Overview

overview

7

Static

static

6

d4695b9a79...55.apk

android-9-x86

7

d4695b9a79...55.apk

android-10-x64

7

Analysis

  • max time kernel
    3000214s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    24/12/2023, 04:36

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d4695b9a79887fa552280febeea02ee56c0af1a4b88d0f1e1d976452a9d02e55.apk

  • Size

    10.4MB

  • MD5

    f29a288ffcb0a3b04d40a38bd4ba5169

  • SHA1

    87c22a1a9d123bb981a92a347586160b4b009116

  • SHA256

    d4695b9a79887fa552280febeea02ee56c0af1a4b88d0f1e1d976452a9d02e55

  • SHA512

    0ddfd04b2645761a14bcbfe585cfd3037b168fefbc31e3e6d37b9a8c2d6fe5f670c831778cf3253bd824750e3843437347f81edecfd97e1dfd2b135a52a817fa

  • SSDEEP

    196608:OeAWsDa15HP7MFDsGIw3M4ryKXCPRjIOnbQBs3xOcpVjbsLkpR+GpYmrA8R:OehkcGAGIw3M4/XCPmOnbJ3xOcpqor+u

Score
7/10
evasion

Malware Config

Signatures

  • Loads dropped Dex/Jar 5 IoCs

    Runs executable file dropped to the device during analysis.

  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion

Processes

  • me.jinuo.tokenall
    1⤵
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:4481
    • chmod 755 /data/data/me.jinuo.tokenall/.jiagu/libjiagu.so
      2⤵
        PID:4507
      • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/me.jinuo.tokenall/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/me.jinuo.tokenall/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
        2⤵
        • Loads dropped Dex/Jar
        PID:4558

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/data/me.jinuo.tokenall/.jiagu/classes.dex
            Filesize

            3.6MB

            MD5

            5876300c0a2917e5c2c7d32a44eb8efb

            SHA1

            bff0a5ec19007c7393675b512751ed9d1e28c044

            SHA256

            cd84bf4dfd9fa9d0d0b1413fdbde60c7521f4a663d7c05d82ecb11ddcc10d8b4

            SHA512

            1e77b4ca5f36a5f998d0fbc2e18ef9e97a72306b09fa95d21576facce93fa0eb49815d4cc002cd064ae5729b54a2e4c698e7aa0855472745937680210e9b2ee1

            Download Submit

          • /data/data/me.jinuo.tokenall/.jiagu/classes.dex
            Filesize

            5.8MB

            MD5

            3b1d237f5a146092ae57e6686138a56a

            SHA1

            efda4a21486bc004f05ab6086bf54e13291343cb

            SHA256

            102f84686030a9e466e05ec38c91bc27ae4db6c1bae9718d6a4eaa9d155a9146

            SHA512

            b60b1923bf10310f139c345cf80c025719ddc6dc3f8028b7dffcccbd04eaac4a468d48032353a15d0c037cb6208c17a82ee49f37dab5224f7259d49bd17f64b4

            Download Submit

          • /data/data/me.jinuo.tokenall/.jiagu/classes.dex!classes2.dex
            Filesize

            2.5MB

            MD5

            ecfcde3f658c7ada70c2cc6413d0d1b2

            SHA1

            44788ee62df6c759f44de04658b5d195b1bae80f

            SHA256

            5923bbfe4e050c1afe5bbb6d60a579ceec1442bb32b55b7c065126ca28557d15

            SHA512

            78f45975a522e3fa9290d1f9eb3c65176a38490439247445fd6008956bc92e75819ec7510590b29fe0f61081e9400a1edd88c430b56daae56f79fa1a881b996c

            Download Submit

          • /data/data/me.jinuo.tokenall/.jiagu/libjiagu.so
            Filesize

            455KB

            MD5

            e5a53000766ebc433b27d6a66ec4f555

            SHA1

            2c8f53f1c03aec2005bcad67d731f07261dabde0

            SHA256

            78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

            SHA512

            370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

            Download Submit

          • /data/data/me.jinuo.tokenall/.jiagu/tmp.dex
            Filesize

            284B

            MD5

            f1771b68f5f9b168b79ff59ae2daabe4

            SHA1

            0df6a835559f5c99670214a12700e7d8c28e5a42

            SHA256

            9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

            SHA512

            dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

            Download Submit