Overview

overview

8

Static

static

6

0f5af45101...35.apk

android-9-x86

7

0f5af45101...35.apk

android-10-x64

8

1763780556.apk

android-9-x86

1

bdxadsdk.apk

android-9-x86

bdxadsdk.apk

android-10-x64

bdxadsdk.apk

android-11-x64

gdtadv2.apk

android-9-x86

Analysis

  • max time kernel
    92587s
  • max time network
    154s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    14/01/2024, 01:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0f5af4510172343f1799018f2206f835.apk

  • Size

    52.9MB

  • MD5

    0f5af4510172343f1799018f2206f835

  • SHA1

    21c25730031bb4131da3e85ad0e84c58e708a8bd

  • SHA256

    f9add9d838720c0064e70cc2a4ee92b732b7a55211c7efec5fa5c929dd39eac2

  • SHA512

    982648b1248df2d2a933c33d867795a2f0225afcd75fb690a45dfdf61129f1363c0684753ba75917d7e6b9dffba42f06c04a859bc19866ae12ab7f695664c133

  • SSDEEP

    786432:V7MQd0GuWHXWAgyJoOI/56k2kF3OGlg0Fwo3/xYRFie+y9Cd8jZQBvkgiRn4Enp5:KVoGAgt5x4EQ0nY6e/od1kWlm

Score
7/10

Malware Config

Signatures

  • Checks known Qemu pipes. 2 IoCs

    Checks for known pipes used by the Android emulator to communicate with the host.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.estrongs.android.pop
    1⤵
    • Checks known Qemu pipes.
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4516

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.estrongs.android.pop/app_UApm/5f34a4c7b4b08b653e93eb87/ready/4516/wa_none_1_1_4516_1889_1705194592722
          Filesize

          843B

          MD5

          fe115d009f7a95bb2149bac9219ee9ce

          SHA1

          886212637fca7dff83ecbad0fe317c423bc4baa3

          SHA256

          8ffb926a99571b7c5f6ef855c7a020c7eb734c4dfda57d96659a51a2ec35bb0a

          SHA512

          87b7f89996d6eda52c7737be4bc6d6f5d436abebb50e15272f09f5637d7489c5f4c38c2ac79ba1ba57c16e31760a091da8de797a075a4823918157f3c6ee8616

          Download Submit

        • /data/data/com.estrongs.android.pop/app_UApm/efsid4516
          Filesize

          36B

          MD5

          fa305c93e6db9de96907684e2b4efb69

          SHA1

          68dc8360aefce2f22916419af5e314838c5e0e0a

          SHA256

          fc25b2af6fd6d54899307dfe269a17118e1974b312edca3353dfa7a9808bb7fe

          SHA512

          00c04508d89f3478aa9ba5cc1dc3c43f32b2de09e6eacebc2dfc1cdc9a18eb3f5137be08f677c17bf49ea3098a79c7ecca883eb1c5638dc72a6b2aba130516a8

          Download Submit

        • /data/data/com.estrongs.android.pop/app_crashrecord/1004
          Filesize

          237B

          MD5

          62dc649b1a398db2c87d0278bf7f2108

          SHA1

          45cb985024c2a287cecd2e3d9701d78c8a4eb1ab

          SHA256

          0a739e8514fe351aeaa9b060ffb3ad801673d5851eba6baf3b6a8046cf543c72

          SHA512

          f2af43f28bfc73873410a85c8077cbd8bbbcbe18cd67af20916f16e23f6513b6f1d29c315980c00c71a96a477b42f1e93b070807a2aeb670442018e0b0053ef9

          Download Submit

        • /data/data/com.estrongs.android.pop/app_crashrecord/1004
          Filesize

          58B

          MD5

          0d210bfb2a0e1f1b4c082a6a0f79de07

          SHA1

          bb8ed9e364db79d1d9f2fcde3f15091893222faa

          SHA256

          988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

          SHA512

          536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

          Download Submit

        • /data/data/com.estrongs.android.pop/crashsdk/tags/POP0DIORDNA0SGNORTSE0MOC.ss
          Filesize

          1B

          MD5

          92eb5ffee6ae2fec3ad71c777531578f

          SHA1

          e9d71f5ee7c92d6dc9e92ffdad17b8bd49418f98

          SHA256

          3e23e8160039594a33894f6564e1b1348bbd7a0088d42c4acb73eeaed59c009d

          SHA512

          5267768822ee624d48fce15ec5ca79cbd602cb7f4c2157a516556991f22ef8c7b5ef7b18d1ff41c59370efb0858651d44a936c11b7b144c48fe04df3c6a3e8da

          Download Submit

        • /data/data/com.estrongs.android.pop/crashsdk/tags/POP0DIORDNA0SGNORTSE0MOC.st
          Filesize

          38B

          MD5

          2a135c09825d5e978a9014a450db74a0

          SHA1

          5e324add71465dd683f761e6fe7ed5e52ea15bb4

          SHA256

          d16feebe5e6a3c0ae4f13b020d663703243bc139c95786ce7700e9bc11502105

          SHA512

          ab34d2d5811bf4bb77f8f4423e12b002787bab59cf2ec4b8e0d577a1d22afe09fd330f0b008205c6961066b2fb8a36dcd1a0f28987f0437f849250d79d40a693

          Download Submit

        • /data/data/com.estrongs.android.pop/crashsdk/tags/POP0DIORDNA0SGNORTSE0MOC.st
          Filesize

          38B

          MD5

          7f03930c17bf070b0060b9f4a1f61a7e

          SHA1

          98cafbe156ab4367f5ad8bd82fb7f93cea16c06a

          SHA256

          a61b0e7371d29294406c9b2c52ff8371bfc265e395d8e98ee953080ab5eb90d5

          SHA512

          f796f6aed170fb7a03aa282ccd9a4ced15a1d782209ea1e486fa318b405da7a8f0ecd63bccb50478c1d5cec1e1bc389cb3ad0eadb77d2732b9e152593b04583a

          Download Submit

        • /data/data/com.estrongs.android.pop/crashsdk/tags/cr.wa
          Filesize

          54B

          MD5

          5246b317284aac79cc8024fa7b6fa361

          SHA1

          5445c8dc9124be1d9efd9e7927f0a12eec329b37

          SHA256

          b7e25a4fba7e9c49f4d860fe5730349a4a9e71dcff069aa7c2975b180ded8174

          SHA512

          f9e42bba5a06f3e6108de0b6b6c3d79500aa3c02ce81fa9e47d0fac2505f3b054793a96800fa6c0d594f7401d6781e1c7deb9d681555794b031561d4c60c3882

          Download Submit

        • /data/data/com.estrongs.android.pop/crashsdk/tags/unique
          Filesize

          36B

          MD5

          71c6a2c4b2cc39d01c40df32f77d1c0f

          SHA1

          15ef07a0c1fe3f2efb39ec447d91cbb0f62f8899

          SHA256

          f868443f57166e7d42c8252d894960fe9dca7f4a7fb323ad4febb863099a8da7

          SHA512

          ddb397beb45328ce3a94c7648f9b7bef14663f700e027f13f380b931756bcedc5eb830344da2b6d659c7f290871d4580a3e31eecc8e726b0fb78b7c67dbdf981

          Download Submit

        • /data/data/com.estrongs.android.pop/crashsdk/tags/ver
          Filesize

          28B

          MD5

          66f478da41204f4f6be760ba81a4af1f

          SHA1

          edf0432d442554b061916b37438437b3552ef0e6

          SHA256

          3d586df1a7f2b227c68f73be69e2e64e3ac20ac74a0468d038913b44ca76c83b

          SHA512

          669de9be36aeb8d59e05d68af6e36e57a4e2ed0eae0cdda63b2af3ba42df4eb6d27bc6147264d39910625d6a0e93fc83307808db0da82fe11dd9207687ff5acd

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/bugly_db_
          Filesize

          4KB

          MD5

          f2b4b0190b9f384ca885f0c8c9b14700

          SHA1

          934ff2646757b5b6e7f20f6a0aa76c7f995d9361

          SHA256

          0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

          SHA512

          ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/bugly_db_-journal
          Filesize

          512B

          MD5

          5be7de268e509c479085142abc55bc87

          SHA1

          add3e3ecfff6abcfad150c65d88e2555e508dc8c

          SHA256

          8a56392249d6ee85f930392f68463aa52aff107d1b8d4f772d6db5be01a9394c

          SHA512

          4fae45187b042cec64ec977e8d086302a6523bcd06b368df3fa63607f96757e5f695c6d85ca0e9ac68832655bc3108f04d0b26b279b727d17d063718e87121d0

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/bugly_db_-wal
          Filesize

          64KB

          MD5

          e64f61c2e12d57a81834a096c5707e73

          SHA1

          09b91b14aaf7376cfd5a19da9224cb3f7b06d1a1

          SHA256

          bdaf7c7fd95e44e604c79ba6b02bed4c6f85790afc0414affacafc9e9f3783d7

          SHA512

          4c307378c3b16520a259fca395b7cafa2d0926ca90d9200912b4f1a82b6ec655dc02cbfa8d8d5ef0cf76119464259119fe6827f86a3d150f447ef23484fc505a

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/download_table
          Filesize

          20KB

          MD5

          da10b371a6e3924c64a2ef31bdd65bc1

          SHA1

          aa64d318b4e38a35c24201ec0066d97e53688a8a

          SHA256

          1493818e252b6e04a4b9f2106cd335b98e2f76508f62db46e5ddabc635f777ed

          SHA512

          0ee3d2104fc8f9a6005bafbadb52d72099968b3d875b49b0fc01d2fe3a9512c76bf5d74ac15c1a01a563bf7d50f4662a32d98de5a4ad0f19f1cf8da288d4ce0c

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/download_table
          Filesize

          16KB

          MD5

          f6edfb3c9c9d89bebc4c23435a273290

          SHA1

          aea3b02848e603b3dcf40883567f67dba8596dc0

          SHA256

          8bcd9e7aa4bc7a4aa66a9b16ade500bfa97ac2d8e01bee93ce19945df51c6830

          SHA512

          e9a50a1117f5c361ebf47c85f1df221f2a533b98b18b996bcea47bd3797e7804da03890838f879c684fd9713460802c9b2a328ec3f4f9f2312b5034cd7ac5c68

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/download_table-journal
          Filesize

          512B

          MD5

          e84d4e2ac7e40d55dbed13a0c96ec41c

          SHA1

          4b5262fdd96df93671da5f1adc78bd621afb2f71

          SHA256

          bcae834611b05dbba0073977e01909f5f22bc8f99006f373aa24b83a4f8e5c60

          SHA512

          1d65955227f40e7ae972a080d02c9092b29cf654e126688f370d15cf3c2d9d515a4526d90e432b55f4fa00600a868afcbbf1b25338aaf06bbd10821442502d34

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/download_table-wal
          Filesize

          32KB

          MD5

          b3cf70e6e5bceb9033ee58bd3bd3814e

          SHA1

          881699af5a57267b2277583be95325c470860aa4

          SHA256

          50fd8fe20b7862f82f93c73aa2e9851b353b8cddec044927b76ba321ef0ae231

          SHA512

          4720f97923fd3072026ea41ee4e711e6825e530552bfdbf14f3eeba7e215fff5442a170f519caf17e4639127e6bf25e0521a86856f69dd500b8acce9bc59a18b

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/download_table-wal
          Filesize

          8KB

          MD5

          3b43f42f19cfb01c3d3464194340ecf7

          SHA1

          ae39cc9788ccddbbc336aa673a6864cdd4630334

          SHA256

          89d7318e508fc6cadbdfe15810902933084a1eaf26010d95965d5092eda02f67

          SHA512

          13b49ef011afd05bf44da51d42c188198bfc7fe1b0437d33f2501614e2c444a67c5d24cffd8ca76bf2006e333dbb0852892df80429d8f2485ad9874d7f7983f3

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/download_table-wal
          Filesize

          4KB

          MD5

          86ac862137a79d58eda795dbc4229a09

          SHA1

          feee824792e41e461d8ea96b6967f9c8c02d0f44

          SHA256

          2513e7508ca07094ab7091082ee14fac243ecfc045e33b05e6918d3ac1286afe

          SHA512

          063d85da1c11d6008b7437f9d773d19c38a38423189e98c3e729301cb35a2f165078b7cc8805d27ff0b59a6f9089c0994545fa939d4a02dbc177637ebce003f9

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/download_table-wal
          Filesize

          3KB

          MD5

          988ddc1abf7132bbda37e6301adcc897

          SHA1

          54910d3e2b331051872d0051b5a4022f0aba597a

          SHA256

          c78ab821ce0067017cbf4e1a60ae74b73ce70957ab39e79deefc5e6ec62f3bef

          SHA512

          c95f8f8d4b0b75cd89beee294391f69dfeaca0a2337e290791d7afe4c41e535ba30880fc5318811e0c708c3ed15c383f3f1377100278b3122b25db1d5e84cfca

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/lock.db
          Filesize

          20KB

          MD5

          74eefb5bfcb7cf134cbe1645f0eaf0e3

          SHA1

          91a91789c2854633b93fbac0c74dfb4b44c60d96

          SHA256

          16c8740bfd12b9a02350739c3086f5ceeef60df3d143257a131ab6e4badda491

          SHA512

          b52cf50b18995516b79f841ce580e3a95a022cf13608e201017b62cff7aee74ce12193db464e94511f0ac0e871a114636ebbcf464e7ab794404bed491cbc5e1f

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/lock.db-journal
          Filesize

          512B

          MD5

          f6540aa2b931ebd473525ea1cb986c08

          SHA1

          9511d756041a5ad5a404a94bec039661bbb26306

          SHA256

          851df28555791df4acce0a5e96f0a8c0e38ff0518705c8ce4f5a724026872eb8

          SHA512

          99564c0c9de49ade98942c743f60ce6aa3040c64771410abd13147f1189db558c1ccc2cc0f26654883440d213fd8298399ced225c4ae6715f9f5c1bf0e335d71

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/lock.db-wal
          Filesize

          32KB

          MD5

          915bfb44e58ccb1f75b8eaab6c2173a4

          SHA1

          4042eaec9b6bb2325de997403e0d6e15f7060cd0

          SHA256

          b0bc5dd54775b18afac4e41e6887149910b7c6444e6a730da1e98e8147919674

          SHA512

          d0fd49928466dd019f864e8eb8deb3df801f52dfc9cfff85bd88ff4a5bbcbcf4001c3042b949cf3efe036845b2e674615f721ce20e2c003f1ec816c231543ac2

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/notify_items.sp-journal
          Filesize

          512B

          MD5

          543cd4c54cace694ffe28abecde9b388

          SHA1

          b8b77dbdad2d41b8b52c87281399b9a31077a614

          SHA256

          d0ea910d03b3b315412bed9bac19b0d88ea600c3de9dd34e4091cb163b299b42

          SHA512

          3ac1d312c0ec3a14bd85fcef785ec52a66f60440bb9755253140cc0e5e2953941a6b37453a68830e6c2ee2137ed005305b1cf5415578c685c3a8a0702671888d

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/notify_items.sp-wal
          Filesize

          72KB

          MD5

          f0095a0463ff5c49caee581bf0e3d3fb

          SHA1

          4843895964a5c2876a69d4ac1068ceaedfb63f21

          SHA256

          ffca98f099431be46fd57c05d062099d6fdc6d209d2572a14f3616f078e9e10b

          SHA512

          3d860771d56e736866e3151064d9c7abb07b0a4b7536d4f7fe57d279343f5737d5533571e25de805d3604050159897917530589916a83a479bdbac36df809a89

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/scanner.db-journal
          Filesize

          512B

          MD5

          94423fb5469e1729fb474d6131f51fb3

          SHA1

          c115c4ec7bdd58c8b174d2d5c336c9bfdc93007a

          SHA256

          b84b6fc128571980fd3946f6b45248e9a2a1f5eb3d2bc99ce6389f877adac250

          SHA512

          e03edcf936d406859dc43aba318748aaa77feb7e92cefb14006756186ff9c491df084640d8614cd4165fd2488635a49fd56474527a53f8d6796872f9a861eeba

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/scanner.db-wal
          Filesize

          16KB

          MD5

          58638c69172e0dd10237afa6f9fc5582

          SHA1

          f39fc80e19339b65d63dc43ecd47694c9efed06d

          SHA256

          f1bbf5b8e9342975860a878f8a931c079cf24f5ab5515cbdece778555640719a

          SHA512

          29264fb981fc28e02f4b3d16bf37f0e88434b22b035d20ef5df10ccbd39b9f904c366c85876b057e86bd289619eea739427d53e3e41155b9ddde92f1c6f37af5

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/sk-journal
          Filesize

          512B

          MD5

          9edafee8ca017f7647494e250a5cf73f

          SHA1

          d03fc25eb24d753ad5009a119f1685bea7a139a6

          SHA256

          4b384f4feca4f27c83a8c1659dbda31e319aa6ae31f94c26c750c475bae1a9e6

          SHA512

          4f0e2fd6039a960f5d4565a268bed964b019429e43cecde92f7ceeebafa37ebe02037c422b874eaf7a7ba8525cf7ea8eced5f3864fa3f8f9bba7c39aca11932f

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/ua.db-journal
          Filesize

          512B

          MD5

          2152210935f4f5a66dbd7ad823b131d3

          SHA1

          9ddccfb387c17de9f4e200bc31df6052f57d1722

          SHA256

          5075cbdf95679f2611e4a9953df3377a7ae3ed223cb00e919ccfe014c2436e3d

          SHA512

          c9969ea0adbf5d686d74533e65d3d2a61a5bdc6a0a2f22a2235ebf71948cb5eb6ec2f508adbafebb4cb8f6653c0c20074fa2701fab8cd7fef6004035463fad41

          Download Submit

        • /data/data/com.estrongs.android.pop/databases/ua.db-wal
          Filesize

          16KB

          MD5

          37fdf9de129c91d9eab63bb97469ac92

          SHA1

          2ccc1cd3035b4a0c164887907d868cfc85d4ee30

          SHA256

          8fc52650e5227efcdef112cf1593ccdb204216fa2b930b0e49ac509671b96b50

          SHA512

          c237c8e1dd1efbe259a9fbfaaa4c3fe49b90499b0e44a29debf2efd32b544fecf2511e67b4db49ee2aef2b6bb02737f868685efd5e4944a7076b145628f87001

          Download Submit

        • /data/data/com.estrongs.android.pop/files/.envelope/z==1.2.0&&4.4.0.2.1_1705194592696_emNmZw== .log
          Filesize

          303B

          MD5

          9109354daeb9b4cc3d5849ed23e6a701

          SHA1

          2fad0e8d30d8b6d14c3a869909da8f1f84034c92

          SHA256

          c3e19c8c8552d51898c2d23371e34f7914ab42c117be6c79855b81a69e387387

          SHA512

          0cbb426c1cfce2e72a94ee6b456bc05b1bee8730f427099dc89672860ed67f4bdb79db459deadb0edeeeda7718a45fd8de3bb54265f20ce71c0fd0e58b27835e

          Download Submit

        • /data/data/com.estrongs.android.pop/files/.imprint
          Filesize

          138B

          MD5

          9dca6ee790397ec4871daa527f395b4c

          SHA1

          838a607f092ad91d883d5e6a50a253ba695a177d

          SHA256

          6fe798f64f99e7d40e49452b8f4cbb89f4e1ebe43ce1505d4422b3373bf96e4d

          SHA512

          8f19289c39795bed75f520dc42b034d4bf468b0ed9a4a082114276b8412655fbe8fdb0b03f08d449c8e9aace27a082d16f015fd4db5f5bfef8c9586b7195678f

          Download Submit

        • /data/data/com.estrongs.android.pop/files/.umeng/exchangeIdentity.json
          Filesize

          162B

          MD5

          7934b09e99bbdd966a18f27d662512ac

          SHA1

          ac322e25cf7b369113bb537a5f67c1b0c016bdb4

          SHA256

          7307ae002525aca65ae25b168a25054342c7f83da5807864ba8bbdfa44e71c4e

          SHA512

          27a0bfadf44bc42da631c0cf2438add674b2c522823236ef58eee763099a31f1cc08d29a8a14e1d1138f9e6967bcd3a3724b185f42a7ba5ec27bb11a5f8fa0e9

          Download Submit

        • /data/data/com.estrongs.android.pop/files/exid.dat
          Filesize

          56B

          MD5

          8f5dc003b87b2ca4a422339bcce9c80b

          SHA1

          c50f3dcdae313053a2bb1015073e993afda649e6

          SHA256

          9df9c8df5997082db4e5e04f69407bd9ae54977bedad5b0f81397a7d45d84bca

          SHA512

          6a5835e646c58aad236e4737ec5edb417418f474539582d4b27b77c75dd00163db09fd95142122a17d1e16a012e2eb0b997175c4b35403dee62892f6a6f287f5

          Download Submit