d2f5d85a2093c8f7c6bb9f0eae076678cfa8e45730ee3fd0119b34365a0aed42

Resubmissions

28/01/2024, 20:03

240128-ysxqashcc7 7

28/01/2024, 19:50

240128-ykejraaeck 6

Analysis

max time kernel
10s
max time network
199s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
28/01/2024, 19:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

CapCut v10.7.0 (Pro) (Mod2).apk
Size

246.5MB
MD5

5bd5b2fe3fc278f2b823d0391ce7773a
SHA1

75a5e3e08801859dc3808eec11c89da3e3cfbd90
SHA256

d2f5d85a2093c8f7c6bb9f0eae076678cfa8e45730ee3fd0119b34365a0aed42
SHA512

0e361a660385bdcbe25c5dfdf3c0ceb9aa7f02c2a5eaa119ed0497cd59987840a28e74c840e525ad32b9e9b19b0bf55eb6a0f773c9c35fa76033c8d7c09a4938
SSDEEP

6291456:Ad6nA+kAGtKRVnTtcjlNrgk6Sk8ZucEfhq61HGGer4egMx5:vAnAGcUjlNf7TEfBeJL

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 17 IoCs

Web Service

T1102

flow	ioc
17	pastebin.com
24	pastebin.com
48	pastebin.com
15	pastebin.com
35	pastebin.com
53	pastebin.com
54	pastebin.com
25	pastebin.com
26	pastebin.com
34	pastebin.com
37	pastebin.com
47	pastebin.com
16	pastebin.com
36	pastebin.com
46	pastebin.com
52	pastebin.com
18	pastebin.com

com.lemon.lvoverseas
1⤵
PID:4277

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lemon.lvoverseas/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.lemon.lvoverseas/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
d736a680378e1a2b2bac237ffa11d919

SHA1
1643ae52831c41e73ed9a5c3df715189bc23c1a1

SHA256
02fe987037063767e4a970d7253880e245321a5aaf99a025013680734a72ab25

SHA512
200c23a75a468660ea189d604d34e3e1ea49fa40f4e033728db36aebca47412ef52b44550aae3818a0bad89a64271175686bc9a81cfc75584fd1928e27230297

Download Submit
/data/data/com.lemon.lvoverseas/databases/com.google.android.datatransport.events-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.lemon.lvoverseas/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
cb201c3837acd6641ae541c443f5e5b6

SHA1
e3570667faca35345d26cb88bcc0b4a2ff38b29c

SHA256
b07d7a5e2c1a9aa1da90cbe7867e84c271ace0cbf69e0b3dc077da580a2eda70

SHA512
56d2aaf825fc46bd8446ed8874ced5228750524c0da868c2dc3959f4fb87a27b6e73077eb537cd0732439d415ec245cefd3bd6a6c8322380435c722d677f22d4

Download Submit
/data/data/com.lemon.lvoverseas/databases/verifystorage.db-journal

Filesize
512B

MD5
1b35c94060b607230d50550805c4cb4a

SHA1
52560caf298eb9bdcd053ed524a9156eb4a5af93

SHA256
036fada50a465b7fd5b959400eb831030bb630d8876935ac62e0c00bbf2be2dc

SHA512
d0dc9ea42f903cfb56cbf977a7df975a82f645ab21a744e7933a913967aaf5632b5d89bedf08429fd45800e96411c22705628d89404047f9fd6f7d3e9f7101ea

Download Submit
/data/data/com.lemon.lvoverseas/files/audience_network.dex

Filesize
30KB

MD5
4fb7895be65efd1def33dfb897ec7e7e

SHA1
926fbf7244186086f18b82aeef5a749c9a87e7e1

SHA256
590ea62d7fe968d48455e59ffac45c3e41bded0ebe8407ba884ccca617bda720

SHA512
72aeb394997bf966198ee604446a7213d490782070adc66cf916f420f1a6db781f62447213207f7112846af5040f8cfdb834b2b3f8b79272992cc4982947928c

Download Submit
/data/data/com.lemon.lvoverseas/files/keva/global/keva.gxi

Filesize
128B

MD5
f09f35a5637839458e462e6350ecbce4

SHA1
0ae4f711ef5d6e9d26c611fd2c8c8ac45ecbf9e7

SHA256
38723a2e5e8a17aa7950dc008209944e898f69a7bd10a23c839d341e935fd5ca

SHA512
ab942f526272e456ed68a979f50202905ca903a141ed98443567b11ef0bf25a552d639051a01be58558122c58e3de07d749ee59ded36acf0c55cd91924d6ba11

Download Submit
/data/data/com.lemon.lvoverseas/files/keva/repo/replace_font_config/replace_font_config.blk

Filesize
8KB

MD5
0829f71740aab1ab98b33eae21dee122

SHA1
0631457264ff7f8d5fb1edc2c0211992a67c73e6

SHA256
9f1dcbc35c350d6027f98be0f5c8b43b42ca52b7604459c0c42be3aa88913d47

SHA512
18790c279e0ca614c2b57a215fecc23a6c3d2d308ce77f314378cb2d1b0f413acd3a9cd353aa6da86ec9f51916925c7210f7dfabc0ef726779f8d44f227f03b1

Download Submit
/data/data/com.lemon.lvoverseas/files/keva/repo/replace_font_config/replace_font_config.chk

Filesize
4KB

MD5
620f0b67a91f7f74151bc5be745b7110

SHA1
1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

SHA256
ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

SHA512
2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

Download Submit
/data/data/com.lemon.lvoverseas/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
30c0afaa49e0abee6d46e42690d861c1

SHA1
7fea7a3b8a509e054238ece8fc2c16b218d37794

SHA256
f0945af79d23f57a84ee55fbca0aede1100bde2d6e7ad8a6f043f141dade29f1

SHA512
52067d72dd1d28d6db79914484f35b4000061d4d34a67ae9d302f113c9ab5674348997b286a26bbbed02a0bf9731e20af74af931166f39bc50cdfec9361e3ef1

Download Submit
/data/data/com.lemon.lvoverseas/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
f284467bf5d60f318b6683a322c74f25

SHA1
4ca739e0a7fde0f1a604171552cefbb4e1ea39a3

SHA256
9c259e733f929b92d824b03777e99adfbf1124d3928c43113a521e0ed1019cbc

SHA512
68e04e93d0b7eff319049693b90311fb7e2c793b05f3624030cbadd33fe9ef6aef21424002a9d605b74035b43498e393a682772163e262194257d33dadf143af

Download Submit