d8768beb48a027875c69a13988577af2cef45a071c34226d037f883e6923ba95

Analysis

max time kernel
3010544s
max time network
160s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
24/12/2023, 05:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d8768beb48a027875c69a13988577af2cef45a071c34226d037f883e6923ba95.apk
Size

15.2MB
MD5

fe8feab794137c28edde5925df9be1e8
SHA1

fce4188182e96051bc16c100694ad007670661a5
SHA256

d8768beb48a027875c69a13988577af2cef45a071c34226d037f883e6923ba95
SHA512

cba90ddb23cfe39302e9205f6c29f2a3ba48d393d34d7dd2ffad26310d58930d7c2b8bb7696421c8a5993f595c4e9b6d75775d2a04393f5f460f730cbba24649
SSDEEP

393216:zQ1GLtlBEbUhGID+ukQcenzY0TnC4uI+cYT5AZNU:zLL7kCGAZDzn7tu+YTN

Score

8^/10

Malware Config

Signatures

Requests cell location 4 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.huawen.healthaide
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.huawen.healthaide:pushservice
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.huawen.healthaide:remote
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.huawen.healthaide:remote

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.huawen.healthaide:pushservice

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.huawen.healthaide

com.huawen.healthaide
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4210

com.huawen.healthaide:pushservice
1⤵
- Requests cell location
- Acquires the wake lock
PID:4253

com.huawen.healthaide:remote
1⤵
- Requests cell location
PID:4281

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.huawen.healthaide/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.huawen.healthaide/databases/cc/cc.db

Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.huawen.healthaide/databases/cc/cc.db-journal

Filesize
512B

MD5
6f9989e37a2498da8705456f23a57871

SHA1
44898b194caba0a671c01b8ad4e0f36bec517377

SHA256
731349bfcc46cfa37294cf8bf4a39b1b41f49cf93ba6449c7c466afd0f05cfcf

SHA512
83ff889fffccef2ec0a3a10a318b4a67c336c799f5f60ee13eec1be7e498db3c8c06342d23ab36b60ced42f6b5677d5dc0bdf75ba40c3136b08172cff7c4ec33

Download Submit
/data/data/com.huawen.healthaide/databases/cc/cc.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.huawen.healthaide/databases/cc/cc.db-wal

Filesize
16KB

MD5
d75272502012e4c2604afd53880ae467

SHA1
3aaa7c0c83d928d1aa42b042d76b16720b4211bc

SHA256
47925b2337f80f679110bf4e0bc4d86cbcf0960cd3ca8f68ffd2d17040fc88ce

SHA512
a500b2062fea845fa7d75ddb31520268ff056e9e61d8ba4334ee2878463863e570699486efb5333fe7868036d0c497bdafa5da7b6e3bc6dd358dc5d566cd79f9

Download Submit
/data/data/com.huawen.healthaide/databases/cc/cc.db-wal

Filesize
48KB

MD5
b9a3992b41c8fd198c12f28a56dfa06c

SHA1
db8000ce47a62af4d480a99d36cddb8c64c03052

SHA256
5382efd46b75c664aaa8fb0aa068e4a24cd998aa98ae8375a8f4205ee7467133

SHA512
8c8c833a9f91f4ec6ddda18dde85df3b474b492898c27b44cbc18ae0f3229e7f1af0d174a95d4e0310afbb338bae85586c8a62cfd85d6d766f5d0a62323f9272

Download Submit
/data/data/com.huawen.healthaide/databases/pushsdk.db

Filesize
7KB

MD5
57e383305d20d4adda8846accdda864c

SHA1
41c8f6f78ccc556b2df6a12a5fc0b2de7832ebde

SHA256
cb28d77a85f415f798f4b4944d613424758d0ba7c6ae3d5f44812b391f4bf7aa

SHA512
eb7f1759016ab4bb7a5ec5e95ed1924b19cde75ce797a672d7706af3e6385a0fe6389dfbb92ccf1cd277ac56af5f87d0c5cbd7c61647b07f7f9e28e0b9c9bc18

Download Submit
/data/data/com.huawen.healthaide/databases/pushsdk.db-journal

Filesize
512B

MD5
0ec19dfe8a1f18f9584ffcf59b78f127

SHA1
f65a20e2a0375298c029faa6cda63d2dab8e1db1

SHA256
19df885bef8e5f4c4a6f963244dbcc156eff386437159202d1f736a6cefc64f1

SHA512
2a0e7c7e3629bceefaac62a4ed4dd67be8ca11cfe2a62f75f7bb29e9f4abf4e48a035ebef6ce35591b260cb7234ceb2ba3d7551022e382d3603ba355462a1b86

Download Submit
/data/data/com.huawen.healthaide/databases/pushsdk.db-shm

Filesize
52KB

MD5
6134315195951047e5b0863ac2180fc8

SHA1
c480555fb4b3141007dda078f7880f64daefb27b

SHA256
6d5f248afab2de8a3ac10e5d579563ee237f385ff5b2a411445ff8b3cd0c5668

SHA512
51f2205c1fc55f3e33efd27f1443832e6eab53d93da17ef1ef1c1480a7ad61d1d83a7db49439f026de99dae8b6fd3c5c3665c1884f87c4cf0fbc3ca7e6f79bbb

Download Submit
/data/data/com.huawen.healthaide/databases/pushsdk.db-wal

Filesize
80KB

MD5
d49de56ee1ec7bb37be1d66b9fb16c88

SHA1
ae984e3b1bb6c507fc0c10cfa3b3569555664c4f

SHA256
9fc651e6f4e6f8004e744cc86846452baa982ccd44c8dbadf4ee41d256c6fdf6

SHA512
1649563b547fad683c6bf8d1b4b054dcef7a79e09b091673e496527b2af266a02dfac604b67ebb70c04b60d327313192b8b874db962d4ae592a66ebeeb336bdb

Download Submit
/data/data/com.huawen.healthaide/files/.um/um_cache_1703817512778.env

Filesize
1KB

MD5
e2a2d53f2f2c068800ef6df007b220b3

SHA1
0f7de6a830e1606af5556b5602e7a1c0a195fb77

SHA256
2ec01e84a00788d7f1212addf49ac7b1c23bb67717cc91d4564e23adb5e609b8

SHA512
49316dd410c2c54aa145591ff3a89e5d490e17e7ba52e2492560d034fde5e3ae2e29a96aec82b074f4b3a3043f86781ea7dda326531a9f2dc735db347f1e2cc8

Download Submit
/data/data/com.huawen.healthaide/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
8aaa3beaa9f3e441e442308d428e5a29

SHA1
872907a9cd53ae15b6f4730ed6c26d5bcc8c1ce9

SHA256
5441214b0da5324c5111cac0416f8ff638192dd34c15541f8933ab4365f6b9a0

SHA512
d09535797d98cac652366bbc1e4d833cd948c3d11a1c659ad4bcac23c5e0cd70579dc8540edc2e039920df9c783007eeb445b5a885ab7ed737c88176a75e512f

Download Submit
/data/data/com.huawen.healthaide/files/config.json

Filesize
34B

MD5
2e2e1bf0f9ec907837e35c723809aa18

SHA1
b006d04941e40ad0cc0573cb6a781b4e96893be7

SHA256
944ed54da9677151b742895ff01553a5085bcb09ff97a51a6007f48ad58b0cc5

SHA512
780003cfac3d0c2c94924017d09860222062c03bd9f32280d3a32e4e4900cd54636fc31088d627a1ef07ed668f616f4eae2e04c228d6a73fd77759f01b367037

Download Submit
/data/data/com.huawen.healthaide/files/mobclick_agent_cached_com.huawen.healthaide242

Filesize
2KB

MD5
121b87016dd5cb4f25fd77a483811379

SHA1
0592857b4f69ff8b83d34d9879b0a31b0eb982d4

SHA256
981e5e4a681ed1f9a4049953d995716b818d13dfadd6187ee9d8a4d32df42939

SHA512
65dc15f1729406ec0b5f9f3a652e4df8762c7c74de0870d25fc7add89e4c75b187963686722eaa6bd5e710fe60fd5a84ea58021ba9a258cabd742160289a74bf

Download Submit
/data/data/com.huawen.healthaide/files/ofld/ofl.config

Filesize
235B

MD5
b69eeaea54872326b6b0c6e2dc754a9a

SHA1
4ef36394baa6e794ea75aec2461fd42fe47c153f

SHA256
ba307ddfa6018c23aa7dbba88cd22b85401fc5170ed6b10710e354a5ee3c6d97

SHA512
f6636cdbb0fcee365d3f24dd99aa9b79daa155146aabf026d0359c6cdc25115c6ec090dccb41060e8a513580360d9af9b2e273e1c239790a97fdf8a565a2fee9

Download Submit
/data/data/com.huawen.healthaide/files/ofld/ofl_location.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.huawen.healthaide/files/ofld/ofl_location.db-journal

Filesize
512B

MD5
229129a8b3dce1212f6cfe5ba2dacc36

SHA1
90eda7acab33117dd3425815d8c65d2806e146b2

SHA256
c58bee1f7f60c36543a9a02fe0256d876cdaccbb43de2faf1716e66c8b588ea5

SHA512
63e343d6ca606a01769ebb92b17016b0f7e77dcd8d7e55e38cbe63dd3aadbe53af077a3aa791e4c86265458d751129b03bcdb15ea3fa78b0e304638fddc32682

Download Submit
/data/data/com.huawen.healthaide/files/ofld/ofl_location.db-wal

Filesize
48KB

MD5
bfebb460a7be3a3d5a832aa228da2b9e

SHA1
ced0f40d1049ccb5b54573b0e0ca746d1ed78516

SHA256
e5ad07ac363176d181fe6218f5176736bf261e7693d60a8d153e3ab893b7ad10

SHA512
e5d004249900db8af23ed097cd91e20b2bb2898e1660af41cb1a4deb46d93df3d00f6439c04d592175d994f68712679afbc9f409956e0b2a5cbce24365e76030

Download Submit
/data/data/com.huawen.healthaide/files/ofld/ofl_statistics.db-journal

Filesize
512B

MD5
19f584821b172a76dafafb00ff30d3e4

SHA1
508f803603d2ae6aa3f4eaafa7a09cb283892f88

SHA256
e693bac39a4088e41db705f72c824baf17aaf45906f5bd692de77ab024f3667c

SHA512
9f33b8143e8d7fc2c1a762b722a808ddc52f4de695ce87afe9598bffea353c0a7bb9210549e1cabd530a5adfd273d34e09b7495403a34bdec737f9127d8f7ae3

Download Submit
/data/data/com.huawen.healthaide/files/ofld/ofl_statistics.db-wal

Filesize
64KB

MD5
2e0419b0a0ee8ed38c0c485d4d068d30

SHA1
83376d9d09657aaedb83baa6684077b32db53854

SHA256
a3a766193270885060d606227ab2cb08d5a2733f673d7dd2783fe4b8dd8b72cf

SHA512
f3d6bc7408747c468be005d8e4302e99631a089447d5335f791e5a4779b974446228043fac57feff9953a466660c77f42b4a6993cf5e0af7dd557c9239d1e5c1

Download Submit
/data/data/com.huawen.healthaide/files/umeng_it.cache

Filesize
498B

MD5
7d14c4d7e68020ab4e8bb159d2fa1d8b

SHA1
f65ba38ffc3acdaf3c6b76cf5266b49e50fb4ccd

SHA256
1916cfde8fc20233f8c314eaee75ba78f6a247dfc62f31d9e7d0599fa9e6afe8

SHA512
784a82b7c936f7c33dbb05c0b4984a69b737b4cc4196909ca070bf3cc04d7ef3a958aeebce2582c53e67d503b327a73cec1622e27a4c8883dc37914dbcb0ebc5

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
4ad1f86e1623d12bc86ad6a0af22c0e0

SHA1
941dc242267f4f10977f5c9d45dd84fffb0667c6

SHA256
5452cce4e33dc9df34da510b576c39efaab7e284b191d2f4e4b4ec72bdb4932d

SHA512
7d91986a38f36144ef061f9ce9b805076858db18e8eb2147853c490a607e031ecf86c55b75adcb5703dba6972f7afc64d34b3e517482d94e11fa682c0abdda41

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
9286d1277a98b805a0cd82b1771f7314

SHA1
d868be064dd09e23946e88fee12c7c4a307db365

SHA256
4f1741dd2a4d8935d646093edd7a44031e3b7402994fc9a3b0cb53b69a23e3b8

SHA512
c468de65b14ad4a08a06ce55622816bb3cd77004173dcf4c9aa48f3795b2480cc60549e872dd14e8d1efd392e6d2039ac906583f1130d06a709813cf0f1e87b3

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
222B

MD5
c8aac6c52948531f9db3838ec516a62f

SHA1
06205efd05fa83bc1ce406afb63a28d5cd762846

SHA256
e95047e5758b59ebbc330578c4bdf93254e20902c71f7301905c550bcfb6e2aa

SHA512
e345e0445e975137c3209728139ab2bc3d5dabcdd27447669cb02f0cdcab5aafaa7d3ebb4f9f7e1c97b81acb24fc4f723c52ab139e040991a7ef8208194da8a2

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/Android/data/com.huawen.healthaide/files/baidu/tempdata/conlts.dat

Filesize
12B

MD5
8d80bc8ea90e9cac010d3ddf97bda5f5

SHA1
f063bc0d356e6ba9ab1eb9a851131ffbefd8fa07

SHA256
f52db31332534833414abd5e870f78c810b8ebbe5b134bbf599506beecfd1b93

SHA512
9ea732dd572a9a4ba91b70891972230a09576687ca1bc19e62d5a98b5b84e0f2ae11985108008bc9fbccf357219b8bd3dbf146bb70752f618f70dc5d0c46a7c7

Download Submit
/storage/emulated/0/Android/data/com.huawen.healthaide/files/baidu/tempdata/conlts.dat

Filesize
158B

MD5
395a814398ff535ed72fff9e4746feec

SHA1
cb2586a4e8d723b2681cf9cb0ecb9b008e4a6806

SHA256
bbade142acf50e39d4d49a2068599ab3d644a4041e7526627637ed6157439424

SHA512
4a7838d59ae79f4f36f32b0a3c2561aab3789b45eff353ef982c439d6378e6e8cfbcc2bd164bb6f9d7f27ab71a7f2b33b2c46ffca3afa29d9fc0dfd7106c7ae7

Download Submit
/storage/emulated/0/Android/data/com.huawen.healthaide/files/baidu/tempdata/llg.dat

Filesize
24B

MD5
161557b06b4a4d3ce095528dea370eb7

SHA1
8bfe9c4d916fe58d856b5a6ecaf8cd9ea4df2c9f

SHA256
f054ef19481234ee5b2db1d1c681839dab235a857ed3a4bc02efa8f785f478d4

SHA512
96ce8aedbdbb387438efc86aaabd13a6378628bfae203d2bc25ea1cd7daa6ddbd6dd2c81d631fbdc9b653a93011d3c80f0c085580275b683d5e0bce077e6e449

Download Submit
/storage/emulated/0/Android/data/com.huawen.healthaide/files/baidu/tempdata/llg.dat

Filesize
446B

MD5
fd2619494d18dc714133505726b04903

SHA1
9ad0e45f1d44d21a4100a8be3bef492bb94c06c6

SHA256
51b74202b47c5e37fab1d6eff9179b8d162f9cc6da8fc9c955e6f01f07d82e0b

SHA512
b8f8a727758147def5301f4d502bc48210ce997ad2b4efdd2fce93498e00246b3890cabeece54bac6c1be9a1e2fdfe65a7759452f86062fd220d9fc3623887ec

Download Submit
/storage/emulated/0/Android/data/com.huawen.healthaide/files/baidu/tempdata/llg.dat

Filesize
1KB

MD5
9ec8d8b84a6a1fb40d6013c3eaa52a0e

SHA1
47bcf1234443a797418840dfd563f652525a717d

SHA256
652d7622f39f8098516283156d1a9f06c9ce7c0687e56f436524584e9a557f50

SHA512
db0f19463aed46992ecc8576db79a1a0f5d72b141b040973586168711ebcc6985a436e10d7ef87fbe49b426acd36472a96ffc005f7e8b05c3b1f492327b11a2d

Download Submit
/storage/emulated/0/Android/data/com.huawen.healthaide/files/baidu/tempdata/llg.dat

Filesize
2KB

MD5
c54e9bd02051b88bc37ee42273ab26de

SHA1
8695db3331184b387aa1871ad2feb33cc071f207

SHA256
fdd455206af4dad799c15fb18d5b70cfe0a4941e4defc01bbabcc5fac4bb7809

SHA512
ad4a09153facf2af83da8879de58cd46075faba1a102abd54ba118466473d939919a84886bdec6b34d57146c8d4505ea19f540a32bcc87008ea0359651c341ed

Download Submit
/storage/emulated/0/Android/data/com.huawen.healthaide/files/baidu/tempdata/llg.dat

Filesize
5KB

MD5
8964b369d95ca36b02e20eb7c6190363

SHA1
c88d832ee94551052ac110010022538e5c48d780

SHA256
912cc6530d84d01fcfaf15d33a36e989f7e760174c84acab5545c678ad4fa367

SHA512
eb0325567f5179ea50bbd2b1ab7c5142498c47f724803c10a35db59d4384e1cb4064f6e7b68dbf4c02e951a4e3e57c1377e62e4c2bb80770e0520b68e4e12783

Download Submit
/storage/emulated/0/Android/data/com.huawen.healthaide/huawenit#fitone/core_log/easemob.log

Filesize
7KB

MD5
94ee3cabe62f8c600ab49c5526560fff

SHA1
6e70ff1cf667a11fc4cc1c6276315fec16221aca

SHA256
829eb0293554117385d04c3da6a58b49be4179150c9b680b099a3489f5fbfa35

SHA512
16a5de3762f9f3e898ec62950c96b283f4cda459aed7184ad298e7dfd17ec9e9873b8269b425d169eea79a72e1dec44ffa5d10e96b6f5457c37d6f7473cd5e03

Download Submit
/storage/emulated/0/baidu/.cuid

Filesize
89B

MD5
51f0293c29ce896856e600ddeee5bc73

SHA1
d58439479ba7eac7fb702d02e89e623c75af0454

SHA256
cc625d61fdac349fd1da40db9e6dec0a0f7ca367be2e279d8fd2f06ff320fa27

SHA512
08a6430555c09ae570e7873917fd6f26816c9c8e5af671715b41907a9d06c1cfc9c63e7f44b5170cc8bfe915b2c536c9d47a1401648c6549d7f3548b525b09c8

Download Submit
/storage/emulated/0/baidu/tempdata/lcvif.dat

Filesize
96B

MD5
402f5734ff25c6ba807a26d723c97a80

SHA1
7e0fb9245ac36b4fc3ace1e3442e4589955493ed

SHA256
9d17d4280120b1917b98924f8ffdf6ce6b19afac8ac29ec55a5289ae08bdfafc

SHA512
6a6afcab311364912852bbd349d98b59777af4ff374b5b318daddb18df79a27a81229c1ba847c01f06d3523908e4612c9e68d65e31f0cd4e1b6a4eddea465e9a

Download Submit
/storage/emulated/0/baidu/tempdata/ls.db-shm

Filesize
48KB

MD5
df54d42c2bb3076ae557ec9803a11d48

SHA1
a1f46449e00aec3081ae166ab56cc3c66cf7fd32

SHA256
405ca1b3d0890f8b012331e73f5c10a6fc5eb5803a8cf10ad59ff4e73f560a12

SHA512
f446e78c14d5182756e747349a3dc10ddad0f55d7779eb8c62f1e864773c9cf1d410fc34127965d354257215595caae6d437e69b04809b31bc5b6ac73af4d610

Download Submit
/storage/emulated/0/baidu/tempdata/ls.db-wal

Filesize
52KB

MD5
52cba5b18fba6e39e2bd42c59e469c72

SHA1
491b6e83c90525ccf2362c0f058535f8b612eea0

SHA256
8236d949f8a4d42c92fecd4bf5b1d3b83ef0d21609caee627bcb60ad26620c9c

SHA512
d42bc704b8d911a468d58a8a5caa31cbed11b544159b75926784bfa7c87a8fd689bf225bb1c8c38fdbe81eef2120b0bdd66a7a7b7e0a223b563dd060741c1732

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads