e0230886f33b77fda3221f4dfce4a1c2a6ad635e64a508b095aa6cae13082273

Analysis

max time kernel
116881s
max time network
161s
platform
android_x64
resource
android-33-x64-arm64-20231215-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20231215-enlocale:en-usos:android-13-x64system
submitted
14/01/2024, 07:52

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

5ab20c802e99034164a739a196c025d5.apk
Size

5.8MB
MD5

5ab20c802e99034164a739a196c025d5
SHA1

f6c71d8469a98dc053ffad727adad81ddd69783f
SHA256

e0230886f33b77fda3221f4dfce4a1c2a6ad635e64a508b095aa6cae13082273
SHA512

aaa98a7d28d7b54fecbbe662dddc768fe81c3a16a199758269b59091faad0bbeec9dd8ae8844a8859c7181f98acfb5bf0e03b5951f1f93f8248bb8c26f040b26
SSDEEP

98304:cPw9RXs/lHVKcl8alXRTYyH2Tft62UnN79O8ScavBHJnLjU2cbzNxHNxAsrQVv:HSBVKcl8a99YrfDUNmcav9NLjUnbp5NE

Score

6^/10

evasion

Malware Config

Signatures

Queries the unique device ID (IMEI, MEID, IMSI)

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.jiangjr.zsxt

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.jiangjr.zsxt
Framework API call	javax.crypto.Cipher.doFinal	com.jiangjr.zsxt:channel

com.jiangjr.zsxt
1⤵
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4293

com.jiangjr.zsxt:channel
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4695

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.jiangjr.zsxt/databases/MessageStore.db

Filesize
36KB

MD5
813ae82180259fa068bea189e07fec67

SHA1
67a335e3df54b04f3ad89b53c3f3c4ec1567c515

SHA256
fba97e7f2a5671566f1ae652107b14b8ee1c307761ce2f044f41103fb3fd708c

SHA512
1284db387240ad2fc91aa0adfc6e9f97e7c098b9843602afaea280adf01e9a9b829f0e7cfe15ad9e7a9f5f482f4260cf022d754db9da06595735e06c1998618d

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/MessageStore.db-journal

Filesize
12KB

MD5
e9e7cb41ffca562cc208a7157b41d2d0

SHA1
afe558fc60c9b1fc90e18afab9bdb6a2744b14de

SHA256
7515100e8ca01762233db2beef1e4724f70a862222811831fdb311a9d6c99502

SHA512
472c1285bc183be932f013b70628472d800d7f1b820f0b1aa34c341d02d3e8c00dfa150e7eaa2468cb1594d037dfc2625ace2aa244c42225276df33ff3f3d9b3

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/MessageStore.db-journal

Filesize
12KB

MD5
8582d54d64cf84dbe54ef008c652473d

SHA1
73e4735e156283a6f2f605b79df65d2cd176aeb7

SHA256
412cb4e109ce7fa32ae3e91bf1a6076e4ccf17080a4faf32f521f2cd64829f93

SHA512
724495a60d33637c9b69af7c812c9c11346b28600a9ba02711acb827462a0cb00e1cf2c2c2ef8eb49a0d08ebe0f12fbdc83ea3011c6b7edb870d75080153d54d

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/MessageStore.db-journal

Filesize
8KB

MD5
b76dfef8190cb1b208cc0e1bf0297be9

SHA1
edb99a0ef6b70117f6eaa62a81b8b979dba329a7

SHA256
b263382f41efa4096637c5fa91695904c034950ff02e8190adc88efd9a8a26d4

SHA512
ee74eee3a946897751c931a732069ac763b51b9435a244a0fdd48c57c8e54bf99908e87a62c6fdc8df7d6262503ebe8662ce422a12dc0cd51604e1965b465b21

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/MessageStore.db-journal

Filesize
8KB

MD5
86fd5b55fb7d6776f2392976585891dd

SHA1
2000d03d59b7efecbc29e59a5eb621eb858b8569

SHA256
c77c9e033a2163cfdd787a875a0162f9a67dc853bdf136f38c9c61cc16f5e9b3

SHA512
d91cc90945e5b72f0be17523d65b343942adb69b549c28351d5d58eaa5a4d29b37e9b911055be30ad35fbb0943da65065b573bbc91eba0dc520314418c087d6f

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/MsgLogStore.db

Filesize
56KB

MD5
12a7d379e17bbd9dfb425607991f4814

SHA1
bc7c5ed79c42863755432f9adf05ffc1848b0a81

SHA256
6e9e6f531496fd3cb33584bf4a1303845743589d5527bf8e96e27e2264b1e90f

SHA512
18d678715f1712f8baee18e23487af449890a4130e304ea10d883dfc99b33b7f88f0f1e0b4008ac0c8f1ea6c19f5460b0510d5372c579b039a96785529d980c4

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/MsgLogStore.db-journal

Filesize
512B

MD5
f22aa39e9a283e1890b7348b40d4f4cc

SHA1
c7bb11090b61fa3efebbb940534d62fc10056b28

SHA256
f01ab4cca4839285356cf0763c07ebc42eab66ac3a4d01705468bf1e5c4b819d

SHA512
f873780c3525fd85764759397d3ef22d0596b40da94c3c25cd1e2c17177fdf5de9e155894b58c893b53cd9722bd9eb4ef020b54137ed4ab1e5e203a5c050be54

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
afa9da52adee0ce98fab6ba549d89c28

SHA1
4add13af2b530faf368114a879082a52088d006f

SHA256
d49c24d2376fa3113d2610f5fc41f100283637e113e015e9c31bfacdf01e3ea4

SHA512
484dfbe86d2a9cbf9b3140d78676357d833bd751992da984c239e87b25c6e5ca4f6d26db792ac5e47ed84324d3b8b1ed8dfd628d601dad6ea6920234cf2846ca

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
aec682033d372b58decace635b00ce75

SHA1
dd6ed550bd4adf15beda12139f977edc900af75f

SHA256
a84808281cec0b03ca8660733031bdd10df2788b73e6c02436b3adc5dc3097ad

SHA512
636f4303c5a068430c73dbbb57f3f05a6372f830816cb8039b3c0e9f73bc065fcad8c17c622b7a1bbfeadfe46b8437349b82f625e74cdfc79a65eb0346351f2e

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/accs.db

Filesize
12KB

MD5
d89acee9fbf356695093f2724f643ac8

SHA1
22d2f857dfd38f9df961569715333e53fe64ee36

SHA256
4e1313b40c676cdc9653aecd74da0f6212f5d84ef960e1e8bc249811bdeb5783

SHA512
66448f754e7932dfeb98d20cddef9fe318b3a3aff17c2c47d065db78c5f830208febed67faf30a41977bc62cbd5c7a6e8205da054ff296843a75ca1b463f420d

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/accs.db-journal

Filesize
512B

MD5
2d2e1b80534f9ea2a6f86911fbb8a5aa

SHA1
766dd7611b37ff94a7e76ba493a449d42ac6c1b6

SHA256
fb965ef58da8439df7a5ea4e955220f111b8e7bf15d37884920a8377b428ef0f

SHA512
d030539c3a698e7b2bfd85465c6006f6e897435b9cdd86e6bc80b8922b8dbaa506314e3b547ac718171e00a0bad3ebf8a74c92053c7f4e5b2f902b804badceaa

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/accs.db-journal

Filesize
8KB

MD5
2ba9fb8330f88cd4bece279b0a1632ec

SHA1
cadd41ef100e354c346dde96efb9bcdfa03ef448

SHA256
cd8330b7a01c897be880149ae56d74616f4fc73eec6f2eed3e65f939b9f46f70

SHA512
e261d7966554995f5f45ee310647026f5d4b8d9b2f30e8647f629e7e404160a71096d3f0c3c9a61eb6e0ec7b716cf1164f6a931a62128e0c3a5e26ec9031625d

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/accs.db-journal

Filesize
8KB

MD5
0cb6fd1f13041b7705807caa1cddcb64

SHA1
a3496d596b24b3be89fdad5651ac4615562bb77a

SHA256
f01dbdb07a0caeb847e12964fbbdb4a304f2bfe96b961c867bb6d7eabbd5ba95

SHA512
e33e2e06bb76d99b7b8a86e640da5410e6a2a20eea421379c608fce84db2007b37a76634424b717fbead1e63a2681bbbe5e274962ff8ce3a278e6f61209eff4e

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/message_accs_db-journal

Filesize
8KB

MD5
f0c01dadda0d91142523e9a604940479

SHA1
1c881e50eefc5e4ba64a753429c5429f49a8b35f

SHA256
6cc1bb9016d5be9ca29a8bf0651b6e64b1c8e7594a6c4b3728be567fe3dce2cb

SHA512
a843480f199e9ccd0f73fbffd592758927f2b7d1c93de32ebafea0e0f731fa0022f9031aba8ed2c3dd5a46a594f8eb06b11b18ec165fcf3e6c75f0b9e981b955

Download Submit
/data/user/0/com.jiangjr.zsxt/databases/message_accs_db-journal

Filesize
8KB

MD5
38ce862fe7adc18e394f192893bae2de

SHA1
56f2682fb97ad29089e0b6e6134bbd05ed9f813c

SHA256
dbe3a0d63a4a6a1ffc3156f7feb5776e1fa774829ea192fd0d1c27b46d0edf9c

SHA512
323d2ef807ada46b3188ec27b81bf1bd826a6296840f600cbbf12739df1c791083f559ec327888a84c9cd5cb3444e90476c84f519a6a1f198da98c6adc0e594c

Download Submit
/data/user/0/com.jiangjr.zsxt/files/agoo.pid

Filesize
56KB

MD5
5737bc7a72d99e96c7572084efae1fda

SHA1
c4f205ad434ed3216e8d2ae6135d8aa93a19604c

SHA256
dd204ae821f89a04845d80694b1e41d91713a9b0c020005e9ed6b4b84fdcbf09

SHA512
6fcc2da9666b7b331da130456fbbf87132601676db596057aa6d8650d0e29a5b82e0828916b4da4f0db95a4b6e9e0e9fcfe1d770adad002582ee8a7d5d7ca53b

Download Submit
/data/user/0/com.jiangjr.zsxt/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzA1MjE4NzU2Mzc1

Filesize
1KB

MD5
9fe7c50740abebcfe496cf455ff9c705

SHA1
0ab8f94930bd58a65596476ccc4d0679910148e8

SHA256
de1916346b0c3ecc9716c59f3d79e6b7e9c2e5ff90d60e3c9dea2f529a7830ce

SHA512
80ce1ab6ba08d08091239c670709c6dde6da8b8b068c09477f3ee2012699894a6ceebefb612754202913402bd1cc908794c2f04fa78e125d59f436df2dfac5bd

Download Submit
/data/user/0/com.jiangjr.zsxt/files/umeng_it.cache

Filesize
433B

MD5
b9e0a121d23e393b0d5acddfde48432c

SHA1
9e853119bb294cc6681f68ac2b13e05e670c7221

SHA256
33f9157c641cd82a0ca545677c87d2c28aa28c97bea0d018a77c44204f201bf4

SHA512
16d1ad886de064a64542445054b5c44f337ffdd3f475e198417dcf331b75b280b023a5300c7acea0ebb181ddf7cc708af57888a50d5a2207bd2d5c7859d65559

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
4aa0708c29cb62e2c4724bd18e076644

SHA1
a53fca02ae0589eff696210fce2e203cc5da60d6

SHA256
708bcf2ba709dd30801e5a2b4a84065396ba6298870bb9b0f5163f357da5dac3

SHA512
ba6cde9504de6f0321a903791d9163213ccafb75939c8665c3bf9056234f37098b012de88e00bda45be9cce7b80bd8b93aeeb10c723e9c1a7823393e48d3c9b5

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
1d83e5c3f45cd2f7e0f5fa823d5e8f87

SHA1
a347bf6b9c4f1745a9faa4f812299da7c6cd2f0b

SHA256
b6c9b9699565661636f156e8b44e376fe1f1ebbf469eb5d1f0b7addb0cc0db1a

SHA512
68f6becc2ad72e085bd7f3f0597f44b4407c12f7cab9afb88ac33e57cee5bba8eafeae23d52bfdc8d04f45ebce6cecbb47768a4a99a717fd664bcacb6eaf5359

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
8KB

MD5
9b05e44aa47718dbc33bf44e7a47c383

SHA1
19bc9ab844e5542395c62ca1008d5b2a187c7de9

SHA256
a9e2995798b9bec68b96ec619295290b7afc4b3af9a9c4291ee2196d3976950f

SHA512
48f58cc0f2473b3d164f853fa339b368118717fd854905af0466e920319348f11d5d18cbfa2621c4ec20667f23050c24524730c338757264d5564beb5fc1ae60

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
6075b0a04a7d73222ce711356d30215e

SHA1
5b1b7dc823cfc60fec64d6ae70ec5a737ca8b168

SHA256
3af47b3954eaa02156d0b87ae26bd43fa8c4438427724721ce7e9a6b8f3a377e

SHA512
1d93a937a5b3492f4682783a0ce6dac94dd99a3860ee6e6e414f045ea815ff8bd71b05fc9397fd5e8cdcfbf23d85e67c4c12353a08f8efc1bbda7425f45848ee

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
512B

MD5
970b15e1db95aaf8641b3da885c0c338

SHA1
35ca7dad29e8ff6118c79b2a4de23216655d73b5

SHA256
0553bf5c8562dd716029f6d40a38508b87d505eb191c85ef01129cbe1509c5f0

SHA512
d09b43d6d84b583c1f687b0791c8578c526872924b8f84054c72c575633ede7aad35ce26357fa0b892571f01f587ea82ef7af7e8e0e2c192d6c7f190aa229164

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
4912feb126a249dabeef77e1a20e26ac

SHA1
687f9102ca4bc152d69709dfe93b05646778adc7

SHA256
7d8066ee8f95f56c64d3eeba00e1e29d188dcacc5ca1c85608318f5b58ed2ab9

SHA512
446a3a597aabfd8158c561675f4f5184149b4c7477197cef735d1738c3b6759d1f809faec506fad54415390d18bd5b0c35ead03b37c1f169afebef2c5a296775

Download Submit
/storage/emulated/0/Android/data/com.jiangjr.zsxt/cache/uil-images/1nrdasgbl3qhnfhwlnauj4u9n.0.tmp (deleted)

Filesize
55KB

MD5
b71b9e1f75a96a77fb48ac7374f82230

SHA1
62481a8895a8cd27718ff1fefd5ed69acf8fc556

SHA256
b9bd55b3c2942b428f55ae066f5c10b68b53bcd2561c9f176872617d4a51b198

SHA512
6f88000085da6f6733ee970b11bf6d7b951fbb9ab66481b106d72b8ee8cff2355824d425ab540aa02853641c800bed9d031639e256eb9a9b296458ef4d4932dd

Download Submit
/storage/emulated/0/Android/data/com.jiangjr.zsxt/cache/uil-images/1nrdasgbl3qhnfhwlnauj4u9n.0.tmp (deleted)

Filesize
221KB

MD5
07380e3554defe65fc07dfe7ba0d97fc

SHA1
39fa92d201edfb4aa55382ff7a86f5d8219da29c

SHA256
34f5b4a5a21c2440feca2a0b68f46cdec388634df4ca94b7c3d6b881d7789d86

SHA512
6d18feeb06d77674824e0b96637b1002d9047cc6755bc2a1188f59c461b10b962a7331dca386b5faee7a1bc755ce9b9facbd862de6282e79c7343bce03b2fae9

Download Submit
/storage/emulated/0/Android/data/com.jiangjr.zsxt/cache/uil-images/512swumc677lwu3uqzy9rv8fq.0.tmp (deleted)

Filesize
43KB

MD5
3f4cda76d5ce2105ae2b7897cdef8797

SHA1
eacf590e00d15f275e8bd94a2fa18b9e91d40160

SHA256
e847fe07bce3c84d6b2eaa9ae0f86ddb99a5c8127ac7262dc0f77be78c5e6979

SHA512
8ab141cb13980d16a9ff978fefb7b41abdc1d1f156ca3ffaf6bee34eb079590900186069fb762cd8766c71a3c97dc44978f639a7c0847bc223e25ebc615ae393

Download Submit
/storage/emulated/0/Android/data/com.jiangjr.zsxt/cache/uil-images/512swumc677lwu3uqzy9rv8fq.0.tmp (deleted)

Filesize
146KB

MD5
d92c714a539d5e684a367a431b49cea0

SHA1
ed0b1da6532aadf85fb404023e9558e48653ed37

SHA256
7a2e13cc81c257fc50a626d9e8ec195ee31836a568845c85b80c3247e4760609

SHA512
bfbaf2bbb1a0fe44b1d09c48b7f0638b06b0dcf4b9d5f717576ae6fe189cbae2e43990b4842d7077de542be92a22ca656d7fd463d2ed2f66572b81933adb0f67

Download Submit
/storage/emulated/0/Android/data/com.jiangjr.zsxt/cache/uil-images/7ajpla1f659uyk7vt74fkqx03.0.tmp (deleted)

Filesize
24KB

MD5
f4068b6cf829a486ce32bde1b5def152

SHA1
34edf1c7bb09369008a378ae9118c57d9148d372

SHA256
bf1af03f73b0e52761562beb0465223133cb440c0d352a19cfae289c48f0a814

SHA512
2285e7c18515ea5804253e754f252f6fb887e6144d32f38bc2620b5a4d07be0e49dc340c4b339b3fc33a921e3d85c2fad0a26da402379db0bf91ddc86f9ed093

Download Submit
/storage/emulated/0/Android/data/com.jiangjr.zsxt/cache/uil-images/7ajpla1f659uyk7vt74fkqx03.0.tmp (deleted)

Filesize
46KB

MD5
48254882875ab601bfc1ec244b541515

SHA1
d8a2555f29aa7cf1e24c68fb80c20947a391d2df

SHA256
fee7a064180068cb8c44d6f044ef9f785798ef7daf5496ee359ba775870fc943

SHA512
cccb2fd7a8e5dac4697ad6a33a749df8621e3e34519bea1b1bdd7bce664976192e7b92114039baa22c2a1f7749ebc42d0c1e8e47de8f98d2c04b59d0a701c7d9

Download Submit
/storage/emulated/0/Android/data/com.jiangjr.zsxt/cache/uil-images/journal

Filesize
32B

MD5
be0b9d6de395d257a38e7c67b6c98214

SHA1
a9e7c40e9805639315c0483ecc20817e480ad423

SHA256
da1565daddebb49822824d9a8f853675ee10933dd64aff50c7763c223c3d81fa

SHA512
0e49009a853e0cf9bc252c2290a424c3f58ba233749fd67f81f03710db7e055e480a630156ed020f0b3b3f18a1ce2d8c1a6d888a77e34399a8ae07b94768a715

Download Submit
/storage/emulated/0/Android/data/com.jiangjr.zsxt/cache/uil-images/journal.tmp (deleted)

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads