eede145953aa3c3e32cead08e1db63b34f0d6e5645e38a08b7481c459858233c

Analysis

max time kernel
2797684s
max time network
164s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
24-12-2023 07:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eede145953aa3c3e32cead08e1db63b34f0d6e5645e38a08b7481c459858233c.apk
Size

14.1MB
MD5

649f43b0f7568ffd6206f813f3364d33
SHA1

70d5bfa7a540667072260031c12eafaa3663b30e
SHA256

eede145953aa3c3e32cead08e1db63b34f0d6e5645e38a08b7481c459858233c
SHA512

125caa0b9f7731277e3529396ac44bf47ec15c59cee93e5b15fc7888d052df4de16c4909f42d4a84ab50a90b8ef27f3476a0bf98357596bc1c3f6d2fa35df51a
SSDEEP

393216:nzE47A5bFCILV2tcNeEWdyO/r20AP5W5L:zEhcILVXWdbTPAP5W5L

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/io.dcloud.H52EB6287/[email protected]	5080	io.dcloud.H52EB6287

Queries the unique device ID (IMEI, MEID, IMSI)

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	io.dcloud.H52EB6287

io.dcloud.H52EB6287
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:5080

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/io.dcloud.H52EB6287/.jiagu/libjiagu.so

Filesize
482KB

MD5
f380717bd1e3916c7b697fab8d46c5d8

SHA1
04f51f0d16097214e38be517d93be44cb0603a88

SHA256
8455632be7bacb221468c4daab2f9b5ee33739f08b22244ff81a36a02bec36cc

SHA512
b78fe11f77d2c0ec5b36850e8cc3b955661b31641405233c8842b91205e44dc16a30d7fc1ef18dde1b066c1b98959ae9c18be5472413d2b398b7ab6a6b52c07e

Download Submit
/data/data/io.dcloud.H52EB6287/files/.jglogs/.jg.di

Filesize
340B

MD5
1008431873db9874b4022a89dc359b58

SHA1
b822ebc8a2174ca998f83b5dd38e8d6a7615c55b

SHA256
4157e3399003ace9dc50972def07bd9b3d75f6ca1d25c9cf80eb2ff374c6c7e8

SHA512
0cfebcb3f1537aeb609cfc4c98943c2fda17bc19326b6cb710c73aa892b0ac4780e02d32557bcfa89e84d23700fb4cd7ca61c3ac032f0e147c99c144ab236203

Download Submit
/data/data/io.dcloud.H52EB6287/files/.jglogs/.jg.rd

Filesize
32B

MD5
37e373e8f434df5491e6a882197fc6f4

SHA1
55262de42c57eb8a3a90b19987370a600007a9c6

SHA256
b75c83c9eaed7e43d0376350252804cefdb9e497ad552f506e07e60b086f7e16

SHA512
eb4701965a639f8231036d21dda074a0487ceb0483228202f388888ef11118b9285fa0782fe27f556d6928d37076f8a878397c5625cc5d3fd259e14f26cc62ca

Download Submit
/data/data/io.dcloud.H52EB6287/files/.jglogs/.jg.ri

Filesize
314B

MD5
e796e7e9729da24ff54e423e58d34afc

SHA1
2308b67a1be886de6f33b45ebff77dde07b96493

SHA256
02a9eacbcc8ac1fc89de8e250fceb902ebf6ff24b51289bf701892aaf6ee1db0

SHA512
13e996df93079129dad77756f69921d816a7b072603279b9c5a7aaf4ff729257a76b7d2b6780b950f623df5c8ce27491bb8d3e0fb188fbf6919e60b3c2677f94

Download Submit
/data/data/io.dcloud.H52EB6287/files/.jglogs/.jg.store

Filesize
32B

MD5
448e391c59eef34ee1defbe4dee4c41f

SHA1
df1f890987371d7d8e6963c68b787856e42bc146

SHA256
55612e17689f4bb05f27e18b4f6d06ffef92a6a8893a5cfdd3d5b99a6028b549

SHA512
ce336ce895ba861dda7da27e8869dea065eb3c3403cac55cdf1935409e5ebc95b495370f87ed7416af20af533b15615472e333ae9f2fd2713040f526835399b7

Download Submit
/data/data/io.dcloud.H52EB6287/files/.jiagu.lock

Filesize
27B

MD5
5c44905e83f01ca567fc7486a58472f3

SHA1
922d61194953b5a80d2d58331020bf5feaf64d84

SHA256
2a8a73fa9cfa46e3a23a593ffa9c6f95842768cefe5e2d5055fd6fc8ec54c124

SHA512
f7079e204e3b88ae4ef9583e2dced138e9937fd1904f944e0b15598b8fc247331b5b2159cfc089834ce5ecd0a8c2d2baf470552fa3c2148f8ec234a87c3ca445

Download Submit
/data/data/io.dcloud.H52EB6287/files/cnc3ejE6/eje3cnc

Filesize
335B

MD5
585839d66722cfd02e40cb740cccb633

SHA1
374c19200fee201b26d0153487a281a934615884

SHA256
86a9bb4985cca6c9636c4fd071bef4b70ba7b3a5eb51af869a1299dc2b1574a8

SHA512
09bbe1bf1455861fd4732f2d1945c84bac34090906ac2fab75d144c22ffcf6bc585c8209e94a2b1919c8402df53966081a1af2993e12261ae4c4ac5568667d88

Download Submit
/data/data/io.dcloud.H52EB6287/shared_prefs_ext/test_app

Filesize
24B

MD5
fddca131f19dd7e8de578cfb221f9728

SHA1
97af0999b1bcd99c3c600a283bde473ac334007a

SHA256
7dcf7d0bdca3bd3e9a34e089ce3acd927b597259f3b63256c389a048cd58ebdf

SHA512
e10b24f9177ba26298c319355fde2de78c41dbf9dd385deeb016b32444964082fa9f394fe9c05c2530d021c26e84de23cfb5a49698b0c1b0b1cdef81741a5136

Download Submit
/data/user/0/io.dcloud.H52EB6287/[email protected]

Filesize
4.0MB

MD5
7ca5961e5661fd46a285e9e2a29aff16

SHA1
d8b11c6557b59bf01bab791fdb9bf4be495b150b

SHA256
88142fa4d7ad35fa875ca2745cbbfc38bf868575e9a49457f4f933b0e62f9573

SHA512
5b8505fcacb172f0ef22d693ee541a8133eafc86aa09db0a19fe36b4aa0f6204083599afc22513f729dfc2f950a8dc42f719899be4bf6870a8bade675b0e402e

Download Submit
/storage/emulated/0/.imei.txt

Filesize
32B

MD5
ad46e9bcee2ba442d47c11c8b87d4840

SHA1
c3e3d94f380e718d9c9040b8e955032cc83c9d5b

SHA256
751f248c364811fadf46527873bdd10deaaed1e46b7ffbefe9703fa0c53d5740

SHA512
df3eabac217baf2c0f53bf64702f3603575dfbe6008ee0fd18da9d082a317cbc8ea6373b887dc93348982554425f26e80e0d1fefec7736f3c45cbf612f7de18c

Download Submit
/storage/emulated/0/360/.deviceId

Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata

Filesize
32B

MD5
614c2d4446ea9603c99b9d1b29a8dbbd

SHA1
8d813493dd3007a51457e180d6c033c2ac3a1f7b

SHA256
401091d77da829e47a6b1571903f7aeb8952f262dd63333ae4010a37f33f093c

SHA512
bf59d09615fc69545d966771b14b957c48d38b4f9f0754a6c07dfb7f6ec5d464a9900b83f8bafee4aaf60ca923a43c853ebfa44eb0f8163f980b9ed850a396b5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads