f46529656b4c7a4855bd6a4076868edceff4778b4d43010b6881f46fa9f9d4e4

Analysis

max time kernel
2804518s
max time network
155s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
24/12/2023, 07:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f46529656b4c7a4855bd6a4076868edceff4778b4d43010b6881f46fa9f9d4e4.apk
Size

10.3MB
MD5

62762b45168e03630f04e0351a7a24de
SHA1

bc6b674f6e5aa706147994a1573916cae67df698
SHA256

f46529656b4c7a4855bd6a4076868edceff4778b4d43010b6881f46fa9f9d4e4
SHA512

367bb8093df7acce68e7ad08a472d110d89bede5d39934fb64a3d7f8675277858f2ab2caa7d9f8dfa104467b04f60709911ff36e673cbcf244d7c393c55ea6ab
SSDEEP

196608:Cv/t4QuxzHmBk7KcHkdNXDAVjY/sHR8dpGbgd4a5VrU/l/:Cv/tjaI5mTHR8fGbgdHzrU/h

Score

8^/10

banker evasion

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.xinplus.app

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.xinplus.app

com.xinplus.app
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4915

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.xinplus.app/databases/MessageStore.db

Filesize
36KB

MD5
15669eb47bb19111cb64fa7508b227d7

SHA1
c7585424afeb0fc7051697b771eb3d81e0e3aae3

SHA256
ecb0e8c93a782292a1dfe20a90e204d1c1c804e2773f1831c9ca34826aa62071

SHA512
13c2cb45912090ba0b670b36050eab5954e22d57b79e141d2236035dc1ea2000960d93ebc544fc4dee48765335a3d52baeb5d31c8a40407224c624fffebbc11b

Download Submit
/data/data/com.xinplus.app/databases/MessageStore.db-journal

Filesize
512B

MD5
1d263d30bedebd7cd57f48ea8b5ad711

SHA1
ef16f6a38efc0c40b2e93367808bbc8361c16200

SHA256
fce1fd4d2cb50fc46ebf4d55348417d00578c89bd02e1829e88e7da42467a593

SHA512
df637613854ade4c63f5c78be2e274f7336d0443bc38aabccaf4e3744a04eed134b114949eff8a93976fc77697da65bdf46e9f201966b09ca4665c3e101d3790

Download Submit
/data/data/com.xinplus.app/databases/MessageStore.db-journal

Filesize
8KB

MD5
bad0ccf6f4b76c1b46554956b3a7c6dc

SHA1
2d7cef6883fc8e58c1aa9ded6efcecce21a65efc

SHA256
e8af310eee9c0a9fcabe9a813a202523da8b28fb65a7e203843864fe498a5bcb

SHA512
ee43bc45bb43c58b24739da00aff24c2f36d86195ea29f084161c938f6b31639832fe80999461f41f9f222acde030c984226f1435ab4f476f29e655383f33699

Download Submit
/data/data/com.xinplus.app/databases/MessageStore.db-journal

Filesize
8KB

MD5
868187ad19de29b2140c8e76aadffb4c

SHA1
c5b6d387ac2d5b2ad0acd802a13852881b23b25f

SHA256
22d475cdd03598bda5d87c0f58bbe7eff9b57f1819b14bf6a2916b390ac3d868

SHA512
af3e7f470d4cc108e9c3dda16243c8dc5fe6bc2a6fabebfb34e74e95b2b599725fe45fcc101e8373fd5779b17cb7755b904fdf1e281cb679b62cb498bd02ebb2

Download Submit
/data/data/com.xinplus.app/databases/MsgLogStore.db

Filesize
56KB

MD5
0319f1e3b231fc5e73b0faf370108c9e

SHA1
73741a5cab5a0626dfd097b26c3889a79c2fc685

SHA256
c84271af121e4a92faaa2844c13969392ba1a0a0bbb49be2af0ae6953286afdb

SHA512
6293d8990be0dcf10621109e76b5a6868b057f08387affcc8144e1dd7da082d1b734323416bd0fb04a4be49caa4941ccaf89c7fc9deadfbe9e1d46f0ca2a2cd2

Download Submit
/data/data/com.xinplus.app/databases/MsgLogStore.db-journal

Filesize
512B

MD5
e77796c6a985b79f1df1da12ecde2a2b

SHA1
969f09ff4ca5b77d27d6249f4f9eb69021197876

SHA256
b6d2650645e26f49eec2b1fe49317d7c39c2139962e1c8337f9badaa779e571a

SHA512
90eff82b332f86feaecaa00382f7c2661cac4e6136fe493c821f051b0a1d51c46a68a47ee5c91db14896700a9349606b67485adf5f331b51566c7f8650d8c3b7

Download Submit
/data/data/com.xinplus.app/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
1700d303ba1ea855e0505551681ab21c

SHA1
0095a9fed45d26e0cbaf57bb8a577d7f50e83c18

SHA256
cf32c5555905fca63604038ff43e1147da6ae241834f25c81135aed93a94ce37

SHA512
6c288f1db8d761f2774b29c4ed94ba12eecdc2e35fd1b088919b81044d80054eb4cfc5765bc795ed96d48ae08d360217345f157be72be028a70dd16d59d78fbd

Download Submit
/data/data/com.xinplus.app/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
51ffe4edcb11631a28eb207f4dd7d852

SHA1
cb02e005cab73c0e419f360203f459c40aed3916

SHA256
d0353c880b213e6c8167b1c559bf9c92a1a48e1d5ea31b9851e9cdabd8700edf

SHA512
fefbffcc87927c8129318add2dcb2b6f1037ea43404e86eff008baa3b3eee9bc04ffaabd9f0f860f5696d70ae4e968a44f91ae5f35f77e094bdace78d4bf63f5

Download Submit
/data/data/com.xinplus.app/files/TDtcagent.db

Filesize
32KB

MD5
bf4f8725e91aed40f9ea495863d4a6c2

SHA1
97563da055f85cba7e0cd85144e260b61c457857

SHA256
4f4452dcaa1d08fa13fcbca3cca832a871021c87ab9151b591d818a91bfb314c

SHA512
6ae627605ae0457982338a7aa07a2f9abd99d3d2939b006274af53ee165c21fc9df9d541c74b454c1431d56db863cd590e7915f0b000b493b8fe0775846b6c1d

Download Submit
/data/data/com.xinplus.app/files/TDtcagent.db-journal

Filesize
512B

MD5
0cbf902d501864a7cedb5735164281d0

SHA1
5d3d234a0bee0d560603c338289c263599a8c512

SHA256
20cbc1087db54171546bcf8977c293d9abcdc14ddc674c8521a7b54161374a40

SHA512
9743a5f5db76decd31c15402845cb17dcf04f8e2312e81d2a766a7af793b2da02d0f1c72207094b8a084a73bf5241a1825665c2763fec20caa1b136c0274af17

Download Submit
/data/data/com.xinplus.app/files/TDtcagent.db-journal

Filesize
8KB

MD5
9bdc4ba57c8cf11b02109ae2f29c14df

SHA1
8d183ac6c316fa43b3e52716d1e127b2d4e207e3

SHA256
0977db00d85aff20f909601b850c1dc4819e9729369f141dfd22d0b51c99bdf2

SHA512
b30994a183581267023990b039e34ead4f1b59c12b914e9230045728e8046bb160c3ea1dde57bd48b57e339b9c4f47ab66b112f384d8a80cb5c62f5c24e49c58

Download Submit
/data/data/com.xinplus.app/files/TDtcagent.db-journal

Filesize
4KB

MD5
a7f956ace00b60e80558c5ae1b99aabd

SHA1
4c0893643fe38dc44be5040f6c957946cfdd36a5

SHA256
0dbdddf7b78cd6c24e657779fd5ac892a393ff2711609734af1f4a449662d4c0

SHA512
a00d331653e2f24e53d84b118b8bf85ed83cbb8cc211961641e0cab593db998cb7ee535e8faabcd6df9719da0aaff508bc7cf652c1cb538dd8ea5f1ca024fe0e

Download Submit
/data/data/com.xinplus.app/files/TDtcagent.db-journal

Filesize
8KB

MD5
68275074db2ccbf15f0749456a2c9eff

SHA1
b90b2602163d4c40af73873294c6231ec4a090ed

SHA256
607f2c5d3220d9504bf7dd7a607b95855f7a939463e2c4e9a1dc32069459b9bc

SHA512
0012617ae7acb430096d49ca44ecd17222b26209d9d056e3d29f63752a5933ec472cbc9088472f95a181b457262cb225f2c7179b85dee2af23f6fcd160595ce9

Download Submit
/data/data/com.xinplus.app/files/TDtcagent.db-journal

Filesize
8KB

MD5
d09f915ab133d85554bcea5331cce1ea

SHA1
7fbff9d66c31d666863d66658c0c5f479360173f

SHA256
c659a65210ef2d00dc4826ceaef59f1a30052e73223ee5cdcdd3591f081bafce

SHA512
8d2a639f9ff93561fdb88db1128c02a6b4061a9c7b453fcea0249a523e3ed90c77ae35e9f1b424734dedca7bfda22f96f3c3b42c94fcd195240a2c958a2b7d55

Download Submit
/data/data/com.xinplus.app/files/TDtcagent.db-journal

Filesize
12KB

MD5
9009957b77e308285a7b923f12dee73b

SHA1
7cb580d6cc7fb302773faca9ef17de5e769ed2c2

SHA256
59207c4ab76c7d90ae84e3a577779ac186bd3df96bf1c41f745108f4e807e4c3

SHA512
dae2d14e94848d796d8d8310e27f75f12288828e735aa7346db9efbcae08f6e7ed8ed29267bb73f836e82250853aed341a0b48abc027b50697f7956c8709a8ba

Download Submit
/storage/emulated/0/Android/data/com.xinplus.app/cache/uil-images/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit