a528872cf60db01bcd5e71afa3b6c126e2ca0c6f431d22d14ef0dbc947f756ee

Analysis

max time kernel
2905101s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
24/12/2023, 00:03

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a528872cf60db01bcd5e71afa3b6c126e2ca0c6f431d22d14ef0dbc947f756ee.apk
Size

23.4MB
MD5

aef519d39e23ba03a78ea83ba7ca710d
SHA1

95cbf25b6eef19448f82b73942a19e4120917106
SHA256

a528872cf60db01bcd5e71afa3b6c126e2ca0c6f431d22d14ef0dbc947f756ee
SHA512

1e4e78bfba0201fc0c75e663164a4bfe2f886f48c2e315409e300f58da90060888cf8714295fd25906649e2ff56b28e93922538ccdbf4fa5ee08ca93bc02e577
SSDEEP

393216:ZTXTJGs6GIDZRP5k6PE/MybSlLlTLWwDgU8AiFLmO+UErHvdckSnNUlzsD0mh+6:ptHDWfO6cLb8xTn4LmjUEjvdHlze0SF

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.zy.app.lhxxx

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.zy.app.lhxxx

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.zy.app.lhxxx

com.zy.app.lhxxx
1⤵
- Requests cell location
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4254

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.zy.app.lhxxx/databases/MessageStore.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.zy.app.lhxxx/databases/MessageStore.db-journal

Filesize
512B

MD5
fadf0d0e408b61fdd7bd54695a471bcd

SHA1
36042a3bc4b3d5b28a1677c197bc260ae68a47ae

SHA256
a03e324e56b676a0f63e209e06d79697f2b13d1b9ef884e097a2ef6c88bab850

SHA512
f0d26ce3c5c84d6a771d77bc9c0a16e39689e8a8ee1128fc1d74fa4ba1deac2731a06fd32b894d5d6c357c93457ca312b911811252c05aa23e71cb9bb6638a03

Download Submit
/data/data/com.zy.app.lhxxx/databases/MessageStore.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.zy.app.lhxxx/databases/MessageStore.db-wal

Filesize
48KB

MD5
add703b16df3fdc2b9a0f9f5818fd901

SHA1
228282174a2ab4d307f2cd44f476aa3f36e5a37c

SHA256
4d506500f1a85eba8fcce6890874357a23a446fb96f3890d9da0c992634bfe7a

SHA512
e3b7934b9ad045366abc5f7bbe47b69c55ff7b0a1b6b446e1ecdc8bbceab897b295afdf1052070d5ef7eb1c454c8ae954d53fe6c4288cb0940a640ed82f7f68f

Download Submit
/data/data/com.zy.app.lhxxx/databases/MsgLogStore.db-journal

Filesize
512B

MD5
5799e05b1bb74935380d0f72e1e7a553

SHA1
fb0017e9b83ff3cffe0421cef88eda24aa609727

SHA256
73d167365c8c53b60a501461ec3fca355e5512edf5e7feb3491566b687bfd66c

SHA512
2e146a80031ad3ef377e43df69aeefb3fcc6ad4c7aad9de0d7d278bc3a23ec32b118c11796e62316d992496417a68503b3cf1f9dc5b26262e880c9a4ee3f8b23

Download Submit
/data/data/com.zy.app.lhxxx/databases/MsgLogStore.db-wal

Filesize
68KB

MD5
6db87cda4a7598663cb98567291676d2

SHA1
fef3e93a560614d0f2502b80d2dfd88d2c9ade15

SHA256
89f013aa079dacd6a3366b53da2da31336a8b3739af5d68d31d86902ebc6d197

SHA512
82d8210a88423b8004efb5f9318d287cb7ad195988bf39cc4216a9ee5498b75b260e2ad226dee36a7f0b60f6c14b42e86d57d77c56d75a0822f262db3e6f607e

Download Submit
/data/data/com.zy.app.lhxxx/databases/accs.db-journal

Filesize
512B

MD5
2eef7fc1bdc90f2fbb61a40b9458d8c9

SHA1
fcb58d30e5421ef6510aeed1ef2f0440cc3e7150

SHA256
50204a7e9bf8dc4521319c408713c37febf60034f2ecabaf82f1bb4eec89fd25

SHA512
2a064365b1974b6d00115e6d82d559d66b67c0df3fa20dd8796c42a8cd888e88304a87a6bfa486b5f6b7260f0a9038ba3c26022aed6ff6de6261969a10a472b5

Download Submit
/data/data/com.zy.app.lhxxx/databases/accs.db-wal

Filesize
32KB

MD5
e17891da3377d73ee1ff062dd6a99610

SHA1
59313433699ff32a388448a0d4667e140887353d

SHA256
a64d11c725d0a58d6684b8447fce1d705a3b4c4b9d6991ccde69c1c8e06d0c6b

SHA512
e724df8ddf87e4d11e1c0588b2fc7d621649bee33707f576d5939461aa28bcdc1ef654441e2fc5dda047f0487598945ea981b323616d2fdc5822296f95123001

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
c42b74f9fa28418f3dd9e539e85c81f0

SHA1
2eabe7cf905cfbb9764332e1c7517e2eedb45f57

SHA256
100dac7606383111a99b5740144d221a39211df770d267761f2c41d67d180e5f

SHA512
084a5ccb2446cc6937b3f43eca497eb79f56b8f8475b5fbfe286d2f203fccc05906cf78fe9780fa36bb1d22cc2b61d70bf1e906ebc5b0b058410f5e649931d34

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
5ccfd06949627b3dd32c3d378fbfa5ee

SHA1
35241eb70589fb6085d564918510e5d425d8fdad

SHA256
b9dfcded6629146b05eceac9e10a28e59a7ebd7f1e28c927dca812359e73d92b

SHA512
567afeea496612de040f98498f467701a844a1649de960398a9865510326fe660f080cc3330c071fc4954735c3e931b7da6244e0aef1658b80601a70c76a510b

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
c7d053f026e1f378f11bf376a813e5de

SHA1
697eb66ce61a0c91554d7d1952337212453c1cd9

SHA256
0d0624e2f0254fd3be3824a8fc18de1cc1011e5e1ed0e7f3a09cc7e9021b08e4

SHA512
a011f2a92e7f85c30705d80d2b2d5deda2bde4814968215553a4c430b6fbc8cfa834ad9455d5d783ff01dd9ee431c8dd56ef08c11c70e8bb7b1b1160c8e0da47

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
2ea406f922967e5900b5f89091d39fb5

SHA1
06ca578a8e9b4d3dfbe44bffdd96a25578387b74

SHA256
914cd45159aae78bcd5cf643aa3f8e15011b947294cae36dca6ceaf23369d1c5

SHA512
c3952430f62b52188b97382b4d5d390ed836f7933faa5a45ecb46bbbb0f2e5cfc148b1110e5d1420a9831f9367a3710fb25398bac88bab27052e8b6785e08163

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit