b084f33c093f9a50ed95fed00b21000beec9e3bdefa4935889d46f21738b306d

Analysis

max time kernel
2933895s
max time network
155s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
24/12/2023, 01:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b084f33c093f9a50ed95fed00b21000beec9e3bdefa4935889d46f21738b306d.apk
Size

12.7MB
MD5

432f43877bf287077b8cdad791cef605
SHA1

b0f566ce1db0b9f32a100790ef1a0cf448e328b7
SHA256

b084f33c093f9a50ed95fed00b21000beec9e3bdefa4935889d46f21738b306d
SHA512

f2f4e38ae96c45b0c9d47ac1835b935e2d908de59caeea66d410bfa7843328686d494924576929b8bd18502d6f2aa713b4d625e93a2122245d2977599d58c682
SSDEEP

393216:9GD0NqjRrOeZjGx+yQQWqHJw3zpzo4y0cT4:9s0UNaeZ6x+yhHJw3dzo3J4

Score

7^/10

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 IoCs

description	ioc	Process
Accessed system property	key: ro.bootmode	com.lushi.zhuanbao

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.lushi.zhuanbao/.cache/classes.dex	4246	com.lushi.zhuanbao
/data/user/0/com.lushi.zhuanbao/.cache/classes.dex	4246	com.lushi.zhuanbao
Anonymous-DexFile@0xea118000-0xea124338	4246	com.lushi.zhuanbao

com.lushi.zhuanbao
1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
PID:4246
- ls /sys/class/thermal
  2⤵
  PID:4360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lushi.zhuanbao/.00000000000/37CF018B.dex

Filesize
48KB

MD5
75d46252620a12dd7343e91c8ba209bb

SHA1
6615b67e21963e5689685f8494f442dcd729d4d1

SHA256
c433c8e3f847da2b98ee8b704ea3b7d0f38d6249626dfe26a22bef0c08e5fa71

SHA512
9ae5f0ae0a77bc8c9a27a43252ba01d4bbb69a326eb028d2e887d701b202b66a7065765f2f0214d2b0701493634ff33c2104becdb80bf7e8c2657175857b7af8

Download Submit
/data/data/com.lushi.zhuanbao/.00000000000/37CF018B.dex

Filesize
48KB

MD5
4e93a7a07efedcc6e3c741526d2d89a7

SHA1
e25833d7a51783c17978a7c5e7953d7cf1df80f5

SHA256
26fd97dcb56a0ae4ffee7b9514cb697de101ad39e3b2af2933b1eadf409b740e

SHA512
94a5e0b50c0efc69b79fe9b46513537b798a45d00234a7fe1c529e7d5eb153704ec9966a0e0819983f726260579707d7b82e7b31f845fa7602e06c078b98319f

Download Submit
/data/user/0/com.lushi.zhuanbao/.cache/classes.dex

Filesize
9.0MB

MD5
6ca36204dc3813634240213f2f2a72dc

SHA1
936a6279558d9fa42fbb51e813b2f5a972a942b9

SHA256
652f78092c54ddc9204d74bb48a6649f9fd9bd2f6e97e5453f5c7a09418888ad

SHA512
14ee24cc5443a9ecd1107de0f5a41708f10122a9a5343081df46a308106d5f6b1e60f54876c048034895d5e406a881997bd2f774ea0b258431ad6ac7af174508

Download Submit
/data/user/0/com.lushi.zhuanbao/.cache/classes.dex

Filesize
3.4MB

MD5
fa721cb03cc4bac1e422c2015d989328

SHA1
a818bbb2341d114a558ec804ab07820d87131f15

SHA256
46fb1c2162f34c7405064867a2b8185adfea3763e215f56b2509e458fc2b327f

SHA512
ab74ac2f3fe25e4b7bb00a3300784454e0f97f86a122175ab5fcceb4dfcb435bd8c0b73eca6b5b91df6477545fbcfd4b4e4867d8a1f7934d13ea01725e6d5a87

Download Submit
/storage/emulated/0/com.lushi.zhuanbao/config/5ac714da7be6d534dd74c84a097f98e0

Filesize
344B

MD5
e40486f187b6418e41342dd350e245b5

SHA1
0008cd6bfc016d338dda7d0c20e47bb52d7d1fb1

SHA256
ef5a56713465434fc83bdcc0dec5df3ce5f511007cb66201ab405a4aa1716f39

SHA512
206c11891a43912011a97bdf8c5f52755bfe8d9f3bc5e09b5a978497e269ebaec5b58ffee19286c774e908d53eed38c58fb2d42858970cbb3d0a7787a9bbea14

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads