d14e452877fdbae569fcb5343bea51d40e8a1104e391312e3eae6b5ee06cafaf

Analysis

max time kernel
3008105s
max time network
157s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
24/12/2023, 04:23

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

d14e452877fdbae569fcb5343bea51d40e8a1104e391312e3eae6b5ee06cafaf.apk
Size

25.7MB
MD5

7c8a12e2116e0bb5688bf7cb86f41703
SHA1

503cee2bd0e96b9528f42ec67e75aea66c5f64e4
SHA256

d14e452877fdbae569fcb5343bea51d40e8a1104e391312e3eae6b5ee06cafaf
SHA512

b9e3977719efc0c7dc709896417b7b2e5cef0c5d0e92ee43689e37e550570c1125a75d01d36dd233b928d63589235f64f8a7fc0bd70f2b35fb014c5c879c8631
SSDEEP

786432:YZlbqTbb1lbykl+lwumwznruNYp4bLUBoLDTJbXxNMMpsF:ylmbbOklZZNYp4HPLDTtJsF

Score

4^/10

Malware Config

Signatures

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.tongyong.xxbox
Framework API call	javax.crypto.Cipher.doFinal	com.tongyong.xxbox:pushservice

com.tongyong.xxbox
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4219
- /system/bin/ping -q -c1 update.dangbei.net
  2⤵
  PID:4366

com.tongyong.xxbox:pushservice
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4273

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.tongyong.xxbox/databases/zxbox-db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.tongyong.xxbox/databases/zxbox-db-journal

Filesize
512B

MD5
b49bddc09870d4de52d9dd37c1eb2227

SHA1
f37d93f4e4d970b134193fe64ee3cb8b9e1089c5

SHA256
8ce8e3f435cd66859b6be61985d66e4b295ecd85b02437dae0a5651626417d10

SHA512
b136c42d3ca67a17275dc2017bbc37359e959511ffed8480aac54210fd52d8339541683509f7623adcd92c4a15b84ba21162462b025361f99e9181e4417b90c9

Download Submit
/data/data/com.tongyong.xxbox/databases/zxbox-db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.tongyong.xxbox/databases/zxbox-db-wal

Filesize
16KB

MD5
c320d667af5c5229d724e7b24ca89ebc

SHA1
73ebdbaacf7b395e2e4253080d7f9748b06c046e

SHA256
288465528f80c200a3765b2f3ba42d5eab1b241043243ee4ca0543fd8ae46ee9

SHA512
9e5e57eac6a8b5a93f91f0b0e7c9d6224b18510dc266231e6e66a3ab53356c25551eea5627be04ee25093a0472a6f5e485755b306b17cb1c60a13b05f0786d1f

Download Submit
/data/data/com.tongyong.xxbox/files/umeng_it.cache

Filesize
211B

MD5
76c3482dc7e6a507e9f165f27254453c

SHA1
d3717ef0be278eea624fcfc73ab7d742edb0a7af

SHA256
2b263b0334d13ccb72817ebf34a2345c75764c3d67cef380852874c1963bd5b8

SHA512
7bbedbd6d5704c8f7eb592d0db3a64b12ade10ac5993b0a564ea234f745a7ecbed3d110fd3db9eb90f59afef118197aef88232390d86e6ed370f4b3314124ef1

Download Submit
/storage/emulated/0/Android/data/com.tongyong.xxbox/cache/log/crash-2023-12-29-01-57-19-1703815039123.log

Filesize
2KB

MD5
2964b10d33078f427c6ec6c1fcbf352e

SHA1
2e611c2423d4608ae37e99e2816df9d547add8f5

SHA256
c76e2cb1d821eaf02f05e13ce3fffb8f239de9945054062c31275c2b00f18de8

SHA512
d4546ed4df78a7ddbaf9a612b91e0db16ecaaeed0ed9df62e77ce3d392383939460c67d1cbc2bc2ab91b00ffad146313a7bb47276c85665e97f110638e7eda57

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads