Analysis
-
max time kernel
2986825s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
-
submitted
24/12/2023, 03:31
General
-
Target
c76d697ad42791e4f2da83e6a5902e376de092e9ce91fd06e8838dd5cbe13e2b.apk
-
Size
4.8MB
-
MD5
a41711e1eac0020a160680794f2dc475
-
SHA1
8381d14c80f5a37293969e5fec7ce88f06af51ff
-
SHA256
c76d697ad42791e4f2da83e6a5902e376de092e9ce91fd06e8838dd5cbe13e2b
-
SHA512
edaa3050a8de2e8d5967985237771fc6084731f30eaa341f9dccc2740f0e1743189e276cc2ff871867d408d0698ae040a002ea306516d1c51f7a3ce334285d4b
-
SSDEEP
98304:gWaJK2y93FPzYBtIf+d/eJfWnPZfM+2w2ZUctbusnirMyoHLs4:baJK2y93FPzYUf+5eJunKUsI8I4
Malware Config
Signatures
-
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
-
Checks the presence of a debugger
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
Processes
-
com.kingyee.kymh1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.kingyee.kymh/app_push_lib/plugin-deploy.jar --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.kingyee.kymh/app_push_lib/oat/x86/plugin-deploy.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
202KB
MD5610ae20fa40cb991ef4670582bc3996a
SHA1bad8dbc9b7226fbd4f1b97dabe777c36605ccc9b
SHA256010690c6a9fe3d6e21c33940453cb2a5c41e26ac24ea42e3732111613701eede
SHA5128584fa3850e97276d6afef61dff9401531cd7830a3a7660fcc3b75c21c55196a59efad46ad763f1695f59c99874e29aa285ba9d9f43a5989d004a0e115d76b1b
-
Filesize
174B
MD586896cfc29159ebebbdc72a7fea66d3c
SHA176f71e17f279e9010cd1f16d9c979f75bb9cbdb6
SHA2564040246e2cd23768965dd2720eed8ab30b0891eb7324201ac1592e8e39eb7697
SHA51289d4d3e88c41bf4c9cd527ed6c7af45e14545019b1d86414fd7965fb6dac79a6a8f1e8c4b4de4503e6bef2b98ad32f37d319c7e29e807b2b83d56cd867ab9ca6
-
Filesize
581B
MD56bd83075f9ad4a36b5c5ebd3d633efdb
SHA181148cae62bedd6e2ef55e1e4d25456623d54391
SHA25682c9524cfbc22de8c83b1d54a120463684c4a5678c9c1f6e0484b9fe0bf8d975
SHA512d7fcb3782e49688ad35a7373581465d996b23e0a72f04e0a8414fa15743a005dcf0ca22d535a188cafe6f0dfcfe9d2e89870e3ac16aaae43579a36aea4f11575
-
Filesize
310B
MD5efc01366fc75818f1617b1d5acfd47c6
SHA168f1f39c755395e657886304b16fedb3da0fc900
SHA256091bcd081902b8297a990d62ce22ab3a6776cbba216d6ae5820bc817a8fb94fa
SHA51203f359fcd7b125f9ed357354670d8a6af728e8e79ca18c8c03fc2d32e2e51a52c1ab954fa1fa8b003ac5798a85e059344a7a6eb9f8ad13fa34976b3066f7eb70
-
Filesize
507KB
MD50f01de9b83dd8195bc640c07b7e45dd3
SHA1a427c07efaed492839e89ab490db691534da8c21
SHA256738447a77b1796c32da78df26302a5bef6369f761af0c4622466338806f8c061
SHA512510c3b4ff8ec84345b45d8cb7ded5fc93dab20f154c8f90f23afb3d9713f27d44b96858e52684dd5cb333134e231a6096f7cef18ea2cccd5c81ee7e98ba61459
-
Filesize
507KB
MD5058c9e49195a1ab48863deb84a028f63
SHA1a35b0dc7822174cff3683e1aa2b5cf85833733df
SHA256ce04c452c6c3dc56dee78205f036a779c7144eb607dede07aa054f93f77ad049
SHA512081643598f3bbda4d2f560975f6e6fec8da94c8a578d80c05cf6f035ed3766db65de21cbe3ec92a16060e5ea1c1aebe37bd339de76365daf67648fd5967e5c47