e8677ded0987303c901de7bb8f983499ac270bf17010dd354c59f60ad7172caf

Analysis

max time kernel
2790346s
max time network
170s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
24-12-2023 06:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e8677ded0987303c901de7bb8f983499ac270bf17010dd354c59f60ad7172caf.apk
Size

9.9MB
MD5

0842559d4811cf9cd79f2b35cb891797
SHA1

53091b9b79f21ef2f58d24a8d5f98f4235d66857
SHA256

e8677ded0987303c901de7bb8f983499ac270bf17010dd354c59f60ad7172caf
SHA512

6178d19234383afaf3e10fb8a793e2ae5f57042c043b7b727b9d7c5c7ad88eaf8e316c64a570347c5f9a9df703648b628ff7496ad2b09e550919a9a65232d2ba
SSDEEP

196608:xuBHa/LGlaQBUbI+LxBb0KWIKfD5PtDfUyYC3eFgeJuR7EZV+t3:xuB6/8aQBJcljWIKfD9tDfUyP4VuKY

Score

6^/10

Malware Config

Signatures

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.zhangdanzsxm:multiprocess
Framework API call	javax.crypto.Cipher.doFinal	com.zhangdanzsxm

com.zhangdanzsxm
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4524

com.zhangdanzsxm:pushcore
1⤵
PID:4582

com.zhangdanzsxm:multiprocess
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4636

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.zhangdanzsxm/databases/cc/cc.db

Filesize
36KB

MD5
4cfe777c9f6e7859f5efe2197401d8e5

SHA1
bb3774e8879ad5f6db0c37f151c3d6bc7b4b207a

SHA256
c422190539b6414072fc3950da19a17985c0c4c2172740b2f74682b520af5231

SHA512
6be469864edaf8eaa110f618f8abd27962da92e20945dcd38073ade2b60b10f00552d54d5db9d9f75ca133213031030e71e2e30113ff033e5ef507a28fe0b1de

Download Submit
/data/data/com.zhangdanzsxm/databases/cc/cc.db

Filesize
36KB

MD5
86752a4be6564d8370f2f0e403995003

SHA1
29f7d50675f6e59f3b808eb6dcc8619384412115

SHA256
50484dcdc6b9c2801773018386a8143a52a5153eb2eeeaf5be8bbe46a49ca90c

SHA512
79c9435c1e0d41a3f97784be3e5a3cd8c0bd2d32ecdf326808bacb00c76d876d0447617d6e72ef04cd4b996c92eda4eb7bb200987ae7928ce2e0e7c8e807a5ec

Download Submit
/data/data/com.zhangdanzsxm/databases/cc/cc.db-journal

Filesize
512B

MD5
9713fdd06cf8b30043be36415adfbcc7

SHA1
23a7f4e5cbd566b0a4a5d8b1af5f1d9d4668c54d

SHA256
b509119123e4a4f43fb3d97aae2d1f9075015f935de1fdfa32aafbae4024265b

SHA512
47731073d62f980eecf14a3567688464617810d5864c59077f14e1c32a7be40c87b151d9bbd3561530bd66b11baf1af49b952084aee2d48fc7078d88e97858bc

Download Submit
/data/data/com.zhangdanzsxm/databases/cc/cc.db-journal

Filesize
8KB

MD5
fbee2f05044bc16af4fe710998999477

SHA1
b98db1d6e39fd8f391a5efc823200908802257e5

SHA256
36f0c727d132d8a098b1ff27d7ef437230c81e8643478b594228f1cf16b670be

SHA512
91d4d907beb162f400419042dc8eb56c8912f54d45e61f57f7f42dc391b67d43918ff1d51787f8aa701649ce0ada0e26b973e7b337843775af85ab95b5798922

Download Submit
/data/data/com.zhangdanzsxm/databases/cc/cc.db-journal

Filesize
8KB

MD5
c09a93d042988a219c48a5df632f8e9f

SHA1
fc43e2bcc4bfff5e04da4590c42f0e55c0f224d7

SHA256
7a223a0193172f3f501d8d1709563ac88ca60411e650963ce09cf7033158ed70

SHA512
7d2732f5c473a55ed82a31c901db6b0244ea6940264a577f878079401b67cc774fcb02d5cff515a836eec61dead4535d6d1f47abd146554068256fb02ce41371

Download Submit
/data/data/com.zhangdanzsxm/databases/cc/cc.db-journal

Filesize
8KB

MD5
5766196d7ada79609a1870357a2f665b

SHA1
fee53311a174a3e382ebcc7ff725334974dc1d34

SHA256
efa5349fb64eb9cf069c5ddc0ca038de5ed0af4c584fc73ac5710084332bf245

SHA512
f30322cc6505ae22291f0d81a5b7862e888677b74ac70e9dceffb2b4c825278b35197913e05e182c7700be6f87142b305fe757f592b4098abc1f877ec9ccf324

Download Submit
/data/data/com.zhangdanzsxm/databases/cc/cc.db-journal

Filesize
8KB

MD5
732f0a0e6364e6013cb83db779e0f2de

SHA1
e3fab1534d5dce98736bb4c3c5d31230b4c6e44d

SHA256
f0d402f0c61d6c713466f7b0eb9b3c825eda2b71341d35384d89ea179b4dbfb0

SHA512
c6839b6bd34dfe149e3a101eb69e433cbac064bb5b0fe11838168720caee2cde7c509e2b5d80addd61d20efcf6a24f430df5863577c47950844e190772cca05d

Download Submit
/data/data/com.zhangdanzsxm/databases/cc/cc.db-journal

Filesize
12KB

MD5
8ae13a59b984156132d98237902d881a

SHA1
c78e3b14949b2affd2ebfa7da6d03f22597f5913

SHA256
68028276650e700948f9c042f79c2947642cd9bea52ffd5628bc05370fd87a2c

SHA512
7bb7c9e02f89426d6601b93d880106d9413785abb1f56a792375b6062ae9feae2584824a390136cb6dfb48a16d7a9a0f1866fbea950591a0ccb866a02d891dd7

Download Submit
/data/data/com.zhangdanzsxm/databases/ua.db

Filesize
12KB

MD5
f41f531c07d4141546a531ff9caffdcd

SHA1
9dcac5aed06972d0ff6bd4cc1f1cdff85b36d3f5

SHA256
bb8dee5b5c3779f175abbd142722eb0022b98d374783aa80145b34614a4de646

SHA512
e0c8d1a820cb4c098e45776e8b50ea8c83944ef2e3f005cb0acbfc07688974d370f78100ae022f62564fc4c12acfdc43b710c18ca1c30f4f575bc08b9b12d2d4

Download Submit
/data/data/com.zhangdanzsxm/databases/ua.db

Filesize
32KB

MD5
4cac7d31fb94d5c9581893537f64c5ed

SHA1
96bef3288546196ac3058b5eeddbe9da1d999fe5

SHA256
d1b111041f8aab3269f3da846b2ea199498d99f6905174a9d641f0faedca41c5

SHA512
0ab95e51a640148ac007d47afd5b9fd03ae5a3b9053e5e19a4f0b8089e17e41e311790ee9fe486b6752926799577bee041ed67b64d8772794e9d2329a96ce747

Download Submit
/data/data/com.zhangdanzsxm/databases/ua.db-journal

Filesize
512B

MD5
adc03bb8dc7c4bdd963dcbe58bd0abbc

SHA1
bbb03a68f03cc72157fd199981762d9252bb9090

SHA256
726b5f0f5b455325a18646e8bb5a63a0423ac6fc573f86a2822916f079248e68

SHA512
3c700c4cf9c6d15b0afd74ba22d711b15ece2392d096b9cb291cb8e4698437e3791269015aa6a92a51786d72f13ec764b76a20cbf19e9f0e9e7631c49648bf79

Download Submit
/data/data/com.zhangdanzsxm/databases/ua.db-journal

Filesize
512B

MD5
b0ea438502f1b6838d18fdefa7bd09a9

SHA1
8cf002a393f7ac31642b4041ac7d0fb85998cf04

SHA256
42e33fc682555bc8d9f78343722c316244a5363f39beda4bf0a1117f3a8bdbb0

SHA512
bcd45e58792330e9c04f570c88c0c484d4ab8af891010f5fc85831f13d8db183965602ce1b494bdac71749d2549a508629f86ccdc394bfffd5110177a0861fae

Download Submit
/data/data/com.zhangdanzsxm/databases/ua.db-journal

Filesize
8KB

MD5
b56662b844ef181e1567fe4a1d2e7b81

SHA1
51d0ecffd2f0e6eb1159f20debe2ccf55c06c2d9

SHA256
039b1c20c11bd62ca1de7b18a12efc9e2a3d9d4e8a0f019a1de87c0285f7c335

SHA512
d9cfcc570398caa9c60e89c7699e713f64f95911337995269c16069972d4872e6679c0249e6e9e4fb32b3026b067fa42723d1bbb1dd637246e9cae5cd6a2d08f

Download Submit
/data/data/com.zhangdanzsxm/databases/ua.db-journal

Filesize
16KB

MD5
a26f4165842f502f2af23425a676274b

SHA1
29763fb381887a1b3ec8590e626e3e8282699807

SHA256
854523f3a52ba23ecd3d4465c14b3e3c058e662342a0fc178a06dfd68df990d7

SHA512
36bf56fe346981d809923107c9b528f93a272734f54ea58762fa302b333d016d270ad81aa6a567f71f1af0a80a1229158fe56640788395938e4e361c6d3b75d0

Download Submit
/data/data/com.zhangdanzsxm/databases/ua.db-journal

Filesize
12KB

MD5
656462c5e3cda7dbed77ef5f8a3c6736

SHA1
11a9aa50c452becaaabf94ff0ac74ece125d3ede

SHA256
6f2151e0e32d425ad40511adf168cf07e688678d959fd5953b5cd0e38f48a652

SHA512
1de1658355c226966150b3f6d00dd3fc0afbfb7ec98864b8f7ebb8c5f8d9f39ad0cd9329b0dd7d3246814ebccff665f9fae3b59bcaaa9a4bc543fb07bb39460d

Download Submit
/data/user/0/com.zhangdanzsxm/cache/Analysis/avoscloud-analysis

Filesize
408B

MD5
f707be0f1bd20dfedad4612a0e929c5d

SHA1
29298b3511b73313d8e1380a56864126e2115bb1

SHA256
28c49a5ec61044c006178a77590e27e01a4b7b342028a5b665ee8418206474d4

SHA512
add84ea36fbc75d87b12c8adeb106a6db9bfdce933f281d41d71bcc763d0391d042e50ee44f7fa0bfe405df71cdf6e3ab506a59ad0db8c88eea0370f2edc88cb

Download Submit
/data/user/0/com.zhangdanzsxm/cache/Analysis/avoscloud-analysis

Filesize
620B

MD5
654562a5f0cab77334621cb96abe4196

SHA1
48cb2d2172e541dd459982d70b42c835f740dc93

SHA256
676b6034d8417747f2f4456eb4fbc7d51aa825f2b5e4c616238f6fc93938d44b

SHA512
ae5fee6c637edf9fa0e8b120734d59f6d6c5e6b39a8d03ead66e3f70468dfc99f1c49cf7e35a78b4f6f33a9a9a600aef6ec37af69bc502bfa351fb7fd3cb04d1

Download Submit
/data/user/0/com.zhangdanzsxm/cache/Analysis/avoscloud-analysis

Filesize
836B

MD5
81fb634e7afd6e20fb62a6a77b3d2c80

SHA1
e1117113ba6e0a017ab30de300ae6ad59e6a1a7a

SHA256
c46c5c120f8ace205db3bb2ced54bdb04bf494f3285fc493e1d32e6cacc21a5b

SHA512
c42175e24a6ce03451105a88e2ed5791908c476d7de09285729f9c9b285e556201c54e3c61cb7137bd9f309b8ff5b9874bdfc184ad1acc5caa2f5e10d2dc778b

Download Submit
/data/user/0/com.zhangdanzsxm/cache/Analysis/avoscloud-analysis

Filesize
1KB

MD5
eb2d89a94d175d09e51958acea43eba5

SHA1
b4ba6226bc52cac25dbeb6653dc1bc26fba75455

SHA256
fb1162d1c5ea30199fd6e0927e26633263b4513f1e139db939351df634bb1530

SHA512
5f255585f6d28f7c1758721be290b290a06f0ef9309c7c5004fc0ab9266117aa8f90a37e26753634bd9cc5cf54273d6e14d6d2fa919235cadab80d8522c0d206

Download Submit
/data/user/0/com.zhangdanzsxm/cache/CommandCache/eebe2521c8422e54f0861e5f86c60d95

Filesize
1011B

MD5
fad53559b636faaa14fb09097104b207

SHA1
a110218d90736db7744ad0d42d121308c8219110

SHA256
a105122ac5a60f0a299ea1661614cc2826f52d1dccd693df7d54509c5d58ddf4

SHA512
68fb15bf5b061f2c765eecdbd385bd035ccbd3c297851f71ecec7b17eb186aae258a863c9425d8c39b23eb156facaccce8ac0fd4a9572a9593ee504dd59c6901

Download Submit
/data/user/0/com.zhangdanzsxm/cache/image_manager_disk_cache/7238a828a1052fd8e10a1baa52dc3e969fef519a83bb163d109d2eaaed945adf.0.tmp

Filesize
2KB

MD5
3e307532feb0f6b70ea650220c53b171

SHA1
a6821753b6397ebfb604d6b551db06a581ae916f

SHA256
6c54e0adc6b83e7b4b4185ce5547a6a12b8c423868605680c0728cd1ab40e536

SHA512
2a0c601a743621e5e757fffdca66e9e8ee8966ee6a045b91fa6dc46357c54b9d4f09a284c0a5e8f858d0f75d069c9bebfeaec73898afbc2c2e998c222939a3a4

Download Submit
/data/user/0/com.zhangdanzsxm/cache/image_manager_disk_cache/journal

Filesize
71B

MD5
db02e8d3486c187ba65e72a362299e69

SHA1
7ccbfc013913d60e378fd87bf2f9f6cb71931d6d

SHA256
0463761cd516bf0e2ea6237240acd1cb38398dc9c91d74ac87bd62686873400b

SHA512
937a84d369a6cd61f6a9c51de8f18b871f4e173c8c7e1f68127ad08fb5804ce0d3100137f6db2bf7026cb74cc8acc225b3fe9d49cf0336c84569f545dab99932

Download Submit
/data/user/0/com.zhangdanzsxm/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/user/0/com.zhangdanzsxm/databases/zhangdan.db

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.zhangdanzsxm/databases/zhangdan.db-journal

Filesize
512B

MD5
726d5a462522d6b252103c6d89dc0c24

SHA1
0a457a0dfe959b9b962adf5a0ea9486ac46c2c81

SHA256
3799ca3c76aefa20c83f9165e9c23a1e5b19b6d243baf2af0366ea7e193eec1f

SHA512
d2b8ff5a7d95e7417953dfad6c5ab6ab16a382c5484276176762d58ed6a58a9eb726201af5dbe5e4d763ed7bacc837dca12faf923c60a53abb60b28490d81e90

Download Submit
/data/user/0/com.zhangdanzsxm/databases/zhangdan.db-journal

Filesize
8KB

MD5
dc50aa951376b268752931ee0135fb88

SHA1
d677bb362693b60118c7300066b0d147a420434c

SHA256
d8299f24746f7472ba1383e3adac5f4e11d44654e0196ff4abdabc9ba2f0d529

SHA512
a7f0568b1073040149e69429ffbacf8367767f722608aad29c4557d1f2f51aa5fd39195e6e811dbcf24125fa0a4480b411eddd8b85fafa07de0e44909af70f26

Download Submit
/data/user/0/com.zhangdanzsxm/databases/zhangdan.db-journal

Filesize
8KB

MD5
604b387f40b298e229658c617245fd3a

SHA1
094e29fceac8ad736c994bfde49b4cc8fd8cd681

SHA256
6586c6e53ee248400fbbe972458ad1d27b57c2b31cefaa567ab1bc7a1d5826f0

SHA512
250f4739032084b43def19168ffd9fdb8da3bb0820b036e62cc9d0dc16db2b7f44741900c2e011dfdbeebde7a5d78adb82eaac6bf3e89ce0551cfe98fdf2d64a

Download Submit
/data/user/0/com.zhangdanzsxm/files/.imprint

Filesize
930B

MD5
597721155bc77f7ab728464e57082bc3

SHA1
522c4137817e461f909e4fbcce7b04d26f6ac906

SHA256
a2b7e6166ff561359d8b8d6759359d117126c00d8d36ee626b6425b6464808c4

SHA512
391654eab1bc0a20bc895c2afef6a871db084832176386784331d3099a5f748708634142ecfcd37d6a85850ad4950206600bc7800df937eec6b4572bd6d52a73

Download Submit
/data/user/0/com.zhangdanzsxm/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
22849a269f211b759a0d6bf386958e5a

SHA1
eef69a845e71fb47059471a323932d6558f05de0

SHA256
41f80455500d6aef19e142a3ac38fb9a3d5aa09d0c990626f1ca4269ae0b7fd9

SHA512
67725be5d995282357e52df18f61f8e079cfc9cdcf2c22b5aac83c2a722af6c827ad8fb1445c206e63fc6d7c4667f32d5e3387f54800f15f5dc3c1e064334ed6

Download Submit
/data/user/0/com.zhangdanzsxm/files/exid.dat

Filesize
57B

MD5
74d239d27e3e421410974c65e2b9979c

SHA1
2f516682264ec8f716c2a516375694c5a187d717

SHA256
c7429f5bdbff7eb11597938aaf58b459f3e57b4ab0d33d80bd3c863ff3826867

SHA512
df41dfee4b7b8f8db53aa4762a77a251b0278706100be016d4374ef2014e34cf24a45d6513efcce1a843f3a7df8dd82a970756f7a39c0084c0d4403b9b35d878

Download Submit
/data/user/0/com.zhangdanzsxm/files/installation

Filesize
488B

MD5
a223971bf3abc91811973f4409e868c9

SHA1
55b355a5478f5e3ceee41f5a529cfbbf3ca5eae3

SHA256
a0969c568d042f4b188a6ead5855ef8f4a44474408953b3ce16ec7753456f5d0

SHA512
761b8dada57928cd7e60f550209b3b89015075b83693a5fa77d9088486991c3f6b55e97be41eb4c3f4104d2258ba2593c8f97fb0648dea3aea368f0a715e45e1

Download Submit
/data/user/0/com.zhangdanzsxm/files/jpush_stat_history/active_user/nowrap/6eda48e7-e440-4e79-a09a-2434a09a0b07

Filesize
159B

MD5
a18923de350732a629a7d8b87b9e5906

SHA1
9fd34632970fbf52a872b54fa64b6772d037c224

SHA256
ea8ae2aa23bdddf6812307375d52a2a5bb72b1c98b2a5b02df4c5af1c43b019c

SHA512
dc5384f445407777c7536aedb8d533077d63d1730251bc26e47ae9a804f9ba0f86729c404d90681f0dcc9ac063c5bb431f384836482f0e8a188cc501fd514156

Download Submit
/data/user/0/com.zhangdanzsxm/files/jpush_stat_history_multiprocess/normal/nowrap/57ec0719-31ec-4553-a6eb-bd26f972e2be

Filesize
1011B

MD5
22aa6f5ad75554b5f1cd9829082bc9e5

SHA1
c51eb11984c90d536e864c0a3b608b5a428492a3

SHA256
c3151215e7561684028ef897f3e450dc223c51c44a3f4e2a99cab6b644d42647

SHA512
cd15554f3fea70182c73dc119c7b93934b05d9598facd6d780c33c70c6ac569d65ad1ad0b8154be2a3b10bd2e5008acc75bc37bc83a0dcc0376c86c4799027c1

Download Submit
/data/user/0/com.zhangdanzsxm/files/umeng_it.cache

Filesize
350B

MD5
0be17ee664383ce33a608ef4ccc58e93

SHA1
b8cc69752593ed9ddac9ff2dca862054ccce4b11

SHA256
484c47781c850cdbfff15fe76b122b05fc18430338cee7b5500ecd621f0302cd

SHA512
9dbd39de2a49497c87847f39201d0fb222d15c896d9f9721d4ca7333ca946b55887f3b5ae98ac3dc73259bd51fb9d3f3997270b7d002fb299b642702ed5071fa

Download Submit
/data/user/0/com.zhangdanzsxm/files/umeng_it.cache

Filesize
178B

MD5
e0d6831d3bf3fb346fb83ec1b338e03e

SHA1
e710b6f37ae1d96cc789c8aa201ce5208ceb7b12

SHA256
1ca065f0a388cf7b26d34f759093bd7bab55e7698fa86cbbe08f8cdd95aeae15

SHA512
4a9c50bc353f58a420ae56e89a2a952a0269e1bd779d966ae0cbeab1211cd0f5a06b715988f7435cf0b4b0002651a1e4e07c90ac1d15bdd3c6b28f8748bf49a2

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
32B

MD5
263796ad66403e3e3726ac5435329baf

SHA1
5a8e3cf9215732800a320f8cf0558e9d2843013c

SHA256
f66bc1eff27f80db6f4e00b3be4adec998c0bd03646dd91813e60a4fc6d86737

SHA512
b7d2459be1261a743308e11b68b00c063a318aa540fd71f1ab00f1888dd245f00937a81f678d871d708bc6b3d232e58f7acead6f450686c5fea05ddc6a9a2630

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads