b6b5c41de0bda926417c4c31d1caebef0a6b4400a38c317d93e088a73d4ce41f

Analysis

max time kernel
3056209s
max time network
133s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
26-12-2023 11:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6c4868bc5a255f762bc057ce1f939215.apk
Size

19.2MB
MD5

6c4868bc5a255f762bc057ce1f939215
SHA1

6ed1c4654e75ef8777377f9d28ebc2d465f2ec9d
SHA256

b6b5c41de0bda926417c4c31d1caebef0a6b4400a38c317d93e088a73d4ce41f
SHA512

ec4bec9cdbf2d68d3b68e055358a85e010c071b0c843697e195d447f763c78bb6d84c508a1b56161ee745239bb929ae81c0681b8b4903688bf7a96a808a19278
SSDEEP

393216:AV5tSO9NplaUVlXA/Q949MqlvkWNIy4jiazhuFulrWWxRGSNZZjnc2oQ9K0:UaOhoULA/849zAyI/NuFmWWbGIZb9D

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.bscy.iyobox
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.bscy.iyobox:remote

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.bscy.iyobox:remote

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.bscy.iyobox

com.bscy.iyobox
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4260
- /system/bin/sh -c getprop ro.board.platform
  2⤵
  PID:4291
- getprop ro.board.platform
  2⤵
  PID:4291

com.bscy.iyobox:remote
1⤵
- Requests cell location
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4329
- /system/bin/sh -c type su
  2⤵
  PID:4415

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.bscy.iyobox/databases/bugly_db_

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.bscy.iyobox/databases/bugly_db_-journal

Filesize
512B

MD5
dd43d5b837fa77219d6e336283d51a19

SHA1
5b945d6b5aeda9fbb04131b7df90e1d942861fd7

SHA256
c7461c976b13e43c2a39c9ac0cec38a94c600c46c289274e55e61bc8b5752fc1

SHA512
73b3cdcc3d99edde81082e680ec706a2df01fa834f7417509c71ea0eda8721f8565fea3b1e99b083a67e63236b0105e6a79ce7c9da59ec619662f33dd4191169

Download Submit
/data/data/com.bscy.iyobox/databases/bugly_db_-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.bscy.iyobox/databases/bugly_db_-wal

Filesize
124KB

MD5
32cdd09c7bb00367e8857b5a53c26800

SHA1
5842afa3e09ff4935edb97ca37e4a13721bbc63e

SHA256
a048e82be440b7ce01d9dd9031feaf9eab32574f7a4036980bc0addc4906e588

SHA512
9d945892eeb9dc9ba96cbbb8d63d1dd64a734c3f1f56c828af5dcdefe52c84af9868a315d1a8ba34caca2452641856b357042c74f29c6630d96e83f2608d1b26

Download Submit
/data/data/com.bscy.iyobox/databases/bugly_db_-wal

Filesize
92KB

MD5
289f6b28907df05a26ea2010c116beb9

SHA1
336f4daf48579b7604c34a982dae5a5e673d40a2

SHA256
a6fd155e18499b7ce08845b854f91d1002d42dc73c906a5144356de6b7f19e93

SHA512
4244ced9667d6a96f4c1dbb2c3e6d8a53a6d769ee787902f1e332d6c2d545fc37aceb810783f0babe45f41eae85384f15cd54e47a7c651eeadb7f46cf928fef1

Download Submit
/data/data/com.bscy.iyobox/databases/sharesdk.db-journal

Filesize
512B

MD5
98275f663c92590fc4e742e5ebe141a4

SHA1
257ff9af217e8e6e6e67c61ca30bbea646d1b371

SHA256
4ae7d9477689accb70ca3847f94407375f8ee7a4f0f1a5179c065ce35efe7567

SHA512
a2f4df84100260d8194c9216f002d14b6ab9f1212ccea379a0b3278a3e4d43a20a10ecc210f9faaee44fb54bd40d7358e1a3d3ef9794e507bc215c1e8892f2c1

Download Submit
/data/data/com.bscy.iyobox/databases/sharesdk.db-shm

Filesize
28KB

MD5
1982687f791bf710283147c680067350

SHA1
3b6fb6d4c57b8122518b9718472c47702ae333c9

SHA256
be5663be4bc399a8eab8c58304337a0eab504dae0bef5f995ade041be1b46fad

SHA512
bb039b5313ce155ebad7fa9ce930337771ccedf605627b0710fec6d148bb22cb4cc6bff5799394350edb42c512183c389c8ebd346c76b56a45fa3640465ab99a

Download Submit
/data/data/com.bscy.iyobox/databases/sharesdk.db-wal

Filesize
40KB

MD5
5929b88bc7be754420fc18e825043e54

SHA1
edd42e29636e05084f3b6b5c3d5e8bd88eb944f9

SHA256
1f9141fb67bc74354c6bf5e41d74ae2b58bb16aa2759a387775d2c13cdb48427

SHA512
d7c61c0d6c26f9bcdac033774ea7c8ea00364f902eb534d0b0cabf5a337bf8d2ba445b5a29038feec2a8fe3d2da1b1cd42ba33e7aa19c20f871f303836ef0194

Download Submit
/data/data/com.bscy.iyobox/files/lldt/firll.dat

Filesize
56B

MD5
d928b2d9e6100b898b96e0accc3f6e14

SHA1
07d386d43a4db84ef83aa8453b52cee22631fd7f

SHA256
7d52a57949b7be5712a5dacbae1375275145e426e656d5a909c3452be8323ec2

SHA512
ed564846921d9b4cbe05c875d621335e15625f7fdbfbe5083ff734962052a836b3e3a957d34050efb555edad12fd2526a9e053bcc7193d4ae277ce5aee878477

Download Submit
/storage/emulated/0/ShareSDK/.ba

Filesize
365B

MD5
ec94cbf0a6347d3d2af40dd2aa80da04

SHA1
31a9d21d69c69f19cfe4c914f4e9638bf773b7ee

SHA256
20af0fcebf80292c8f65b3ec63adc5b6ec433e9e9d6324d44f8ad1cdff7677f5

SHA512
afe70b8a56128d3f9ca80cdd360127ef591e925ec77bdef20cf5550d0fb523046dd5552eff2b522b9c26544e1642b4b244354c2b40e8e80893047e36b8bfb66b

Download Submit
/storage/emulated/0/ShareSDK/.ba

Filesize
464B

MD5
5f28fe3a638946b48a03ee07a1e183b1

SHA1
be3b103f3f315e946d202d54c7100a4150fd5e14

SHA256
486b54fdf8dfa5f761a863c60ff8cd185ffb15dd761ff3770c1fe6698f9e281b

SHA512
ddc6eaa1cb60cc04b9e64f7c62efc460696713d8f036dc7f4bf574d9873900022d1edf6a996565138a9fcb7d478b664c020d481e2a76338dec9f1b95d991369d

Download Submit
/storage/emulated/0/ShareSDK/.dk

Filesize
107B

MD5
c9383021bd97affc44be4db7018c4d7b

SHA1
7e680409d1c86e35149bebc22f2cf8c484f0d23e

SHA256
b7b7e032170e3190a84359e5c37adede1d58b6bf4c455ef0c01f73335709bb65

SHA512
7303f068da97319891e2d25c1c737035f1cfdc365d75d954102b612000e54d7e2b5dfafe10bdf909563e2b46ec3ff9e546423bff6f0aa9496880eab1c1c36a81

Download Submit
/storage/emulated/0/baidu/.cuid

Filesize
89B

MD5
64dc9d650cb8c9721e14afaa0d2ec88e

SHA1
6c11513f852bd10ff3300e6af347e361532fceeb

SHA256
9be0c630d9b7013f00adf2b1c5718e42ce7d44ad200f7ddaf2e56908e99303a7

SHA512
23dc8362e989557fd7cb12cb4c62ce5d72fb9288103407c42ba8823c2de2bd62ae4747419f38b87807ac63082f6fccb76ec98d144b2e47365beb4cd141f9d0a6

Download Submit
/storage/emulated/0/baidu/tempdata/lcvif.dat

Filesize
96B

MD5
2911767982203e253fd13d2b6e2b5c39

SHA1
70bc18654d648dabecdc0b8338314a4558260654

SHA256
46d3d9163deeae5e0e8ef2a509b7480cb4cb0f81828a932fb6cde10fa724e013

SHA512
a58e174f1bbd7411c12692a1841bc5f153a64d86ef0363a95f9b43cc02d34ad4d466f73cb446164c5a6281c95dfc3e679d4a128cf8797080b78266759c9676d6

Download Submit
/storage/emulated/0/baidu/tempdata/ls.db

Filesize
28KB

MD5
0d3e99204c6401ea499fe9e6d9855497

SHA1
09829f00ca458eab7374d5079393a2cd69a2348a

SHA256
63ad014cb50908591939d6a1536f85eece807425af4f4e8a1f9b9eeab13cc5ca

SHA512
8d9a50aa9abd17e508ed3ac35a3033e8f9e550d1088baa951f53e6c4697c5ac026d22b90e36e27341d64baa3f0202bd89ca97583e99feb25f8c26b5776c59c68

Download Submit
/storage/emulated/0/baidu/tempdata/ls.db-journal

Filesize
512B

MD5
4868b30817915ba867f050c5eeed62f3

SHA1
f0c3167e7387d7cc5a004c5c327d52f50376a8ef

SHA256
0baaf809c2fd2a27b062873f3630a7c3096928c3da9536e307eebc481a6d893d

SHA512
c0f255ea9d5e3128944b3b0b1c8c31b9304d1398285dc4cc359edc23031f6578adc033ac62683457213019656d6066efc8a730c406f7d0f072c8719369e998e3

Download Submit
/storage/emulated/0/baidu/tempdata/ls.db-wal

Filesize
52KB

MD5
652131cdff69749c8c02143be71c6927

SHA1
fbc123e483238ab6f8144fb13f810073d230a741

SHA256
c5f4f77dc10e074ca86d1272d3ef74b93fd7941929bc393ecd22c32315b1da79

SHA512
a3da3b8f5bccedde735fb69f449758fe4b94177d3fa3d679b557316d357ab5d580ad0608321dbc747221bb391b7536da1c709290f3f32f33354bccb1b70e02f3

Download Submit
/storage/emulated/0/baidu/tempdata/yoh.dat

Filesize
24B

MD5
a936690571e9104e1922dda4a0ba5bd1

SHA1
65f49c57edde2f96be2a1dbdfc3f7351f1e66554

SHA256
f0f5049c51879dd7da0ce4a43349b5b34ce053d072a0ca704f62cf22ba4a8412

SHA512
3be1c3693963aebdfc04e86b1c820ee0ec3cf0b200e6a4788ef1141f39fd6c2f77f4227247ae4affa66c0a6c027df8466cc0dcec1e67ebfb953e36bee97de394

Download Submit
/storage/emulated/0/baidu/tempdata/yoh.dat

Filesize
24B

MD5
1681ffc6e046c7af98c9e6c232a3fe0a

SHA1
d3399b7262fb56cb9ed053d68db9291c410839c4

SHA256
9d908ecfb6b256def8b49a7c504e6c889c4b0e41fe6ce3e01863dd7b61a20aa0

SHA512
11bb994b5d2eab48b18667c7d8943e82c9011cb1d974304b8f2b6247a7e6b7f55ca2f7c62893644c3728d17dafd74ae3ba46271cf6287bb9e751c779a26fefc5

Download Submit