Analysis
-
max time kernel
3880413s -
max time network
149s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system -
submitted
08/01/2024, 04:16
Static task
static1
Behavioral task
behavioral1
Sample
4a69ebf62a54dcdea0a0677828fa1a5c.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
4a69ebf62a54dcdea0a0677828fa1a5c.apk
Resource
android-33-x64-arm64-20231215-en
General
-
Target
4a69ebf62a54dcdea0a0677828fa1a5c.apk
-
Size
8.7MB
-
MD5
4a69ebf62a54dcdea0a0677828fa1a5c
-
SHA1
3ae2fdda5f450337ad4663bf9b3f1c794457cd24
-
SHA256
98236fa9c330434da53e7dee5568213834921891e48b902a1a7ffa5a249cc4bb
-
SHA512
c280a9cac89a080a95aa89b64393fb3ffbdea4cabfb01373eca3cf6262894ea818ac6d63dbc0085eb06eea97a04790f679a496b8f37431d47a18602c3b7c6d56
-
SSDEEP
196608:wKuWp6SBx2PdjbORDYVw0SFunl+2QEi2qK4GiD:wjdamSFunl+2ji2qKyD
Malware Config
Signatures
-
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/data/com.charm.guard/.jiagu/classes.dex 4202 com.charm.guard /data/data/com.charm.guard/.jiagu/classes.dex!classes2.dex 4202 com.charm.guard -
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.charm.guard
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8.0MB
MD5688d6ba253ecbaff84e7970eddec3b1e
SHA102ab62864f8647bf631423df3c526a1da2a09963
SHA256c06d8c4096525f6a2ca432940fdf8c9bb0b2ac7d70bb1de245683d7fb53585e8
SHA512807a776a26f829ae8dae0c84e6a8e0c25a4f8970a54c5c6fe548c8951070768abce0ecd7f72f6f0a532ea96acddbce7a1d3d664a2293bca6614ae6004c08a2db
-
Filesize
4.6MB
MD513ed86c05ca106a5428b70bc954893bf
SHA1f0a758c2e988a31417f02e3b251dc93152c19219
SHA2562bfd6e69f3ddd6df6200df1e22640777ef24b23e9db2876b15fc573ed6d78852
SHA5125d643a61d70e5c400f1810b59810fdfea88c6af14260bd30597f48fcc7dff3e54b0e3fdc4cf5c68761165f31dd837f4ea60e4dda806181414bd054dbc81b0190
-
Filesize
562KB
MD5d141f6661f27d70822c7021d752d8af6
SHA1e545f7442dca4490cb67b745f6f13ed782b1971c
SHA256e0313c66404c4fb7d023824265ae5a922079d422509d4b59c6fe45632c60146a
SHA5120b2a4c540c077ed93561f249baa75a65344e75dbfaefdb3a68c0d653d79bb5152fcd42c13f34a87b09583f33f1a40231b4f31416b73c323859885374ca0667f6
-
Filesize
32B
MD5069441a3fc54cca1712a2e5df80d7b6b
SHA15e91d593123d58d118de297409b7767186264487
SHA2566474ce3dfa7163a26aaee71e03229676df925c40bc72b03be1d1ed5c24efdcea
SHA512952e6326e9e036251e1a19dc320f2c9626fa89114edc500bf67d7dc53607b7610a998c982c0a14fa774b29cd4ea96e9649ca53942b7bdc4eabc187520aac7781
-
Filesize
32B
MD5b39e54e49797c995fe34bf62b4882d17
SHA1e16add4955875311f445e47265d8b77aa68c8d28
SHA256a63ba0873f380359a083cf4aa3b83dfa40039f38c0fd258ab841981ca5304dbc
SHA512ff35617a848799607a044aaa2688693796c97740c3075a90802c9a6f3172d774a45f0021cdb37a943faec7627d52010f5381020ff3d8d0783823cbac30f7a7c3
-
Filesize
32B
MD5f20f4961e89c23f712cbd9d6042b5977
SHA1509b73c6d6faab2039b5605ee9cbc2aa2b13a557
SHA2566ef19e2e20538b30345a82957d0ec37efddf22c017693bd2e26ffb99abc085f5
SHA512f2c7d05d0d91bbd571441532aef3e25191fd7f8e246605a10cd73183ca7811ff98bdf32da77912d2e25dfac337c6c3ab16013af0d89c1774f12fdc1bcc20d768
-
Filesize
32B
MD59e49174d58fd344acb6fdccd31360247
SHA17e76bd89096f9f1cf124c67b712ee9c7fcc80c21
SHA2564d977ff2d95d91b6053b099bc0d33a0a07c005409f9f3e5e4a290ca4340c21db
SHA5124faf1bf914445558ea5c20e5285c7861fc9432aca4a8ef961d3abd0060d6a9a9f0666c71016a8c92ea75acd6e85096e8f70a5bb937fa339c4bfd38ad3ab02424
-
Filesize
64B
MD5f309d61bff35f9e63c5af590672a0ab6
SHA135cee5ef1b511314be3d336828b9202e3d9f9557
SHA256a157624741059cab581838aa547ada725c9aaaddbe1102a33b6a8931ecd9a221
SHA51226305baeb3fd7f0e0a7f392360271a93555b488c141922416809cb30f0f851b4b9915b34a04c1f3384effa2f5ad60b43d7f3978d39170064c9ecda7b4b057d87
-
Filesize
32B
MD5a8816d6fe3561e387d6fd23044e1188e
SHA1e0de618f82e3ad480bdc20f513af276244d57c49
SHA256c7d1475d480f836adb530f497b6597cd0e7150a3298999c834063fc80a113b8b
SHA512d4f1e6aa335c138722406b7e8c74cc08547ae6e316a18cde278718bdb574a3325f9d9343a8a7cb02f750a726454ce8f8d53971dd65ce036f943c0cb259a9c21e
-
Filesize
307B
MD5b71e1a9c36f489ef54c180157dc6a7fa
SHA11daaad692b1990eaeff5b7a3d8d98a3c89f0797d
SHA2566139314e34b30ea2b9c4fcc240da1f3beab7fc866288ff60066844a0c39d2f09
SHA512260c48b963ac8cd6f47591c22c97c448c1f533fd37bf00d8099ba77c6a7c1d865b42c4a7213e615b8807f2d0c1e02bb160c9faa8bd2c4a21c7f44b62df89d66d
-
Filesize
307B
MD56e361bf28466b7a572f8f8a0c7f3e4a2
SHA183cddb5885925db23bc43b694ffa2b345a3086a2
SHA2561ce4b118c7c0b1741431801caa29b1ffb0a1317d5656d81b8d77a7958c0c8072
SHA512d704659e668ff4e0aa9e91639209af1cda4c7fb4e24254818d5a3a7402a8dbe91a0d7d7f11fbcccc51b04f31fd9cb7c0baee6b75b689ca35ed8bdde4e445cc15
-
Filesize
314B
MD5963d31f49ce46fa99dbc868cebbcb971
SHA135cd8d1db2f4c62e1bcc741711fcad761553ce24
SHA256b585450b838a35cdc996ef20d8caaf64c850db81381e8435a8e50bb70abbeec4
SHA512c616636fd3bb0ae57ebae7eea4ff30caee3a94cf7789389cfa1dc37c5d40a98093c0c64ef141d49e0c8f185e718b8233cd4934df4424bf3c7f739b7fbbc14baf
-
Filesize
32B
MD54814d63b5a64f7565e6ded7daea31d9e
SHA1f12a30c5651faa9361bfc33843c816e98b3848a3
SHA256745503df22304a5a831c8ad79268aa912c2b1a2d4426c7d07197b35844868392
SHA5123472383463b64c42746f9c74b61f85244bccd3a52c54464fd14c1ae4d3009440219797bf72511cab8ce461b4f58e8a4abd6d8f20f57eda1ff45601e4bb18a885
-
Filesize
32B
MD5a840c5a793d49940b43314608db57b45
SHA15458a7e6b39b0bb77b1a9853bcbeda0f108513d9
SHA256e2b3869eecca6c561f22787253fa77ce5a248363a93e6ddd601cdd1ab1092042
SHA5124f7dcc4c00eaa25d4f3ca04fbf9c3d9fda3349707c05259195de70e235b731feacea1df4986e36139003ba96466e2561eaa7f5526f7f3eab3ed59f76f85bca09
-
Filesize
27B
MD5a2039497f5f1795fc395402b35f77345
SHA191867a1fa8a3946d302b60e3530901d6b170e90f
SHA256423ee9918acf61882eaf8f47d27ab3e14b44d08ef3a57cbe4350f620920e2e79
SHA51269a53e2ebea3e1cf962c57f26f5c5e4030daa1af049312766bf7669a90074bbbca5a74b5cbc021879f574e6dc29b3bc7a5dc92d632d1e4fa061b6f5d327ecf8c
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD59c9d9e6553515a5140e46ff352c5241d
SHA1bd92842d36a253a1cd2ee38e9f6bac56d1aabe68
SHA256e54a390e144d688748492520825eebfeebc33e3c02872bf5c92d6a7e4458bad7
SHA512934b67f7f95991e7d6e8a195c826e8d3c99c1ff77843ed346ec1255da568f84abed9da9718ad7218a6ce78bb948694302f797defae93e4d5c570864847291793
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
16KB
MD57cb22d73269127382dbbeb78a4006f99
SHA127a4f1a74e3306a06bf970cfc73f9e5d3a788f7f
SHA256218dbcbe6e520616fc32d9598794407ffb02fb08feb7170e483fc20bf56a77d2
SHA512ab3a8c09ac98a21a30ea4b1ad44077dde492d21a6196dff8175cd08f985425824ee2ae163b81ed55470a39cc3f9b9601b2df8535858c00a83086de48ca8a113b
-
Filesize
108KB
MD510d956cee9c784ec0f617cc3133d5486
SHA1e4567bd0e8558fdb786ecc04c4203288e3dac185
SHA256a1921a38d159f0e6cb6986c0201c1278372bc14f2bd27dade395386989789275
SHA5123510cb4ff9748446938cd830b03afcfb3d565d8493e066827a0827379b9147974c1089b402206fa39edd602946ac6303faf1366383cf31934ac2cbbc4ab7e1d9