de7874589f24b5381fc5611b16573

SHA256
234d2882148af910f0899446a1da9219b9d15782732429f8a187cd2b0af87b7d

SHA512
0e2c5a447d7adeadf99e4ec9d944ae8ddd76e7006497e49ddc45cd4669d7646520dc6ef148fa0c7f976b2f01f7ac63bbe10e39fa5b0b3f4f279b395ee8086934

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
381B

MD5
2825178abf526f8e88990b1e6c657c4f

SHA1
7430654b02be2bf13cee600342d62c99e697dcf9

SHA256
2e33358137590c9988952c8932eaf965f90493e4a757645daa3ac8e8eeb65c7b

SHA512
97dcea8ee56d414ba7dfd291795df2819da8dcd02461ef0e771b168f2966cdbece9aabded633e2a53a47c08c7559a06b7b383ddb821156b0c28d7ba62faf6106

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
381B

MD5
c3d9628b437e9b36fbec9d0b2a579b14

SHA1
9705780d22448d2ba4f3611ce31b70d7b4039885

SHA256
84ba6685fbb54ae5c83b76e5ca5fb0732242c7dd4e8549a822ca1311f082b4ab

SHA512
a4a1d6d35196df9c7907118b9e25d9cd4e497c5b9e9071324841769fc1057dc538390cb71753803604a548d466a92bec07e05b7712c9303346152272d384b02a

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
381B

MD5
fd06eaaa60f16a9c3608fcc400b0ea7e

SHA1
ed5e3db6095065b2aeb7072c7e0b78a53b53a56d

SHA256
183d63ff043b0d4e9f5c3e9014af7a27f94677e497b84102a12caf293ba53110

SHA512
cb2ead10efafe702856beabf91621965fe687f15855687541a26712d499a9fc07e055d71c9b13d903d0acb9a16592fbbba267d872160dfaefacd75a171f6b4f0

Download Submit
/storage/emulated/0/DuoDuoHouse/cache/test.aac

Filesize
14KB

MD5
5bc9d569cb424f60ca236e2238f8dc16

SHA1
98ee40a9f4c5fabe8afee6a9c0025e81050de615

SHA256
a2b09fe3ea5ccc8f7d4c9a564395718cb1e0e9b993997a7d9a58f861acbe6347

SHA512
960ed83e7ddd4c9fb595600c8565a4dc8439874efde26465a4ffe81e6e0168e2db90f490b31930d5945acff29e9e5044c830537d67bd6241d6d0d3822258e9ba

Download Submit
/storage/emulated/0/com.duoduo.child.story/asdklog_s

Filesize
135B

MD5
22885fa58baf03760f376a6f9683c02f

SHA1
c2e62fe5102ade32954beb8e4a9255b83f19207a

SHA256
a73aeff1885d5ee39f37483dcf545978813ded2af7b49460aaac5e1157388b50

SHA512
fa0276515187b1e7d27f9e714d2299aa80aa8509f8affcaf9c6c6b412052d120853e299baf2a61e19d472a485d733d7b0cb5198d0bcd4069d809f1fd5252d392

Download Submit
/storage/emulated/0/com.duoduo.child.story/asdklog_s

Filesize
135B

MD5
fe0422601a79568096003e1fd0d94031

SHA1
4b519e757368502ceb2476b0c9ccedbfa435ebb1

SHA256
801ea65af84469898d1912a90539a4c40e30f4e693ddea6f033b1b71d12ca8f5

SHA512
3a4fe306b075df0c16993ef5be121f66299ca16f666b3e5063b3f3ab7baccfe332aef1ec7b72c6e05530e7d93c1198e4ec36c3962f9a6b0cfaac8f90f12f692c

Download Submit
/storage/emulated/0/com.duoduo.child.story/asdklog_s

Filesize
135B

MD5
cb949cc0c7637f9261e5b7d9126143ca

SHA1
a2e6c4b6c29d589dbae06b8be56b75884beed79d

SHA256
88ffd9fe3835f7a37a77910021826a768b1bbee10fa711b41bdb711df4289b8f

SHA512
30932c4fce8bb4678a0a4b7b453b039bf9d5092cba42707e61f30c3a5eb777bd8292d6ec84ce417f2f508bb69547b3dc1dd898e3d1acc1efe30cdb63c52e54f2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads