Analysis
-
max time kernel
3880421s -
max time network
162s -
platform
android_x64 -
resource
android-33-x64-arm64-20231215-en -
resource tags
androidarch:arm64arch:x64image:android-33-x64-arm64-20231215-enlocale:en-usos:android-13-x64system -
submitted
08/01/2024, 04:16
Static task
static1
Behavioral task
behavioral1
Sample
4a69ebf62a54dcdea0a0677828fa1a5c.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
4a69ebf62a54dcdea0a0677828fa1a5c.apk
Resource
android-33-x64-arm64-20231215-en
General
-
Target
4a69ebf62a54dcdea0a0677828fa1a5c.apk
-
Size
8.7MB
-
MD5
4a69ebf62a54dcdea0a0677828fa1a5c
-
SHA1
3ae2fdda5f450337ad4663bf9b3f1c794457cd24
-
SHA256
98236fa9c330434da53e7dee5568213834921891e48b902a1a7ffa5a249cc4bb
-
SHA512
c280a9cac89a080a95aa89b64393fb3ffbdea4cabfb01373eca3cf6262894ea818ac6d63dbc0085eb06eea97a04790f679a496b8f37431d47a18602c3b7c6d56
-
SSDEEP
196608:wKuWp6SBx2PdjbORDYVw0SFunl+2QEi2qK4GiD:wjdamSFunl+2ji2qKyD
Malware Config
Signatures
-
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.charm.guard/.jiagu/classes.dex 4231 com.charm.guard /data/user/0/com.charm.guard/.jiagu/classes.dex!classes2.dex 4231 com.charm.guard -
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.charm.guard
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1B
MD501abfc750a0c942167651c40d088531d
SHA1d08f88df745fa7950b104e4a707a31cfce7b5841
SHA256334359b90efed75da5f0ada1d5e6b256f4a6bd0aee7eb39c0f90182a021ffc8b
SHA512d369286ac86b60fa920f6464d26becacd9f4c8bd885b783407cdcaa74fafd45a8b56b364b63f6256c3ceef26278a1c7799d4243a8149b5ede5ce1d890b5c7236
-
Filesize
8.0MB
MD5688d6ba253ecbaff84e7970eddec3b1e
SHA102ab62864f8647bf631423df3c526a1da2a09963
SHA256c06d8c4096525f6a2ca432940fdf8c9bb0b2ac7d70bb1de245683d7fb53585e8
SHA512807a776a26f829ae8dae0c84e6a8e0c25a4f8970a54c5c6fe548c8951070768abce0ecd7f72f6f0a532ea96acddbce7a1d3d664a2293bca6614ae6004c08a2db
-
Filesize
4.6MB
MD513ed86c05ca106a5428b70bc954893bf
SHA1f0a758c2e988a31417f02e3b251dc93152c19219
SHA2562bfd6e69f3ddd6df6200df1e22640777ef24b23e9db2876b15fc573ed6d78852
SHA5125d643a61d70e5c400f1810b59810fdfea88c6af14260bd30597f48fcc7dff3e54b0e3fdc4cf5c68761165f31dd837f4ea60e4dda806181414bd054dbc81b0190
-
Filesize
63KB
MD5ab3082f1b901e3e2018750e55d7116fb
SHA1c92e11d792663916939846d0f23f4d2870c5c531
SHA2562aa120fef404ea25119c4bd8a952e3cd2826f413e637892fe5e9be50834f70ba
SHA5125741f99cfa0b9ed9af47294b344f6b8bb8b51ff1689c8e795d16163012ec63208baae4fb485cc4d976d82799a504d4f0d23b5d350041c8fd2506d3289727448e
-
Filesize
40KB
MD57922bb0ea4498ea33da5c1b9a76d1c58
SHA17b202fec78249284e1033287b14608dd8cf2b39d
SHA256d0d533814b0aff2e6615d15e7c3379132321eee1eeec64cd01627006fc00d436
SHA512020acaca076a37abf4784be5ecc7e53644bdce442d7d825b58149f000d1537e87f46b6b44a67ab8f7c8d7695715f8872c8496baba7ac18db09cad6446e9efbe2
-
Filesize
512B
MD5b107f28f89166699457285d18f687631
SHA1e6feb909d8263233ddadc3c38169f921cd6e43ba
SHA2562573c205fe200846984b807801ff108bad66e579a40277a66c652bf3b80bcd38
SHA51290b6d2440866fd1a6c2181b8d139da3ab3a3f6319060ec311efb20e4a5a247796bb6ed75f69428fb55985d3cfdaaf39bafbf79321af408e9daa3aa0ff28b3266
-
Filesize
8KB
MD557483f18966221de90a4f6cfcf8201df
SHA18a167a9550738f17ac9d73c189c9089d9a1b1387
SHA256e2bdcfeef2928a5e7f86f8dbb029f1ee8f92b21367949e0b0cd3ea3b22e7bd33
SHA512cee00cf99fe57afb2bf300ea4fd15a656f151700bfa1a08d18eb0e233c2af20492c532368e132d01bd48c365fbceec53c48894a55ddf314fe81ca8350a7cbbfb
-
Filesize
8KB
MD599292ce9277934c4286043322a028543
SHA1ba3a4405c7766c87b0bd6291492320ad8371bb41
SHA256e35600730f66e00ddba58069c02f3eb29b0a4a81461e27106496775b199e4d82
SHA512974051922f440ab880bcca17117a35e064cdc01c6a666792fe117f726eeb6f996af3d69853427508bc2a0a53c598636bb39fc948c4ad43f99c8f51477a89b92c
-
Filesize
16KB
MD5277d841c142fba86753b2ecb22d4066c
SHA17b8bf24685ee8f3fe9059031fb4714488313358f
SHA2566a5d9a9b45613e26eb327c36777ed5e173d7d32346024d3efdf0aadaf3962511
SHA512e6f18a83d7b8a8755a233199719ab33ad97dfec08e15ae26fe7bface4df7fbd9a94a7a4d0d3b812cc001df5144498bcb23109fd8bc2ba675daac5be0b96d24b3
-
Filesize
32B
MD5069441a3fc54cca1712a2e5df80d7b6b
SHA15e91d593123d58d118de297409b7767186264487
SHA2566474ce3dfa7163a26aaee71e03229676df925c40bc72b03be1d1ed5c24efdcea
SHA512952e6326e9e036251e1a19dc320f2c9626fa89114edc500bf67d7dc53607b7610a998c982c0a14fa774b29cd4ea96e9649ca53942b7bdc4eabc187520aac7781
-
Filesize
32B
MD5b39e54e49797c995fe34bf62b4882d17
SHA1e16add4955875311f445e47265d8b77aa68c8d28
SHA256a63ba0873f380359a083cf4aa3b83dfa40039f38c0fd258ab841981ca5304dbc
SHA512ff35617a848799607a044aaa2688693796c97740c3075a90802c9a6f3172d774a45f0021cdb37a943faec7627d52010f5381020ff3d8d0783823cbac30f7a7c3
-
Filesize
32B
MD5f20f4961e89c23f712cbd9d6042b5977
SHA1509b73c6d6faab2039b5605ee9cbc2aa2b13a557
SHA2566ef19e2e20538b30345a82957d0ec37efddf22c017693bd2e26ffb99abc085f5
SHA512f2c7d05d0d91bbd571441532aef3e25191fd7f8e246605a10cd73183ca7811ff98bdf32da77912d2e25dfac337c6c3ab16013af0d89c1774f12fdc1bcc20d768
-
Filesize
32B
MD5a8816d6fe3561e387d6fd23044e1188e
SHA1e0de618f82e3ad480bdc20f513af276244d57c49
SHA256c7d1475d480f836adb530f497b6597cd0e7150a3298999c834063fc80a113b8b
SHA512d4f1e6aa335c138722406b7e8c74cc08547ae6e316a18cde278718bdb574a3325f9d9343a8a7cb02f750a726454ce8f8d53971dd65ce036f943c0cb259a9c21e
-
Filesize
307B
MD598aec6859e5eb198cd2cf54c07bcae93
SHA1b46369bead93e8b236f6d2cb6b2d60e5f7e49434
SHA256c4f7f63ac45b5bbaa6e8dfd6ac3aae127d970ccacd521101b545a808a0527019
SHA512a54b6ba9478262ff35e7602cde610218492bca1731661e781edd37ba48670f45cdecf6cc9ead013bbb16df42c8d8eb3d47c6d85315391bcce004969c534b6a3d
-
Filesize
314B
MD5b6abfd39c0bb94a41fb781da2a42fb6e
SHA119495c6d8a6649c9db236651568503d8eb131ece
SHA25604b2fc3e5a4ea99207ad9f615025586d693ed9c419b95a8658523ec5e592912d
SHA51238b9e6b182ae8eb3d786d0c4328ff6281dbf79f923980e9d72c7ee9c9c55cf19d306a46b468c4c9bb3df07748819e6b1188e2f84afb20237b87ffa3adda259a3
-
Filesize
32B
MD5a840c5a793d49940b43314608db57b45
SHA15458a7e6b39b0bb77b1a9853bcbeda0f108513d9
SHA256e2b3869eecca6c561f22787253fa77ce5a248363a93e6ddd601cdd1ab1092042
SHA5124f7dcc4c00eaa25d4f3ca04fbf9c3d9fda3349707c05259195de70e235b731feacea1df4986e36139003ba96466e2561eaa7f5526f7f3eab3ed59f76f85bca09
-
Filesize
27B
MD514215ec964d6fa42efe5a29559e9a0b6
SHA15bceb8a86f50e23012aeadc969511e6f5bd6125c
SHA256f4e91d7c2c0d56a6ef1954a80fa09c5d5555b7ba5e092df062775eea1a2b8ccd
SHA5124313bea7f80fcee667a954b9f002a95f8014cf55aebc8d2c41ab6ab44101c3cb24d07ef11758e643a0885de312b6d086c76432e8fbe3fd3980a9fde0243e86b5
-
Filesize
4KB
MD50eb157e1a86d4d00aa601dd2f6ff3ee3
SHA1fee434f784e73cc7916322e949f727caf8363102
SHA256b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4
SHA512b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8
-
Filesize
512B
MD519a7dd6626ca4ffecc4a28f989eed243
SHA1561b49a418fa8ade6ae9d7370db4b8afb05f680b
SHA256e61252da465c133f9814fc8db4567d5c52a03b93f440d76cbebae8f53e361354
SHA51228a61c731a7abebd17518d8ac4081615d2483ff5c474c540149f7181976a7572ea43d29abeda1a5ced59255b5a22f1aee0682c5a108f5587c64e8b087aa425ff
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD5c768b6e2e1108ac63874f3bc552ef7ec
SHA110d55aecd86f6b65167e018ed9a192bf88e393e2
SHA2560e386aa37dc8b4ab44b38d16b9d9458634fc8db76bc13724bd503cacd7ed9ab6
SHA5121b1c50a315798afe94cbbfed58901f221985a44bdad11352a8e15c535e43c4e63f0c0554226c2c755ff365898ab7268e1f6dd72789c4d4e9b58633332eccbcd9
-
Filesize
108KB
MD50de8e50d168d75acd25b81f70cc80473
SHA1f1b9bb834f06e4876ab91c57b01d730f576df85f
SHA256dfb918d0d0b103649842026c3d4fa93868b8c48d1dcf476ba09315d05a7b461e
SHA5125c20d079525bada72905e28020a1e65efd12d70c79eee5232c21ed15687da43f614afca047e8065447c9b455909fadb9a67fd537c25f36f99730cfb11bfee3de