230f630740972d6d514976d694a51fb478e7f47dafba54186e9cf95d20d045b8

Analysis

max time kernel
3994940s
max time network
161s
platform
android_x64
resource
android-33-x64-arm64-20231215-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20231215-enlocale:en-usos:android-13-x64system
submitted
09-01-2024 12:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4e41a9e250bff25fa3d60f10202b17e3.apk
Size

8.0MB
MD5

4e41a9e250bff25fa3d60f10202b17e3
SHA1

ed7725adc9a00d59dcd674a9305b69f67f292068
SHA256

230f630740972d6d514976d694a51fb478e7f47dafba54186e9cf95d20d045b8
SHA512

d13bccd5efa8e63ef2c98161cca176e63143192f966533c6e2d3546e2b5e1a40b04bbcee8f9246dce71283eb7d91ebf67ea208ee65ce016a67feddb3d1816ac5
SSDEEP

196608:0i/05G1gnfZQkAIQZ0pfGQs/gWpSGsjACsQLb:W5G14fqIq0fG/gWSfsKb

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_plugin/gdt_plugin.jar	4279	org.musicplayer.mp3playerpro

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102
Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	org.musicplayer.mp3playerpro

org.musicplayer.mp3playerpro
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4279

org.musicplayer.mp3playerpro:main
1⤵
PID:4467

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
12KB

MD5
7857b363cf81707c8bc584507ecc695d

SHA1
e733c0d0304253872e7728cbd9e19ee227c23e09

SHA256
1dcedaa0f6eb974f5069c56f81ac32cb4b803eb55e98cbc9a6552bb2c21e5f65

SHA512
f7cc2db90be42bead02076a7ba1e470dc01e0b8dc027ee14ac90427c376e4548873e7cb59719303a6a9ea8b818b5ebf0d03348411a431a5b2cb4984be14572bb

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_plugin/gdt_plugin.jar

Filesize
402KB

MD5
de8dfcf662ccca100050ef612baeda16

SHA1
288346ff935ac4cec172b9c4d7ddfb23053ab2c7

SHA256
5232a97917f0eada63ab573cffa4465487836b2658292554c029fd28e9922cbb

SHA512
b1721a57650df27aa88053b0a78965ffb403049f64d9c2765d5baa80adedf25e0ab1c642959e985c09d8a552a0620f90325053ae63983838f25f280163dae555

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_plugin/gdt_plugin.jar.sig

Filesize
180B

MD5
f03aaf57a4f40d758b8761dbdb07922e

SHA1
49c8c1c88d227fbf7793182c1ad3627cfb1536a4

SHA256
98dd3ed4e3349324418cc4abde4cd276b0b62830624e5c23300fc61259af4499

SHA512
bc989f9195ebacbdfc11b9e3f40855f5bb7fbe1ebd7d355358f6d05d3601e5ad45bf8ef8dbc330ce8c842a1e35756cb1a7c264dc09549c821fb9a7139cf6350b

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_plugin/gdt_plugin.tmp

Filesize
5KB

MD5
8b3ce0c761702121c4c9cdaca30efc75

SHA1
f8902861f5e1c54c4fe5c27431739533b243e725

SHA256
bbfd8157d7d35798451efc11e2b6ff16fd1c1aaf6f3030e747b20a43c2e6f8bf

SHA512
26419d40a2a2ad7a4de05a90ccd66598db6778d5106bd85315a18f2fc02a7eb601f19bf5acd0c5957e625eb694c6b3963e678155790faf25a391b04a15da00a6

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_plugin/gdt_plugin.tmp.sig

Filesize
180B

MD5
feab1418439dbbcfa0726773bc31ff8f

SHA1
80eb6f17f2da0cab35eaa84d2a74e39cdb7a03e8

SHA256
3d8ce3adf8205f3cba40950744f091bfa8aea7632e614cf6baed1e8ced0ea310

SHA512
cd33b6677472511ab2ba08d8a5d4299724c00697ec6fda21a4c92e549ef637b85b81e9f70bc0b02e117313cdc6bab58d7e3b847a4a7336dc2833612790cb88c3

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_plugin/oat/gdt_plugin.jar.cur.prof

Filesize
563B

MD5
978e08104431f9281cd0ad7d407e3fd0

SHA1
180006fac7fb274b79545e991dc430dcecd75666

SHA256
377272641f2bf743d4c5d22f7cf2b9c83b36f99257e819483d74a664617638c9

SHA512
df146269437c67bbe7d4e4c8180d9f22317be53d507e141426e2a6e549cab6c97abf3d3e11967496f6e1cf6128068db080a6e87abfd5d904c09eb445b1e221ac

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_plugin/update_lc

Filesize
4B

MD5
dce7c4174ce9323904a934a486c41288

SHA1
e117797422d35ce52f036963c7e9603e9955b5c7

SHA256
0c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f

SHA512
d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_setting/devCloudSetting.cfg

Filesize
108B

MD5
93de08e83e9c02e1a1478e1895f8c5e3

SHA1
d31c6886d94d0a87eaf87b6e2bcf572b65fa663e

SHA256
c1b770d36cc85cd3cf7cd97988ea6e08cba9aeda3c9cb26ee99c11281793b198

SHA512
c9b8dd14c77f14c015f4b3c65d23f35e3ec64334d9c0a4c516f20dd1ab8feebf3da88fb051282afecad78657ee097d932ee350e316301c9ee555bdc8f67d8da1

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_setting/devCloudSetting.sig

Filesize
172B

MD5
ce4e85218d0ef449e5f9fb6bc83f106e

SHA1
45ecad0aaa2f30fb13648d3158de08184c073167

SHA256
ea0a9f1a8d080587043e34d9896d1be0f500df3f3daa5d3c1143ad89306d2baf

SHA512
b5e01784ad649961f996d0b745159f0d7c7fb0d70b26826980f2b247ad6acf575f5db25ae56422cb85dbbd3db698183d9c545c3a87e29c73af9b8d101abee3b2

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_setting/gdt_suid

Filesize
36B

MD5
7b9a427a49fbd4f014d5883cd31d1302

SHA1
85ac1741227354a9ec382fa8e720406f7eab4f35

SHA256
5be1b3c1d8242a7898455d4df02fe1506eab80e374ff178e170a221bed17337e

SHA512
3063d0531e17d800410bf1a3c96b0a92ce5c661e7736df3d47808f20e6c9f80dce09128289eef078f14e2dd5071e8ba7e118757ff1217a32bdfe6c322c9a31d1

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_setting/sdkCloudSetting.cfg

Filesize
5KB

MD5
8c15f601ade2822b760f970dfd4c1c4a

SHA1
e11ba259008efaf8724c3e0c38fdd6afd01dbcea

SHA256
3a6384e00e192c37fb964ef916d481f41aeffe9ad534bc19cfdaf962afe760a4

SHA512
d1f1f52b60575c48e05c9d6a746084b39113a751a4b1bb05125a98914d27d51adbe2677acae83971d272c8a40253d1b54c6f98054c2dc1e06eb8cf4c2188c68b

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/app_e_qq_com_setting/sdkCloudSetting.sig

Filesize
172B

MD5
e6783b0876f78a095f84b5c9bc792137

SHA1
5420aa8dbae1c1c0f38698ae4c6845a8ed0c3f56

SHA256
a9f9b9dccef7ca3da8895db2cca5f6f0fbfe024e6945cd31a2d7cfa31c7769e2

SHA512
04b14e8f82f4940bc3a6f887d31b6d598095c66d39f4ca4a98271086057bfbe328af010acb4c6b6de6ea5d78c7bc94e372ed63da3ab6ee6b3e0369cff023e511

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/databases/GDTSDK.db

Filesize
24KB

MD5
ef12534b6904b94189282896c56776ef

SHA1
9e979764e9b71601207f4ddda6746863567ec909

SHA256
48b1a8741d8608a2be9f7f7933b902e382fb34abe1ed17b7d39b8b335bcc86c4

SHA512
0751ec594fb75170f4f89a0127b803221de00b1df4d9ebdebcc3eb000c84ce31dec914ca50825d670ce4d2958886fe4bbf3e799f704efe3dbab9b9d53e32f70d

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/databases/GDTSDK.db-journal

Filesize
8KB

MD5
c6ebfc6d5547495c21a606d7ff458067

SHA1
f648e75d2e933f6a8f76f0714992eeab15fa4131

SHA256
b65fa36c61cfefb51307925832e76e45c3fa5736a2ef2923177c636f6c7614cb

SHA512
4f36226dcf7d528fa6898e36fe848f6877d3868afd10509dac6d6251849497b6f928eb91499e3707d73b92c407ce839cd75a51342d1f8a6bb9f121f7370d222c

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/databases/GDTSDK.db-journal

Filesize
512B

MD5
9c4dbfa07eb81234e97b0ddb5319d953

SHA1
508a406840acfd811783dad22c35f8a6508f3ab5

SHA256
ee410b5d57e265baee12e1d3ec333f828f9593847fc3fd2291ab2ab0241554b0

SHA512
010bb5cfadc5350a24bb6bf45b7f289735176c0208d73dd1b4183cd307dd9e4f1512663d8a8eb606c06c8c37815472ef9d5ebcf76a68fc2a8de38c82fd14f676

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/databases/GDTSDK.db-journal

Filesize
8KB

MD5
9dbc34efc43324062b3d1ee91c440d53

SHA1
f5ac9342c0b12aeca1ba102379de4681676350b7

SHA256
d53353495dfd133709c5c0e47796edcafa887413bbf5ba102f37a3b2b9f8c2d3

SHA512
b30aa5926ea0e37752306da82577fb74a831059c6dcd0d99c9d20d17ad524a38f7e26207d4314798cb7f8228ca3f633bde7fba2752b0ed2f9d0cd584a8e501e9

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/databases/musicdb.db-journal

Filesize
1B

MD5
0bcef9c45bd8a48eda1b26eb0c61c869

SHA1
4345cb1fa27885a8fbfe7c0c830a592cc76a552b

SHA256
bbf3f11cb5b43e700273a78d12de55e4a7eab741ed2abf13787a4d2dc832b8ec

SHA512
91972aa34055bca20ddb643b9f817a547e5d4ad49b7ff16a7f828a8d72c4cb4a5679cff4da00f9fb6b2833de7eb3480b3b4a7c7c7b85a39028de55acaf2d8812

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/databases/musicdb.db-journal

Filesize
180KB

MD5
414bad5379daed838cdab3dbe7759a01

SHA1
424df61a4f0c48b5e40aff0b17204083c0f86944

SHA256
6beb6a735e5e7f882bdcd13c52110122c223da540a8d5872bea7c6af9a06935f

SHA512
b2af1aa3b7ac06be543d6d936a8511077e559ef84b2bf6c27586386f55c81796f39b25586d01d738ea35233a648e0840196fcf0d771345ad1b16f8ecdde02852

Download Submit
/data/user/0/org.musicplayer.mp3playerpro/databases/musicdb.db-journal

Filesize
8KB

MD5
c5e9d4f7e3415453f074e97d60028bd0

SHA1
feaa4e85f8cd84ef10aaad5d4d304fe5a0f550d1

SHA256
1288a350329bf231828ee43a674d590e580ad995a2acbb8ef82aa0c145a8bbf2

SHA512
26af15b5e28a2037685fcf79cc0cf2cce74817e09b9f98b67def4e1a250aedd8b96c877d2c5cd34acc8c78d167af2e7c6e5f3d351c8953b3c442480622416955

Download Submit