Overview

overview

8

Static

static

6

3b9e64639e...85.apk

android-9-x86

8

3b9e64639e...85.apk

android-10-x64

8

3b9e64639e...85.apk

android-11-x64

8

gdtad.apk

android-9-x86

gdtad.apk

android-10-x64

gdtad.apk

android-11-x64

Analysis

  • max time kernel
    3699561s
  • max time network
    164s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    01/01/2024, 02:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3b9e64639ee948dfcc73bc88dddd5585.apk

  • Size

    5.3MB

  • MD5

    3b9e64639ee948dfcc73bc88dddd5585

  • SHA1

    36761a4c0845f2a65d53aa7f2e8b89061167086b

  • SHA256

    8b18edb9544b2865ab649c3622c30275cd328265d120ccbb7226a7c6234e4a96

  • SHA512

    783e1c03f2c5471c2f8fce7c147a03a11e1cbb890883ee2db129f3cbb462fd19ca0aac86ec01c198c8c6f808c3670dbd4d6d351ff40e6a9b224984ef15594b88

  • SSDEEP

    98304:dLv0jcB/u3eccmROZEoSeP4n3y02DFanKILgWGV5z5WymK24di68lwgZ1inuEwU:dmHjUVUgDc5g/R5WZK24drgZcnuEwU

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.yl.signature
    1⤵
    • Requests cell location
    PID:4980
  • com.yl.signature:bdservice_v1
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5017

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.yl.signature/databases/teldata.db
    Filesize

    203KB

    MD5

    bf58654489211e010666eef4ec017bcc

    SHA1

    0ed8c5ef72ccc1a98c0ebda56923512b9ad0836c

    SHA256

    b3c665007bed216e97462a1572bb0ad05165685e0e7ffbbcfe921bbd3fa2e886

    SHA512

    3cc1e49e14d0e6aebac41149a0d5f05d9d5c293e2be9e3f79afa276665902f0c46f7bff6446bbc1db3e4d02cc44901d4fd971c2e9f2c01317364a69ac0605208

    Download Submit

  • /data/data/com.yl.signature/databases/teldata.db-journal
    Filesize

    512B

    MD5

    dd56ed8265c26fa4efd28ee8e9286c81

    SHA1

    99d0ceb951a218034450246716dd255cb8b97b07

    SHA256

    46c66ff487aac1fef14f096101694efffef77aa4f3ea47b0dcd8b8641f7ac561

    SHA512

    115c4646fe7f2fc0df36ebc833dc240434b4631e1a36c8b2041024c8793f5591cdc24d95a7682ad850fdecafcdbd8751810a8399c2089db9f5f5e8aa7c4ff70b

    Download Submit

  • /data/data/com.yl.signature/databases/teldata.db-journal
    Filesize

    8KB

    MD5

    1902427e7b44e36c857080c814bca42f

    SHA1

    8f6cd699ac9e0bb37cee2a8a4e2be1020920a9cd

    SHA256

    370332de33852b56c608c103f0d1eaa827b71e6dd0088e225825ad695e798e3b

    SHA512

    22f978ae71e33be91dcf2f4b6cbebe5ad809625c5ced9dbbc836894479e0d556f0fb501c07699fc2c225bddc1f4cb99d181953ff5d818fbe87cc50a15d1b350f

    Download Submit

  • /data/data/com.yl.signature/files/__local_last_session.json
    Filesize

    109B

    MD5

    5255eb5fa65ca5b732cd154f16ca4630

    SHA1

    f9dba3d9ccd24ee81e3fc76462e2405de93e44a4

    SHA256

    ac1f50053a4f167373c614b37a48d31bb63aa502163d39a7ec67a0571ff96894

    SHA512

    9d381934551179813f49a5239ae02b7ac8fc74d2adce5c91b009aa2dbc5c29cdfcef4151a269b95ceea85743aa4fe6fcf965d38c7a7fb0a6fd1b2a278a13cebc

    Download Submit

  • /storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db
    Filesize

    12KB

    MD5

    163b0e3f017becbc89b9d7f330b78f09

    SHA1

    1ef9cd8ac8655190468d0ccece0a4738634ab0f9

    SHA256

    cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36

    SHA512

    6a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd

    Download Submit

  • /storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db-journal
    Filesize

    512B

    MD5

    429dc5c52983a40e4eb3ce80384cb6b0

    SHA1

    e9aeb1ec0ea581346d37f57aea01a8fdddc7a55a

    SHA256

    09fcd9c317b2f9ea0d3ef208191579e64bcf7df3732d7be5eb656dbb2469ceb6

    SHA512

    f28b7b94abdaf79bf36bb98791f5522c2b667440ac9997a2dff32acec9f5577d1176b18ed85a0dd720629f8d614f11916d2c53d7750116fe642323c6209339cd

    Download Submit

  • /storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db-journal
    Filesize

    365KB

    MD5

    f90b4e308476a35ef61a0487a68cae42

    SHA1

    9dbef88ffddef94dd32fc9aad3403c5827196162

    SHA256

    1a6b4d8c11754893dfe001058c26975c320a0855e68b811dd53e624207299f4c

    SHA512

    51513cf634e70c0473a65bb6ea2aa4892facc6e74d217386a1364caa6b2320d13ac8092f7d8e0717e7564a5f22ab9450255a281b7f8f1de26649f149312bb30a

    Download Submit

  • /storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db-journal
    Filesize

    8KB

    MD5

    7cd11adb16524efd7d60858bec589f80

    SHA1

    dfa8cdd2b103902e1ab88bacac1a6a119d929382

    SHA256

    2d7375d04cf1facd8c53b175cc7c59546b494529fdeda6aaa48f9eafaf04b3be

    SHA512

    13e2447131067be292276bd37dae6effbf5adfa8c3ec7e8a61e26116a73feb84e39281d6a77ccd83683fda43dbd85b69a62a8871f59b7c609c148ed5b5bd238c

    Download Submit

  • /storage/emulated/0/baidu/pushservice/database/storage/emulated/0/baidu/pushservice/database/pushstat.db-journal
    Filesize

    10KB

    MD5

    a35826ec9fe737c4467862f7685965df

    SHA1

    2e1f8ae8ccc74eb219f1069e1a3ebc15b31d0459

    SHA256

    c5144b4e5dbb7719f76e08e413c7da1c35719a4f7313ac48e519698f8b4bafeb

    SHA512

    ddc3b56d6ae17df68ae150fdd377f660f649e5feda4b6716f7d91a57d9c1fe44fb1836ce67db56a58f91db58834901113a832d1fd8cbac8b6c5faa7e1d6a5ccd

    Download Submit

  • /storage/emulated/0/newishow/logs/2024_01_06_logs.txt
    Filesize

    96B

    MD5

    b678bf4ca97f44527b9b1e5dcb2eaad8

    SHA1

    ad82a2803c68b373a72178db3a0f4f415ac48f85

    SHA256

    3c554506892a8a419740e469d5f75296edc054bd18a969aba8387cc6633651e3

    SHA512

    40d492064c423b33098c4f5dd6d38e2bed97032d998c906bc86240f5b98bfd4db6cefbe73b4b9b7400d6f30f53cc71d2464709d84a9b2dde32af699ab841c31e

    Download Submit

  • /storage/emulated/0/newishow/logs/2024_01_06_logs.txt
    Filesize

    138B

    MD5

    b2469afda6677144f78f1d85226e1c6b

    SHA1

    1581bc7932b5cd2296ec6c97103df993f12b058e

    SHA256

    23e2f0060a44245f1e10b0445a87dfe022188b32fd2888d4fcaaaecd9b2c19d2

    SHA512

    94c875f7bdb30c41bccab283d610fd03f6f681471f5b020f1d5f96eea5e902040d40b1bc4453da0942b8aa12d8529ece7bc7ddc1c07dbb8b8f4cbf6af6ef41f9

    Download Submit

  • /storage/emulated/0/newishow/logs/2024_01_06_logs.txt
    Filesize

    46B

    MD5

    4737bc7e62928fadb09fab6f2558bdd3

    SHA1

    668eeace8ad59882c9cb344b1a39eef44ef8ef34

    SHA256

    a45f552bfa38a328a3ac58878cc973fd66872a6ea32c3e88f4cbe42d4bd820c2

    SHA512

    2aef901df99b8e2ada999eb49ea6d7b6c5e4d0d4f96507665e02d9f6d25f65c89f0381c5d53df764bc11c42e9be43e7f17a4e5879c84c50d8292a4d5fef201dc

    Download Submit

  • /storage/emulated/0/newishow/logs/2024_01_06_logs.txt
    Filesize

    139B

    MD5

    1cc1cc63e9fd53ab2a1099a668d435f6

    SHA1

    939b7a141f90727771d720ccb3a04d0e852e2f6c

    SHA256

    a98e447b7f0b3d04dbf7c8f5c43ee0cd5d8f482804bd2d0619ae7eebca8e5149

    SHA512

    0410e11b3acc7d843df261d2c61438ad068a1c6b3e0c0f3574a639e7b36b5488151ebd163683f20e03fdd312a53333c9e21ef5c21dcfbebdd77e0617d5d36433

    Download Submit