bcccefabe35b7e6b398f0f1ecb03741dc1511ec794a9e45dc051f5c4b4225b09

Analysis

max time kernel
2953929s
max time network
150s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
24/12/2023, 02:32

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

bcccefabe35b7e6b398f0f1ecb03741dc1511ec794a9e45dc051f5c4b4225b09.apk
Size

4.1MB
MD5

252aa9bf9558df1a86bf8bd81678e725
SHA1

98c0792e4d32475ee7bc301aa05c7ef67e0aed53
SHA256

bcccefabe35b7e6b398f0f1ecb03741dc1511ec794a9e45dc051f5c4b4225b09
SHA512

df6d14cd515155803f13a2dc1c1598a3f04c0593465180fb29c20523a08d45799ab8ed6a6561534bfcd50cd80eff282209e160d4967ad1f86322782c37dede9c
SSDEEP

98304:caciXsqhd2kW9R9Coe7i9sh/lL4iNSKs5VmkmvE:Wmff89R9Be7i9sRCiCm9vE

Score

8^/10

banker

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.jishiyu.tree

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.jishiyu.tree

com.jishiyu.tree
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4249

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.jishiyu.tree/files/Archimedes_p4

Filesize
13B

MD5
0504be91db94f0eee364da17ac152b6d

SHA1
5bb3e58dea014051a5bd7143fb2344c7daac4253

SHA256
e73dcca8fc7c444d522f0527a8cdef4b781b5dbadd399db7c42388715543aebc

SHA512
a60bc12426b105dbda1e787c3c5120917b778d1443bfdddb67a23bc11984c068f14323d71749d2b21db526605363ba363c9dd08a8a35adcf1128338de5536bdd

Download Submit
/data/data/com.jishiyu.tree/files/Archimedes_p5

Filesize
13B

MD5
bcfe75bca19a597f7f47b6634996d7b1

SHA1
cf32da0f73575645d66907f9db96c0164aeb942a

SHA256
f7eba955a73ede4e2e57287d4f6c5edb637c5f78d7d6785b12475821f2bebeda

SHA512
df1a86365b5617017a4f1b0fcce74a7cc3a03c15efd165545d80395bd17fb92a7a019f79aec063e7e1dd9dee3879102166535dd1cb79ffb74eea76f8b9329dc4

Download Submit
/data/data/com.jishiyu.tree/files/__database_reborn_January_one__/td_database0SaaS/1703760925391_4249

Filesize
2KB

MD5
1a3707e52a14d2e4f9f75eebb9989bfc

SHA1
24ce3285b57cccc159e680bf9d6ae8e5423698ae

SHA256
42f299b1042d9b8f86ef34c00436b703865c7d2dcd33d00ac194d633cf26d876

SHA512
a20a91bbfbf27996f373f90a4d6bf9a0d03c4829792c8858d6ba7bbcfdc606370aeaaff944f8b89ee49dd21bd782143456fd0ad964194001f74eff5dafec29a6

Download Submit
/data/data/com.jishiyu.tree/files/__database_reborn_January_one__/td_database0SaaS/1703760926039_4249

Filesize
2KB

MD5
474d91b5c8db3122ea7a0a6ca62a70f2

SHA1
1b07b9354b3ab8b819a58870d93159de27a46d13

SHA256
241aba24062e87ab623f416cbfa4e551355c682c83a87766a03bf149e5fc8945

SHA512
53454245bf4c7e2e87c9dbecfa2d749440ac147010cd91cc0576549e71c7cbb0874eae6cf297ad85f91946e6b8fa3bb0f9d129c5016459483b0a32ba9b9f8d72

Download Submit
/data/data/com.jishiyu.tree/files/__database_reborn_January_one__/td_database2SaaS/1703760924309_4249

Filesize
3KB

MD5
1e0c7857ddb5761ea8a2ca93feed1dcc

SHA1
95d1f84afbee1cc74e9887ee6c7d0ee1544abbc3

SHA256
9fc57655a3a5c75947f7213b8b2e908c0178f5a4c0e81c04e66acf1f610c1da3

SHA512
dfca7700fb9b00f4463d4399a7eaf6c1ee7744e8d3c240f8fe8adac6aefc2588c3a7e52281fa12380f4a0ed3f1569960869bfc4af16e6201d9ea543646b47392

Download Submit
/data/data/com.jishiyu.tree/files/__database_reborn_January_one__/td_database2SaaS/1703760924502_4249

Filesize
3KB

MD5
93d2e817c7b80cf9a389b52dd49ef6ef

SHA1
59c10c4366cdc2c281be88c797dfdc4569b62a9c

SHA256
be690f99a23c0b4924cca808a734d127440097c1850fac2b448a6ea3bc0fcbba

SHA512
094bab27a30d52d7638af097ad6529a7414df069ec09710803f79e0958d67256fe8e636fb9b12e8da39a1b5a573788ecfc5099737ff699029be3815cccd4da39

Download Submit
/data/data/com.jishiyu.tree/files/__database_reborn_January_one__/td_database2SaaS/1703760924684_4249

Filesize
4KB

MD5
13c382546238a805d27a586830fde27b

SHA1
b54d0819e6281ef869a5776b24c3f97a00b37be3

SHA256
b87d5746babcca41d2d38317cb365549f0607d93591c50d032105b0fbb37c76f

SHA512
c14ca59ec42cf62a4388f178e4dc6cc5b9941ee51b7fc2d76c783856a7b407ccbfe9e9802d4b8b1f6f23b85e1603c01430a900f30ee4d00aa25af7e0a69d9fac

Download Submit
/data/data/com.jishiyu.tree/files/__database_reborn_January_one__/td_database2SaaS/1703760924874_4249

Filesize
4KB

MD5
28a01d7ffd34859106255b4f1ad12f25

SHA1
d793f137b6b9e34eac72dcdf660629a176553e28

SHA256
e02dc582a4417ed944a2c1ef18b9a44d2ee888981a7f6e759f9ae55d7f4862dc

SHA512
1a9a76e2c0bb4921afb7691800f8457d80f609c5534c7440ee5bac968308d930084fb684b5b5f3fffe1033381687d863ae2db9ea54412af08e346e7c1f3c6f43

Download Submit
/data/data/com.jishiyu.tree/files/__database_reborn_January_one__/td_database2SaaS/1703760925026_4249

Filesize
4KB

MD5
09e1562038f15606bcc3f3ba63e2d88f

SHA1
3ac11fd97dec031dbe9ec1d19538770d761ed56a

SHA256
c1e6f2b5565ee11432b436a7cda804ffa71745dc8a6a9d5a1d3d4fb368408446

SHA512
d320395f125c7aafc707f713f4c95ec910ec026d75598d01e2730d3fc80de9f65ba71fbc2e57ed3b9744a9be5fc9a88582aef95023ab10bc006b57876817b2bf

Download Submit
/data/data/com.jishiyu.tree/files/__database_reborn_January_one__/td_database2SaaS/1703760925082_4249

Filesize
2KB

MD5
011852452002ecc2dcc5da4c7c6cd1d3

SHA1
ee459333028c6139a4ad2fe20a91d20e6a4cfe01

SHA256
ffa1571ef23f26bddcb83b262dab1d855b4e68134b3f3ef3b314605c20101c28

SHA512
7a10b0d8c7098cfb24d7d7016502d2277f82e4e7a36d0553cf7894ec113a17bd36f7919a57fb14b7d833ca19269b10ca30660d3797907629efc384984dd830e6

Download Submit
/data/data/com.jishiyu.tree/files/__database_reborn_January_one__/td_database2SaaS/1703760925145_4249

Filesize
3KB

MD5
fb33ff5ac1296c9224ca67b335b78955

SHA1
59002a68cd3c27cd22e73297f3d498bd7657ee99

SHA256
7748a194f06c7e59de757ab75efdae6f257e37f988b5c597a1e5cb15ae649d62

SHA512
97c7878317347dc6683567e8ef4f732036ec9fc08f7764eb51c195e6529adc67f149054c8a2e004a2eb0c311f9bee86cabdff87613f5595f0876340028f7d634

Download Submit
/data/data/com.jishiyu.tree/files/__database_reborn_January_one__/td_database2SaaS/1703760925811_4249

Filesize
2KB

MD5
b248636986af100fc3f49888b6c0764b

SHA1
a616f0f81eaee7f1f968adc03f09b27e14c85221

SHA256
565357d994325e2d70af51c4ce9dd9441bd0ba137fbdbe6032dfe845f76ea901

SHA512
d38af418f5c248c60e2ff4c64ef93924220bc14e7e3f62611a0acf47c7963be219dfd7e626cb217e885b2181057979d18115ab30494548270145ff79dc2500ba

Download Submit
/data/data/com.jishiyu.tree/files/__database_reborn_January_one__/td_database2SaaS/1703760978963_4249

Filesize
4KB

MD5
006eea29dd72054375fe0c06aa172b7e

SHA1
173c34121a3dd7624f0398ffb5ca331f7a118a27

SHA256
af00eb98b72dbbd6562503eb88283a920dc263b6d7ad9305718127d0707a6db4

SHA512
f40f76669ba0912dcc333562efe8f5b309f6267125b3423755bb35cb9045a764d6e159087824b58666ef8c8f729da2192d61f65e31d5e4d0c5f4d243b779221b

Download Submit
/storage/emulated/0/.tcookieid

Filesize
33B

MD5
f266867499fbe21ff538542efea42705

SHA1
94dd8474b2246719a1520398e905730834546401

SHA256
a1ebc2321dee584579f19c60897ab6054f23525fac664836f6f4c769534b097b

SHA512
4594c30a2c30fe958326db4d8932e03c9097b002c30374ee3046304347614f286d23377b3e277183844ce1ec67d2fc1f96d9714ed9c0250a711480bfb829b036

Download Submit
/storage/emulated/0/Android/data/com.jishiyu.tree/files/tbslog/tbslog.txt

Filesize
1KB

MD5
24642439d23b376287473f75fbe0e0c3

SHA1
6b2d314e649b6a3d01eda334172227fa0077d5f1

SHA256
8e37ffd6960a715df033b5039359b60a2e1cdc14ca5df317ff6cd192130cbf35

SHA512
9073db1802becf7b1487519ee3a383627e5013f48fc76c4c6f7ab050217e45a93a174c6e6088117ac880444c9c767b590e197eaea1f6aceeff3b6a0b3eb533f8

Download Submit