Overview

overview

6

Static

static

6

b0e4c6b679...6b.apk

android-9-x86

5

b0e4c6b679...6b.apk

android-10-x64

6

b0e4c6b679...6b.apk

android-11-x64

6

Analysis

  • max time kernel
    2934948s
  • max time network
    157s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    24/12/2023, 01:14

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b0e4c6b679f26579b8309942ee2e1f4dbcb9164e59fc9400cd6a57d4214ab86b.apk

  • Size

    5.0MB

  • MD5

    e5972484ab33f864bcafda495fc553e4

  • SHA1

    155b9abc6cbd32ddc862f6f55ff456cb50a431ed

  • SHA256

    b0e4c6b679f26579b8309942ee2e1f4dbcb9164e59fc9400cd6a57d4214ab86b

  • SHA512

    71b9f9c4f8024d02ac9b3782c7f8825f29e966260023d818cedfa6414837a444c86067961c5a1655fa55c8b3f26589c2daa36780ff126f116d91b75ef36068a1

  • SSDEEP

    98304:a5CjT20ZIQPkmWhvZylINgAkrX4R/xr6YgN2hPZxrFPJuCr8YbIPoVEy/S3x:a5QZIQkmSZCISx2rcNAz9rRIAk

Score
5/10
evasion

Malware Config

Signatures

  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • com.txtqbxsyuedu.reader
    1⤵
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4265
    • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
      2⤵
        PID:4427
      • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
        2⤵
          PID:4447
      • com.txtqbxsyuedu.reader:pushservice
        1⤵
        • Uses Crypto APIs (Might try to encrypt user data)
        PID:4313

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.txtqbxsyuedu.reader/databases/geofencing.db
              Filesize

              28KB

              MD5

              1deb6b895a2280f63ea2f3783f0a5ebd

              SHA1

              c01eee51a200d2007d3972b551e2515fc8f96d95

              SHA256

              c14b81f1de9ea7414f9ab576df19d63c1d4f22750ab37f0800a7a0ee6a15a70d

              SHA512

              269affd56d83a323141c44f786128a60d501d4e0ede0c4b7d9b5757a2e40851872c801dc1355c62c0607b95b1e42e2bf0b824d0230e1455655d1bb020c6a45e4

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/databases/geofencing.db-journal
              Filesize

              512B

              MD5

              891d479e7850694ace8deec1db7c922d

              SHA1

              62e0c3369f96254e6071703afe0b6280c9c5c975

              SHA256

              18b0296c25270545fe4ba84ac5b89eed72adf966c55e4091986b3e413928eec1

              SHA512

              a49aff1576d31ce4d7997e41ad2e976aa30f3f7647b18ccac0c3fa138f2e903ceba3ac7680ab448861c494a9a7fc0edac8ec35aecbc4d865ed7cdbaecd83e55c

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/databases/geofencing.db-wal
              Filesize

              40KB

              MD5

              703e4bbecf46a1c0204656cb2612d4cd

              SHA1

              4fecb9a57ce73a1c872492d54f6eb693d5b02b97

              SHA256

              e530e83cf5701d6bb6b3381245d11a29df6bdbd57902c7bf4b783097c0bcb8eb

              SHA512

              0db3ee79f8802f446680a77e971c11fd087f0707537225d4486cc86742b31e11ce2ed903a4af75f0096e658f2c2af2c1eb2ee43deada2aafb24fca248c19edb5

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/databases/ua.db
              Filesize

              36KB

              MD5

              0adda9c85a5e4808f5b1b74c0a8591a5

              SHA1

              5048107883ab1e345af9cf2e6849ce46e0e612bf

              SHA256

              1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1

              SHA512

              646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/databases/ua.db
              Filesize

              24KB

              MD5

              79f04ac0d1242ca0716d089d742b1504

              SHA1

              8fecdcf69e6ed34f838e3fcdf0b83fb4784ae8d2

              SHA256

              14221cd9ff265ce5d48602f746d6d649a6eeb5f5823909e60c78ff7342be56e8

              SHA512

              432100582126adb988bb5af80a65edc6c343eafab35f8af17e4e98b4c042e5987a746e2f10178b36c78952963f2e2ed6c2056886bef8235fe2f8de5f393d06cd

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-journal
              Filesize

              512B

              MD5

              b088dfd4ef5d4b0f82c217b7baf02b4b

              SHA1

              63a21e7f819ee740b298e309eb9288bc608f6333

              SHA256

              159dce27d28babd1df26df91bb79e2fa267cfc5aecb47fc2bb858efd82185527

              SHA512

              f6cd57757477e9a30cd6921d295b852c9d680c60b3e0e6aedb8011d5a400efa37ea5b422af1b269a59e5ecee787a2b2422de2cf9521589ab9b22d3a635e8e028

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-shm
              Filesize

              28KB

              MD5

              cf845a781c107ec1346e849c9dd1b7e8

              SHA1

              b44ccc7f7d519352422e59ee8b0bdbac881768a7

              SHA256

              18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

              SHA512

              4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-wal
              Filesize

              48KB

              MD5

              c8e8152e692ac665409d10541accfe17

              SHA1

              0aebac33f9a9f8031499f6b567d4c52bbf2acf70

              SHA256

              cdbed9b0e88663389dde61fa29162ff954f0d38e976d23b43c62d680b11f2112

              SHA512

              aa276237b11d5e5adb534df1ee9126c94facc5ef622b2908309aca8d63dbcc7e4ab600c2d487bd6443bb03b0acfa22e9759405d2f4df2d758b3b1e8585083c15

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-wal
              Filesize

              12KB

              MD5

              296c4a729ddd36a81ef5739d0a4a6dfd

              SHA1

              db78b9ae9ae4deb009a03098eec12fbc34739a71

              SHA256

              5782d44ee478e6fb07b7dcfd1f91ae80749c32f50fda91c7cde3bbdb8802eeb1

              SHA512

              1384694f38e36d240018caea3796b986bc080f6ca2208c88b42d4c1de8a96449216c09fdcf600d30c6a92a3af090cc2f4d646482abe6269e606b326b83571a00

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/files/.envelope/i==1.2.0&&1.0_1703741880890_envelope.log
              Filesize

              2KB

              MD5

              87e4f1a0a0e11cbce974a345a0bb4588

              SHA1

              8b9c7abb72dc750f74f55d031fd7fd36bb3f1798

              SHA256

              357f54396142c52f1408235dd4de27966bf5c128010d611ef27b314aedbc8061

              SHA512

              a3f6e25e59dfdf1f0b2ddf7dea4761c92a0c2c21ff90af53258b178e2c9b0a768d643c1cdcfa973ba03b70cd592e4205ebe0f6b692a8523b94e17c224ffed290

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/files/.umeng/exchangeIdentity.json
              Filesize

              162B

              MD5

              70e97ec0cf81e3a903e608ab95829874

              SHA1

              13609908f42a9152dd4bde5f918219ef04244c11

              SHA256

              a7e222fd54672cc6ef775840204229f80521369247d400099475a9f24fd8e8e1

              SHA512

              4199cf3de81cf07afac7f0880ed9e99f1c18919c6c21e1cfee22420e7ea7ec5d32ce89e466068fdd167c721fe098788f38ad7cb299b16a10e7148546305980c9

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/files/exid.dat
              Filesize

              51B

              MD5

              e0b5b7d1928cd222630df3c72dcef609

              SHA1

              f9f59567d7effedcca1424262fa8ba4a5d6bf6ce

              SHA256

              e05fb79fd4453228f12d095d4bb0f92755313fab08c137239906d732fd90c43f

              SHA512

              922e4d5cee388bf4d6edc15a344fbbd6512b383f764c08e94942aec69703543e47865774ebe932a0d18685bb62a60604ade5cd74a40c5da89e413b3771a31303

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNzQxODc4OTU3

              Filesize

              1KB

              MD5

              ab251929ed8c2de0ccd1c42aec0457c7

              SHA1

              34f077297f611755b54184d457434b6f7625c0c0

              SHA256

              285b7d5dfce846d531a700b95ee5990740971d8d9c99fabbb4ce391883dd808b

              SHA512

              73a4bf73d0768f145d58dfde907d514fd0c4b90f26550d20dbb15aae921afb192c69e55f49c41b7857282744ebc221cd81657119850d14d96bd13457370512e7

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNzQxOTM5MTk4

              Filesize

              1KB

              MD5

              4518d271613a62a7f9141ec72688596e

              SHA1

              c2102145f8e659ea6f0e1bb94f8355d8f4e6d7a3

              SHA256

              fcd2c3686a7fac914b202ab35db702f6bb3f97b7b416b4db932e873c861cc727

              SHA512

              3d8b2567c87a8fbebce2f2a0a1f324fa9a4377b9039e9a869edb18ba3b838c36b6e829b4afc2bcb4ba0eb428d084278203cc6349f87f99a8d91bcf94e503c4c9

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/files/tiny_data.data
              Filesize

              196B

              MD5

              621145da98ec00f5b6aee2925e6b681c

              SHA1

              bcf4dbc4f53e0b7b2129eb74857d3f1fc8a16854

              SHA256

              138b3b928d29f61e987475a3d74652b64add40f16ed44d2546590aafd0e27512

              SHA512

              a1c1b1e0803c3db09436e1de252a5280a43ebc9cea9a8e134580c43b8e5420e35809103cb6d2a00be0476005c46ba371d55ee6bea26ab5f16da7379b84f1c621

              Download Submit

            • /data/data/com.txtqbxsyuedu.reader/files/umeng_it.cache
              Filesize

              415B

              MD5

              d429637466b560b086869796fc60db18

              SHA1

              88954d19c3571d97d75362595db1d9e7fc82795d

              SHA256

              c9cf4cbeedc657eee3337cd6773a34f2beb0943451a51e4bfc010466f94c241f

              SHA512

              4c26249e1ce5d1c0610da49922b027ae4980e95d66a08da966447084d206679e49886e9adf08eb7c8563cfe1d2fbe021e6f656fe601363c5107b725e15ba0dd4

              Download Submit

            • /storage/emulated/0/mipush/lcfp
              Filesize

              41B

              MD5

              6f093e59f3f4f4b77ca7f88aadcaa473

              SHA1

              a292877667cf174daad2efd7bd89013f8a0c158e

              SHA256

              badb23c915dcc3e55b1e4308d8bcb1f9ea7b4a2cc6eae3c0352ef0e0116a2e84

              SHA512

              8e8bf23eb88d22452d6964c2b41082f00416c0f578f08af49a04a45665e86549824902debb41a68aadceba10c954466ec2a7d1c95694f85eb7c7f88751db79f9

              Download Submit