351a0e53603e7be238bb25e4fb1fe0eb49865910019d79f3652d20c0a8b9a77b

Analysis

max time kernel
10s
max time network
139s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
02/02/2024, 10:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

893f98806e0ab135ad91f8a8a0fa801b.apk
Size

1.3MB
MD5

893f98806e0ab135ad91f8a8a0fa801b
SHA1

1e3d8b4a57e652d379a4f485ddc7cfc82d7bd86a
SHA256

351a0e53603e7be238bb25e4fb1fe0eb49865910019d79f3652d20c0a8b9a77b
SHA512

7edd5bb4a9646bfd669abdd8c8880a76fedc53ed23faad3cfa723fdaaeb821745e722efa04104556e7ac2d32a47a07cf008c84a6abfce004309697adad402648
SSDEEP

24576:G7tMcn1tnrzx1c2o0iroIq/zUeOL5JhjjxACapRQhoAhm+qd:G7JbnP5o1vEU1bjxACckokqd

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/me.hjzy.edu.op/app_abbkclasses.jar	4525	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/me.hjzy.edu.op/app_abbkclasses.jar --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/me.hjzy.edu.op/oat/x86/app_abbkclasses.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/me.hjzy.edu.op/app_abbkclasses.jar	4473	me.hjzy.edu.op

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	me.hjzy.edu.op

me.hjzy.edu.op
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4473
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/me.hjzy.edu.op/app_abbkclasses.jar --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/me.hjzy.edu.op/oat/x86/app_abbkclasses.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4525

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/me.hjzy.edu.op/app_abbkclasses.jar

Filesize
74KB

MD5
fac97ab3f86b2b55d9b3c5263d02ad9b

SHA1
9ecebf2b6bd927f2a6f3f27f10e77c029a89a90b

SHA256
e26b45573d34fd08a1a1e649ea07fb94fa65520803da322b9604658f26f66d7f

SHA512
ad613c481beb85df1b87d9ec07e34e6079014f509cd6c565b60517257d92b542f83a2020ed90b62b8c7cc8a88863dae69930993b8e27044808ca042cb4d28584

Download Submit
/data/data/me.hjzy.edu.op/app_push_lib/plugin-deploy.jar

Filesize
180KB

MD5
73221f224e5d32e4f130dbe57ad395c0

SHA1
1a8f63b73dede50dd56f469d0ee9bffa84eb9d63

SHA256
8911616ac34f9c9508d25ad55183ab06dd05f1f80793d70fdf225cd56bf4ad55

SHA512
58a1203866c0c376cfedfb493c21b8733f4796f6743414b810a63aa144b1af0acd9797d132684b8f255b9ebd76ba5405d0b5518c0c353c4a9b8839939a9c5c8a

Download Submit
/data/data/me.hjzy.edu.op/app_push_lib/plugin-deploy.key

Filesize
174B

MD5
86d2cda6a246766fc79564aa36d4b4c0

SHA1
5f8909bfaf0a2e9d5055a1be40f84c6b474fe493

SHA256
08a98deb7e4ad6932cf1a6632ce339477187785a516966e2cba54a6d8d56f444

SHA512
fc0e13e78b63c56063bf224806b61b2a08a61c098e3ed6d6ec314bf3847d3f8297b0fcaebe0d93a50e63b0592915e283f3368ed7fce667504b8d181bbd2bce88

Download Submit
/data/data/me.hjzy.edu.op/databases/dbjha

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/me.hjzy.edu.op/databases/dbjha-journal

Filesize
512B

MD5
12339da8c11f2a0d4bddc5d91ee0496a

SHA1
f32be0a4899d6eeda28a19fc001ec4aca6658b83

SHA256
5f6b2bcc2d8f6efb367f2b9a921db28f3d4a339f3be2983035d827594455ef8f

SHA512
8fb79f93cae50c512a8f62ad3a6252c2d154722ece964f635718252226554999245ad8efd674bb52f529b79344c21fcaaff42453729b1e9343fafa68a5f9242e

Download Submit
/data/data/me.hjzy.edu.op/databases/dbjha-wal

Filesize
64KB

MD5
b7f134ccaa9c6e8dd2260f5ab149909f

SHA1
5e6f91283d2788187697b03cf7cd1dba18bd6cfc

SHA256
7366941e641ddde430bfc76b8e4eb757272db21e87d9510099eb181c23843c08

SHA512
50b8afa57cd956847d99b8708c2b35987d79a5f05fb68a13bdd852b5a28a5b5fa27fb85d4f62cfcc432b91dffcac3f908c12d34013c3376f148988f93f55f79f

Download Submit
/data/data/me.hjzy.edu.op/files/omvzp

Filesize
151KB

MD5
3116775239a81600a2f2db855d5d5cc4

SHA1
2dfcd5afc99a49dfc8c8e3c7b0f7458b641e67a6

SHA256
27691f9e2a9dbd9666db403e61c3b288c3b09b38123b644103c4d29ae8ae17a5

SHA512
4879e376facd783dee70b99c99ffbc60acfd035ca474ec17d5d6c7e26439350a4bfad98c645fedd24a929d93806e7f1b26d4c8f1925309cceea5235dae5faae0

Download Submit
/data/user/0/me.hjzy.edu.op/app_abbkclasses.jar

Filesize
175KB

MD5
7369a10db26f262a829199aacd3966ac

SHA1
3a775e21c116c5f619811fc92446cab72c950160

SHA256
5f2b8b932677f079cdfd75141bf7570d9c81fa2096b0e21214693b80fffbfa75

SHA512
2e59e6cdda267cfbbf76757c9a4e5ded2f56c1310f652f547b7493bb90d58bdebc6715e8261f60601cbe4455c4a54c904aecd37e902b5fc0411685738ada39cf

Download Submit
/data/user/0/me.hjzy.edu.op/app_abbkclasses.jar

Filesize
175KB

MD5
3d840059e8d50035c5947bcc9acb0b00

SHA1
e1c5e7700a3f74f5272a324adf8b71cb05bbee7d

SHA256
29b6ad7e7b6e291f25a9e610f00bbb60986e5a93da11b9e8d41d5e534ac61028

SHA512
29d70361efc09638bc2e5a7395367f32c62fc472edf80819f3a376a13a3a31ad5002933f7e09cdc34d85a0944667b73d7fcfa0a4d7bbebcaf84fc4743f74a305

Download Submit
/storage/emulated/0/Y.txt

Filesize
1KB

MD5
6c3138c81141bd8b435892f3472320ea

SHA1
fe4bb4e154ca60b513b41780a7c6d60f6121b24d

SHA256
a41ff8e4eea3fcb27195d5cc5fcb1140945a72f92cbea68094d28c27e969c755

SHA512
b092e3471bf0418565c60579100bab4a633acb0159e338ebfdcc5da38b6efcd7e5c924de85feae9e01c08a546dccc2ffd101c0907c20cba2e2c4127f0ef369a0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads