Overview

overview

7

Static

static

6

07a5c9e097...3e.apk

android-9-x86

7

07a5c9e097...3e.apk

android-10-x64

7

07a5c9e097...3e.apk

android-11-x64

7

gdtadv2.apk

android-9-x86

Analysis

  • max time kernel
    3119215s
  • max time network
    152s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    29/12/2023, 23:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    07a5c9e0976634429b5a7f37cade343e.apk

  • Size

    11.9MB

  • MD5

    07a5c9e0976634429b5a7f37cade343e

  • SHA1

    24dbd7fc7d3ebfe36e920ea000b1408aa5f6ef55

  • SHA256

    69e51037df2645fcef1f900d6f7b507d5537b85a3afe9d259bf8185a0a5cd3cc

  • SHA512

    3ad2dc45b175c78f7780a34a3da70e767c031a79e0b1625043e7cd893d1c4a2814d66428f97118f038a2def7f54a3aa86e4df18a63fccf98f6fc8694a9e5ebb1

  • SSDEEP

    196608:xA5W4KwWfcST1z19IZbeZDKQGgnGmJZSZ/o7SjaD7dw33ixZ2zUq:xUu1hsbeZevOG1xo7yaHdwnI2zF

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • zzp.fke.etxhh
    1⤵
    • Loads dropped Dex/Jar
    PID:4262
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/zzp.fke.etxhh/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/zzp.fke.etxhh/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4290

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/zzp.fke.etxhh/.jiagu/classes.dex
          Filesize

          4.0MB

          MD5

          d738620ebc360981fa8b7ada3b336829

          SHA1

          876cc70f0f0cab3f5a44e96677067ed39be43911

          SHA256

          8de0d86b4ba5d3586b800e73049f601329a3e9ab804beea57c4682f634850551

          SHA512

          b6b6b124f045f8c5d09d4e762394a222c5fed0de801900dabadeee0ad873654617cce5a3c86d452f341164f653c8fe36ec5a5f732eda4095f596a5aa92c7e928

          Download Submit

        • /data/data/zzp.fke.etxhh/.jiagu/libjiagu.so
          Filesize

          562KB

          MD5

          d141f6661f27d70822c7021d752d8af6

          SHA1

          e545f7442dca4490cb67b745f6f13ed782b1971c

          SHA256

          e0313c66404c4fb7d023824265ae5a922079d422509d4b59c6fe45632c60146a

          SHA512

          0b2a4c540c077ed93561f249baa75a65344e75dbfaefdb3a68c0d653d79bb5152fcd42c13f34a87b09583f33f1a40231b4f31416b73c323859885374ca0667f6

          Download Submit

        • /data/data/zzp.fke.etxhh/.jiagu/tmp.dex
          Filesize

          284B

          MD5

          f1771b68f5f9b168b79ff59ae2daabe4

          SHA1

          0df6a835559f5c99670214a12700e7d8c28e5a42

          SHA256

          9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

          SHA512

          dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jglogs/.cl
          Filesize

          32B

          MD5

          640abec082b18fc1e78314a7fe59d3d2

          SHA1

          05ac013422f3901bd845d17403cf113826b0f755

          SHA256

          0280d3fa5da22f3f248bc530422771218d365dee65b075eee125596f801251f7

          SHA512

          bac5b50a9a996f856660c8b30f8bff44d779c62b1b78ecab3066fa8fe81e024684e74f50ef90dcb20a224866972be049906f72cbbeb9d22083c54e3438d91710

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jglogs/.jg.ac
          Filesize

          32B

          MD5

          d4586f7254e1e36c14db197b0b7ab0d0

          SHA1

          1953ee5701fc1121adb84e07aa00e71ae4122f9b

          SHA256

          f3f81754edea5568be8f7ad095090fba808692df0fabc7c2dd723a4cc488bc4b

          SHA512

          b48663c34d8714caf48207d08ff374e74e5a4422c9ac70c829c6feadc24804ba65c2d0a22498a89ebdd9521a95e80a131d6153b048d4e7076dbe5b385b4cc618

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jglogs/.jg.ic
          Filesize

          32B

          MD5

          06a1c9977c5cb81a5a874e44a3bf65e8

          SHA1

          e820c5f78f32e0ecafb04cb6dc293c339ee12867

          SHA256

          c72b4b08808903266850a3ea9b83171b81299836aca22f0129193597185717f4

          SHA512

          8a0f43f48946c164d3ec421e076297586cb4519de46394bead8b8861e15315b03590e84cfeedd9e47add4d8eb7ebd5263992bb5cb03af2c6c8ec60b143589d42

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jglogs/.jg.pk
          Filesize

          32B

          MD5

          0a30e6bc0892ffc066b8e8917b3106f2

          SHA1

          5f7c586c13f029d1c59ccc9969706ab5ee5f90b5

          SHA256

          33088fb76fd33eb08ad377f9e3e7a4bba9dab26b08f9b1823cd1ff6c041226ba

          SHA512

          13d4e7d17331c6b7bdcb5202b066741cbfda2ce842ca9ffdcad6cc53970cd00c1548b5051bfcf504dcd4d2eaa58b8cd22c679495c4866d30c5ea4e93dc93341b

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jglogs/.jg.pk.h
          Filesize

          64B

          MD5

          419144c2e1deee132a7dfbf63df3b143

          SHA1

          ed962e1b6365f817d9563ad797ede1807bcf3438

          SHA256

          91de32a7cf5a6a36ced12d8957b0d75b5d25a181b0082bb582f6d9e24cf83983

          SHA512

          2b81ca78e2ec3e19d40aa3cb500a5a83c7157f207c4ada68ffb5f0e26c76608a4e105f76bda08bbae98ace16f76f0608165ede8b1fa2875dd255b3fc377dd24a

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jglogs/.jg.rd
          Filesize

          32B

          MD5

          e4d2249796ed0542b0e4e6335fe65c5f

          SHA1

          3a771d0fc6389cf361395a4fd379d3c45059de6b

          SHA256

          1fd9675a0017cdbd12409a7a252a954ce4162f71a51004ef2b57e889aa00269e

          SHA512

          32b2ea50876f8ad1872dd93d7ab4cf2dc66195262e954369a8978536113be1ccd377d0960a3bb3d13227c99a905369b3b937edabf0b2e93b83bf3dbadf9f2869

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jglogs/.jg.ri
          Filesize

          314B

          MD5

          adc970a274bd8dc366fb1ab3b5f1afc2

          SHA1

          3ce32bae712c60fee036bf30f9b40d90e3924658

          SHA256

          0c97306d1e82c70fbb95dea26bd684081176dce98ba21da0f5ee7ec047704775

          SHA512

          09e00aed5a0696678f8c5fcdb728a08a57aca46779c01085e8536e018f1358a2cfaf094e8b977c60ebb2818fa0e81044e3ba16022d54fcda8d7183a09dd284b5

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jglogs/.jg.ri
          Filesize

          307B

          MD5

          161cb9df6a210e9b5fccf3c05f79a7ae

          SHA1

          d99b6ced3128e037c6b49081182c88be532b61b8

          SHA256

          820db5c6c2a01ffe52914b5cc25b63845c8da4ce7c26946a02932dcd8c62efc4

          SHA512

          7d42558a36b8cc528bc7933e35f7b54cd3a2fd2c7aa123c3fa9fdf8dc6a0efe5fe4769f0ab8a6d712198b59871cd561d770df1c579efe698e6c727ba4b27e15c

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jglogs/.jg.ri
          Filesize

          307B

          MD5

          2919d2e8887dc88122a43db4d555620f

          SHA1

          a5ae76a5f73ed1e2ad6c1b93ef27adc55390336b

          SHA256

          080b5b9cf83bf8aefabb15dfee59080934094703f142758b2789e107194aef21

          SHA512

          a2c25eb7445311f737a2e836f74c29fb2f3f65f202633accdec2881011daa5c7599054005c35b9457cca6cabe4eb216d1b56975c991d4287adab102f51c0364e

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jglogs/.jg.store.report_cf
          Filesize

          32B

          MD5

          304967f8040990ade741ad7a0493fa5d

          SHA1

          68bba03b60d9c04ed1d30c754b622e5a4adbc2ee

          SHA256

          dac0113c77cdd9393911f61fdac39f233e1539ebc79241c5ae4a837f1f81d320

          SHA512

          1315141f6f4fc9495f2230cda12f7a05f439a10e2938156efa3d24c57102988c3d0398e5e05fa95b03ca845a69d5191d7854b50620427ca4b9ece44c49f3ac38

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jglogs/.jg.store.report_pid
          Filesize

          32B

          MD5

          5521368ed981f241d4672613705503c1

          SHA1

          01f870b2ce6ed572d0a6c7a00585bdd1bf45dec3

          SHA256

          c5b77fd5dee29e48341d6fe9647a4324bcf495fa2c7357a12eff1211aad608fd

          SHA512

          f0ad719fa9cde400391333c31cd7fc6f5951b36f52159c1adb7ee59cd3c0675365674dbee811759113dc898d6f1736cb83028c7471a671c0db7b628d72518ac5

          Download Submit

        • /data/data/zzp.fke.etxhh/files/.jiagu.lock
          Filesize

          27B

          MD5

          cedaad025434f6c00a41b0ddfdb51a2a

          SHA1

          815fa682d6391c15dd3cbdea6d2bc561773f1059

          SHA256

          7f31e7580f4bfac61e597ed602a07ceea74cdbb5ec7309212d5bbf16d89e9ed2

          SHA512

          48758bf5323e7e57603b1eb19561023158192406d0e5f967d3f51286a643c60d5dce769215d364b9bc618e0f553b1ff1297e17843d6f55568d2f6aec64228e86

          Download Submit