Overview

overview

8

Static

static

8

d8a75e22f0...8a.apk

android-9-x86

7

d8a75e22f0...8a.apk

android-13-x64

1

amap_resou..._0.apk

android-9-x86

amap_resou..._0.apk

android-10-x64

amap_resou..._0.apk

android-11-x64

Analysis

  • max time kernel
    3011086s
  • max time network
    155s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    24/12/2023, 05:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d8a75e22f069e7bc8f3979c72055fbdc79def79c5da6a367f2a769f729d5af8a.apk

  • Size

    25.2MB

  • MD5

    b2767ce99407b3a72898939e73d9a357

  • SHA1

    a704792e096522621ed54bc9931e91030b5ca3cf

  • SHA256

    d8a75e22f069e7bc8f3979c72055fbdc79def79c5da6a367f2a769f729d5af8a

  • SHA512

    e82e410afe784aeab66523e113d8a03a482b5f31af13a2f01fac2726e80b2cde3223cbf8b620b17214aa69aaa98283626dd53f1a350a0273816b5f522386596a

  • SSDEEP

    786432:gOa5ttrFwehfO4PLQoAC2FoACYHLdvTCTCe:ja5tRFwyf/Mo52Fo56JvT6Ce

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 5 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.winsion.inception
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4249
    • /system/bin/sh -c getprop ro.board.platform
      2⤵
        PID:4282
      • sh -c getprop ro.yunos.version
        2⤵
          PID:4297
        • getprop ro.board.platform
          2⤵
            PID:4282
          • getprop ro.yunos.version
            2⤵
              PID:4297
            • /system/bin/sh -c type su
              2⤵
                PID:4332
              • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.winsion.inception/mix.dex --output-vdex-fd=50 --oat-fd=53 --oat-location=/data/data/com.winsion.inception/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
                2⤵
                • Loads dropped Dex/Jar
                PID:4346
              • logcat -d -v threadtime
                2⤵
                  PID:4396

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • /data/data/com.winsion.inception/databases/bugly_db_legu
                Filesize

                4KB

                MD5

                f2b4b0190b9f384ca885f0c8c9b14700

                SHA1

                934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                SHA256

                0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                SHA512

                ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                Download Submit

              • /data/data/com.winsion.inception/databases/bugly_db_legu-journal
                Filesize

                512B

                MD5

                d8034015dbafc2acb5699f3976f4d16f

                SHA1

                52fc19af894944e348fa19129462b85a2f40ce2f

                SHA256

                75e838d85f5feac8da88ec5932b53391818193b2ff06d0b8d419365954b51108

                SHA512

                9bb96282b111b897f67436f4bd715853e9773cc13a4802baa2dee80452042c4578d009c8df23385038170045ecbc6078f32af45e9d3d00966e929c97dfc207d2

                Download Submit

              • /data/data/com.winsion.inception/databases/bugly_db_legu-shm
                Filesize

                28KB

                MD5

                cf845a781c107ec1346e849c9dd1b7e8

                SHA1

                b44ccc7f7d519352422e59ee8b0bdbac881768a7

                SHA256

                18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

                SHA512

                4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

                Download Submit

              • /data/data/com.winsion.inception/databases/bugly_db_legu-wal
                Filesize

                76KB

                MD5

                8e6d756003799f0b0190241941120ea5

                SHA1

                a48e318bc3a61618b4f991144393ba3189025218

                SHA256

                c81bc5a24b7bd444a53937b9300a7ebcec109872e7e94242300b4a656d9785be

                SHA512

                44cd98ede57a63dace1f8b25009c275db382c951d28d02411e49fd192fffd1c811776be06f82b3e8758200418e536fd250642e4908914ddeddbfe65ba100ea6d

                Download Submit

              • /data/data/com.winsion.inception/databases/ut.db
                Filesize

                20KB

                MD5

                38616785cca0600a03205f84fe330b4b

                SHA1

                6ac41a6bdcae297d56dac5fdde70be5faccf0832

                SHA256

                b05c698d5827005da5e04b4fbdcac53cfc83405247353f8e9e145969a820a4e8

                SHA512

                7ff2901c032607f5fa1f24a48056ae85fe8d67b6c5649233fdad7b66950d359b2fb933344bf1e2fe6255a00c593de7bcf959d201fe8b6ad214249bb31f855a08

                Download Submit

              • /data/data/com.winsion.inception/databases/ut.db-journal
                Filesize

                512B

                MD5

                81344bd58110ca3bcf643cb5d95264cf

                SHA1

                fd64b2eea6bab0a19d2b9eea0f82f11679a971e0

                SHA256

                a484b214905cf7ae15158b016b0bc3645fe41ead88cb9c7cad0ef66861172286

                SHA512

                a989380c8ff3d81a846f1b6053c43d8928c466fe0e05df8284cfcdb3c18938ebfcf2b8514e9339b244631bb3d829fdfb009c5680bfa41d7fe64f094d6b94aaca

                Download Submit

              • /data/data/com.winsion.inception/databases/ut.db-wal
                Filesize

                32KB

                MD5

                44a973027f932b4f87e37dd1024406c5

                SHA1

                0c56bd56d5f20fc8b72204c60be1d54e20b15c17

                SHA256

                e17b13db9bbca7eaa6a89add76e0a6170224d4909aafad1bb37f22e9b21b2a79

                SHA512

                f6d6fac565bc556351e0914d89d542423b0267075bc254891125abb332bb578f07cf48ff07da6f963159193a43a5897b96bc066a8b9c8a426061ef6d07947685

                Download Submit

              • /data/data/com.winsion.inception/files/com_alibaba_aliyun_crash_defend_sdk_info
                Filesize

                222B

                MD5

                9e70d6a6038d0644982812d466a851a9

                SHA1

                90c9f22d8dda95f92ea68e23066d29e8522c1f42

                SHA256

                b8dbae4d07807fc2d1ef295071f73b0a9757b5c85e2db7dd14aafe9344eba62b

                SHA512

                f175bef841401812cdd81e97c1b90cc75da4707c9e7a8e670fcf52538ffe77f1960a0986c37335f42aecf27f11bedf332be65c90862a5295ec040f83f9abfe87

                Download Submit

              • /data/data/com.winsion.inception/files/com_alibaba_aliyun_crash_defend_sdk_info
                Filesize

                408B

                MD5

                bd9a487cd3400df21ba43e2dae944b0e

                SHA1

                fc3d1075e2b3b0a9c1c7ab1c72f83adbea840024

                SHA256

                f3e5d1129a835217ab64d8f78978ef4d0566cad483935b11dce24c6a3e5bffe2

                SHA512

                e39e9a733b5f0c29ed90e81491fde122a4a77a4abeabd27a55c82161b55589537abc2976bbce17057e50f774eaecaf0d7c6c6747a648873157ef9abd2b2a4232

                Download Submit

              • /data/data/com.winsion.inception/mix.dex
                Filesize

                292B

                MD5

                63f77f99bd2c2b772a479923bde11974

                SHA1

                c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

                SHA256

                4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

                SHA512

                3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

                Download Submit

              • /storage/emulated/0/.DataStorage/ContextData.xml
                Filesize

                111B

                MD5

                7680b7b84540264d69b8b9d93f35fa64

                SHA1

                32c6380589d3e1029d9b24cf08eb3a951e79303e

                SHA256

                80cab9d254d6a817ee0cb657b811554e9dbc64cabfabd3c82ac99fa8b7a0187d

                SHA512

                8d7af37d43c47c731e575b778ceaf5a7ebc1cfaab571c727cc652b273f76b46418400f95b00b7a3a6a328cc36e8fbd308d4c7181d9ddb1aa9a6cd589cdc2527d

                Download Submit

              • /storage/emulated/0/.DataStorage/ContextData.xml
                Filesize

                213B

                MD5

                4d1d32b5fba1cd6da9ddf12d99975af4

                SHA1

                4ff5a4671b2dfae2e5127dd29d9d4b5226e61b50

                SHA256

                8b9cba359d2557adddd2d2da5757c46a4075ca920103ee4e5e59e08d6e8ecd26

                SHA512

                0d207116a264eec6819ad6658e0521dd286bff28fedd47ab990765d4effced63489a77373449f71e8f47ee54f403e0c18bc7cb657cb754f86e33f807c3cf917a

                Download Submit

              • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
                Filesize

                65B

                MD5

                9781ca003f10f8d0c9c1945b63fdca7f

                SHA1

                4156cf5dc8d71dbab734d25e5e1598b37a5456f4

                SHA256

                3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

                SHA512

                25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

                Download Submit

              • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
                Filesize

                111B

                MD5

                81cc033589dba2881b6c3b41fd13d47f

                SHA1

                761dbb265643ea678c6a91655b8e4d255ddd8403

                SHA256

                2a78b72ee2ad099d3604de6367e327b5c45c6e50b5e7bb02cced3b388faceb92

                SHA512

                9cfa9c7795350f1c03271dd5d78eb45ea45cab73864d149c653d8ea27b35049e63c3bb47cb5e2ade81df5c2097b516f44cca90e9dceae3ce5438e601e7cd9575

                Download Submit

              • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
                Filesize

                167B

                MD5

                567228b7dd935aa2ffa51e048e846b98

                SHA1

                b03e43c12cba3ec8c86817a56a6a526b98830141

                SHA256

                c89e850b3529dcc9467bef57ed8791b70aa8c285a6835fc1a8891ffb86a0108d

                SHA512

                83e7cd86c4dc49b65822f51c7856d92baa6f157c2d4a8a4739ea16540eef7edecd3fb76e4d3f00d61ecddc68353ccb58cf85b4583421743341fd061519998b6d

                Download Submit