10f1f42e9618f4e1d1b972a9eab1adb8b3452dcf9f68c4e0b232d7eafd600d26

Analysis

max time kernel
3306847s
max time network
158s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
30-12-2023 08:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

13586cc410f39e5f581b7f7caab64721.apk
Size

16.2MB
MD5

13586cc410f39e5f581b7f7caab64721
SHA1

51f9be73f944968408e67cd16876233e03d25c13
SHA256

10f1f42e9618f4e1d1b972a9eab1adb8b3452dcf9f68c4e0b232d7eafd600d26
SHA512

61241a197aecaa8f8c9a0189d3308d248228441b29d011d38a12b5a1ed8662a9733239855a5a0a523f3c591d7f81f4ba95260cc01c4bb4c1d5af905f7b9480a2
SSDEEP

393216:6NaDAZy7uRu81/bkv3Ktb6SJDEjqeBxT/8bpfMy:60kg7cj1/bz0qeBtSpUy

Score

6^/10

evasion

Malware Config

Signatures

Acquires the wake lock 2 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	me.chunyu.ChunyuDoctor:pushservice
Framework service call	android.os.IPowerManager.acquireWakeLock	me.chunyu.ChunyuDoctor

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	me.chunyu.ChunyuDoctor

me.chunyu.ChunyuDoctor
1⤵
- Acquires the wake lock
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4268

me.chunyu.ChunyuDoctor:pushservice
1⤵
- Acquires the wake lock
PID:4360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/me.chunyu.ChunyuDoctor/databases/db_default

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/me.chunyu.ChunyuDoctor/databases/db_default-journal

Filesize
512B

MD5
aac2f286a895d84e80d35b539dab88ef

SHA1
ae5524418daf4d1b9cbb22c0a4b1c445f651cedf

SHA256
cda4d7e7133f5121f1fd93edef2e1088347fdad48f3b827fdb71e5403f951209

SHA512
062a17ccfbdcedf46c887eeaf94c1bce0a427efcd164d0066da964bde9f3b43f9ff2140e269d54c6dd67242ac937018f728d870cd6607bff033ee7162da8c051

Download Submit
/data/data/me.chunyu.ChunyuDoctor/databases/db_default-wal

Filesize
16KB

MD5
6b5fceda20346a02acd419e4334864d3

SHA1
7e788db897cd88bbf494be723b167c9b4d05c6f2

SHA256
39516f1c39128ea3e832375079ef0f9016025035d15744e8c25b0d7327a816c8

SHA512
2033020ed43a97528c6c9f9a30ff5de4bb2434febd7f6407f05f9a94c99ce40cdfd7c8166b648b3a54a7c338f03d3e0109ef397650793ea2a8dbb8224267867b

Download Submit
/data/data/me.chunyu.ChunyuDoctor/databases/pushsdk.db-journal

Filesize
108KB

MD5
6a37b6f367a414503706d1300746fd1b

SHA1
0210856d95a7fe16498386a3e2f2bb5d2f57fa24

SHA256
c3d857d314440a1a5a3878239ec53b632618221a246be8a7db35f9ee20522795

SHA512
198506c9eb5bcf6eb1e4723d26b2e0a915ff70a9824dcc04a09f05e867988adde113f7689c38c095ad555c485e3932b36fb582e21dda9934c34a222ae00efc38

Download Submit
/data/data/me.chunyu.ChunyuDoctor/databases/pushsdk.db-shm

Filesize
28KB

MD5
a62071475d3f4aaa73fed00b325d5bf6

SHA1
7fcefba438c285bce554bc3e4e1fbdaaf721db09

SHA256
d21e99f1734ea4e15213a2376773a89c826a78a7407389ed13f032292e6e7f10

SHA512
9d47a8b4f45e21028d57b865c0a3ab7b39859b54b25fd34bf7b36a14d55acf3dc2ef757cc16a16bf68e482c0bd2e5d8919f17865cd21335dba5ce17593ba7394

Download Submit
/data/data/me.chunyu.ChunyuDoctor/databases/pushsdk.db-wal

Filesize
80KB

MD5
2bad33a6de85a6b4afafd98907ad1230

SHA1
72d36d0fb3890021a2f6519501ea6cfd3e683da7

SHA256
32f5292836ac46bd30d5a8982bc524732ae0cbd0b480c021882bec4d5d0874eb

SHA512
04b114c9e6bd9322bfb989d55735897c05caf08721bcd45c6ed06a36d139a6fb9ce9c584f46a11a383ffb1d8ecdcf27da2a383a5243859b691b763c0000e9f1a

Download Submit
/data/data/me.chunyu.ChunyuDoctor/files/.flurryagent.-248f6de7

Filesize
192B

MD5
eeec7ee0ac0e0e10cbd3cf24d7e75b19

SHA1
facedce5d99ce6326e00ca9e263ae2e17dbbea7b

SHA256
7c5ac98e470d7f43948b02ff7f1b4b98e0daeb8dc2af93202720f9b21cdc8392

SHA512
5f0b309ab1370023e98c7df8f4d3293841c571484387c7537403f3e7455c049d920866d3701beb447658680d86474a69b831cdae902dc83d45c8ef75d28106dc

Download Submit
/data/data/me.chunyu.ChunyuDoctor/files/.flurryagent.-248f6de7

Filesize
192B

MD5
fbb66067de7c73994fc1a3a576f7476c

SHA1
83962818acf85e794152cb4ddad90f6b0a977fdf

SHA256
33cf64cdd0976a346ea4ab1159f4bece7f5f8ddaec8dc97f0f63934a9181aa68

SHA512
9f83c580cb81299138fc88b06e5fb2b591b18188f634bf4a51ea12c6abdf2986fdf3804e4cbf98730c1da09fe9e2aeaca003d2246cb6ecf0abcff0f93e8506b8

Download Submit
/data/data/me.chunyu.ChunyuDoctor/files/.flurryagent.-248f6de7

Filesize
192B

MD5
15b4201c74dd7a22d3994942e2b3837d

SHA1
bc061b389f738368d4a1fbf71c2df8f7402a8fd9

SHA256
73684d67ff137b5255fa6a41924311a3343ba804299ff59add83d8afcb010aea

SHA512
7de050ba82e0f124cc8ed2aba498f62607f199d6130004340e3085afb26a96faf453975c46f7abdf6adfcf3f4adf421b53442d8bbba5977d704a392772b69b91

Download Submit
/data/data/me.chunyu.ChunyuDoctor/files/.flurryagent.-248f6de7

Filesize
192B

MD5
48fb8598a502c63c6907568cc53e82ce

SHA1
e3a4809fb1c746a7436f8a9220473dd7560ca189

SHA256
9db64ebee1aa745b884e1a04136926d921d937bf28aa9a088cf5f4dc5666b82a

SHA512
0881d971436001f9eecd66e4cc545f92f099da485cd974eeff690b1f84f7cc49991e52a3bf0244f94a55799037c679cfbe4e1363ba5ac0abf33a0e02d1b2a20e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads