a3a184ddfbea5ec2081610e573c108e0fbd3ff4233f1d9b7ca43537cdf7e8fa3

Analysis

max time kernel
3692614s
max time network
159s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
26/12/2023, 05:52

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

581283ea04ef718f98807cfbf1ffd98d.apk
Size

11.5MB
MD5

581283ea04ef718f98807cfbf1ffd98d
SHA1

9009a876d2e90e6d86f7f48b337de0702f211acd
SHA256

a3a184ddfbea5ec2081610e573c108e0fbd3ff4233f1d9b7ca43537cdf7e8fa3
SHA512

61740c7874abc136aa6efc09ecd4308cbc2fb9bf9569a1ec334a4729017973b5904d88dda55c7b9e35076648e8f21f8e98f5d46f45cd94684a09340955e78a65
SSDEEP

196608:EvHaQY6TRhH9+N+GCPR/a93FzyA5BJww6NrTaM20e8cVeWF3Nq8M3/m5SXH:uHa7WjU+tJ/8v5gVNfPKei3xM3/3

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.dtston.dtjingshuiqiherkang

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.dtston.dtjingshuiqiherkang
Framework API call	javax.crypto.Cipher.doFinal	com.dtston.dtjingshuiqiherkang:pushcore

com.dtston.dtjingshuiqiherkang
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4188
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4275
- /system/bin/sh -c getprop
  2⤵
  PID:4318
- getprop
  2⤵
  PID:4318
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4392
- /system/bin/sh -c type su
  2⤵
  PID:4413
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4544
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4563
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4583

com.dtston.dtjingshuiqiherkang:pushcore
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4259

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.dtston.dtjingshuiqiherkang/app_crashrecord/1004

Filesize
80KB

MD5
9d1d326d343334853fdb28f83f6759ea

SHA1
b31d97662e8937d258438fc3a85b0d2ae1f1e07d

SHA256
e731d2c4b9b5bdbb075b900f037d1f9b1678d7af59aaa0058fd6e5a94d5c0cd6

SHA512
40c0073e6745a61cbb32605acc32d6b62c767789c13045cbc865ec43eee435ae3fde458f0acc3fab72285c1e28f3a5531c0b457dd2068302b5ce3764d850bf9d

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/app_crashrecord/1004

Filesize
28KB

MD5
b354a3798d70ae0a36c4359aac6a5a58

SHA1
591bf4d73a4ea2ede29f25db14d53f0a63b0323d

SHA256
9e3ca451e62c6db03da38f24710d89f83aaa89b5278cecaee6931edb367c249f

SHA512
96a1831defe9bf18c8a1b5b22e7c102da6f63c2e42b30ddc9a428fde7a986d877f0fa848ba8d860946007557146c7d94a87ca9e967dde46e53574b56318eea96

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/app_crashrecord/1004

Filesize
239B

MD5
6c9b1b7d8ff2533405cb49883078e84b

SHA1
fc457ed2d9f96261b9eca08344fbcc4ab97d80db

SHA256
b5cff72035a5de4bcfad6448d8b6512934d3441a794511e13e191c4c1ace01c1

SHA512
65a5fe66a3a295452822b6b6989d40ea557e5a4c9938117df9e3a777d365fc3f7dc0ac220e11a3fbfa48d41f285194398aefccfa117cd86c08844e3e4c6baa07

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/app_crashrecord/1004

Filesize
239B

MD5
50f658a079baaaa6d2daa36d7289439d

SHA1
369beefe9e098dd2e31f995141d073583f8aea40

SHA256
dd57602e0e5b517f6a16656c678efe63b0e7eef63577722ecd7e578221e7ee77

SHA512
23e99d4730f777e55b43a6622ca77e97fb04b78e01d992a59002130abf6861af8e079f481fab05b8a006798157a55a83083c0f1503995e1c59053b4c3f82c072

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/databases/ThrowalbeLog.db-journal

Filesize
512B

MD5
eabd80d9a13eaab4f939f27fbed25235

SHA1
d7aa9758611952b81ce1f98f8833de8752ed1016

SHA256
f10ccdbb39a97a05b2b3cc002d9f678db6ca58e780553226aeb979a66f5d5687

SHA512
8e8ac2782e63a6a3c3298e3687db6a038476d3b43c4f747b12dcec36da9c6e4e25ce8fb8985caa480552cacd6e73937f947d9ea2c317ef3542b32cbaae7c5ab6

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/databases/ThrowalbeLog.db-wal

Filesize
32KB

MD5
196f0e5a815844c7f6b1e386a7f18595

SHA1
d5f32c40f6eaaff1e5018de2d14ba3ec83300305

SHA256
d754acb9aef47df37a84046df433f24aa9f8cde2ffbe3bdabd5cb726857b6739

SHA512
30ca9dbb22bdbfbaef83dfe51c28dda3afcddf416e1a485c7ae1a4dee3facb9e53bc61225dd3b07f58abe2d5720e5d0af5ebdb4955f3d8c6105993c9c30a3a75

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/databases/bugly_db_-journal

Filesize
512B

MD5
265732f29572f57bcc8db029118c5002

SHA1
1d8cbcbfb16abdcf052314742ddfe1e2f0b1adbd

SHA256
32512a99897ef816585d0e4a5a673d7ae710fad2828a884030a25f8c32c5d12e

SHA512
7c26458373cd182fcd6c4d426870c5e81e63aca2fc7ca1707867ebe96f0f203024ce19a67f3786449c7e7d16e7f5dd44e99f677ba013e8f41772d7b11cac184b

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/databases/bugly_db_-wal

Filesize
72KB

MD5
aa6068d0b575a58adc73a29e9b5d8571

SHA1
bc0ec836335e440f3d15d3bdcd9bbf785beb54e7

SHA256
9e1ace88c1efc71ee31e1098f614cf6abb07c05ffee927ee25cb762604180c2c

SHA512
f110ff44d2fb5392fd2d19bd018b333a8af63469b5391d99dbfcd5a252131677fa2c7f6d035bee28d41bd1d4051eec1c89d11437b958f359aa2be55266015ac1

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/databases/bugly_db_-wal

Filesize
76KB

MD5
6d29564e0b091da6c09753cc9bd399d9

SHA1
abb42fe37f83e96c231d01e2bd996e750a0f76f9

SHA256
e3b7e1010b84e242cc6849a43831812991691fc8cb260b042f564e6a2ded0107

SHA512
32248579c080e840f15c4e955a3cead7efc49261d36c0367f073b523af8d4a653bb7a17f945cd82268584f584e3b91648242b3c16e7aee1091473a1cc0487b0f

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/databases/dtjingshuiqiherkang.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/databases/dtjingshuiqiherkang.db-journal

Filesize
512B

MD5
33f254c9d09f1168db915fa23bce41fd

SHA1
2a97b68c3cb77d61172e2e60053793f9abec67a8

SHA256
a1116a7ea987da07c44ef3f2dd5ee9c489d9d104bd52eaea1018e3fcd1f61550

SHA512
b017eebc0c533f56e844a379547a6872edcbad212c872149c632edc6de134e115e2f5b97cf78a53d0c1c8361b5504598706156039a64255d1942805f611fcc3c

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/databases/dtjingshuiqiherkang.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/databases/dtjingshuiqiherkang.db-wal

Filesize
36KB

MD5
a8c0e8a25a397567602f67f864dbdea2

SHA1
f7ade7bc2c464f1c5dde420a2bf1d9e0b0d2a198

SHA256
7dde0f12ef2813d89ae57efd81e1802328dd0b748fefab5e6fde7fa9dc0d268b

SHA512
1322ed5b155bea3ef664107d271254f319a0e3eb5e07561970ef786b7f58fd48c926324339eb6de6fe83919bc7273f6aceaf6ec5c53c34c3e69de22080fd4364

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/files/Mob/mob_commons_1

Filesize
108B

MD5
495c276ff77cdf57b79771b4d9a3128f

SHA1
80653175068d1f45be9cb20aad7434929fdb71ac

SHA256
e43df4e270209b4e335395bc90bc05826960ffacd7d31271542192d1af1741db

SHA512
cbb87fac0dbb4fdb6fd29618e96541eed3d656f07ec680b7e4bdea15354c269720fb42b627abb98512cefb9d10df78423c75fe44acd5be160235493397801f91

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/files/Mob/mob_commons_1

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/files/Mob/mob_commons_1

Filesize
132B

MD5
5c7ee355282874f503e96ed22d410cbd

SHA1
cab43b7cd380781e1a22551edbd45072fbaf72b4

SHA256
e690bd8849f4cd2e0e0ca4a5150c47c59bf280ff04a20266aeecde6756639cfa

SHA512
f8ff73037d910ecb3b6c3c0ea6202a63d7871d331712701cdb42e396d263325ba8565541ada2507c3ae53cbc457ff515272a24e8bdeaa3a67766ba26f0956790

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/files/Mob/mob_sdk_exception_1

Filesize
108B

MD5
7009eae1384d20b941e27e75397a5ec0

SHA1
e09e0c9cbf973cc8e46aabc51ecae9fa303917ca

SHA256
c0a8c34809b2740ff30c79aae9a1442bc24323e57b9ffb822a306eaf2b688b58

SHA512
c2c2246b5c2e02212b90482fd914b6b130b1a2560ffd8d711036238db8c466747337f794fe30bd61db57fff34b7f0ddcbb3a7d8eb92a8cc7bd24daabf4973355

Download Submit
/data/data/com.dtston.dtjingshuiqiherkang/files/Mob/share_sdk_1

Filesize
86B

MD5
66bbdec36fa31ae25d65ed7d6b6169d8

SHA1
15a9487b00f61dc08b6a43a76eee12a2ee5c0a54

SHA256
2cb9eda0f00675bd069a03f29773fc65ccbeeb1b8af3f291956353e4345efbbb

SHA512
e7925acf1c28e0138edfd927e9e1c30d39eaaf553cb74945f6f41f15a65e04927aeecd7ce0f7fb6c3325bf12bddade96eea86134cbb71abacc3aaa7b1bd94625

Download Submit
/storage/emulated/0/Mob/.slw

Filesize
66B

MD5
19402718bfb1c685a726b4e1d846ad98

SHA1
02a7e30044a67085f2f1da24e16e4ecfede65b72

SHA256
079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0

SHA512
25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b

Download Submit
/storage/emulated/0/Mob/comm/.di

Filesize
57B

MD5
70a42cba408700f9a6c01c7941a8829e

SHA1
eab01cc2c0671538795fb0b1146017dc099d0984

SHA256
499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f

SHA512
8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c

Download Submit
/storage/emulated/0/Mob/comm/dbs/.duid

Filesize
132B

MD5
9e6ad3ae94665e9e3d5f07ed172da0ec

SHA1
8e7fc677d86a7061c50a11955c6155e2a6945222

SHA256
edcdbebfbe27006e287deb121c0c7816c1a146a81e6cfef382b065faacce9f0c

SHA512
c30552d5cbb8e550a042cf1e4f927e0fb35de61398edeba94dcb0b46400f7620a222a2c9a2fc7ba86d2c02e44844643307f26a4b69e8ae2a9c8c4a3ac0b394b7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads