999eae7b40be595bd09e2ac72e75d04964e567d159f320a4936676a1fecfe1a1

Analysis

max time kernel
3632576s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
31/12/2023, 02:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

25189b7537864f31115fab6b17cf8b04.apk
Size

7.2MB
MD5

25189b7537864f31115fab6b17cf8b04
SHA1

4eb02b2d34ea892f36b12c316bcdf3bedb2fb0a5
SHA256

999eae7b40be595bd09e2ac72e75d04964e567d159f320a4936676a1fecfe1a1
SHA512

006d55831b287d5f91666171002b3f1535e7ee773ca9f6e9a5303bb5605c0d1e5a6546216e4858fc3d55f038b687e4bd57c6de1d3629bbc54d47432dc669a00e
SSDEEP

196608:YEgKODBIYso+clQJSTUyckZZE9sjZNw7VfOnO6Wvc:jgKODBXXSlycOEGqMOS

Score

7^/10

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 IoCs

description	ioc	Process
Accessed system property	key: ro.product.model	com.hnqy.yxqj.aligames

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.hnqy.yxqj.aligames/ucgamesdk/lib/ucsdk.apk	4304	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.hnqy.yxqj.aligames/ucgamesdk/lib/ucsdk.apk --output-vdex-fd=53 --oat-fd=55 --oat-location=/data/user/0/com.hnqy.yxqj.aligames/ucgamesdk/lib/oat/x86/ucsdk.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.hnqy.yxqj.aligames/ucgamesdk/lib/ucsdk.apk	4257	com.hnqy.yxqj.aligames

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.hnqy.yxqj.aligames

com.hnqy.yxqj.aligames
1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4257
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.hnqy.yxqj.aligames/ucgamesdk/lib/ucsdk.apk --output-vdex-fd=53 --oat-fd=55 --oat-location=/data/user/0/com.hnqy.yxqj.aligames/ucgamesdk/lib/oat/x86/ucsdk.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4304

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.hnqy.yxqj.aligames/files/GameDataCache

Filesize
128B

MD5
b1066d1d3253671a0e18ff422fe56fb5

SHA1
a1817b18277bac22564e47959fe0bdb5d66e4a0d

SHA256
838a2a4874a7d5473f53dc6caf2a3aa5aded8a416cf9c622e8bc0f2511b4004d

SHA512
c512fee026a53425b3feff1b9e098d1aa256da4924e13c8f92255bcf4fc26176d09fa0f778f532f9243fd76b095a1433e76ef2b1e052bec75baeae0b2fd460fc

Download Submit
/data/data/com.hnqy.yxqj.aligames/files/GameDataCache

Filesize
128B

MD5
d58e28b3cf4e5f4ed3213674ffac5770

SHA1
c1bbc6f92eebb2ce5a077519a637edba132d9c4d

SHA256
1e06a249722bb8a7b866dec34884345d6f849c2699da996aca5d151a1c74a24c

SHA512
524e43188e3088da18d442dbb13eb9d5ea19e3ccc187a737e37db75e239f13ce3eb6b014d646a59ea17d2efa974a147e3bf5253a29cb4faa77e06c2d5f51dc75

Download Submit
/data/data/com.hnqy.yxqj.aligames/files/GameDataCache

Filesize
128B

MD5
aabf677059b82216a634448c497de882

SHA1
fe79d2d152a67ad4e107457625a94e343a5f53ef

SHA256
e8528e5842282ed4f15b91b4bad80a55d9710d2f907673c3f06293a4a5eff616

SHA512
92aff4d3bfd63e5e0ff65f0b601eb5f4c65d8a8bb7038a91babf2839292da8aaf5f675d15d8fc38a4d1653f2babb6fd87f1cfd08b9b2dba234aa15bcdc1985bc

Download Submit
/data/data/com.hnqy.yxqj.aligames/files/GameDataCache

Filesize
128B

MD5
9d14ab69727eb1e88fd67fdad2298491

SHA1
c0bd302babc1ed256ef6564a8ce96e48cb298823

SHA256
830b022b91b6a274419c306d97b515df046ab2e6526ab740700b9c3bee7b13bf

SHA512
66a962d684f618dff22c801ec0a14f2bbeb25d7b4d2adbe608bc8605986b3925ed93c68b64eee533284fda250cd2b6b1f9b8cd602d5fa9f3e375dd8e9ef5b1ed

Download Submit
/data/data/com.hnqy.yxqj.aligames/files/GameDataCache

Filesize
128B

MD5
2b806d9bee9846d6c5417346407ed722

SHA1
261988c0e4b96e78dfdf45d8fcea1ae73bd57956

SHA256
0ce69eeda1a3270c307dd1db495c247f412f6aa265bdd7cdd2a2c1a91e48b63f

SHA512
425ac43a2769f3336bc933f73741210f6613b8f17a038cb117752ec293a81e8f591a892ff73752b431fd5eef473e20d9ebbfe3f317aa5f5a7d83220e6d3dc723

Download Submit
/data/data/com.hnqy.yxqj.aligames/ucgamesdk/lib/lib_ucsdk_softlink.so

Filesize
17KB

MD5
4604e80a18c9c351f66c0d6e9306ce91

SHA1
836716b6c9abb39438f4cd40c35fa28587b357a9

SHA256
6793bbb4802dbb277de39f6cf041cbb94a899714033c80121291acdbffb969d1

SHA512
a066590008ec35c92749b3c704a8de76c1174a6006071a4def2bdddfa1b0dd4e6592db787d016294788e5f59f2a88e10f5e189ba0b88352b5580ebbaeffc85da

Download Submit
/data/data/com.hnqy.yxqj.aligames/ucgamesdk/lib/ucsdk.apk

Filesize
37KB

MD5
1e5d2ae8f1e890c4182fd46f6a84f932

SHA1
7f86c7f330038b2fb2289723b483c4077edacc3d

SHA256
8ad31017a72b5afd54856038d992514ffe66e56b508f34897992426344f7a46a

SHA512
d08231273c8c4338917a73ceb8fa963246feaa47eb028e6faf25dffcee42fb0c7efa7e4067b96bd7427abb83bc63a0ecb6c29368167ba129e403c8bb0c4ff15e

Download Submit
/data/data/com.hnqy.yxqj.aligames/ucgamesdk/modules/update-1/cn.uc.gamesdk.loader.apk

Filesize
1.5MB

MD5
716b7e58abb44d7a18c65761f954d8ec

SHA1
cb0af530b5f5b96440a69b274bcbe11249b5cbff

SHA256
bf3f9ed831bf82ebd307a3d9c6b171174192d1d8cd16c5449248dbc23b37dc56

SHA512
dfc5779fe2974cea9f40718f3f85c811e707978cba5ce2c74a1765d90d2968b1f608b2de47315b47f09173a5470e7481eef84b47ec0043d20bf3291500164553

Download Submit
/data/data/com.hnqy.yxqj.aligames/ucgamesdk/modules/update-1/version.ini

Filesize
11B

MD5
16716749512e561494eabb78a86f78f2

SHA1
c8cb22ebfd7023a9539e2a0c8636921cfc50b848

SHA256
f08047e2ebd574db5390e9f839da578323caceeebb24b17c2dd442919634d40b

SHA512
4e0b8f23168eb597ba20823240f52a1bee516595f34ae43d37688710b23d1f6fc8445a268501cd20b84e4271d691dbea7cadc71a5b037079bbfe1d015b87fb6a

Download Submit
/data/user/0/com.hnqy.yxqj.aligames/ucgamesdk/lib/ucsdk.apk

Filesize
72KB

MD5
57d6409f2b13c501f14aafd641a4abc5

SHA1
8166381c0f54852ad0fff84325d5718497440c83

SHA256
df76a3545fcf49f3069fe6b69f0b46ba229c313dc61dd699f0d7b308947396c1

SHA512
87432e2315aa9db721f85d98c031b088e5f900362be318f7a67ada9024ae1d615165ffd4ade5a129b9afc663b274a3efdd1a3da93ee11a32fd9533b4ed160ce7

Download Submit
/data/user/0/com.hnqy.yxqj.aligames/ucgamesdk/lib/ucsdk.apk

Filesize
72KB

MD5
bc98a72c1ee413f791f5af39d379e4b7

SHA1
3ee3542c278d7ade2b3a2854a2937c5989557e4d

SHA256
357885fa36bff7b60745a4fe4174d18598de8a15d713c951844db174339921e6

SHA512
a13c8a7c597ff8f6d3a91b4bd48fe1dadbf00feb915fcd932d932f35797348b8080cc123d2e8c4deca8e9a13f3cbc77aeb508569cb56393615f20d7999529947

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
e50e6c330c8d756b431dd91f7ae1061e

SHA1
cd378bef1f3d58222b5009aafd9b9de871254dbd

SHA256
40319dbbeb93168b510b073a89cb30f25d9d1e916c34d587361ca5c7a0efba38

SHA512
f87eaa62dd9180ecd458fb947473b46f7b3ecaad99683bef217bf82aa7aa8493b34bf6a6f359c27249f1f89fe4ef5b9ef99d09d557e4d394f92d38f25a7c0ceb

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
dbd23bc747545404e9ffdcfc131d40a4

SHA1
ce5a5b6d3481098071550caff1fa77144268db32

SHA256
f1dc56d003ccb94b71282bd52c59d3b1a71ed192c65f7130aaf0e623b5c53caa

SHA512
17618456939d9f17efe5a88fec66dd549b5c45ff1ce25d02619ac62e509892c9da12c26f416f5fc761a53ea7403baba793653f5f23365e778dce7f3ec7322d16

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
4c46714dbe7d5eefc25fc1870a1b48b3

SHA1
6bacb759bf30a98f46b6305cdfeae57f0752f668

SHA256
0a86603143b66208eb1ada736ffef4465331dc24583d8486be06e55792ecbcfc

SHA512
bb810be7c40e9cc5b3a80496f34076cef80bc0e9941ea15dacbb85e8c18ef9df2e4edc04560fd1cd0e180b7ba1e03f0186dc28467350c8890b4acd4111ccb4f0

Download Submit