Overview

overview

8

Static

static

6

06816678c5...0f.apk

android-9-x86

8

06816678c5...0f.apk

android-10-x64

8

BannerPlugin-1.1.apk

android-9-x86

1

BannerPlugin-1.1.apk

android-10-x64

1

BannerPlugin-1.1.apk

android-11-x64

1

CommonPlugin-2.3.apk

android-9-x86

1

CommonPlugin-2.3.apk

android-10-x64

1

CommonPlugin-2.3.apk

android-11-x64

1

ContainerP....0.apk

android-9-x86

1

ContainerP....0.apk

android-10-x64

1

ContainerP....0.apk

android-11-x64

1

FeedPlugin-1.1.apk

android-9-x86

1

FeedPlugin-1.1.apk

android-10-x64

1

FeedPlugin-1.1.apk

android-11-x64

1

FrameworkP....3.apk

android-9-x86

1

FrameworkP....3.apk

android-10-x64

1

FrameworkP....3.apk

android-11-x64

1

TAEPlugin-1.0.apk

android-9-x86

1

TAEPlugin-1.0.apk

android-11-x64

1

__xadsdk__...__.apk

android-9-x86

__xadsdk__...__.apk

android-10-x64

__xadsdk__...__.apk

android-11-x64

duomobad_0_0_8.apk

android-9-x86

duomobad_0_0_8.apk

android-10-x64

duomobad_0_0_8.apk

android-11-x64

__xadsdk__...__.apk

android-9-x86

__xadsdk__...__.apk

android-10-x64

__xadsdk__...__.apk

android-11-x64

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

gdtadv2.apk

android-9-x86

Analysis

  • max time kernel
    3137416s
  • max time network
    158s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    29/12/2023, 23:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    06816678c53d464cb0ce2d15bbc02e0f.apk

  • Size

    7.9MB

  • MD5

    06816678c53d464cb0ce2d15bbc02e0f

  • SHA1

    1b5e5d33439cf5f8c8d35c8801115ddcca7ee877

  • SHA256

    afd42ed2715b82ab1300c82956483ab80481de3507d24a1eee8829f6f3a4a3f3

  • SHA512

    df24efb7f801a79aa433543233c5be5b2218c96207ccbe4048fb8829da8e9932c931384ede62a33ccbb4e941df37ff8694c937964bf2e369ffc4c528deaff831

  • SSDEEP

    196608:JImyA/HuQnvzUaufega8j7Igr/p8BjLOgnpwv:amyA/HuQvzhufegaGwOv

Score
8/10

Malware Config

Signatures

  • Requests cell location 2 IoCs

    Uses Android APIs to to get current cell location.

  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.shoujiduoduo.wallpaper
    1⤵
    • Requests cell location
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4476
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.shoujiduoduo.wallpaper/app_duo_jar/duomobad_0_0_8.jar --output-vdex-fd=45 --oat-fd=48 --oat-location=/data/user/0/com.shoujiduoduo.wallpaper/app_duo_jar/oat/x86/duomobad_0_0_8.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4540
  • com.shoujiduoduo.wallpaper:com.shoujiduoduo.wallpaper.service
    1⤵
      PID:4576

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.shoujiduoduo.wallpaper/app_baidu_ad_sdk/__xadsdk__remote__final__builtin__.jar
      Filesize

      83KB

      MD5

      607e65052147713115dd87f0866d504c

      SHA1

      5ff2a1c2ebedeb61236c56edfde6406828a05c6c

      SHA256

      fe2fe2810faab43ae935927bfde6faafb8c74532f760afbecff9585d4404e741

      SHA512

      2bc7144ac0c6dfbcf097f778ee110405d9c58f4fc4901356c2cf2622d7a4f6b12ce30a51f168962a8c81fbab9c46a65c2b219633dd2a80cc345dbf255cebf2a1

      Download Submit

    • /data/data/com.shoujiduoduo.wallpaper/app_duo_jar/duomobad_0_0_8.jar
      Filesize

      93KB

      MD5

      4cde32400c7c5886767a6efc2d046a31

      SHA1

      b4030bfb0dfea97a75358fe54386a3140c1cc44b

      SHA256

      43ec0f475806023b97718e99d0f9211492dbeff645b1fdc796c810ac2e6259a8

      SHA512

      ecd173a373cf60b335ef7a53adf435e90a3393b4b65cb0f31354f3f50af5f1227f62f0415b8894920d4ebe1b59e8ccd8b04d80d8120a28ace068be89e9446720

      Download Submit

    • /data/data/com.shoujiduoduo.wallpaper/app_e_qq_com_plugin/gdt_plugin.jar
      Filesize

      101KB

      MD5

      9dc038f6ad17e85ef978f93344107f42

      SHA1

      d33d8adde7af312593c2ccea7664083d8b1b41b5

      SHA256

      6bd8965f30b4cf6388ed2aa86fe3b1badf26ac988cab02c8941c588f1753a5f2

      SHA512

      964173a865cfa82937fed3d8601b4ab04a264ba55e7895f0ef2b330c37fd957897b9e1ad4147472671fcee42ad24986914785b1161dcbd5a6fb2e339f6ab4a57

      Download Submit

    • /data/data/com.shoujiduoduo.wallpaper/app_e_qq_com_plugin/gdt_plugin.jar.sig
      Filesize

      180B

      MD5

      ef38b3260ae08ccb5baa772d8d28d26c

      SHA1

      13592572c596a0e01e54ae234714d2d589a5cf86

      SHA256

      1fb0012040ee9c639da96d772fd4d0622114326da2973bf2d17665f8f55f3296

      SHA512

      659ad7cfad7b598dea86c224da82367d414aa1edb52f563469f1b36e9f8bbd1f8394628148ef9d74044a5b39ad94760bb80811d259c6465b9c9cf5129002023e

      Download Submit

    • /data/data/com.shoujiduoduo.wallpaper/app_e_qq_com_plugin/update_lc
      Filesize

      4B

      MD5

      41bd2262f893325edaefbd1bbab4537c

      SHA1

      c25221d899e5464429e354d0042d2291cdd5177f

      SHA256

      c5c041820625b9ce0544b3cae7d9e171324060f8a0db5a485bccfa433db54cc2

      SHA512

      ba107dfe2af0472d35f1c6e28a0e500e59a54a2be010ef69c4e86cb0b2f4614786a64e6c4f59d028eaaa07b9e4342118e5d7632c8d76ace590b3bf1982687451

      Download Submit

    • /data/data/com.shoujiduoduo.wallpaper/databases/duoduo.ringtone.database
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.shoujiduoduo.wallpaper/databases/duoduo.ringtone.database-journal
      Filesize

      512B

      MD5

      809e71a479d327a8e569530cc069c5f9

      SHA1

      42ace0e92722b35d9b3f412411ffb51051c19503

      SHA256

      32dcce7bf90b44855c631bd4117b6e3109b88ee875909f0c751304b51954cd97

      SHA512

      f97a3b812fe64b7f1cb7b7836c1d80f15115cdd82663dcc8db498c26e2cf607437fa2d54726531f84ee1b68fdbc6ec9126994ac08675cab564fa999be3f1493d

      Download Submit

    • /data/data/com.shoujiduoduo.wallpaper/databases/duoduo.ringtone.database-wal
      Filesize

      35KB

      MD5

      98b658c1a229637024972f5364a949c1

      SHA1

      d1608d4457ca1ea64e3bb1f17772b1033447e2a5

      SHA256

      0627ee0776e846aeaa6379df16646ad1e6b373e1f8a8c4ff8c5153b460a727ed

      SHA512

      62fa4434f06d967f2b61a48e2e3f5bd44856ed714277e7e92461cee088a36690c090bbb844acf378754f3c2320f87a24a12ab461713f8d1d67dd420527e7f879

      Download Submit

    • /data/data/com.shoujiduoduo.wallpaper/files/.um/um_cache_1703944465574.env
      Filesize

      707B

      MD5

      b2ce8faf9908a68956c9d157949b00f9

      SHA1

      7d0e3978e5bee2c5d3695fd5da90caa66a09f3e7

      SHA256

      d6959a4045035a5c7c804b01d5953b223599fec7e176870121910f94831500d5

      SHA512

      f9065037a436dbaf0e7a8fbab31a7297f42017a33a783322524c46d34f5d0f8231a529b663d2ea4e06b8a9a1c8681da22856ef822b8230c9633edfc4aeafc07a

      Download Submit

    • /data/data/com.shoujiduoduo.wallpaper/files/mobclick_agent_cached_com.shoujiduoduo.wallpaper2970
      Filesize

      774B

      MD5

      6f2033ec9825e692a49e92bff3a4c560

      SHA1

      24eaae5e9ca86dadb232db654470fec8195a9e39

      SHA256

      425a22801ab3dd0a60a7febfc56e136f258d2c13ef01d4c6b8ac21cdbe1794d7

      SHA512

      0ad1d7cfe729bfbabf53b445f0385d36e07b39f96dfa54f22aa140418cea315bf40c62d3abcff0e88b1171a9ce531aeb9811dc925fb04c5d5a36fac5456a6e7a

      Download Submit

    • /data/data/com.shoujiduoduo.wallpaper/files/umeng_it.cache
      Filesize

      310B

      MD5

      841b66d495b1da74dfd543364f9a2747

      SHA1

      80320d9eb279ab5ff28d31974dfcfe348dc60694

      SHA256

      6623691e48cbead87e5cc335cb71b6d915dddcef05e419e797575b9ecc3653f4

      SHA512

      c625ba618d278293a611ed7d2cb8de5bb68229726a33d5edc7af1101579376abeb80be01ad33b838d7599efb0a3eb46fac3ee5df2072a9556db2f93a6d12bb29

      Download Submit

    • /data/user/0/com.shoujiduoduo.wallpaper/app_baidu_ad_sdk/__xadsdk__remote__final__builtin__.jar
      Filesize

      205KB

      MD5

      fea052b55f5043a0059bd3288731d801

      SHA1

      8c079ec61ed51ac95a0bbafd16ddea33eeb0332b

      SHA256

      ed98f0185a19a11678cbfaf517edb09f2002f1f4a9464cb17ae7919845139e5e

      SHA512

      6280c5bf1c2b921f294f30506dd7cae03ae872949872e3b3df5619778146d829542d8bc3b627da27f0d4466931b04f882b56d0ee9f15ce82c540f3fcc7d6c710

      Download Submit

    • /data/user/0/com.shoujiduoduo.wallpaper/app_duo_jar/duomobad_0_0_8.jar
      Filesize

      695KB

      MD5

      48a977426a7b9c0a7d5d6ffa940a0486

      SHA1

      794a4e6f78a8272e1f3640f5c67517904eeb27bb

      SHA256

      2041510dc6d550fdd64f47a029f6ef57117c2eaab94b0f19697210f0b81acd38

      SHA512

      7d70e50ac49cf14979b31c27b618dfb098270dd188db623629a4a856d3ef637c4fe5557df6235ac29f794392a6ea79e1a6d5cb8b88d5f5723fbbd2984b9c951b

      Download Submit

    • /data/user/0/com.shoujiduoduo.wallpaper/app_duo_jar/duomobad_0_0_8.jar
      Filesize

      695KB

      MD5

      2ea4b2dd8f000dc4ceddc7b66c17e8b4

      SHA1

      60622bef1698778565a77185a9f07407c7fa33d1

      SHA256

      5f9a5de18c4f6d92900a21bfa5302be648e4c0cc1523c5d996d9b52bea6e6b19

      SHA512

      513b05e27abdc64f9a28762b4d61416829aae4028ffb77b9a99f91ea8afbf3718c1681583456e25a6493e6f79ed7ac8b6e5733eb297bfb29d16960849958f201

      Download Submit

    • /storage/emulated/0/.DataStorage/ContextData.xml
      Filesize

      111B

      MD5

      4ef16252b51f025bbb259a6fa37f62ea

      SHA1

      ec519b36855c3d9f21d04e6823c9d79b6bc852e3

      SHA256

      739beff0f8ec5ae94a7fd7cccd2937e54b25ab83426614aa3cb4b18e6a2437b0

      SHA512

      ed8af01a61153f3cb8538bfef3047ab79f841903aa727dd67049ac88b5243ef921085cd241cf14fad723ce1294dfca9171a1d0c437f02e0e9543ff8e6ad98f1b

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      65B

      MD5

      9781ca003f10f8d0c9c1945b63fdca7f

      SHA1

      4156cf5dc8d71dbab734d25e5e1598b37a5456f4

      SHA256

      3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

      SHA512

      25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      111B

      MD5

      a1d05e46ca3a8980a7ffe682cb8769f6

      SHA1

      917a9a86e85f85dc639685ae426fc2931688568f

      SHA256

      2a3c67fab5075e7c5590b16a989d321971a930c543336e05c29d0e9d5e210a4c

      SHA512

      df47a242380f13b820c169af0e2da20266fe70d211d81a2606e525ae6f272f4c5b05d5f13808c1dcafc0ebfcf966c408b7d416dc601491a69460e913d47e943d

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      381B

      MD5

      12538d888a2905ad073e8a97634eb05c

      SHA1

      20835abfd17095252cf7373582124f4ee2b732fd

      SHA256

      16ba2e963bfb44e5d9321caa17f6c1aa482021231fbb3b89eccf65d3c05eb219

      SHA512

      cccb75f85ef4b2dd97313be295be29baa18b2448eb1514b319c1603794c71de55f348cb5d113ff7ab023d3fe252c8268958bac954295ee604416fafb1a00a029

      Download Submit