b6b9c36af72294c43f5294c6fa09392c2a3d72e9c9d100217e5d08dc43217382

Analysis

max time kernel
2947602s
max time network
156s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
24/12/2023, 01:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b6b9c36af72294c43f5294c6fa09392c2a3d72e9c9d100217e5d08dc43217382.apk
Size

11.5MB
MD5

0d4ec77ea5bd2ba9dceb0b3d68b37ddf
SHA1

aeb32c6672a7694ba73a64556463730df1962a9d
SHA256

b6b9c36af72294c43f5294c6fa09392c2a3d72e9c9d100217e5d08dc43217382
SHA512

c927dc5795c12cbf17369310054a6ef368487e04b596a3187a24b5ba3cba3e50443525f17e6c885c8ea845b787c85c7ebead46b16954539ea926b1029ccf08c1
SSDEEP

196608:yUM5D7vLKcbC0JQZB+vKDmbxLzgCCpnBTnSnM4MsA2ynU0u4h3x:45D7vb5QZB+SDmbhzgC5nWXUKh3x

Score

8^/10

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.star.lottery.o2o.phone

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.star.lottery.o2o.phone
Framework API call	javax.crypto.Cipher.doFinal	com.star.lottery.o2o.phone:bdservice_v1

com.star.lottery.o2o.phone
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4264
- getprop ro.miui.ui.version.code
  2⤵
  PID:4302
- getprop ro.miui.ui.version.name
  2⤵
  PID:4322
- getprop ro.miui.internal.storage
  2⤵
  PID:4341
- getprop ro.build.version.emui
  2⤵
  PID:4359
- getprop ro.confg.hw_systemversion
  2⤵
  PID:4378

com.star.lottery.o2o.phone:PushService
1⤵
PID:4399

com.star.lottery.o2o.phone:bdservice_v1
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4430

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.star.lottery.o2o.phone/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/cc/cc.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/cc/cc.db-journal

Filesize
512B

MD5
d64caea7e25c60641ef9cdc9686683f9

SHA1
fe137be441bbc99cd0e3ae34d1fc796c911cc4be

SHA256
19b02d409bec4e53ebb78dfc89a95ab925365c6758acc164ac5e52f1508d7464

SHA512
68ed770a1ea3307bc3d197ace147c9198d0c95731944e54b46ab3b684c10865e54c9bd7406b17415829d9c4a422ca7fb7c4fa6f6c599432d0fe47e4f71e0af79

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/cc/cc.db-wal

Filesize
16KB

MD5
79acbe7f92d8d8ac11aeba6a4ff3a177

SHA1
06d55d33e1f532e50ab6d49b1aa6dd6f4f6c6cb4

SHA256
e31c9609120e9eaed4795de24bbf8b53bf6b75c5b83665b3b2aceebae6711388

SHA512
0bc40577be4e6bf2eff50742956b3f285824087d0e10fbf356e97cc9723c48c65437a9f0bec63ce3fecb8e7e1f97cf8f18c751de32264ff79e97c14fda7363f3

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/cc/cc.db-wal

Filesize
48KB

MD5
4f1397ed030ffbbafeede33eac107445

SHA1
1aa1ba92bbc60e108bbda93d3d17d61a20ce8e14

SHA256
cf81588c926ca2dc7a39ddb2e96a61921cc490379af08a6d679409b9bb043a2a

SHA512
bd10abc0b7378119ec389632c45899e15c6c51f8af6d61791d50de5533deece58a2b466cd188b86ac3fff2a6db46f0add72107adc7b0482981658e41def38d8d

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/dynamicamapfile.db

Filesize
20KB

MD5
766fbbcef6488737f9eef1031107f5fc

SHA1
a00af4f6039c19f0b73536010da6621139f4c553

SHA256
f15d7b38c677178dba8ae48a12483635ae6c9611aeac9abf3b52474d490edc33

SHA512
19a2c4851b29bfa5af6100fe2486a6fe698ed74f3973ca4b871710df0efde6e5b0385bde3e26a9f377aa1a5eb39791404e17bfdc084dd3ce558eb22154ec0259

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/dynamicamapfile.db-journal

Filesize
512B

MD5
805e1d25d3049ca202abb8e65f5d1de2

SHA1
c7f0bb26fbe96aa373749b86476bd8b1694f79db

SHA256
782fe8b7cdc16bb913387daa37f477dd050bc14f70ca5ca9210e1782ba072f9b

SHA512
af92047ba0b1fa96fd67e48d2661a3e9808f930031f0bf5c5e68e30825d6277ce70073a8a5b76c58a58fd07411e01b74f09de7a75f33ce1ccfcbe77ee9d63aac

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/dynamicamapfile.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/dynamicamapfile.db-wal

Filesize
32KB

MD5
cd1937447fb707e699f27cd01b13079c

SHA1
e14a62ec70877b3d2801ee2c1360f223b6d9e37b

SHA256
4acf5e9bb8ed434d59f03eeff5ecbb5d56175e1f712332358d0c755533806915

SHA512
922672d810870251fce25be8eec9302a929c0ea74f4bee8f6e090820e97a23dd7d00ec42d84f9891182ef0e8fa11d33eba68b0229bce04e0a706f40f007d321b

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/hmdb

Filesize
12KB

MD5
3fe30614d7e0d11db870b4624f6c50e0

SHA1
053ff0fc621ab40f2afeddb3e7b4a73ee41ec533

SHA256
67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d

SHA512
c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/hmdb-journal

Filesize
512B

MD5
60467b7650c9bb948087a69541855017

SHA1
ecf89b2e3bb4b4ac879825a54c8d75ac8d366622

SHA256
f8da6950ef08bec23676c027d26fca3c3bb917752877618b88c2013d2101177e

SHA512
9be3b10676873f31ace8015bc026f8685b2279daa051e672d0daf3613c4affbf00777cc05748c028464c773a7d156a7addd90cb2748a96b55700454627d13f77

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/hmdb-wal

Filesize
16KB

MD5
42ebdb3434089ba4c22d42d6a4e1b273

SHA1
492120bb0f747d5c29fb01e0de0b22852c5f755c

SHA256
479fa97689db6a1c82a17aac53731b9256ecfb06286488fc0f81bcbd78c7b2a0

SHA512
60e368c78eefa3a5abcd71d0cd3ec1f9c714500e353e1b0a52d1bb37aa7c6e40289d470544dd78da5ac96fcf0b9fd3c60d6984ba69e7b3158b092b1933cefaf2

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/pushstat_5.0.0.db-journal

Filesize
512B

MD5
756f4280d9572fb252ee75782eb5ad91

SHA1
275be6dcb0b161b8b2632fd8d313b0f91e29ee95

SHA256
ddc1371975d5725edc414ac0cf1348bc458597580d981380fca0159c6e7f60b3

SHA512
260cb4e94da0f744216d2c0805587d2fef1d4ed9837298dcef3026071767fde49a7dc0c0e319f9be6c8bce7f3c7fbf6325fde16aa94643b984a8f6c2efe08c52

Download Submit
/data/data/com.star.lottery.o2o.phone/databases/pushstat_5.0.0.db-wal

Filesize
4KB

MD5
fa497c1b05376b7933b622bfb6c030bf

SHA1
ddb18490d6118b443c63af91477062f2d71927a0

SHA256
756c8bfd21393d1fa2f9349f7cec4d8be00b2b72019ab8f0cff9585dd064bfbe

SHA512
49afe1ec420e059a92a1c71c959ebe0272a75f09d4a2d7d2f2592f5c2e8aa29f0ea00806901be29f0da3227d809e9f3c77019f59d94f4032aafc4a2535e3d3d4

Download Submit
/data/data/com.star.lottery.o2o.phone/files/.um/um_cache_1703754599145.env

Filesize
1KB

MD5
0ed51592c87b579bef0c4e1a97273fd8

SHA1
a75c46300b6df94d3eeefe9170f5492df52e4689

SHA256
bc0682a18de5f7008a05abc25e7f62a6e8bae672a514d0d7d92296186fe2c1a8

SHA512
4574702618e418e96fd5b3e4b0308c9d9361a51e8e9a857b4dfa337d2144442e3b887141755f9294514e198d8a847c151f0d9cfe4673e90396713deaa719a51c

Download Submit
/data/data/com.star.lottery.o2o.phone/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
4a377827732192db5437ee2d7299b37b

SHA1
587f51fc2194dcf34c23edcafc04fd87805fe1c3

SHA256
2b9345f61c7d4181c81f2d43d195795829709bb3b9898ad799d38b6cd7dae2ca

SHA512
1084572122c001f7e446b5508fc32d6f788804c34e7a5228f61cd54b9dd20e3c16281530c4ba187139b01db9465e9da901b56312f19fe0418c43328667125e1e

Download Submit
/data/data/com.star.lottery.o2o.phone/files/libcuid.so

Filesize
129B

MD5
3e5f2cd91212dbe9f227ff22f0795b9d

SHA1
46354d19805e4ff112fe260770fd464ef74d1c95

SHA256
c4b4784cdb182f65962a79bd604b35a1ced42f931b7d9e562e9868fd97cff3f0

SHA512
bcfc9107d3417e2584b7c95028da5351b5e4fbaa2b96c61f06c581d50099da887c61f25024a16b5aa4c14fc9ac32d258a1e2960381bd089f8b6efdf63c0c0aca

Download Submit
/data/data/com.star.lottery.o2o.phone/files/umeng_it.cache

Filesize
415B

MD5
2bac4e026e7e1d06174ff55549bad4d5

SHA1
a9be8717cf0cf688c2527875a18ca2517d81f271

SHA256
6fd345c579362b4a4aa1e263cf6990d2f7f46e7d5c89b580dac796ffcc1fa730

SHA512
13676667e7f52ace8dfd4ca19f4b003e137f64fe4415422e03f22e6714fe7675509cd904cb6fbe88e8fbb13248381bb65571b1f5225b6a96549d7ea5de0cb1bd

Download Submit
/storage/emulated/0/Android/data/com.star.lottery.o2o.phone/files/carrierdata/1703754540

Filesize
924B

MD5
6abba1bfbcfee7705e76992377a21739

SHA1
4928db01611dc8f73e7e9154673959b97fbce446

SHA256
a5debbe5cf7a0643708e71dda15da744de11add532a2b5597d65ed21101150db

SHA512
5fd563c917769346134f304abc4128014b6f5dbd0505f4fa9a8cb64f1b37d646051fc8450312dae4de11b0688a711b8fff6e31418fdc122b2a7536381f1b86b3

Download Submit
/storage/emulated/0/Android/data/com.star.lottery.o2o.phone/files/carrierdata/1703754540

Filesize
2KB

MD5
1e144518b228aed5d66e457cf9f35ddc

SHA1
35f37d05b2adcb64b5a4b06edc3d275fa9aaa594

SHA256
2db36ff96e076db71a1a457b2b475a0560fcf006fd5bca826b71ce27d62b1123

SHA512
8808b06603ef241f6eff016de1ad2f2fd9e75d4a32b940dfdf1589c364688157af2c52f19c48c946ba3b8a813baed9d61cd18bec0296708905624c54441a196d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads