a99deaaea4f377dfcfbc2517a26654e4de3de60c8246f754ab858d76caa25230

Analysis

max time kernel
3607340s
max time network
169s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
31-12-2023 00:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

220ad280f616d515a0a070e42b9ceff4.apk
Size

7.1MB
MD5

220ad280f616d515a0a070e42b9ceff4
SHA1

4e84520f75c3f95a6661839fdd507fa13245516e
SHA256

a99deaaea4f377dfcfbc2517a26654e4de3de60c8246f754ab858d76caa25230
SHA512

3a80a52ced7b3e1ff1a754e4830f427e8968fb7649beb019e87443e2c74e24f76fdb25cdd8c7e021902c7d5a45b730fb1e1bc7ab7482cdb7319957ef33500276
SSDEEP

98304:4kcka1Emjrbsswy/k9X1LkEyOBtyZuCTLaQ39I+kVFTRWF1D+lSodorqX60WF:kka1oZyMR1LxPBIPZ9iXeD+l2rYWF

Score

6^/10

evasion

Malware Config

Signatures

Reads information about phone network operator.
Checks the presence of a debugger
evasion

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.guokr.juvenile

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.guokr.juvenile:pushcore

com.guokr.juvenile
1⤵
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4596

com.guokr.juvenile:pushcore
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4644

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.guokr.juvenile/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65974C1F004C-0001-11F4-7246EE8F6F04BeginSession.cls_temp

Filesize
77B

MD5
1432be0487bd4f616bd7d31d36d9b58e

SHA1
13267228d58b4dad71cbeeb0c1527d1516da2dc9

SHA256
af216ac2db4052cd53385dae29e79ad59ec23a5fe4f790e9b43d843ce46cfbfe

SHA512
ad922952c18477c836f746b7f527e3d1fc79682d54ccf5fe3752c24ad6f838ac2d27bb984918366098f08d6894462d25e0902fc5a75abdc205df8053ab38f890

Download Submit
/data/user/0/com.guokr.juvenile/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65974C1F004C-0001-11F4-7246EE8F6F04BeginSession.json

Filesize
132B

MD5
6ba001d9b1eb695f071caaa7e28399c0

SHA1
b5da1a86ccd9f6cbb861fcc2f3725e3b3df6e193

SHA256
8de2904d8cf659d1fe2717738bf59774c4b9e84aacb0485527507e08d7c7cd07

SHA512
cb082ba28ddfdfc703959936eeffd4001fd8b2df01f70d37f6e205b50eb75fee68f5341c62f3271e601c68ee841ee326279be37bc9857f7366160ea381e6bdef

Download Submit
/data/user/0/com.guokr.juvenile/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65974C1F004C-0001-11F4-7246EE8F6F04SessionApp.cls_temp

Filesize
132B

MD5
9cd810ee6f40f6178b90de7499936a55

SHA1
6c8948f107b9ec2158344e5e77d939af076162c9

SHA256
a5a94c9db98e19a1018589eaed8601f4566029049aee4094c10ddb5173c0ec88

SHA512
fc1220eea10abfc63ab80459e2f2c2cf96a030d2bf9b20a56aa99dbb7828d58fb0c0fc17f1e715fa723ba5150130c10fc97f64f356ece580616a2e06497043f6

Download Submit
/data/user/0/com.guokr.juvenile/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65974C1F004C-0001-11F4-7246EE8F6F04SessionApp.json

Filesize
231B

MD5
eed4e883a07612bceb0dca3a18677686

SHA1
fca0e6f280ec819c70947dac6853a7e2d03bfd22

SHA256
d3aa252abe5e0bf225c265b95ce39d941548f89cd9681a96511132a776088cb1

SHA512
b88e9bc2ba477f266112b8dad4532eb892bbf0807589626032f85ffcef90392a0d4bf3cdee2712c2e62e7e83e2e69b60dabd1ba506b7b59c307d107a12a40a57

Download Submit
/data/user/0/com.guokr.juvenile/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65974C1F004C-0001-11F4-7246EE8F6F04SessionOS.cls_temp

Filesize
48B

MD5
fd6372364a5c5c9cf8945ac3ea7a5d94

SHA1
3c798cab71f6ae7a81e71e58712368231230588a

SHA256
7400bf714ca32b64dd89440c9d5ace4e0115ddce44d169839e465df0e1638641

SHA512
a18b18d061dfd979bce1e0b769009668c322300e7174f51d2532e86dc6018769194507a106dd30b97317f8c1a7539d13a7baeab2900c1e00da7c74e899dab276

Download Submit
/data/user/0/com.guokr.juvenile/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65974C1F004C-0001-11F4-7246EE8F6F04SessionOS.json

Filesize
55B

MD5
fc1dcee4e422d77e7fab7c08c8a41344

SHA1
d5340127e9d5f735b9d33b9dc61c772fb0e2dc15

SHA256
b843f05ed78cd137c272ba7f0ce8ede3aa853098a856863e51d5c223b58f21c7

SHA512
3ec07617e3e1008572f6f2528de9d4b827050cc5a7cf19a1604c961f9ec370ede6f5fd83bfcc252c0ee286fe244ee6734046ef1aa638dcfc689cd4407a6a8f61

Download Submit
/data/user/0/com.guokr.juvenile/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
881B

MD5
af992248c905240574fde90f0c8a73db

SHA1
a7e855573bfb1e72623418dc204564ea28f13453

SHA256
c12bef632fb8cf83b4b2c3f7b1170f061c15119178a81cffb2e92e5a1c0d7606

SHA512
88f74651d3dcc6a2fc36f4c6ff165efd10c49987d7fd13da6cf43548d4b145e7fe0ef0bd92e3328c87d5c134f6370209ebdd71b436f8aef3df0a2ce8dfedc890

Download Submit
/data/user/0/com.guokr.juvenile/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
435B

MD5
06e67e6112d2a2c2af2250e3f72b0cc7

SHA1
2afec9106b8f5d72badbfb0d4b95a333b9d91461

SHA256
1266147660ce573862df4e56f7a40b1cfc3c5dd3f8f954b498fce4e587bf7594

SHA512
bef9e30ccf5410dddf39540ac697e93852fb2c3c74c06986e881d0d79d7763af3623974c78c7cc42dd8067662e5129405e62b1cb7780c93ed018e76af247981a

Download Submit
/data/user/0/com.guokr.juvenile/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
117B

MD5
028c46d7885e407f253b62c2114a4146

SHA1
0caf6e2e1020bc4ae85174ba233e51534e47fa6d

SHA256
0e2d7e61fcfdc1ae30bcfa8b13e26eb5967457197024bcf5c00cafcfe60cd933

SHA512
8fe68aa55f7a0ba0e5d98f829f2b3bf44bda82a2d721466cf8e1e3fbeb90b00da9d8f36f3d500f9613d8d369b82d9b7a7478c45cd9e750b4100ecd2520805f99

Download Submit
/data/user/0/com.guokr.juvenile/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
202B

MD5
eeeb942571fa704cf8ae49731fbe9789

SHA1
b5989c4cb932ffc779ee25bb3f7bfb79cf720427

SHA256
78809f7ae96de01e3922b6d3a134c3f7e9a0cbdacef313f70e8d9345bf5fbd71

SHA512
71e55c16f9f8fc936f8607448916bbfa1ba233b7120b8676fe11552916ac4dd3e3a7b0f9c31e14048933c8bb9c9d6d630ab7d28389f31749640cc965b2636565

Download Submit
/data/user/0/com.guokr.juvenile/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_d0ee4a8a-1c44-4683-84be-b7d3eb7d5d6e_1704414239393.tap

Filesize
348B

MD5
7a86ab7d91c6eb2df36755e54b2444d4

SHA1
80678b786766e0fad37876ad49ada0a604d7ced3

SHA256
324109c9cd62c9fee5c0c627da0135822805aabbccb787366ec547cfd9c6df1b

SHA512
daa410922ad7839aa78895b59667bab06dba5bb38f9b97d5bd0c84f0e9b774359bac7998de99a04f822dcb6e61f29fa5914e97c75e2364005b992e75a43247e5

Download Submit
/data/user/0/com.guokr.juvenile/files/UUID

Filesize
36B

MD5
22b6c8a4a4e47862651ebc2552213fdc

SHA1
1f73dba17ba04729f3a425ff64b0e4cec2767fd8

SHA256
05b07a44df1fcb9c3ef0f81530d2fcaa2a3353637c5ac458750b26fdc80c245a

SHA512
ff37dee350dd5872f1d5120c227285f08166723f4dca53ea0a813d91639d6958208ad2dbbb26e4281da510912f58b8332541a55ae0626503b2a28e96d0b44686

Download Submit
/data/user/0/com.guokr.juvenile/files/jpush_stat_history_pushcore/normal/nowrap/a6bb2006-8b8d-4ec4-8268-59a97caa3fb5

Filesize
187B

MD5
48e8254b99426dd0c315338ad5ee9b14

SHA1
52db9a52cce106bcd7ce0255b8cde3e00af8e88b

SHA256
3627b1161a437bb07553b8912cc1a5d718dc2dae65418887cc5b080d116cbb2b

SHA512
c36cc89d34e4ffab2b44099924312b2fce93b400d3e1c810bb8f10e9dc430fbe15f2d0902a053bb73a37680dede035209fca7a08b65791d15cca6a0652d5b288

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
48B

MD5
247f4bcd7d8b7eeba3620285b62a1f3f

SHA1
b0951b56fb300e37fdb87f943625ccb241814c76

SHA256
8433a5a1663972230a45f04991595b630d535d56f054a83ffbbac72975bcd14b

SHA512
ce73b058e639b3ed66e7849a1208dddeeee37a17dbbb617d4c41f5f35bdf64e08ef44fbcc7b7cf026e9ba3240250ed68c23b1e5729c0ffa3a8b93dde5e2a65b9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads