f34fad9a1967983d7b5a461bcd757439f16a0701a9e98a47fcaa8764057af3bb

Analysis

max time kernel
2803421s
max time network
156s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
24-12-2023 07:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f34fad9a1967983d7b5a461bcd757439f16a0701a9e98a47fcaa8764057af3bb.apk
Size

11.0MB
MD5

60165fb112f9a7034ca709179e9c48dc
SHA1

0ded76e27cb65362a79b3abc03cded697c0f7529
SHA256

f34fad9a1967983d7b5a461bcd757439f16a0701a9e98a47fcaa8764057af3bb
SHA512

8f94b2d28f44098b340980ca99a2197004683c38de7c4f0252f20545d3595850c278f04761330553fe1a91a09cc49293398bb83ed270762eef184978512283bc
SSDEEP

196608:KwhyAW9uZzqaQqNrI6KHEEgDtpH84PQ9A2hFqJsNw5TI51QbN+bsYozMG/NfdwHB:5hy7uZmyZIEEg5pUACqsNw5Tq1Qb0m18

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.jkjljkjgjhjgjijljg.fx.mhzx

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.jkjljkjgjhjgjijljg.fx.mhzx/files/AdDex.3.0.1.dex	4909	com.jkjljkjgjhjgjijljg.fx.mhzx
/data/user/0/com.jkjljkjgjhjgjijljg.fx.mhzx/files/AdDex.3.0.1.dex	4909	com.jkjljkjgjhjgjijljg.fx.mhzx

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.jkjljkjgjhjgjijljg.fx.mhzx

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.jkjljkjgjhjgjijljg.fx.mhzx

com.jkjljkjgjhjgjijljg.fx.mhzx
1⤵
- Requests cell location
- Loads dropped Dex/Jar
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4909

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.jkjljkjgjhjgjijljg.fx.mhzx/app_model/TinyCnnModel

Filesize
548KB

MD5
7ba12267896a0787956b0e27322f0755

SHA1
edf0feb3b81431fbefcec181d61499b0d2e3e9b2

SHA256
a82d037ef2995879300cbe1a7660f4672436784658f5fd07c5548be7e64aece2

SHA512
7c5e03eeb627d9458d9a73c3dcffe26424f5d8946fe86525aa1fbd8892a07b454f04f0db94b6581d1b25ca21535302176f48ce1d92e20b76bb7c050d15c760cc

Download Submit
/data/data/com.jkjljkjgjhjgjijljg.fx.mhzx/files/AdDex.3.0.1.dex

Filesize
126KB

MD5
ad439583e491cb316acdea50d1c0e23e

SHA1
3018a3ea61e7b251621c0358c0a271bbbf3b540b

SHA256
eb782480b6a8f247045b40b0bc6b7d21ba499834da0c0d2081173b843b8f7a81

SHA512
24de38d3221ccb6a124992d91c6cae4d0ed1e69b15f760b7bb25ad95c4670913dc1ed983957721aa52f5fb4ff9b33368146b447f9ccb1ec1556d8c34b3dbd3b0

Download Submit
/data/data/com.jkjljkjgjhjgjijljg.fx.mhzx/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNjEwMzc5OTM4

Filesize
1KB

MD5
915d0776ed0c9124d2e1853bf69e03d0

SHA1
bca06f594aa809e87b77cba81df01a7b24fc8b9c

SHA256
3a0f4c2f6b1f50ff9ebdcfd7217537c66cc5254c3fba317c8ee67583d00a8be5

SHA512
1a155fee84762746bcadd90665f443d1d4bb2d6728b868d48491ab20c27fcb459e3e60c55e60789ce0c6983e1b5774dda65f67132e68dc95fae821bcffe8b8a5

Download Submit
/data/data/com.jkjljkjgjhjgjijljg.fx.mhzx/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNjEwNDEwMTUy

Filesize
1KB

MD5
acc7db75b97f5e5508d4f29a0f515ec7

SHA1
92315d1336562f225f051c894664cda5bd0ceedc

SHA256
96ffedd6ae4fc1a2702766b93988e57d3c3871779a74ab6df8cf264b2a54209e

SHA512
e888b4ca7ac5ef08092815a5191ab385003c8afcc3e7c306f9a98c6ced6807d3e82297bc8aebb78550d7b2a9984a08e4d52f61e201d3ff0b954fc7f395627276

Download Submit
/data/data/com.jkjljkjgjhjgjijljg.fx.mhzx/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNjEwNDQwMzM3

Filesize
1KB

MD5
4b2c25a4cbe243b8aa1b779e89d3597f

SHA1
4d3f56f434aa89d105b748e6cb273c7a32d8606e

SHA256
f453efa9ce49fc1c8ed69802fd0322e0a5660918caafdfef1443253e24b28f3b

SHA512
af3925fc5a49385c75b3b10545e164855a547134180d1fddfca2508a61888d5a2c9129f04a2da39a7318ad91c3602ec0a1385dd0b50a123a23ca52c772798101

Download Submit
/data/data/com.jkjljkjgjhjgjijljg.fx.mhzx/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNjEwNDcwNjEz

Filesize
1KB

MD5
e96885139fd06bc1bddb2bc44949f588

SHA1
f161d30ad5c1861b4fda7dc4842e6f6db8262f8b

SHA256
8e0b4293ef7379e603bb19061e52cfb354cab05522c89d0681c8340f946884cb

SHA512
c165146d0636f21bbcb252f2170737ee80f6c69bf9d67096cd37c0207c7d0be4bd88d7a4daf5cb0230e566473df8af9f8886df8b6a6cf8e9d90b1241f5ca3144

Download Submit
/data/user/0/com.jkjljkjgjhjgjijljg.fx.mhzx/files/AdDex.3.0.1.dex

Filesize
152KB

MD5
2e4955e53555341dbda9c6fc0edce515

SHA1
ed84d44471ed72bdacddeb11573589a33ab4d132

SHA256
1b5da8a48052894d5810326084b0006b53e8ccaa4efb0be3388d178c375d261a

SHA512
1b4f53db35fbce25678773e26fa932965314d153fb791c19a1fcbf4a6bb21532cd3503261e1b2ea82a56816e31e6f77d0a475ab51291ecaee846ffae79b850c7

Download Submit