Analysis
-
max time kernel
2740272s -
max time network
138s -
platform
android_x64 -
resource
android-x64-arm64-20231215-en -
resource tags
-
submitted
24/12/2023, 01:58 UTC
General
-
Target
b898a60d2b27f095b374237136a34969238c73b7583b0a9a92bceb8da12f250b.apk
-
Size
6.8MB
-
MD5
8c6a9df846504d22798ed49360f6471f
-
SHA1
f3ddf9ec7da286e8bc629b0d0959b4fd38827395
-
SHA256
b898a60d2b27f095b374237136a34969238c73b7583b0a9a92bceb8da12f250b
-
SHA512
26acf003b797ce7383223dabcdd8e81ef833b5176f6d0234d00f833fa7d45526b321086378e7f9f462db8b27a055a048635601d0fa9f6c37e3f4156eb2e36b84
-
SSDEEP
196608:FyLmbRWGgKtUopdQUXA/EE+tF98LqYlkahNYbCrXLxkE:FyYR9gKFpdrXTt3LYlDhNZrx
Malware Config
Signatures
Processes
-
com.lanbaoapp.meiliangang1⤵
Network
-
DNSandroid.apis.google.comRemote address:1.1.1.1:53Requestandroid.apis.google.comIN AResponseandroid.apis.google.comIN CNAMEclients.l.google.comclients.l.google.comIN A172.217.16.238 -
DNSssl.google-analytics.comRemote address:1.1.1.1:53Requestssl.google-analytics.comIN AResponsessl.google-analytics.comIN A172.217.16.232
-
142.250.178.14:443tls, https -
142.250.178.14:443tls, https
-
172.217.16.238:443android.apis.google.comtls
-
172.217.16.232:443ssl.google-analytics.comtls
-
142.250.178.4:443tls, https
-
142.250.178.4:443www.google.comtls
-
224.0.0.251:5353 -
142.250.200.46:443https
-
1.1.1.1:53android.apis.google.comdns
DNS Request
android.apis.google.com
DNS Response
172.217.16.238
-
1.1.1.1:53ssl.google-analytics.comdns
DNS Request
ssl.google-analytics.com
DNS Response
172.217.16.232
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
358KB
MD592914ae5c428e8c1d676a4620df6dada
SHA10b20d48763e2a1246746b90794cccfbbe59ddd5d
SHA2564f63b87acc01178c5ff246fb500d5c3392da9647dc641f6315cf3625975bf068
SHA5124b2ee1f99245f44761e8d38d733dce990ef76186a2bef1848b83fc8c51fdc901f02f180e922151ccfcf74879d227f78464ed6f7b7e2528da3f487461c04ed97b
-
Filesize
348KB
MD577afcb832cd69898939ee6f710532c16
SHA19c51893d25d8687d82dc17e740ccae41dc6a406a
SHA2564fae95dcc655d2a3aa9766a460144df23cc6fc5e4fad1a539a7083128cfd79a9
SHA51256b6f3fedc1f710e7cb427d18cc92648a835f9b52dc18c1d5927452df249e7326358431d35f4d348333096427e0512552300e90d9e4b47cc16a87ba88ccc686c