a5bc0ef0deaf930a316f6c385104aa5ba1dadd635df0a56bd436397f1cbfff42

Analysis

max time kernel
2907372s
max time network
163s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
24/12/2023, 00:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a5bc0ef0deaf930a316f6c385104aa5ba1dadd635df0a56bd436397f1cbfff42.apk
Size

23.7MB
MD5

c8c1af32915154bcbefc21f5e7c3422d
SHA1

e898ac24bf72dcbc697edded0360dcf225100a64
SHA256

a5bc0ef0deaf930a316f6c385104aa5ba1dadd635df0a56bd436397f1cbfff42
SHA512

fea9839d94636306827032c88c7489dfe622cd6f17d5f85be1e02cbae16f502ea90f356825289aed1483f95c0be860f1a4fcf2ac8a60de58703b3e5c7f753ae4
SSDEEP

393216:59TI5WYaSUTzasGVAIhzP57Y2dy33l8M/gFMNKyJFlCEeH+tN+ojH3Rnf4gKCNx1:bCNUzRGVAy2uy33J/gWxJFw+mGXRnf44

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.yx:remote

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.yx
Framework API call	javax.crypto.Cipher.doFinal	com.yx:remote

com.yx
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4259

com.yx:push
1⤵
PID:4293
- chmod 700 /data/user/0/com.yx/app_bin/watchdogd
  2⤵
  PID:4325

com.yx:remote
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4642

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yx/app_bin/watchdogd

Filesize
17KB

MD5
ad9c3d8b50f03d89385f22e3d4d7a141

SHA1
bec7024d0b369416951a79494c0ca9714ee67d7a

SHA256
28b304c2e9f96c13ec2877ba71f759522c0ccacf1dfe380be7d62f155c628c94

SHA512
0e8c4b9737b27805308678879a823f776d7453a2ef02ada9489647e8d4b39f5111daa27ddf44111c2d0e558390c3fd403518aa821ffc6f39e3a90f3826f1d051

Download Submit
/data/data/com.yx/databases/.ua/ua.db

Filesize
24KB

MD5
2f0976a8ca1faaa051e7ca086be5ff6b

SHA1
4eff8815c5752ab862416cac596144618349c28b

SHA256
aac6c8b40f048c15997b5f47601c4cf9de1aed27fbbbaf87c1b1d7283b31ecd7

SHA512
26ea7af24f49a197dee3d1bca190f40e2f84e0b8ce30cffa2d2e364f5643f77fcd356d5992130ed231cece496e1302f95758de2e9bc8e149ae7dd21580fa1e6d

Download Submit
/data/data/com.yx/databases/.ua/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.yx/databases/.ua/ua.db-journal

Filesize
512B

MD5
2e130e8017191ef798ce83c454e2420d

SHA1
c93e8f3e515310c28d34e0b4410cbf24c6da9c71

SHA256
460639fa7114e2c16d87874354f1ab3bb0ca8bfeb5363275e37a355419047e3b

SHA512
b9cbdb4d3ef6cadab635ce47d8bfc9336b0564f92f92e1b211cddebefd0a66672723237ed1fbe6d8de4a38f3d201790368b18def9f994f6133b3a7a65762e0f0

Download Submit
/data/data/com.yx/databases/.ua/ua.db-wal

Filesize
52KB

MD5
5c17d227c07ba7b94417d05302e912f0

SHA1
1634f1c3f9d9763818067aef5948bbbeca579d37

SHA256
6fe24ffaef21a177fb746fd246b49103b9e64c42334941f7e816b60204f7a7b0

SHA512
27b964e641bd8f53c7bcba2a9e5a76daf78e542b518650c5b0e5fbc03342d45b95b524ba86c62efddfd3439c03cf63ab3d475305e3e3abcf491daab74a021121

Download Submit
/data/data/com.yx/databases/.ua/ua.db-wal

Filesize
12KB

MD5
3542d55c91b5d890d27c19717a051305

SHA1
b4cfaf8281dd33c50b8b6298983a1ef725ae2a08

SHA256
3867cb480aa74ed11f95202af688040a302203d16c17fa86124a8e75d810b740

SHA512
bb40a279fd99d0950857cc0bc92325e9666374c8321e4f2c4538d98953a76020c51d574a7cc4cbbcf2c0466e2987d5c279768fc8994d7e27110b0fb99b39a864

Download Submit
/data/data/com.yx/databases/.ua/ua.db-wal

Filesize
8KB

MD5
71ba4d99532e9c4df8398eeaf8ed972d

SHA1
0777c07e1a61564724373f7a7844f38ba141e424

SHA256
f3eaa37ab5dbb19219178a903e849cf46220d05678748878162be12cee348ba5

SHA512
3a2d67f6f804227954f38ce4eff451b5893c4cfaae7be4866a329a5bd0e5c4427242ace7ce01b3ff40905e3f7528c897ef375fd38fac373ff43158d9b73cd1ce

Download Submit
/data/data/com.yx/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.yx/databases/cc/cc.db-journal

Filesize
512B

MD5
605d8f15a89ff837d7f4e892c2c8a3ef

SHA1
a2301dc3cb2c276ec60cb1ba624e0826a6983af6

SHA256
0bce53551a0949a37b7bf35cc4f5fc24fe165ee9962906e8532e2b4bd10cf5d8

SHA512
93e91fd114e7bd5c1b05e8c030d71c91df6049ced2f0da3893d809f00b22174beaacdb9ff82e95384749552f6ef79e552158a6595cfa893e1c84c67e615d0729

Download Submit
/data/data/com.yx/databases/cc/cc.db-wal

Filesize
48KB

MD5
1621867c355287608e14f5a9aaab79e5

SHA1
b6f0fa60ae70cc6a6bba22a3cabda040b8ff1af9

SHA256
908e7dcdd374ea9af4439770874b6de476e0c213550c63ee52740cd5a8b81730

SHA512
74ef85fcab1ef0d1afbb8dc851966c314f43202c052594ee7f305b374ca79290a4c5d700bfe073cf72cc6135eccf47516a9feac23cf435bac88dc9948606ebc9

Download Submit
/data/data/com.yx/databases/cc/cc.db-wal

Filesize
16KB

MD5
069f3907b291e0ec6e584e80c2b35862

SHA1
1e4c8e7a6cf62356a53f3d68d185ab4b542a978c

SHA256
6a5810026d22939240acedab92eeb554e82d15e74e64f77acb59e40ba273bb66

SHA512
74030b0af56bd6e68d17792685393b786b3863dd198f8090b3df32b18dbd251b02c2ad4fac692e481bb7b2cea7de38a3f0ffb4907b9885b1a9c653d248fbd3b6

Download Submit
/data/data/com.yx/databases/youxin_db_-journal

Filesize
512B

MD5
cf3e37dd0dd6349d3922ee37561c3167

SHA1
b57e5bddd54d296f248be6638446fbe858201ee7

SHA256
072f6853e9b77de51247fb801b54ab4de8088c8371abf0fe4a0a4785b8298d00

SHA512
968efbd0df518c4aad76e9696617e5ad6242480a03c95031b62cebfa444e0d986be93f897672faacb1c631baa18270011e72a3eef7064e105a0c0c4e031210ac

Download Submit
/data/data/com.yx/databases/youxin_db_-wal

Filesize
16KB

MD5
ad75cd9671d247766350696787c57301

SHA1
c93a81a0c26c74f1ede2855de529c6b83ca0b418

SHA256
b6ab1402a4ddb71af5c8ac401b67d069d33af8272f9cfbd2d0d0d2650c494a94

SHA512
9e93f719b77f9ec90f571561b138369ec4728e6f22c9937ffd9822208cf6b4298a6e07407788b40631d680cf6b3bff669fb12d4f701a6df0d91e2a99b875b1b1

Download Submit
/data/data/com.yx/databases/yx_new_messages

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.yx/databases/yx_new_messages-journal

Filesize
512B

MD5
dafa21288e9d2064c3ce921fac8fab6c

SHA1
2d308ab0cc4cf98ce65605d9c30a7f09de9edb07

SHA256
2592738af43a1a32dd87d14087983a63c8654aa38dac34fad0d2082aad40251f

SHA512
94e0dc185a5029e1b1653b8bb9f42c72a60e23552101860aae8955e7a3bf9bdbe8465d9fb6fd7da57f1021e86756835b9b2c06d6288f50ca3b01d8467f66c7db

Download Submit
/data/data/com.yx/databases/yx_new_messages-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.yx/databases/yx_new_messages-wal

Filesize
20KB

MD5
6f3d979e77be24a35563f75d769445d1

SHA1
b22e2bcc42bcab56cf98d99dd93e163f7cc83964

SHA256
c7eebc6cdedff97e8fb5a7277255070bbde72c02a341c1d8028920918aa6e76e

SHA512
8f77d9c17d5dc206fbd28ce7aa18dc58322e6081a3f53350c583d92ad4ce88f4a8c0f48f1f2884c0070cc7e924f9aca655d71dcfb518b39d50272fed932855cb

Download Submit
/data/data/com.yx/files/.um/um_cache_1703714407821.env

Filesize
1KB

MD5
5182fa650a22fb1ced820c62628afcce

SHA1
3d6212e88c0fe2bc72a828fda4321793d3c65027

SHA256
825538717936ad5bacdd9b26d5276b229ae6dc62fba46aed2e5eb44e8c35fa49

SHA512
6f09cec23128c51184061fb158e18a3b331015117e02b22753db9b22d344ddc073ce036623ae9f2589550771dc8c5acb59a427599fcb8c6a367eed9a6d47bbb4

Download Submit
/data/data/com.yx/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
cf99a7925e4320981fae9bda7a4b8e61

SHA1
10bc43fbe21171e36c01d45c493efdf98e739a37

SHA256
b6473555d0409220bbad2d4f473307f388ee62311d60b1bc20650cf4ae5287f1

SHA512
cacdc3cec25602617b6b3c7a81d2880a52b975c3d430276c01a72b34aa5a00eb739db4c8a91a926e95e6604d13e56e297b0d72a9d0355df3db236d4038732d31

Download Submit
/data/data/com.yx/files/exid.dat

Filesize
54B

MD5
b2f7d02e56d0941e624372a585b7270c

SHA1
660b0d6a3e207efb1554592c17a952b4ab5cedab

SHA256
c08d1d777cec613fcfac3c2ed2bbf543a57c558e97e07eaaa41c2071af92feac

SHA512
61e77859da975be0408ea217dcb997407e8d35c2bed1f25b8640feaa6db6c15a018f0617d8b91198cc1adb70cca4c7e6d53630b1b5b8d7c276a5f1baee3407b3

Download Submit
/data/data/com.yx/files/umeng_it.cache

Filesize
498B

MD5
5c7f08455e18cf9b62f3a13979b9009f

SHA1
80189e4310557c49e4d338ddf125e21c2fb71491

SHA256
40ade70d306147a607b407ce8c7f969ec59c807cb0ee52408e01ffdf8e5ec728

SHA512
7b97cfdd80f6b5b45030a7078fddbd1bc70d023f0512a7090491d40195ce276f8729986e1a91411708d6d14ad5a200e6803bd147621a83742a506331763584f6

Download Submit
/data/data/com.yx/files/weibo_sdk_aid1

Filesize
46B

MD5
4028c8b91f544d6bd51a266683ff791e

SHA1
d8bacd93b5724c8500f66cc46632704115635afd

SHA256
7cda4149bb95d3c082f01b19b365228fd339ce4fcfa02969294e13bdae41270b

SHA512
a8fdcbe785c7f9eabff76f227db4e8c1d099dc8adc81a41283f8fbf118fd0fbff93be1aaacd3c966888f30f247215125317efa56495f022486f5262cd2cc3831

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
38048469718622cc72dd0b71892c9245

SHA1
22092e104ad60be3bfe35949f9bbcaed1b11faa0

SHA256
9d3d8c10ae989f9fdc92ea5c7e01e95044fdbe652605a523db808e1e15f8634f

SHA512
52fa669d5c3a7b9ae058ea064dabd852618b35a9d6bac79005fc7212ef191aa6644d5af173a6b73380bc21caee04f6622ae52af8aeee00c640b8ad7114c5246c

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
49bcf7805e946d94f693fa624dd29b61

SHA1
5f2a6c5b700afa9f8d4e4ba1ea35c2f0c30c3519

SHA256
0d3356f0b349d098f52d1b6655ee192df4ab74994527e0338fef425233b98f0f

SHA512
17dc666516610b14b14fd8394a81663e2b7c8cd6f243ac871e88233b82a0ea06c177010037101fc1582b8290477e2274a00aa8cd72c2150a5edbfd0d3e673444

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
a22565876faf2b68efcb3333e8188d67

SHA1
40f558a96edec2206329090d55d986e458d80e08

SHA256
fe756f9bbc5075d63b6f8e78ed6e167fb1e02dda31a31759d03ec06d3f7fea68

SHA512
704940f77ff44cf4613e257ebffe67fbb24eb727f2717f4f86df117a33cd2c580bf3de172a183272f43b0c6503bf22ce8b95e7911eee7eb252b519aa0cc2754f

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
088c0e4a20cc54897375e5899c5964ac

SHA1
6fdb138313e970b59faf496951f7b9a24ab50660

SHA256
411fcb020be0f75856c432a1487e08ef8086142f02d31b425a859636bdbf0894

SHA512
4a94286003a51b9e1386404c3b71a27fde26c8e210638001c0a7394fa421a40fcbe2c1b3f9527a64bd19d5c4fa6eaf118200bbded994536b4cbf995dddac0a7b

Download Submit
/storage/emulated/0/Android/data/com.yx/AboutYX/log/CallLog.log

Filesize
108B

MD5
dda4146a18aadea53ddc5e80ff6b493f

SHA1
ac110d4ed0ef25f32d1b89b56e164fadfb024397

SHA256
23cc9a85f400cdc7f02f165d1a11ade0377f9866fb0c0db8a4af00cce24c3526

SHA512
ecfdae65c6fda7ea42abd1faebecb34aa144e30419dd0042c027979be046976ea86177f3435cd4a5026cec91135afdd36294039b0ec5b9ff3d3b6913585cc480

Download Submit
/storage/emulated/0/Android/data/com.yx/AboutYX/log/TcpRequest.log

Filesize
20KB

MD5
35a568746ad84f6a8ae5c238ad4362a8

SHA1
0c671380f1224d9c1410b502580fed4b96907184

SHA256
d2fbd770e145d25f5c24021c5f38454d2a103269cc8ef8cc020a25da3f1c88bb

SHA512
e0d5123e05a9114ba12f8259f3621767cbde2d3d1ecf9443ffca2d699d87f7ed16f7d5e251b0f86d0a84ffbfdf560360b89001aa52dd1458a7477bc135430ed8

Download Submit
/storage/emulated/0/Android/data/com.yx/AboutYX/log/UGo/2023-12-27

Filesize
1KB

MD5
5c44674d9ef97152d0e8fbc22c8aad67

SHA1
692aeae00f2f66fb73062b1b53932adae6fed26c

SHA256
7e9738c8e423038eae5402d00cdb540dc5a853f7ff858bac581cd6ce80623638

SHA512
9a16c1d2520b8c725519f10c4b688325f43cb999db0b58fb978bfdf0df06bc5acba2eafe74b258ce1744dce49edcb1a67b8b242c061404be12a94ce184b66a91

Download Submit
/storage/emulated/0/Android/data/com.yx/AboutYX/log/YxContact.log

Filesize
108B

MD5
0ba24f3234bea5fcb7730805a489d038

SHA1
9c2e7b2036bc1cd11d0c6398351f2ccc1454ebc4

SHA256
3c2fe4e61cad55fe9233e3576c35a53c402da5145fa42e8025cb09b1e3b73666

SHA512
10769f4d74ea6efd5884bd892edd66551a84686585be911ed072de70fecc024c39ee511794547d96b64ac8e91241876e2566bbc426a794287a06dd8f551c0427

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads