Overview

overview

8

Static

static

6

2813cb0136...d1.apk

android-9-x86

8

BaiduNaviS....1.apk

android-9-x86

BaiduNaviS....1.apk

android-10-x64

BaiduNaviS....1.apk

android-11-x64

BaiduNaviS....1.apk

android-9-x86

BaiduNaviS....1.apk

android-10-x64

BaiduNaviS....1.apk

android-11-x64

UPPayPluginEx.apk

android-9-x86

1

UPPayPluginEx.apk

android-11-x64

1

Analysis

  • max time kernel
    3046382s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    25/12/2023, 15:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2813cb01368bc3b1d6a4bf85fdb985d1.apk

  • Size

    17.0MB

  • MD5

    2813cb01368bc3b1d6a4bf85fdb985d1

  • SHA1

    4ce7eb4b1850b37ff26a9f47750ea3e15e074f1e

  • SHA256

    acb90506cc26f8380570b175ddc1c49412bd72db683348890f61260a0ce7a510

  • SHA512

    2617603fee978246a9daa56a5245b952f14227fe6a2686156184d36bba599abbb911f0e0ac8fc641082c5db3718932da1df53b57885cea78c7b1abf9d573c9a8

  • SSDEEP

    393216:sp2/2q9dAnOTKITCkhJY/8FYr3xWHic/Lk6pUGyIY5:sU+Il7TVw86r3u3LXC

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.soyea.zhidou.rental.mobile
    1⤵
    • Requests cell location
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4217

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.soyea.zhidou.rental.mobile/databases/cc/cc.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.soyea.zhidou.rental.mobile/databases/cc/cc.db-journal
    Filesize

    512B

    MD5

    90971d254704afc07429c72e472ba91a

    SHA1

    993f08155b56d52f37224703a0742e6999915117

    SHA256

    ec04d641cd93af2afc55e795226531f8b3009274ef37722b9a11e9a2ef94cdbb

    SHA512

    f33b60f7df0b5974b53949975981551fccfd0d465013f98664d20102a310d31708fbf276da7737ac7bbfa06e03d13ba07dc9b962eb5b606a5861b7ad647e3dd7

    Download Submit

  • /data/data/com.soyea.zhidou.rental.mobile/databases/cc/cc.db-wal
    Filesize

    4KB

    MD5

    2908161b604ae630c5917b0366b87eb6

    SHA1

    d6fd97b77f05ea143a71b3bca9da23bd47f92af7

    SHA256

    11fe9d41da921157f099b2868781d79ec34a47a21788f9400cd22ebfaf13ba7b

    SHA512

    433fa3bbd3a4fe59f907ffcf4f23dadc9cf9fd8a6f4a0831af2082d1066d39ac4b28d8567ea22943cb8584164f3809c712862858e7f2b1bb01ac3637c3490e47

    Download Submit

  • /data/data/com.soyea.zhidou.rental.mobile/files/.um/um_cache_1703853371367.env
    Filesize

    1KB

    MD5

    f103f122433b8caa753375ff1e36da97

    SHA1

    8970a6608e193d9e6e2c8b9eddbad9386c2a26ec

    SHA256

    ef50ad4c663fa60fff2ba666ca5c37b37943b5a69ea2d17b955448362e66f3dc

    SHA512

    5f7e7ebb2c74c85275d1aeed7ce6afe83983a4ac2c0dd28fc90caf51cdd5ab6d54ed3150fd5ac6b73dfac63d602222e8596e55b32e0b09380088ec47de6bfe44

    Download Submit

  • /data/data/com.soyea.zhidou.rental.mobile/files/.umeng/exchangeIdentity.json
    Filesize

    162B

    MD5

    71e7bf95211536fc37d8ce1d7facca43

    SHA1

    12e9de658b2850e59253f01f90584b83148b4bdf

    SHA256

    8e7ec9ded8fbd903893fc448c581884d69fd479ee31c9a20959db0e4048215d8

    SHA512

    12599514c16fcd31f648e3722c2ff1ed47b4c84331d90f7400926feeb719800bf8a6abd8fbd1dc296a7b36d96dc46b36b12b9141cc9c25cea745671b00f67432

    Download Submit

  • /data/data/com.soyea.zhidou.rental.mobile/files/evnlxd0
    Filesize

    79B

    MD5

    9b0b42fc762c0f6933fc30ac67c892a9

    SHA1

    5c95f2440c621d1b5f21ea7a66a5514156b5989e

    SHA256

    48339b1a6d3246fd683c3977d2f9563943c74dcd8abc1d088962a39c03166aae

    SHA512

    255a4e662e3d7e74856a8edfd2b98d9a407b794bd59b2b66b941473d7c48cd12a9b878b199d2aa5d34f573e5273ba5d7aaa27521fe0e0a472b45c017c2894d26

    Download Submit

  • /data/data/com.soyea.zhidou.rental.mobile/files/libcuid.so
    Filesize

    129B

    MD5

    e5d59c586ebe8e80051b23124ca82be0

    SHA1

    096312930655b8181a8b91f169bc6cc92382a796

    SHA256

    8acdf1dd6aaa3803a2ce0ffa6452deaa943e2e4b2e9892c813fb8e1155cce0eb

    SHA512

    2c3fb400e1b40253783e13b2c6f97d01d3e16806d6b9ba5ba6e8293b6043a9ae79c156ade27df453d5f26eb28a228fc8e44319fb9b0d4bb2fe7c689cc1d01940

    Download Submit

  • /data/data/com.soyea.zhidou.rental.mobile/files/mobclick_agent_cached_com.soyea.zhidou.rental.mobile120
    Filesize

    2KB

    MD5

    f59b47b9080227fd7cf43c03ff3805a6

    SHA1

    fef8540129ad38e4ec30968d74503f868ad48010

    SHA256

    25f4171ea0acc157b64b20bf14af431d4cff25c7d8896247ff4d95d775391412

    SHA512

    57cd0ac811ef0fcd0d1e99f8ead32254137811b2af99e3a0daf9332f8e59fcd868ffe8d9e5116bcdd3198933a68bba226c5828f6a52b5691563a827d03d3bcf8

    Download Submit

  • /data/data/com.soyea.zhidou.rental.mobile/files/umeng_it.cache
    Filesize

    498B

    MD5

    e1ef00853c67f4ecdebee760777befd5

    SHA1

    69c632fac5157c6ef142d4f0c89a4d9f0c9cfa2d

    SHA256

    295265e5da36b086c86cc6c71cebcb3af5b2470253d37053d05983687055b973

    SHA512

    37ccd687a75ea63b10f691168d01e2c97bce1e71690b5fa3b2c40ab4dc39cd56f2c7a4dfb7290b894e1e32be831d52ca0908ff867afa56419434882d7af63581

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    111B

    MD5

    d2cac63a8500c5c5b93cb796d17e0847

    SHA1

    2036e815085c23c499f39c19ae33dae35e2e9600

    SHA256

    e9acb3b0726ab385b872e98a0a938860935f6afa8aad55d44727916928b2d8c4

    SHA512

    0917fa05f08a63efdac3a8d3761e9d7c7a1d022e61d215e2730b8f63dff68731c379461f9dea70af8a7ce71c1d399928b26ee84509008ab0e31f815121bf9ee1

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    111B

    MD5

    9b17355167d7cdf830979d1d9e4c4f1c

    SHA1

    827b642824e1e1d76f1b0654e2a9d1d8da21721c

    SHA256

    9e77efa57d3b23053bd548c75c829490e6ee75289cbf5c20a2cec3eaf75a054e

    SHA512

    9396987099763eb8ceceb82ec79e0f8ce17e2fa3963d4d0b6396087b6c1f3cfcd05340387a3f2d4180a4ac9d17b490e6f8bc79ec66a12593cc69cc3004349215

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    222B

    MD5

    c193cb94f071f649345994b18413bccc

    SHA1

    71ad826c28d41a7ca23bccab081f4246fa431041

    SHA256

    635ba9ce2daf1efc69d42453a28148a0905e1c7267077e515551220abfbb451b

    SHA512

    a166af86f9c221ad7db4bae34e485fb22cfbf768b7ec639e04ab3346d1f97d95753f9cc4e3f89884458cf0c49b679ad6bcc98681aa30ff4f79c1c3ee6e975b61

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit