Overview

overview

7

Static

static

6

647971aecd...42.apk

android-9-x86

7

kyx_data.apk

android-9-x86

kyx_data.apk

android-10-x64

kyx_data.apk

android-11-x64

AdServer.apk

android-9-x86

AdServer.apk

android-10-x64

AdServer.apk

android-11-x64

__pasys_re...ll.apk

android-9-x86

__pasys_re...ll.apk

android-10-x64

__pasys_re...ll.apk

android-11-x64

analytics_core.apk

android-9-x86

1

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Analysis

  • max time kernel
    3054772s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    26/12/2023, 09:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    647971aecd032b4882cf427953d41942.apk

  • Size

    2.3MB

  • MD5

    647971aecd032b4882cf427953d41942

  • SHA1

    c6a9fce249d490d3c202da365d3e75940239c70f

  • SHA256

    dfc5310b87582d9787744cf98160aeddc72694f4bcbb10d47f122d8540cb516d

  • SHA512

    968396e7d8c536f29610401e5cef9c37529b3a4d7411e3571840a09f358b69dbc1ac7ce3fbada991d372d487e223e2eb069df15d8896272937441af86d30c3a7

  • SSDEEP

    49152:J+jUE+rLbGGwMaddKI8BmUm8v+J4RYo2y1DPwBiMq5BTXe:4oE+XBHajTymUmUy4RYMMBi95BTXe

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • xl.fc.xfmtc000000000
    1⤵
    • Loads dropped Dex/Jar
    PID:4201
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/xl.fc.xfmtc000000000/files/kuaiyouxi/datas/res/1295/dex.jar --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/user/0/xl.fc.xfmtc000000000/files/kuaiyouxi/datas/res/1295/oat/x86/dex.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4260

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/xl.fc.xfmtc000000000/files/kuaiyouxi/datas/FC/1295/md5
          Filesize

          32B

          MD5

          d763fc6c67da99ab5a66d47c8299a7f6

          SHA1

          bce18ad84e74a352ea1f45342a1e0ae60abaf2bf

          SHA256

          4735d25216a5105a1943a4b0392d9c95f9870afd77bffee700089b977773e1e5

          SHA512

          80c449512fd89e8eed1efcd982007be67837c75e123e6e0f2594f60e5a3bb2750742a33b25be324a32ec958d42267ec5e8b598700e04e86325c61dd13985908b

          Download Submit

        • /data/data/xl.fc.xfmtc000000000/files/kuaiyouxi/datas/FC/1295/update
          Filesize

          1.6MB

          MD5

          09603cc479305c17236b31819abc9961

          SHA1

          cb8a7b5557282df2b465c4d932374976cb2df75b

          SHA256

          6805ee357e3b46586cfb9426cdce67234448c15415b015c1d2b9df12a7d793ab

          SHA512

          5e92f6bab7472a1bd7618606f31381ddd7c60a9db38cf773155b6b5a45f8388a19114b7af55ea4726020748a110a9d461cdc2e38b093f7c2f236bb3d4701be18

          Download Submit

        • /data/data/xl.fc.xfmtc000000000/files/kuaiyouxi/datas/FC/checkupdate
          Filesize

          8B

          MD5

          177f7efc88a63ae26f24fee71e61ae0e

          SHA1

          ab3f619182b658a7faea62ebe37e5a807308229b

          SHA256

          3749477444ce223b86e3d88c61dc59decec601b45a30efd8d95b432e7c5650db

          SHA512

          81780046213135c5b78247cce13651015dff262f39d6b4f7aeafe632cebe7a29ecf9b10f446593745f2244f4e2937dee2b87163a6cf93c0ff5194ee473a4146d

          Download Submit

        • /data/data/xl.fc.xfmtc000000000/files/kuaiyouxi/datas/FC/version
          Filesize

          10B

          MD5

          f83e844fbeeb0230b48bbc2097e69899

          SHA1

          a8cd00a341a59fad8457854dbec37e330385d247

          SHA256

          b096eff6af873a617575f2a57ff344eb58e7cbf0b64fba167411c2ec5071b09a

          SHA512

          836fa52d316ea2e937e00071dcf23c795b5a3d89b5fc46e6878d8b65cb2d7267b2d614cf7cb9daf463893802cbc00eb61a15d73fc4b85cf7ccb4dc4c35de23de

          Download Submit

        • /data/data/xl.fc.xfmtc000000000/files/kuaiyouxi/datas/res/1295/dex.jar
          Filesize

          742KB

          MD5

          8209a818513e6666ba60060606043501

          SHA1

          ee423e654bdcd27a7ab36145bac8a01e162a42d2

          SHA256

          2a6de7ed0d8fd290c442481c96a67c5440ab24ec2800d38631fbafe45e09ac09

          SHA512

          a504497e76e563b6ab7cdb159f9790d393061ccce2a52dc45b18e47fcc0ff99ef925a9e6939556cedcc42097c79c509cc41f049d035f2a93efc34529494530a5

          Download Submit

        • /data/data/xl.fc.xfmtc000000000/files/kuaiyouxi/datas/res/1295/pack
          Filesize

          1.6MB

          MD5

          5a6db2779b4b9ff9d136dcd2eeb5195f

          SHA1

          9575640bcdc86bb1980cae715647d408d5dbdeef

          SHA256

          08079e3d65b25dbac6278a5342249086c0a6530a7c03a815c59ee0213486322d

          SHA512

          0f424301e07c6dfee6815006924e8575ca1ecd95f3b065d03e22c5c13910e77af7a704b8a1a8f45d2203ea93eb34ed35c0b0c95277761843b8f35ad16831359e

          Download Submit

        • /data/user/0/xl.fc.xfmtc000000000/files/kuaiyouxi/datas/res/1295/dex.jar
          Filesize

          1.7MB

          MD5

          35427c75f5a7e1ea557fded082c3be79

          SHA1

          12099f90bc011ff2621ec82c101e6c4b849f561c

          SHA256

          2416987f600ec57d4e439445733cbdcee5e6723a48d563a6ec0b03ca5fdacb01

          SHA512

          00cdb944dfe2b7c7944b7257cfc733b0499d99e48ab077637c8bf78e4e40428141a3111f8679e61a3cd84e06e4123d8c9efacf459fe430b135d2a7ed1468b74b

          Download Submit

        • /data/user/0/xl.fc.xfmtc000000000/files/kuaiyouxi/datas/res/1295/dex.jar
          Filesize

          1.7MB

          MD5

          b367ea5d4255fccc2a6800bcac6ac67d

          SHA1

          3475a23f07d0239ceb706095a05d27c658a1294d

          SHA256

          033970a16e1e00104a552fa2e07f59fad8b220836b5ce78b7a6bc412bd69c7d1

          SHA512

          40f2eff9201b78527e85b1264887833b921f5eccedd865ab0e1a5cef80fb5f1c336e635b71c96256f1432c2c2869054568eb6fd670bbae6aef38c06f060c9a10

          Download Submit

        • /storage/emulated/0/.rwtest
          Filesize

          1B

          MD5

          13c8ffd977013703a701cf8e11deac65

          SHA1

          067d5096f219c64b53bb1c7d5e3754285b565a47

          SHA256

          e7cf46a078fed4fafd0b5e3aff144802b853f8ae459a4f0c14add3314b7cc3a6

          SHA512

          527cff2b6fdfbc0f54fe092b17d6d8c7e22500242635fa56981e85a64da6ce8a12a3a66cf69fd48f588bcba9bad141b8e351a0cdd4925ae57289933eec1fc153

          Download Submit