Overview

overview

6

Static

static

6

1c480d1617...23.apk

android-9-x86

6

1c480d1617...23.apk

android-13-x64

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Analysis

  • max time kernel
    2656558s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    25/12/2023, 00:17

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    1c480d16171544abc667db6722886a23.apk

  • Size

    6.9MB

  • MD5

    1c480d16171544abc667db6722886a23

  • SHA1

    9a6a8c17fe65f425f8e5392e3d99d88f4d24c87e

  • SHA256

    c9f822697faa7c730118eed8347ea8f090a5892d772aa14fefe089bc7a8430a5

  • SHA512

    5bc007affd9565833f40bd9bab664c9deaf3850402e42b13251abd2f67f708fcc0fcd52595b0daa86f94cc1877613a7e4b8f4ea14c8479ad1e72fca09582e582

  • SSDEEP

    98304:ZytC0e4HjCY+YFX87Nb08dCyvxGG3oXSgIm+jsYflyBcToxKwC0I5/bKl1MJwcRB:6A4HjC23FvG4+d8Bc555TKlrk

Score
6/10

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • cn.kuwo.bibi
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4242
    • cat /sys/class/net/wlan0/address
      2⤵
        PID:4272
      • cat /sys/class/net/wlan0/address
        2⤵
          PID:4292
        • cat /sys/class/net/wlan0/address
          2⤵
            PID:4311
          • cat /sys/class/net/wlan0/address
            2⤵
              PID:4330

          Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/data/cn.kuwo.bibi/databases/UmengLocalNotificationStore.db
                  Filesize

                  4KB

                  MD5

                  f2b4b0190b9f384ca885f0c8c9b14700

                  SHA1

                  934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                  SHA256

                  0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                  SHA512

                  ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                  Download Submit

                • /data/data/cn.kuwo.bibi/databases/UmengLocalNotificationStore.db-journal
                  Filesize

                  512B

                  MD5

                  27835c1bdf9d09c14e1b02531d3c5e40

                  SHA1

                  5b3e9f7db6cd391d3326331c92494f0f76a3e62e

                  SHA256

                  05617d6364ee21e1f0fabde79fd0b43481af42fbb608459aab07e979f0af9bbd

                  SHA512

                  aecc0fee8a9383d2f1059c3631b410a0dfda7f688ff44bf501ee28c8aa0d1ae54c7a5fb3bea96cc9789808bd6efb571c7f666712f2b10441b0f7a665030ae38d

                  Download Submit

                • /data/data/cn.kuwo.bibi/databases/UmengLocalNotificationStore.db-shm
                  Filesize

                  28KB

                  MD5

                  cf845a781c107ec1346e849c9dd1b7e8

                  SHA1

                  b44ccc7f7d519352422e59ee8b0bdbac881768a7

                  SHA256

                  18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

                  SHA512

                  4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

                  Download Submit

                • /data/data/cn.kuwo.bibi/databases/UmengLocalNotificationStore.db-wal
                  Filesize

                  40KB

                  MD5

                  b7eb40c8146652e49cafca2d63c6461f

                  SHA1

                  515567ebd5032292077f82c94f75fd3011f6e2dc

                  SHA256

                  ea0da905e295417190977ba1853781f0ae113ade32840fe7bd69877411d1a443

                  SHA512

                  4446bbed4ccc7eaa8cf88680db1f61b8eab4bd11e8cda8f4a1174bc92a92b887af907357eb072c4c22cc6a9a46bc158b493d20a75948b388c6ab80a0c003be6b

                  Download Submit

                • /data/data/cn.kuwo.bibi/databases/kw_bibi.db-journal
                  Filesize

                  512B

                  MD5

                  5f7d658f01458deab6c821a203dc669b

                  SHA1

                  9adfe2d93775809587bf606dcb90d378f9442bb7

                  SHA256

                  846b23d8e66a83eadbdad42163a42e909498ed6573843839d1da0b24fea318d9

                  SHA512

                  27c5631548f1eb6db2a23ec0481fbf1d9c6d5dde128ca61991170b1c399eb6d230bfd941c75bdaf36c56686a6afdc39d0d9eb63d5bcb4be1e68ced678bb8110d

                  Download Submit

                • /data/data/cn.kuwo.bibi/databases/kw_bibi.db-wal
                  Filesize

                  16KB

                  MD5

                  38bc71cf53202accfed8241a9d967233

                  SHA1

                  770b025734af750a567abcce3d1a4ce6611a749d

                  SHA256

                  159ee82494ac1710287d45a38f2f12792b529c1d7e3b144e0fd1bea8f9524ae9

                  SHA512

                  c61b2dedddc70d7feecfe1038522470934b2d1767d62149d2d618972bdd5243731e03dfff6ee7705ce03f99a52fc27a8521d8360b575c3489807d95555921606

                  Download Submit

                • /data/data/cn.kuwo.bibi/files/.um/um_cache_1703463535396.env
                  Filesize

                  621B

                  MD5

                  a469705915d54a94673bee46a14d045d

                  SHA1

                  2f8e2fd63d5b46cbcdc90d13ce683e22fecb62a8

                  SHA256

                  4616a8e618050e3bd51f68b48b0f97b4a326a02f0189daf500cff181caa22f2e

                  SHA512

                  41896d1eaeb13ecc3d0e68dda2288eb6b66bd0f7e4f074328895394dabca416cbdc52dd930cf3ee54a4c35b7f592d32db63e9a5370e9456f9ce5d0bc7ba9f3cc

                  Download Submit

                • /data/data/cn.kuwo.bibi/files/umeng_it.cache
                  Filesize

                  393B

                  MD5

                  a1170fb801228bba75ce0dabc770890e

                  SHA1

                  6458d193a325133fcf94aa61c94ec02258f3cafe

                  SHA256

                  23c9a3ee19e4fbe5d24c6e082ef290dc2a995dd291725639bc0eb374f9f0a126

                  SHA512

                  efe079f9ccbf226e65efd05af7ac1ba365c061aee9780ef58b053dc3d4c65bae3dad3f84dff43071fc77249311bb1831acd634ee83d0b0965206ad2bd5e4a8b4

                  Download Submit

                • /storage/emulated/0/.DataStorage/ContextData.xml
                  Filesize

                  111B

                  MD5

                  80267691fa20b3625aba1004b5bfbb6d

                  SHA1

                  ce53414c01ed721a4895a762af943d697e06a180

                  SHA256

                  6f18e3955d55c4d30a84273fb64f46b6f1622f896c39b4b8917245cf66e7604b

                  SHA512

                  f6392f4ecd889dd5959f8ea05623195c963b513fef68dcd1d51fa4970591061e6c63b7d488f749fc1adc41ca67e71f592c3ccf8d5449d56a3159dad50fdf3f54

                  Download Submit

                • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
                  Filesize

                  65B

                  MD5

                  9781ca003f10f8d0c9c1945b63fdca7f

                  SHA1

                  4156cf5dc8d71dbab734d25e5e1598b37a5456f4

                  SHA256

                  3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

                  SHA512

                  25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

                  Download Submit

                • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
                  Filesize

                  111B

                  MD5

                  2c40d9f7063d8d6117dd5a8df2e422f2

                  SHA1

                  4f6cc497a54f7e952a964412531be6eb19cde704

                  SHA256

                  13aaef35be937a326bd634c0b1d1aac20673e4b5f29d5b9ef439b26bec56cba8

                  SHA512

                  18c20a17140bd642da593fc133247d14ddcf40f394af078e548e4e93d9c337dfcf79197de4b87b5df0fdfb2ff8fcf49d829a54a06403b6cd5f3821319844ccbd

                  Download Submit

                • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
                  Filesize

                  381B

                  MD5

                  609b17bbe3eaeff62abb8bb3c1eb35fd

                  SHA1

                  81f17301de77e1a0e1fa0233bc200de325702c22

                  SHA256

                  7a8324b81651be112e4f5e501dd2f7c3a39bdbd32d84ff11603bc6e5450c26c9

                  SHA512

                  28498dd35e24e56adbbd4739fad929549a4802550632c570371b61a70cd4a0b2f6aa5f9e8dc3e6599d5acf3fa4eaff3bd90b13b4d83734f6f3b223c2dfce8ed6

                  Download Submit