ee331b0a58b921fa57c0d84ecd8c56ae04eecb839f18091083652f4f2c360514

Analysis

max time kernel
3493328s
max time network
156s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
28/12/2023, 22:58

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

fe6280ecffd7eb98ec99cccf88096d19.apk
Size

1.3MB
MD5

fe6280ecffd7eb98ec99cccf88096d19
SHA1

ed0df5f318ab6c132b15233a2298709a7e84b100
SHA256

ee331b0a58b921fa57c0d84ecd8c56ae04eecb839f18091083652f4f2c360514
SHA512

4ffacee3122ea8f9267fa80110a52bc64f48e8b7adc2b96c2e2f52d847f3ef7a14f44cd9d482e7a7513694862daae7c280ab5866910e5927121c8f6f56ebb399
SSDEEP

24576:Z+WhVXSHQU26fM8po+/8jvq5q/13tdHbZKm51Ob83g:fhg2X85Ejvq5q/1XHNKmjbw

Score

8^/10

stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 IoCs

stealth trojan

pid	Process
4264	com.znsw.iuxi.gxsm

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.znsw.iuxi.gxsm/app_mjf/dz.jar	4297	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.znsw.iuxi.gxsm/app_mjf/dz.jar --output-vdex-fd=46 --oat-fd=48 --oat-location=/data/user/0/com.znsw.iuxi.gxsm/app_mjf/oat/x86/dz.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.znsw.iuxi.gxsm/app_mjf/dz.jar	4264	com.znsw.iuxi.gxsm
/data/user/0/com.znsw.iuxi.gxsm/app_mjf/dz.jar	4331	com.znsw.iuxi.gxsm:daemon

com.znsw.iuxi.gxsm
1⤵
- Removes its main activity from the application launcher
- Loads dropped Dex/Jar
PID:4264
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.znsw.iuxi.gxsm/app_mjf/dz.jar --output-vdex-fd=46 --oat-fd=48 --oat-location=/data/user/0/com.znsw.iuxi.gxsm/app_mjf/oat/x86/dz.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4297

com.znsw.iuxi.gxsm:daemon
1⤵
- Loads dropped Dex/Jar
PID:4331

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.znsw.iuxi.gxsm/app_mjf/ddz.jar

Filesize
54KB

MD5
bf9e184a550b934b8efd0b5207d904d3

SHA1
df79e9ee5a61f6ea9235b365b9eb6157db1f5bf4

SHA256
6589abf028141a0e564a5ad9ae41b3f1a373250ebf1d1f022d069c30580d5724

SHA512
670b0bde7f5bfe89460309593a6ce719b5a9742b9590a4de99a240af3c09e683bccba88ef418bf934705bc21a2f45f01aad2181b5783f288d6378f161bd160d0

Download Submit
/data/data/com.znsw.iuxi.gxsm/app_mjf/oat/dz.jar.cur.prof

Filesize
619B

MD5
71208d39086462776249e1a91d28ecf7

SHA1
e45ebcbbaa3c9a26add742f8d930cc44c5729bfc

SHA256
89993f3f6e51b59753c5ff1e064dbdfaaa39925a85c96b677390a91d35941c6a

SHA512
06f61f5fb8508435b6053eb2b40ecdd15b994c56ec97a9db68ff5a63e3a1113cec72d3b13c7d03da5da570b86b898994dae50c981b4a2f603d45441fa70cd516

Download Submit
/data/data/com.znsw.iuxi.gxsm/app_mjf/tdz.jar

Filesize
104KB

MD5
c34a960ee8657fb632c516c1616ca810

SHA1
9aa3a6cf76f595769a52b40a4189c5371a84674c

SHA256
2bb381984f485a4803c2ed4c80ebf1ab3f327fc918ce36ddd67326a249ba77c6

SHA512
2bfeb1a74504f9c5c978e19041a3c6ccbab2eb77f7fd35c38e45207d2d50af0fe3ae28aaa7373cb4eb69b8f3d9c118d0813c2d7336f2f3f26e8c6a8e34e3504a

Download Submit
/data/data/com.znsw.iuxi.gxsm/databases/lezzd

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.znsw.iuxi.gxsm/databases/lezzd-journal

Filesize
512B

MD5
42100b742a2333f5691ebee74a9754be

SHA1
3f7df687c449f9ad3ffc1e4ccd88d47e1c046343

SHA256
2d84a762ccb1dddca7579bec79e4e55f6ab9fd94443c4e9d2b764e980eb10662

SHA512
74c5d30029f660f40800d8d61157d713e888077ab5eb87a7eec534b8993623b178f3de822608e780b5b22e111c8dd278b0c47686a0c05dfb849c6a48397ca234

Download Submit
/data/data/com.znsw.iuxi.gxsm/databases/lezzd-wal

Filesize
60KB

MD5
f1a15ea0687d736561a77d43c8e3d913

SHA1
7cdd50b4c44db73fdae6312d5fcbc9afb7cc43d4

SHA256
040320ab679633e2a0e14f7f0dae9300fe598c6d9df7c5ee8940a363947abe6a

SHA512
c30268a6291c8dea4a6ce7cae6fe386085afe2ecb5bad69e9eeb7e0de9c342ef1b54f1f64b4b71915e0b59f8a97608b7f01770ba0df8edd9daf7abf02b9908aa

Download Submit
/data/data/com.znsw.iuxi.gxsm/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
d30007d38f31edb0a2e491ffc66855be

SHA1
a4553c5e20e3775e9f1c8eebe1f273735bba11e6

SHA256
c3e71731f5b20c4eb51eb59884311dc8ab59fec9ec8898359b70a4a09a225d59

SHA512
783b5b93ee07c88cdd6847b99ad752553c0254b8d0cb8fdbdfcc8a720ce7acffe795d2b5dcfd683a42b575a21d9d2b0c1016c0d9556fbbcc3aa0a1c8d47a6f70

Download Submit
/data/data/com.znsw.iuxi.gxsm/files/umeng_it.cache

Filesize
415B

MD5
7353120d30cb2091b81baf2832b5defa

SHA1
0470313d601176bf2cd4422289f6e38d6849c6bc

SHA256
865cb16f867d9a0622c09ae3aea37c35b1c7c477977d2b6fc8257e720819fcd7

SHA512
0d240a696b9a55878a59f8b05fcad651c40489b59690d5af6d84fa3f75fd6ad33a7a18da64d278ca57016cf0978a0430f81d0cb3bb2a583596918eacfd0bbd89

Download Submit
/data/user/0/com.znsw.iuxi.gxsm/app_mjf/dz.jar

Filesize
247KB

MD5
40235bd85137ac67997ebd98c3ee5336

SHA1
c0ab0d0d39c13fc76c22f11642920003a34a6a8e

SHA256
a6cdc6d2747ca2979c9959fae17a4c00dd66bd336315ce2e69348bff551976f4

SHA512
80193d98b9db86270ebdb3217ad5000dc93f36fec15c06925df1938bd7bc89e9a1a056fcfc0a3a3108daa7dfc5b9856b22832bcc7654ac5e0197bdc45a08cdab

Download Submit
/data/user/0/com.znsw.iuxi.gxsm/app_mjf/dz.jar

Filesize
247KB

MD5
f94e137d7aa3ec510782c58f1089ef39

SHA1
f1b5f4b422d4fb5071e41a3fe9b7cf99ec13c217

SHA256
89c661a75becb3a99788c1deecf430f54c045e044f30c5fa7dd7f11e93e2a5cc

SHA512
743beef1e59c24cb6662c19dab6e6629a30d6bf6e2e014f2f68258a58acacb868f6a7a2a527123170f92b03ba517d8b48cb2a290a963d2b86130444820b0be6a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads