67c2729f033bdc43b7e85d06ffb4415eb9c35c491adc8b958067bba5838f527f

Analysis

max time kernel
3610920s
max time network
139s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
31/12/2023, 01:08

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

2293e30df6877328fb0585bf45a5827e.apk
Size

23.8MB
MD5

2293e30df6877328fb0585bf45a5827e
SHA1

a787ecb0c0a7fa9f334cb9dafe553e71c1194efe
SHA256

67c2729f033bdc43b7e85d06ffb4415eb9c35c491adc8b958067bba5838f527f
SHA512

e259adcdfc6accc9d247b4c16e1baf5aafb3018f73e6d435ad152dcb1499a812322723ae92d1b609567c946ac5afa12cf3ef201e13a0a1959741b201d236a284
SSDEEP

393216:uUU+Ie4upQ5u/edilqahi2AP0YW0rgZU9U6lPrCBUrnl0+w9+x7mk:uW+2Q52edilq4iDTKWtlPWirl0+w9+x7

Score

8^/10

banker

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.youpinkx.yp

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.youpinkx.yp

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.youpinkx.yp
Framework API call	javax.crypto.Cipher.doFinal	com.youpinkx.yp:remote

com.youpinkx.yp
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4269

com.youpinkx.yp:remote
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4311

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.youpinkx.yp/app_tbs/core_private/download_upload

Filesize
108B

MD5
69b560e0b920f47c174d580704f91161

SHA1
4c994c3e3807e88575b995d352e7e25548e35b2a

SHA256
dc6288bbed9d1c41c3658137bedeafc8bdac4e534c9d51ee16bb24aed9546e7c

SHA512
129910e3b13803953af04d98809c26ec73fac9a55f9c1f64ab4d8cef8e7dd0ac873d4fde0efa0300b8a85b0c49285093803742132abd2181e86c0954ffcd21c4

Download Submit
/data/data/com.youpinkx.yp/app_tbs/core_private/download_upload

Filesize
160B

MD5
ee5d75f1b9a0ef3166ea70fdaa6c6af4

SHA1
e91d0f78ea32dde79b315300b792d50bb7bcf697

SHA256
783cf0340c366271b51482c7e68334c744e5429db77134a2e7bd89b6dc3b9903

SHA512
3816ff6d216d8133e99d447ab0c3fb018e02369f80c653c87b11a52557ac7c9a3d587f69381d61e0ff2726bcf16541c3cda6dcdb1a7aec32e75f6accef669fa1

Download Submit
/data/data/com.youpinkx.yp/app_tbs/core_private/download_upload

Filesize
56B

MD5
46c714327660fee7264be6daf5cfd884

SHA1
29cfde75accc374421873b2f6e77b2e8c1a9672f

SHA256
9d4d376b4f194e16dbd75f173bad8c6cf01b51f7c89aba115fe5ad86afe8b44a

SHA512
09c3debfb7be22868919bd5d9c0993614cc11edf153dfe150e4ee874331f04c7c42e16d505b264ca58d5df613b5d373f4c6dd19ce303cf017799ed23ebf34c68

Download Submit
/data/data/com.youpinkx.yp/app_tbs/core_private/download_upload

Filesize
56B

MD5
d4b70b8e4ce11ce67e035df89277cd55

SHA1
c778d31c68a7e3eedd8048bb9af38a578f592e4b

SHA256
426d7aa3a9e7710a48041ad3c13ba15fb390499ea53e889b0bafb5d783344956

SHA512
288307582585f211a1c957543c77f831ba2412dd93c4ab621f521c466758d6c25bc8b192bbe4c5bbea3ef8a2b31ba9066d7232113525625b337f93fe1e9163c6

Download Submit
/data/data/com.youpinkx.yp/app_tbs/core_private/download_upload

Filesize
84B

MD5
b7f8bd4dbb1aa1d601ee9366dcb0371f

SHA1
ca3b3545e10219cc5cb10dd1ba0a0c82de20d3d3

SHA256
15ca353cc8e98acc63afc1c4a357f419b4b6ae204d5853ea98529fcd62739c6e

SHA512
cef0d3aa23078adb6f69d4087c901b53a0d800a1f3d3318923583139cc241caf4cc4c4f01e2236d7770c6f2664f6ab5c969c8c93cd949eb65103c7a79b55c867

Download Submit
/data/data/com.youpinkx.yp/databases/zuji_v6

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.youpinkx.yp/databases/zuji_v6-journal

Filesize
512B

MD5
f448619d9fa99eec637d9a7bf393e93b

SHA1
b537bb6671b2ea5b92c7395838c0e1f64e0c4558

SHA256
19ebce0aa979ceb6f136cde1d760522e7439894becbb90f8a9ee3b2b9980be2f

SHA512
dc3fd786dbe271cdd88dfdb78abc3fcfd8a52a1ac3f36e440cd91e52daaa48e76c020974863a7475022fb56f86a24a96670791a737036707aac2a84a47d78405

Download Submit
/data/data/com.youpinkx.yp/databases/zuji_v6-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.youpinkx.yp/databases/zuji_v6-wal

Filesize
36KB

MD5
87b074603f256c44815ce7cb2f1d1c10

SHA1
b61dffb6c42ec7fd9bb053c82b2a9809d76c4005

SHA256
3f01d9fe38363e3dd93f97d1bcc17c9db3a6d8a4d832b2251d2a8e5cfc7313d3

SHA512
803e4e6e20236cac08ea3b22422d35ce93325d068fb3b3af122898cc5549e80e070f063d2d479cfba70188af96e4c660287c47ff1a0db29ce07204956b599b58

Download Submit
/data/data/com.youpinkx.yp/files/jpush_stat_history_remote/db80afd0a3989c46942f7293/active_user/nowrap/9a933464-dd53-4d6e-ab68-50d29337544c

Filesize
159B

MD5
5dc50b530da7504820b5d9dee86c83ed

SHA1
733ce8f2288138a40d90a6901b52e2d87f0cdf4e

SHA256
53afe5e2c9a4e722db5fff917848c7159b0acc85c99c7cc253241a32a76150b7

SHA512
55a08aa95264fc1a5aef25cd85b7d7a2a95350644edec450cfd9a9dbcca3f323e7f9e812c4c4dda5afaa9ee5fe01c250c133aa02667f291c6f77abb30b4ad4b7

Download Submit
/data/data/com.youpinkx.yp/files/jpush_stat_history_remote/db80afd0a3989c46942f7293/normal/nowrap/c48075bf-303b-4874-9edf-2e3abe0ff4fe

Filesize
5KB

MD5
842d3933161ff637bfb8623c327c6cd6

SHA1
08e65ea8d0e21006c057aab2afbb2919a66a29fd

SHA256
3d013a2081fe41f845f1e090fc34f6520e9f42958e0691b0d571a3de282ab64a

SHA512
bb44133f929f1dffe7a8023be7801a2ccc1edca20ec9e8d78cc164cce2662c007306c6a5f60b09606aff65f0681eb84cdcf25fc66048b15e7039940737486b91

Download Submit
/storage/emulated/0/Android/data/com.youpinkx.yp/files/tbslog/tbslog.txt

Filesize
3KB

MD5
55f028d164e92e9140ebf92654fa8856

SHA1
a8dbeb37e7705c95af7de4ffb61801900c92f86a

SHA256
3f3f0cb8e6ce1f6546e67728798f66bbf010a868d6741fda6cbb02a325ec85c6

SHA512
6ec6b7f8b6a81d745f9e84b380fb89c0d340fe4006ed9010e62f66c4c542ad1f066e9787530b361d31736de45fe5c29b6cff2c372fbead7754a18d742b1507e3

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
32B

MD5
7cc0356d9c82530ca2a50af850e00b44

SHA1
9f9f7f2ce2b3a64dd1ea9caca27e520b99161d7b

SHA256
125bdfded25064198270d3953ed41fc238c02ecf52c2b076783a3f6c2b7176a6

SHA512
fb11ad5a15cca8c5286f7afb7479f1f41a23f9e2a256592f2df3b5c6fa0bc58e68d334566290364cec76589dbec87e1eb1c7a886ff8bf078f3b48bd915381259

Download Submit