Overview

overview

7

Static

static

6

ad77b2ec2c...f9.apk

android-9-x86

7

register.apk

android-9-x86

1

register.apk

android-10-x64

1

register.apk

android-11-x64

1

vending.apk

android-9-x86

1

vending.apk

android-10-x64

1

vending.apk

android-11-x64

1

Analysis

  • max time kernel
    2921234s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    24-12-2023 00:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ad77b2ec2c8772809b8352290024382d0a7435db07b0204e2ee96d6c9b8bc6f9.apk

  • Size

    11.4MB

  • MD5

    4170f1051fc009c6b50e1ba0d0fc8074

  • SHA1

    9fe776d32507d702fb0a40c8efd32971e1c95c71

  • SHA256

    ad77b2ec2c8772809b8352290024382d0a7435db07b0204e2ee96d6c9b8bc6f9

  • SHA512

    c120f6f0ba81aafcbc2f416286836cc11d0d5f7c5de60a733c8389e005d6a294bd3fac65180d92ead079ae320ec28a89623de10067b7c0dedcdc4e50507c87f5

  • SSDEEP

    196608:zA1WpjK39x0jsdKJYeO2Auuji+nWVzh2+T1fnjJpjJ6No7ARZRqUbS6Ctk12V:M1cKt2jsEO96h2K/VBJaeArRqMS6mkEV

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.excean.gspace
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4258
    • chmod 755 /data/user/0/com.excean.gspace/.platformcache/kxqpplatform2.jar
      2⤵
        PID:4290
      • chmod 755 /data/user/0/com.excean.gspace/.platformcache/main.jar
        2⤵
          PID:4304
        • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.excean.gspace/.platformcache/kxqpplatform2.jar --output-vdex-fd=51 --oat-fd=54 --oat-location=/data/user/0/com.excean.gspace/.platformcache/oat/x86/kxqpplatform2.odex --compiler-filter=quicken --class-loader-context=&
          2⤵
          • Loads dropped Dex/Jar
          PID:4331
      • com.excean.gspace:lbcore
        1⤵
        • Loads dropped Dex/Jar
        PID:4397

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.excean.gspace/.platformcache/kxqpplatform2.jar
        Filesize

        1.7MB

        MD5

        2cf30bd7149d21a3efc10249d4baa253

        SHA1

        0cfe4a7590a16e8481f1878b5db5a432a18aa042

        SHA256

        960e876a4688c37acd335d7f33168d684920ff6d9bef712b97e508db45d964fb

        SHA512

        1df64182f6776bc8a5ae1693fb730edee0869ffed5fee8bba6245fd6699b644f45488b9f4648a911a43b987ebe084886bcc2d94dc5733c77d37a5fb4e1a74bc0

        Download Submit

      • /data/data/com.excean.gspace/.platformcache/lib/tmp1113139687403927447tmp
        Filesize

        1.2MB

        MD5

        08b53444547c8def3be44fed9ccbb829

        SHA1

        57fb5f153740543deb9426cc1a5adecd3bc844d0

        SHA256

        5facfe31a71091856ceced002ff6fc7ca5cc1c75ffa4e651db385f9efc90edda

        SHA512

        1b3b64bf564a435b36dcdfa22253e4842049f98601d4a4acc71a220a5465162774aaf6c4c0a6f3b98413aac81391253685a55276ef3c56aa1ff8da2a38d46fd6

        Download Submit

      • /data/data/com.excean.gspace/.platformcache/lib/tmp1566215384321290245tmp
        Filesize

        1.2MB

        MD5

        d42dc9c6ddbe0827143ccd0b28b3f8c4

        SHA1

        c26a5d47245977473b298acd252322f1abc20cdd

        SHA256

        4e8cda871080b9ad1de23912f3b64cbc7b50ca32628e087048f3812a204312a9

        SHA512

        df4f7ef9d33b8e2b25d20cab5a3b3331e696640d1a2dfe490e8f1832d92911c47f24530b73a01d3f299db0893c93e807a5ad90b7f37955cb1a1fe9a4414142e7

        Download Submit

      • /data/data/com.excean.gspace/.platformcache/main.jar
        Filesize

        2KB

        MD5

        03e198ddc87dd03d06c0d383ad81c905

        SHA1

        b7917dc00f032925ebe0e553a15bdef77420a856

        SHA256

        cf4fb2391c66df249a87e6e269c892cea9f3d2dae6222511ca1797c49a1d6bae

        SHA512

        6bf90832d4f12c6d772d874c7be7f3e5812b8a6bb73f4a13671f672cb271eba1086597038286895d48b74b4078ce9efe3a9f4562a7a433f1a2e6b33163068523

        Download Submit

      • /data/data/com.excean.gspace/databases/airpushitemnew.db
        Filesize

        4KB

        MD5

        f2b4b0190b9f384ca885f0c8c9b14700

        SHA1

        934ff2646757b5b6e7f20f6a0aa76c7f995d9361

        SHA256

        0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

        SHA512

        ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        Download Submit

      • /data/data/com.excean.gspace/databases/airpushitemnew.db-journal
        Filesize

        512B

        MD5

        0a1ac938e6219d9129e7923add4dc46d

        SHA1

        fd8c2b1286bb32b9f47d85e66a962668b06f1037

        SHA256

        f935801c9d1c2c6b0d17c46df3b57dce4cdd822636bfc832848223fa46673e41

        SHA512

        da3b233d22927de97ee2dfe173d63d9151ec878f137d94155cbce67d3a45f6a696b596657c233d4c7a804c42dfa14c216fc8d26248afa283273ea153a59bdbab

        Download Submit

      • /data/data/com.excean.gspace/gameplugins/lb_amcfg
        Filesize

        2KB

        MD5

        81a6b68f93a2a6ebd99773e7acb69bb9

        SHA1

        aad12c03915062b5820034d7026cbbb4d5e2ffef

        SHA256

        de6b351b54176858e1b1a3263509a936b677758ba375d4de40b0b42139bcdb6e

        SHA512

        ad55ac3afdcad24b8d85d1a6473190733ffd97c8da65499841ac0e6e0abae2a9883310875719e82e8eb659a35928b30e6bf7419f2dd0bad97ff51ae8cc657f01

        Download Submit

      • /data/data/com.excean.gspace/gameplugins/lb_packages
        Filesize

        324B

        MD5

        68a2ab2847a59a4e41442b638cfba399

        SHA1

        869c3bdff97278af0594d07ce189756cf5c01b0b

        SHA256

        a4645a67c42238a690f9d622beccafac34fb027a0950c270058c635b5aa00340

        SHA512

        e1d2891e103675005adf04131bbed09095e218e57eef2f9d64017aa973a62924067af75a797167e63ecb16e9fd149fdbc7616e49dc043af0d7b3697e04570d98

        Download Submit

      • /data/user/0/com.excean.gspace/.platformcache/kxqpplatform2.jar
        Filesize

        1.4MB

        MD5

        8f2e33bbbe0caa4c1ceefd1750c2bb22

        SHA1

        209b49a1c75abb9e52c0ae27749dc16f23ef4418

        SHA256

        a21d0dfb09a02c2462d0306ba8f1d7f54909fdb5863df5daf8abf0c737c7dc18

        SHA512

        92683f5fe4755b664b797b7ab35aa328e846a22fe799d2c52ceafce532f4f2a3b4cad61a4f3b75fac68e60d5458093833130139584170b30eecbdc7050cffdfb

        Download Submit

      • /data/user/0/com.excean.gspace/.platformcache/kxqpplatform2.jar
        Filesize

        1.4MB

        MD5

        602b15739c154927d49eafc1fedb59c9

        SHA1

        f30c6e3f372d221776da8b817c2f44e68a35bc66

        SHA256

        db6f3bc7a7ee7f7ae35ba1bd6a34e5b5edb831adc2861c0be96c3b42aa4d2929

        SHA512

        f7409491049bc7d5af09c24eb95283548bff05b688ef7aa66c71687e674f8a7579273079d71c436a5f67d4c8967aa6fe72f14fc07a47f0f242f382e7d5ca11b9

        Download Submit

      • /storage/emulated/0/.com.excean.gspace/game_res/compVersion
        Filesize

        5B

        MD5

        e17211a4930c6ef42c8508d911378677

        SHA1

        baa4f2819bb954f6da92bb1315861e5dc7f17ef6

        SHA256

        0090a765758c163b47934bf439cd800dfe378e8deb3caddee06ed8b1a08c4d41

        SHA512

        cd8adc8e35960880af1aeebc9edfa70b9dd1766cacb1b8249f7ed3dd22ab63031a7bfd98a5e9112d8dca2df825c9a0064f5a68b17b8fee74180c1b2ed78b0f16

        Download Submit

      • /storage/emulated/0/.com.excean.gspace/game_res/verinfo.cfg
        Filesize

        85B

        MD5

        421dcce5e27409efc512b9a0a9158ba0

        SHA1

        1136ed44434c5b68107308c610b9a2891488e0eb

        SHA256

        a5fada7820bbeff25aae724d4f3922f9ca8763917c5d47e390cda1c031c2bf29

        SHA512

        4fd6c88a7afca5154f7d6f6cf851ec9d7472c2ccf5a06ff1de0cb461ab83dc7e302fd250ff48072b67ff13f5551d55b73bfbed8fc31aaaaac6b84fdc78df0f63

        Download Submit

      • /storage/emulated/0/.com.excean.gspace/game_res/verinfo.cfg
        Filesize

        82B

        MD5

        7d872523411f9e2b70f2cde457839d7b

        SHA1

        73357dc42683f8ca31e50910d244f63a941d7457

        SHA256

        451edacea78722dfbea09276c922ec793170e469383bc7c30a017cd70a6e1405

        SHA512

        ce9f6586a5a15879155ae6c4ac71901d24376c7bdeb90497260cdff8708c1ce5a70aa82f0033ed17369e3a2109bbade1af3e8353cf7043dc2fd3ccc944134e7b

        Download Submit