ff01d2ec99303ce232b1926380e6854014863297784009a085e2a5e411164e52

Analysis

max time kernel
2808698s
max time network
150s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
24/12/2023, 08:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ff01d2ec99303ce232b1926380e6854014863297784009a085e2a5e411164e52.apk
Size

22.9MB
MD5

2df7464b42aa158a91bb4cad4cf33aaa
SHA1

38825117c283fd1390459f746ff32ed5c645e0e0
SHA256

ff01d2ec99303ce232b1926380e6854014863297784009a085e2a5e411164e52
SHA512

77cae1bedd887752ac73977266a4d9d3aeac3e38b4da6c865d1f10c18b1d2bf36ac36440fa595760aafc55e04dec254ffa99e649c8c0d7ee10a171bedb8b6a5a
SSDEEP

393216:6hs0MPpzVDFSsQbyouCs280YCxwfZ+cWZ7Vmt6cRQbEAlBrjCUaqlRjUxMNp811b:6uFVDiNs280gZXWZ7Vm8cYVlBaUTwueT

Score

6^/10

Malware Config

Signatures

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.aohe.icodestar.zandouji

com.aohe.icodestar.zandouji
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4618

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.aohe.icodestar.zandouji/databases/cc/cc.db

Filesize
36KB

MD5
86752a4be6564d8370f2f0e403995003

SHA1
29f7d50675f6e59f3b808eb6dcc8619384412115

SHA256
50484dcdc6b9c2801773018386a8143a52a5153eb2eeeaf5be8bbe46a49ca90c

SHA512
79c9435c1e0d41a3f97784be3e5a3cd8c0bd2d32ecdf326808bacb00c76d876d0447617d6e72ef04cd4b996c92eda4eb7bb200987ae7928ce2e0e7c8e807a5ec

Download Submit
/data/data/com.aohe.icodestar.zandouji/databases/cc/cc.db

Filesize
36KB

MD5
52aab6fbefd146b11cf232b5021f83d0

SHA1
d0dcf2f763f097be4f5eccc1e93fac6a8e7f8737

SHA256
aaf697bfa6b0bb1ed6f54be6407fb619e61ea7d39f7b3868690e348e9e56a332

SHA512
6cfe504b1232093515bd2f06e0f58744cd05f0195f52c0fa9594557b25ad90f7b33b2df6ada080c38a5635296d51453a86c90088c10f025285256a1b2c11b77d

Download Submit
/data/data/com.aohe.icodestar.zandouji/databases/cc/cc.db-journal

Filesize
512B

MD5
2118a46c5c7b339671b52349c7aee86e

SHA1
0d1d2e54878f237ad0679e8809155832ae34e02c

SHA256
1f543ccba01e39be65f5ba516d9dd9c8693766544a5d85a631d9e9f2e5303db0

SHA512
32a1729f88b2c8d8afcb339d881a2063e8efba862074be6240ad1d0477b7bdae2d68e0a8a06aa3389b8681f160c2995ddb43c638061ddcb4cb13bb03502b9b5e

Download Submit
/data/data/com.aohe.icodestar.zandouji/databases/cc/cc.db-journal

Filesize
8KB

MD5
5a5f1132465fe6e9f22f19dcec74b721

SHA1
469d69060f172b100b866b4117eb708900d88534

SHA256
bd9ea1542aad19456d8d2cf6ee4494eb61134f47027e00cffaf5a928287b5d9d

SHA512
029e3bf96fa866c9e5fd5e58fae522d3c1ab0e05fa887a34fe90f62ef8032f3e00dbc9d533f9d26cfb9f09e509c7b1abe2dbcc9e30663155945a076d706d8e36

Download Submit
/data/data/com.aohe.icodestar.zandouji/databases/cc/cc.db-journal

Filesize
8KB

MD5
00ceaf20bd1be8a73d29639007cd1d74

SHA1
f23753c0e213732c4042a77fc488e87a5c6babfc

SHA256
dbc378b70d0ff0b8aed0c5e64d41ee4c377de1db3bed880a0e2acafc9c64d72e

SHA512
378cc51b1e640320b469d286519a06293e28c128e13bc1a46ccb7faf4e714e9cc4e3324d934e62b9021dbf55a4d91e3ee988f87d837915ce56b61d90fe4eb9bf

Download Submit
/data/data/com.aohe.icodestar.zandouji/databases/cc/cc.db-journal

Filesize
8KB

MD5
5d7e392f3e032002f5adb41c145fce10

SHA1
42e6da27f66c0c39532828caea505ac9eadaf0d3

SHA256
cf6653702d61cceafef37e9e9d90c46bf35d3ea397db44ae4659fc3458e95c5c

SHA512
f7813eb734a3b2c4bf9d059afb954650aa2c484705787896e22d318817bda02ad7c3a36b6686e132ff093fd930f78fc466d4ddbcf6a288b7e93d03d1f13d1ad1

Download Submit
/data/data/com.aohe.icodestar.zandouji/databases/cc/cc.db-journal

Filesize
8KB

MD5
96252adec656ded3a56085bd13ce997e

SHA1
05dcf4056962d6b184f276ef76c95c2f19f932bd

SHA256
d45d3c7edfc63aa8095e936b272dd0300763d93375fe51b7744e38a9ce480f9c

SHA512
2a9a9bbad962fabff27e9b68de8c771bc9f2f6700474842b93cd6b3c7413884efb7941fcb4040c3a5ef62aa1e2cfd22d287f66e546c9644f754a0f406a1ed766

Download Submit
/data/data/com.aohe.icodestar.zandouji/databases/cc/cc.db-journal

Filesize
12KB

MD5
cfbdebe610a4d4f419bfe7b73414db58

SHA1
4f719a36887ba0c86b906bd2a8340e9610514dfc

SHA256
8e006afed6634658bd504aae11e18f624aa9b3f63808c43bd73012b9cc520a74

SHA512
462497f79ac134239b9e7ca2f98a9867ce3c5c7ec49fbdd43dac5b59c029ebbf59487cd7d7fc76e48e7a33a266f8ee921b7a2f89a54dc5577fe264a3566b603e

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/ThrowalbeLog.db

Filesize
20KB

MD5
61c6e06afed0ed244319a8b366ccac7f

SHA1
e22ae75378d506a7b13191e12b48341f5d518091

SHA256
2d8d6058ca911211fed5562ac88fc34a45718dbfd2e6b8aa26b52f121a48aa9d

SHA512
806f9ad0077c1f3b8a71eebc3a327eb7037717dc9c33b71219c54d7ccf955fa5c60fbab06dbfae8d022cf0acd0d8eb6bee231d74afcb926a923b9f32f39785fb

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/ThrowalbeLog.db-journal

Filesize
512B

MD5
ec87cea86f423ba2cf8e9304e3ec6a9a

SHA1
5f85a0de590d643e1785a56bb840ff1382c23a5d

SHA256
d1f6fdd26de42d6bc9a40fee37a453471bf8494548f40505af1f6769dcb95416

SHA512
c7653bb94a40fd5bf3ccf0dba1e489975663464665605372ee9af00e13ea61b28b23f5d2ba31ae4dfb0d2451c078044116b36e1efc9b83230d4989438d8070ac

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/ThrowalbeLog.db-journal

Filesize
8KB

MD5
b4a4ece2452ff1bc433ea1d1332b3274

SHA1
fd371a771a838f4006edaf2046f04e6807ba36d0

SHA256
a2032f31be523e1bffc014fedf9769460621617f114910d33e4cbfc287066e11

SHA512
38b5b1586a190ada46818c31e5bfa8ca7b6c09cfc0b70ad9ff6e4cf2dde31c84d656bb4595914b596a0a044ff849e902054e0f3befdb74982a837e1b79a4220a

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/ThrowalbeLog.db-journal

Filesize
8KB

MD5
99bc57230c06f6c22ada58d7cd8bbd50

SHA1
d3370b20e5793d39f6eec7abda6fcda08cec245d

SHA256
e23ee9bc220ca315dd13d776edc1299c2a2be87dc5846aff0dd1153154ab6a40

SHA512
b7bafa632f21317a91990f1fa45ff200507c57348dbd9bfdbdacb8b92cdcb38096ae22dd3e7bf23db579bde4053bd181511fa643872dc3cabdb7aecbe6f8a201

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/account_database.db-journal

Filesize
512B

MD5
3ac3304749145877be58fcb5a9307e12

SHA1
cb00a79f8a26e8cedbe10e1c354b30bed8a987ac

SHA256
850ca30697388c02c5d1e80cfa9a570fa649a6a4ec8440655fbf90cbde9677d5

SHA512
1025fe8b0af8b75aacf3c302faf4e1b5551a1dac8f9612ec3bb1322166bcd18e91d4366988f9f30fcedaf4a2dd9822dcef80c04f1adef5b7650bde237b7d8b5c

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/account_database.db-journal

Filesize
8KB

MD5
2a3ad651e5258bc44d287554bf5b3fa2

SHA1
9fd37d2f72dfef6225620301b8e7dada2e607663

SHA256
cce8b1150933daaca7f9bf99e8fbce9c3f13d7726ae700a57f7c44d9ce6b2e43

SHA512
c8e10ebf7e1143fcde0bf0e0717481bfa85f381c0a8a20c199940c586767947cbbc8fd59dfe6072d4239fd2a1d3dc8cf8ae2b00aad63cbecaecb9fb7417db539

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/account_database.db-journal

Filesize
8KB

MD5
b0d93c646d17b01c78a64478cf87c4bd

SHA1
d9c37f4a267c60b9a24b8dc658a5402c71c46155

SHA256
f24592e2c27fe749fbc71c2e12e3a4da447601c5075b1cf4d0ef070f7ef8a245

SHA512
e3613a6039a03499ab165c0dfbc4bbbea822ef65c37705aa40abeee7b2ff006e8870b58569e8216eea3de1e4eed266a078eed63284b8c83bfac585d27016c828

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/xUtils_http_cache.db

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/xUtils_http_cache.db-journal

Filesize
512B

MD5
907eb25e43c8e3eefd76548f89b89cf4

SHA1
23011182551cff86feceb735543221a9f8e8045e

SHA256
8c397447e5ca3390c0b4974c1b971c8a60e251c2104b67f2f23486cc4cdcf12e

SHA512
5dcbcccd2dad1459ce464f07a9a6683e75132ad91f595c65d7f358d2008abb4cc5637cd02585dcc7c1f7b41daddf5edc468a1c3515f3110ca3e9ea92d9a7e46e

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/xUtils_http_cache.db-journal

Filesize
8KB

MD5
456cf58744b549c69b249710b2d8f2f7

SHA1
2c1b76b0a8b69e87038dcf53d7355d29b7c7ec06

SHA256
f9c35cd180078a459c63369438127a66fcf981664ae825a02ca71c3048bf5129

SHA512
7bbc107153e11a06f4750c24eb9e7cd9eb0e992dc699a350a13976ca92f327973ea142c825d3e4ee2f7e2abea650862d12230ebca93565e25823258262e045ca

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/xUtils_http_cache.db-journal

Filesize
4KB

MD5
162237b13f217acddf5561afc4445bcd

SHA1
8575f23b0836a98b2502dfeac677985428a469ae

SHA256
98dedee0de3533b470aa5bd839d1edd9c387275256e28291ba3abd3e8e58fb47

SHA512
a809d22b392c9eee1114f0e7fbf51c97c7a8f182ad714e23daa4f6184a3a1a88e55155be9ae2c0c6703dd08cd1958829269dba08587bf6fca58ab45f1006d6e8

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/xUtils_http_cache.db-wal

Filesize
4KB

MD5
289101e6d4ad9cc2c1d151110c2a9e28

SHA1
9a15804f559a678f4169a17ef43d276a4470fd22

SHA256
c50238b1b921517ced8247bc37978e147e531cc9dede2ac92c973e482b1b42d8

SHA512
f2e1b9715b6710b724f5cc4d183fefc0afe6911705ccab0f4a40252fb45c331645a9bbb985461394dae82407a1359b76587e60d93f78fdd4c6fabad1d23d0561

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/xUtils_http_cookie.db

Filesize
4KB

MD5
b9e10ce4641ac1eb042b25c43bc3d8f3

SHA1
85c15efa83a28a083b900375dd8d8f90b307f22c

SHA256
fb2d2d7f4ccb2251604003206df006b69f41705f0b265ddec061ac6beb30dd95

SHA512
ae8944f77dc535d10cde4970cd9966500686c4aecd3411d9eaa5d8d5d548e36a9e6be7225f30fadcf0d2d893fe976966ead7ea391bd89e2bcbbc55feeffa7ccc

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/xUtils_http_cookie.db-journal

Filesize
4KB

MD5
4c4079020765c93936bf9c46712d3d14

SHA1
5a5301e984e8b05f75ac7dc8d7a9764637a1db5f

SHA256
b68c5cbe4be4629cbf2132c91266dc9b5132ba5f5c08d75f8c3fbd0d9ec534cd

SHA512
9d33e43df635bbcc0e5ca305e3e5b12aeed94b35fb5c96a515ff74f772d9232963fc6154017d7ef40d82fd59df8bb30a9bd617a58b3e1dcc1eed7f6934da6b1e

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/databases/xUtils_http_cookie.db-wal

Filesize
4KB

MD5
09a68438629506bc96877454e7141c23

SHA1
deea86bec8739252dec59921e0e99881cee28ffc

SHA256
820fc68ef12f44ad8d4a17b8eb5324f2c64b87771d4a284f2bde5155598bd061

SHA512
697b525565e1897bfbe0dd3fdb3703651a46abf3606f5b53a28de67cf5a6b511282d1ab349a140e67d79a8a70783ea2ba0ddbff6696546e38eb50fadc4604de2

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/files/.um/um_cache_1703615729369.env

Filesize
1KB

MD5
2703e8e3deaa2819043f020591dca2d4

SHA1
427c658c32d4fc52edeafa0c474c08ec3b01cec8

SHA256
7050ca42b14c379f0fd08bd31304cf1351daabcb77275ca3e9c87e89ef5ab957

SHA512
c4db8e8830e49838530c838c70e9922990be3ab5b2660d0f78c86aedc2ae4865531e06c5797c790db351aa0ecce6eb5396beb6c201ea5f571a33ab6a3d56da17

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
332c39c4ca24a351d2f75c1ec1d8b097

SHA1
758fafec0e8efcd15df1962fa605a2ed9e9dc5af

SHA256
d721d9cfe86a52abe7312bcb07ef7510fe46acf57eb68f51df98e82895123a2e

SHA512
b4daee8534feec3ce8bb997b23fce559b753aad258739ce9c48381efb0c131f8d1be105d0f547910bd9d13b2fb818e21a22c73da53629ff5d903cd63969e9d62

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/files/exid.dat

Filesize
60B

MD5
6e8c01187992c13cc3c08a29988ccd06

SHA1
0be41a5649e1ab6f56471cd1658d155fa03d588b

SHA256
4d335c2eb92f8be551516a50a94185a3a70a985d01db9cd6a82f5cc3851d0131

SHA512
18f53e273acba1e042c0844177392fbc2797f55ccc6aef306aa4e7a6e01102abe3fd49f28ed587ff4ce2fc5a53cf423067a9220eb91517fe9b245eac804d2f1e

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/files/mobclick_agent_cached_com.aohe.icodestar.zandouji19

Filesize
1KB

MD5
60b2d0cadf34a742e92a548dba9b1d79

SHA1
8596948c451e62fecac6bb1533caf0e0da58015d

SHA256
4a7a007d0fe3b443c1d621fba16cc21d6b66a3af5d9503c95cb88792e33c3e8f

SHA512
7c62101facd2dce1c476c45b21c7e61fb2530d6816eea67e1b2c928a0e8e38ef8a73501b7fb74b62aaed62793f5abc5acb3ebed66667769fbbda5fd29f2cdeca

Download Submit
/data/user/0/com.aohe.icodestar.zandouji/files/umeng_it.cache

Filesize
350B

MD5
9309f12647eacf2d209137545b859d99

SHA1
f804bac8eedb8afdc1d35c558c0259917467f8df

SHA256
f5c94e28b57aaaf06b51a7de632817916a9447c3c8596ccc01079010c3678e0b

SHA512
fcb5c5e5f617ab3923f439bd201b251519189e92a1ae021d5682e909372058203fc4e33d77baec6b8e99b512d774e077fe8d76f79861841bcd209c715b99fab9

Download Submit
/storage/emulated/0/Android/data/com.aohe.icodestar.zandouji/fanao#zdj/log/20231226/000.html

Filesize
10KB

MD5
ecc5b175cd4c5c5d27723c3c859cfe9f

SHA1
367ef9a05058df42af8a41e499b645728d800f5e

SHA256
5739974e5b1aba2de8ed294ef0e7fbd0fa058da2bcfe448adb4a797bba4a27cc

SHA512
4861b7aa91c9599542d4b7aced0b6eeb848118d7bec8580329a2407ed428dc693273cdd7f79f0ca9c32df36cee381eb6c2243c4c23576915baf59bf2e8b66d43

Download Submit
/storage/emulated/0/Android/data/com.aohe.icodestar.zandouji/fanao#zdj/log/20231226/000.html

Filesize
76B

MD5
1eb0c70e66b7792e1d9a7fc349add120

SHA1
71c076a5960afa4984fb184891fbc1fda357036b

SHA256
7c63b026b3f527d2a0144e334933373c614674f6e1a6e9f9a8d9d4cd861418eb

SHA512
1e5ef1e37e5d932142824163bd350c71b18fccfaceb5254e2037f817307213bdc97201d387bb5e5e19b01b294ec7a762d0df8b8d18ad90442bb3ac1d99a44d9b

Download Submit
/storage/emulated/0/Android/data/com.aohe.icodestar.zandouji/fanao#zdj/log/20231226/000.html

Filesize
906B

MD5
0346300063239bae44383f1c8a1a0061

SHA1
70eebe72ffd06bf8c10955daa9fccc61a7094150

SHA256
13e0aea19ad70d1691a744841b263929a5749a06e1789f82779da5e03cd88d82

SHA512
bb8b7d205a2aadb6577ba88ceed4a86ce91652c532547b085160b42c1df823c18154b7264622b203e7bb85358979db5eff615f1c060a474d88041196a4f019ae

Download Submit
/storage/emulated/0/Android/data/com.aohe.icodestar.zandouji/fanao#zdj/log/20231226/000.html

Filesize
125B

MD5
4bee956e3d3827731a41a21a62ee8372

SHA1
3be8b7a1fc7ef74991a0dd5119d98ecbce1712f7

SHA256
5428178dd3d712aa085824b95fcf05ce5d9282951f8b06579b19f229fc89ab7f

SHA512
408539212e39d860deb26b4b909281f9cab6c6899094c955cdd7abede67624f8998920d75f0af8fdcb767385a3805134c869d3b4e2dd8520f43ef701796e85e7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads