30ed75f462f0bf3889505050af280ec13611587d9c09506cdd27d5ece902f2ea

Analysis

max time kernel
3301301s
max time network
156s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
30/12/2023, 08:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

12ec98d5fefa29457f5c8e949bf27b6f.apk
Size

8.4MB
MD5

12ec98d5fefa29457f5c8e949bf27b6f
SHA1

7ff40857b1bd56e566693585e1c0ef3fa181c1a3
SHA256

30ed75f462f0bf3889505050af280ec13611587d9c09506cdd27d5ece902f2ea
SHA512

444298c117857c9574543d41f29338900578181491130e7748268c16911a5475c59d7d2a25568cb676af0b7776287aa8d463d50ad7f9f450c47af00a9f441ca8
SSDEEP

196608:SrsOEwisEDuYIAE8xKdxpTR31MpknKREZS8hxNMfvgi7+NMTGt:SCwisEDuYIx8xKLvGrIhNMHgk+NMKt

Score

8^/10

Malware Config

Signatures

Requests cell location 4 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	cc.bosim.youyitong
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	cc.bosim.youyitong:pushcore
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	cc.bosim.youyitong
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	cc.bosim.youyitong:pushcore

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	cc.bosim.youyitong
Framework API call	javax.crypto.Cipher.doFinal	cc.bosim.youyitong:pushcore

cc.bosim.youyitong
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4257
- /system/bin/sh -c getprop
  2⤵
  PID:4293
- getprop
  2⤵
  PID:4293

cc.bosim.youyitong:pushcore
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4343
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4505
- cat /sys/class/net/wlan0/address
  2⤵
  PID:4531

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cc.bosim.youyitong/app_crashrecord/1004

Filesize
227B

MD5
a1cf0054e2188477722524bb3b58603a

SHA1
82a16317db124e9a3683b2909e9f3e0901c9d4a1

SHA256
904d76205be207b980e59657a9696d7c34e7ad5cf133bbe5891831a15b4d3cac

SHA512
d5a808507b9258461b899911b6063d2880526ed99dd1e5cbbe65374a95d28a09d2630f71aa524edd3b05ef5b1edddb77fb0972a4a33e468f3fdb5e68435001df

Download Submit
/data/data/cc.bosim.youyitong/app_crashrecord/1004

Filesize
227B

MD5
89560ad960c73878c424639062023c58

SHA1
0da52a6011fd076a12e8ed7e31d484f70f137670

SHA256
30d6fa66c68617528829b3d51e568fd4b6237279758a8f419e8456c446705885

SHA512
2fceed99a67fd5d98eb2216d0b6f286ad02ec98d3a4e1cfbf800fc46c19e1dd5c5eba997f3c172a86881c70fa38201fcfc4b4b47d485256f94199670928a8a33

Download Submit
/data/data/cc.bosim.youyitong/app_crashrecord/1004

Filesize
4KB

MD5
f1b1e57f9a637c3ed93d5e854d52432c

SHA1
b6a6b2ad39722f382a0a600235a8430e20e7af11

SHA256
db05e645e23cb7bf7420cc5135e0fca2afb10b6664ea1ed4d433db28d4723c0f

SHA512
7c22b5e40ce35d332e86f51dc3a9f74c866cabec1dc51a05246264eb123ffd92739e8068d9d8e1fe915e3441cf2f299d0915d66a47eea41616ac9b5ab568a890

Download Submit
/data/data/cc.bosim.youyitong/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/cc.bosim.youyitong/databases/bugly_db_

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/cc.bosim.youyitong/databases/bugly_db_-journal

Filesize
512B

MD5
9221558de0a6b189dec23e54de7cb2c0

SHA1
adda2d450129a56dc6a2c6410dc6df1c44d2b191

SHA256
1e76a0c245dd897d7bd7208c21392b82eee8fc435a87f88a5a54cef9f4bdbc43

SHA512
def8879e5fb5dc20f2501987277b15386447bd84fc22aea52e08049155bd665445e2f31be741c354f6ce9d33fbbf260a70858e14806d30c357c28e3eec303ba6

Download Submit
/data/data/cc.bosim.youyitong/databases/bugly_db_-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/cc.bosim.youyitong/databases/bugly_db_-wal

Filesize
68KB

MD5
839ae68b4ed99cfc3627d6f5112e123b

SHA1
3b103f7e2dc133ece3b99437daea35617443c43a

SHA256
1753eb0f7aad6a452f5f6f5eaef075c94177f06ae1fb44ad6b41a84cae5356b5

SHA512
8649c9cb9097000754c23b3cf9190bcce62044df15b5a32ff632a6cae8e5d83fc1954e33011214df7a044737efdc1a617e750cf1eaa8331df1a3d835efae77b1

Download Submit
/data/data/cc.bosim.youyitong/databases/bugly_db_-wal

Filesize
76KB

MD5
bdb950b04ffb5132a80b8c4661d412fe

SHA1
b9689faea820a89c1d58473d65272ba3f2c473af

SHA256
5163044e04b13316c4c18635cfc1e62cf7ae13c13711600660cdd00c8a043519

SHA512
04bc673ce0ec1f61fd906ed8c5323e10445941bd91af2e0f98f75226377aea26f6b74dc257aeb7d53e73c34ef1e0b0897fa243833eb4f45f78e0cb7481fbbc40

Download Submit
/data/data/cc.bosim.youyitong/databases/hmdb-shm

Filesize
28KB

MD5
1e9a52612a5745e43a98620ebc2fa800

SHA1
a96a72f86bd34554705d42e0a2d557d96b60c5b9

SHA256
8903d95a854c3c9774859d54459fa6ae31256764c8cba89c9046ee46b88afe01

SHA512
2123e8b710b167e77f252b1ee669033059a2542cf6079dd64ec5755d94a805bd0738adaf8e058d453425b8b6df047c74b7a63e64455e751331c7fdfa6b92744e

Download Submit
/data/data/cc.bosim.youyitong/databases/logdb.db

Filesize
16KB

MD5
966299e7eecc26fa6b28c59b6e83c39c

SHA1
6a77084431eb981bc995327c9151a56344eecffa

SHA256
ee98c58d2c060c221cffb8cd5351dce4e7032ddec019932adcff60627e84e30a

SHA512
13c9c2f9c583587844a11a52b0982ecf49e7d4bd154bb24c5e15d0e818ba56c7ed092b54718ec3223db0637b508f8141438336160e7bf6509ae91d9276a8f134

Download Submit
/data/data/cc.bosim.youyitong/databases/logdb.db

Filesize
36KB

MD5
09257bd4e8d65499c386f69d660815f9

SHA1
cc97a59b7c3dd67287b45b554f9740aeb2a8df19

SHA256
e39ac464b30cfa7f70e3a094fb6cb1b1eff76a2cef237e1fdde180038d742d76

SHA512
05e68f3e3eee89137fd1b84a68ebbec8125c6af81811bce9dd80225c06aa42b20b4a190983c4172939dbfbec405b8c48a2e9c45aaf3d7cb2dbf4271376064231

Download Submit
/data/data/cc.bosim.youyitong/databases/logdb.db

Filesize
28KB

MD5
c698960ed3127d985d98c4040f8b45c6

SHA1
28a7313acc8a9932db7ee76d35caa75dd0bddf5f

SHA256
fddba8bc53fd6e4f6729412bded9d216e3969b65eb331655fb36e59e2018b500

SHA512
6dcbd889d97f59dc3bd2dd18ea3e9440f0183a747d54a5d2586e283743572b4164479f5b74ce54620e0064254dd8b01480f0be8f97e62cf891fb70f84cd8014a

Download Submit
/data/data/cc.bosim.youyitong/databases/logdb.db

Filesize
28KB

MD5
cf13cd999553d4946328c5b8a5d3f2db

SHA1
5d4578d591f8224c342eff7818b1b2242d0c2dda

SHA256
7b989dd7dcefb23ae9a19457796ace97c6dd5d1996602a9be8260882e1197b20

SHA512
d80d4ae6c2e33c7d6dc7bc86fa8607b1d3d85a61f6df5a235cd3e1ba1f0f8992ca372cbd3c5da68347ebdba2079a5bb9acb6ae112003548849313c42fbc5cb0a

Download Submit
/data/data/cc.bosim.youyitong/databases/logdb.db-journal

Filesize
512B

MD5
ae9de00116df5cb971f387d19b278463

SHA1
ddb3304793c379c5188c14b47be5b6443e608ab4

SHA256
acad48e55eae5a026d6055a6d22a8909e4cb635bcb74d3801aab92e3fca1b824

SHA512
46df08b2313333031bcef1eed2c3ada4d3c8f8ca5ebdf75d721e97826b5eb5fdc9b6d081cfed7c42d0c50aa5f51c24e69ade075e508bb987a4e883121a1e5216

Download Submit
/data/data/cc.bosim.youyitong/databases/logdb.db-shm

Filesize
48KB

MD5
9c54f488fdda01bd6427e919adb8f179

SHA1
afaf13561488e1b64ad9315ed517fee63b69780d

SHA256
8ef7db3e68c3e4e02106892f3b33fddc81f700208005ca73611bb5931fcf6f74

SHA512
8ed77b1c031ffa9c0b09970c590dfe89f84a605a4dcf87739b67479e7887b2141da51a653321dba74961e1739d67eb391e6b2f31defce9fe59d438f297a9845e

Download Submit
/data/data/cc.bosim.youyitong/databases/logdb.db-wal

Filesize
16KB

MD5
12416667e846257aeb471a751b401acf

SHA1
1126d77e712c24fe9d98269bf5907d23aecda7dc

SHA256
c63978e46300c69f55f780785a7102943c8cf5bbeb59ecb11e42674134ca37af

SHA512
0d8945c96176c4301563f64731ebd63dc13af4d1f1e2a382a082771a0bbcf45181fe159fb70ba7e1d423f1d9bcac83333227ab962867d842cc658d3d8038654c

Download Submit
/data/data/cc.bosim.youyitong/databases/logdb.db-wal

Filesize
4KB

MD5
357b2c10521aab7f1c350b232cf992ea

SHA1
52d9948b977e0a67805589d799060a96261c2ccc

SHA256
8878eda993d55aa9382e6b14465bc926876cfea2dcd9d020767d45ff6029b113

SHA512
2750b23495207c1a3d5ca23f6cd523133f48d0a0343da1bd81b0691748ab675d2993528d71309b34b36a4a2020d2902a5073ad312a77aa5f231f0db734f205ab

Download Submit
/data/data/cc.bosim.youyitong/databases/logdb.db-wal

Filesize
16KB

MD5
e7303fc077a14e8f4a240e320d1b2d53

SHA1
911bf155cc87c63029502b13ee61e4a211d448bd

SHA256
bdb182443cad71385888c3cb417fc31b952c5664f647ef20c31adfc1dc942fea

SHA512
5bd80d7938f1c16b971fa996cdd835aaca71294eb28aa4f3de9482c7c6d7b97cd38957cd6ec56495134dc6f73682827763b811d6e7b0899605b9dac6c7a34679

Download Submit
/data/data/cc.bosim.youyitong/databases/logdb.db-wal

Filesize
8KB

MD5
65748eaf1753434a15a58beedf783bd2

SHA1
b15999711804ce5f6e7ce4a1889b451ad9b74657

SHA256
e215b4b5903c3c178d68404fae6ae379a1275c3c41ac320e705a859b22ff32d5

SHA512
e828a779f41501043b0e0ad7a3f169fed664245f081203e858756b80a079e363161b872088ee808983ea72221e020b210f209ac54baa7a838b70adf289def6b8

Download Submit
/data/data/cc.bosim.youyitong/databases/logdb.db-wal

Filesize
8KB

MD5
86a2766897a90c18ad99777a499fb832

SHA1
c2c8281954600051f9a505e247f42f7956f81cd8

SHA256
9e23550d909f38afe947e098c0f7ee6f7e220ee82a06bce587220a9ed495db87

SHA512
78363a6c32ee0c088dbef2901d8c941af2aa806d116cea1ed7b541defc8bbeae5784c6fa06f1407d145a37b543946e22a351cb3f85b4f56b6687a55ce3385949

Download Submit
/data/data/cc.bosim.youyitong/files/a/b/982abd0c4ce8c68660508818927a196d.0.tmp

Filesize
1KB

MD5
616a0d803f08bea5ca968708dc977789

SHA1
779bd1298d986be1d41f73f1451c9aea49cd1d58

SHA256
f193d8c6b0bab4f151fbfa4e4bf5d28966ef27fef4d539f2f1f19f52d3f720b6

SHA512
efc9b4eb5a3a9e4752cfed14b738511843e5234e96cbd5fb372adf733271f0a6b0849367710415885a7f021bc0d36f7d58d40d5e769b5c3d7dec12a0c88cd027

Download Submit
/data/data/cc.bosim.youyitong/files/a/b/fb733b08c6ca4cb4e50a05b06d4e8456.0.tmp

Filesize
1KB

MD5
c41b0999bacb24bd0a04a1ee97535936

SHA1
19eb4919dc86392405003ff9cb61b8183860cc0b

SHA256
07e0d9cd595175afa49354a7bcd00f2c8fd983f361eadc81b898c910017b9cc2

SHA512
13050fa7b2bf993ed5dd4a79905eb1b88188a32c159fbee23a9ef5f06c1b68f79adb2d08b52b197de73c4cb3d3bb4ce14c81073718c7bf7d6625ea6b13fd4bb0

Download Submit
/data/data/cc.bosim.youyitong/files/a/b/journal

Filesize
39B

MD5
df788d9fe5a7a5505e65828f158b2160

SHA1
35ccac101c1151bb355ea92aa95f22167a5169fb

SHA256
52ba3e370c94d52ac1ab353448583601ef5dccf5249f6a6be032e0605da2d7bf

SHA512
094f038fcc26d51d73ec1ecd5be22913f0222e6b7889b8f6aec993e54f536e6da11407b21dd064e00994bf7b192d3399ef12993e505a8f334aa22ddc8d654e0c

Download Submit
/data/data/cc.bosim.youyitong/files/a/b/journal

Filesize
39B

MD5
141b85ef8dc3ae7148045845a2835332

SHA1
7525f45447ed78d28edffa275c7c8bbad28bf3c1

SHA256
a965904f75e28a768a7ea8ab5183bea3a7aefbff2d96a2f6534531a07cff44b8

SHA512
ae3630b8707b648a5be53310d735b35235b1cd35a46f73838ed79f69a8a519a9edde0ab1c4c006cc8eccf722d4a7f7a672f64ba36eb9973e42e04cf3d37d8be3

Download Submit
/data/data/cc.bosim.youyitong/files/a/b/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn.db-journal

Filesize
512B

MD5
900b990b7a94506687b0744e8f9e2704

SHA1
9aaac3954d62157ce0b1b663f26ff70dc5ab4d4b

SHA256
65e7bde6f626e82e5fbd967421e72c42d37ee131d39f81369709e5db9723ad20

SHA512
8a2cc2b3d4abb86ff86c477df128069564e6ca7fdd4b21b1700be8569c7766ac1853ea3bcc8b373abb79920d65af3c1458486e69e92317a2013485762faaf81c

Download Submit
/storage/emulated/0/amap/openamaplocationsdk/alsn.db-wal

Filesize
36KB

MD5
36cad6eff881d00972c4e512a51ffa3d

SHA1
919f4f0f4d0c22d419ea6c5988ac06a19abb8e8b

SHA256
76807a47c07444db4531e9c5d33a46308e388a24670d1471b960329a1239a0e0

SHA512
6094e20177b5cdffda9eecff58acad896663d00ca5dd0fb0021c5c966bf8f28579787a31d8886b06bedb13ef57c9410d0e8c3bd07783c084feea8eddcfa01348

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
32B

MD5
6e0cee170a127b4be9eb2a0a6cb70db4

SHA1
d2ead770e607685f5ed7f922438bb6ea0f57ad5a

SHA256
7dc6c475502d079988cd13f29b2453b3f3abc8b29922291c2a29f1f2c05f5353

SHA512
4df37e37b6fbf5b5181f7915d30b4f65b161dd4c6856948f5b9feb6cfa944bb8e77e8ff084ec12e79326a8322aa1e9b0fd14c54b98375badb21776d844c0d428

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads