ec9210c87e40f4ab0f2438f2b7b84a5e8e9d368a788458e504ad0039675b6c73

Analysis

max time kernel
125s
max time network
139s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
12-02-2024 14:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

97532604306f6dfe3e3d34567fb0dea5.apk
Size

14.3MB
MD5

97532604306f6dfe3e3d34567fb0dea5
SHA1

415b61ba8a02e7c380fdd5c77389aa17909b7253
SHA256

ec9210c87e40f4ab0f2438f2b7b84a5e8e9d368a788458e504ad0039675b6c73
SHA512

1fccaaa1990dd1494985ed47b7e00c7a9234613c5f068818dd14f0013c7ddf73cab40602b3f9ff4646dd3eca0ea5f4420acdd22af99391f80518ebb415f4cbdc
SSDEEP

393216:oVzySXPOwxag+b9YJoyOIUWtgRQJPPfeJf2:FEPOM4xooynUXQlfex2

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/data/com.ourpalm.calabash/.ucache/classez.jar	4265	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.ourpalm.calabash/.ucache/classez.jar --output-vdex-fd=47 --oat-fd=48 --oat-location=/data/data/com.ourpalm.calabash/.ucache/oat/x86/classez.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.ourpalm.calabash/.ucache/classez.jar	4223	com.ourpalm.calabash

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ourpalm.calabash

com.ourpalm.calabash
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4223
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.ourpalm.calabash/.ucache/classez.jar --output-vdex-fd=47 --oat-fd=48 --oat-location=/data/data/com.ourpalm.calabash/.ucache/oat/x86/classez.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4265

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ourpalm.calabash/.ucache/classez.jar

Filesize
215KB

MD5
4bd7250abe1488da8e83824d496cfd94

SHA1
675af10b44c3d06a14e05e43e67f07024e9dde5e

SHA256
2604c84f15b1cafcc9b150ae5720e8c8416060a7e0d67c5ac856816d37657a1e

SHA512
29ce5e6fe6fda905afa1ac7a64c53d15c3c3224b140277111d25f5e5f4dee29122cce7449ad7e61b4553e4908d41b39d0437c321f75df90c1c4f7a144a9e0110

Download Submit
/data/data/com.ourpalm.calabash/.ucache/classez.jar

Filesize
636KB

MD5
b1d69374f9212259d6677f893e580d87

SHA1
78594fd71fafc5299c5eae55220e6e3d0bf0d27e

SHA256
f7c6ec455c85f90764ba15119df81718bf97d6fe004dc4a2729e82119dc3f908

SHA512
ef3e8e7239ab964c4cc3ae62ed418dbf34b94bbcd9f3a70a8f83ebb641b5b2635a14f4a25d53127b17d39877cec2b0303ba4978156ba0311ca76856199d73ba5

Download Submit
/data/data/com.ourpalm.calabash/.ucache/classez.jar

Filesize
636KB

MD5
f2c24b326335dc403f74688f6df9051a

SHA1
5ca23af3edcfa7961503c006188ae0cefea1ac63

SHA256
e8beaa3f281a237e078fd8cd30a5050e2bf19f9d9652b497a02e1ce5ddfe6470

SHA512
008ea2dba577edf9656bfab3196bda2c317f93aebde3eee3fb370a9f0cc438505bc5d0a8b6cb437d07ddf2d82cf25421af84cc42f29fbb7aec4d287444a212de

Download Submit
/data/data/com.ourpalm.calabash/.ulibs/decrypt.so

Filesize
29KB

MD5
d7cb8b5358b1c095511cf9edb1c13354

SHA1
2ecc10b8e73597d54bd13b7b2046477f1bd40939

SHA256
e551db916184b19a7dbd2393e41b54543cc5eeb10ce3550b5219695ab6126998

SHA512
c73123bae60da7a98c56f7209a5b43b3939e774b288790a8392713c1eb6c1ae4902948d2e2faa07648df5d0e9c35753cd6ca4c0f2e9cb67c3fa45eb6d5599cb4

Download Submit
/data/data/com.ourpalm.calabash/.ulibs/libunicomsdk.so

Filesize
25KB

MD5
6cae1508b702db4ebb19682c7261b4aa

SHA1
91eb197382d14418747125763e08c90779e9c887

SHA256
4928b78cb26c84674be1eae723fba27e778292a75c22191fd241f9709303b9b3

SHA512
45ad054078c1909f32f2ebb124f983546a3ef9bea38919883b884e345a79e0d37d0741553d17770f03e39599eacdd6b05c8a7d4910c48a569b1ba759922dcaa2

Download Submit
/data/data/com.ourpalm.calabash/cache/2.0.1U2111B0319_resource.apk

Filesize
139KB

MD5
6088cd3228debc405bf311bb303cdbbb

SHA1
33b28585187d90e5b22b732fc97309bae7141408

SHA256
0e83be96976f936927c16e709622396d814df47fe634f430b4b556e0a9c8b1e5

SHA512
bba92ecd4be50306db8fc220cd97a8bf3023f268450fe5e58edd24f61f3dd224c6f4fe5614d3395b8ee456cf25b72f46881889ec193aa04b07bc6778eafc8280

Download Submit
/data/data/com.ourpalm.calabash/cache/libunicom.so

Filesize
37KB

MD5
652f6c3442c9a214e4eeef3f0e2a9516

SHA1
7d634fab7f0ecab479f814fd3ae11e17ce27d06a

SHA256
f9b06d04575c9bdf6cc1e02b951ca44214a7faed0e47e628d3303f3394490def

SHA512
201cf65d9a5bb92d0c37019fa4b71f4d4ecc97d0cd1c09c7a44c817245a898934bc6cc2b3cf247d529b10386e9deb2746c39d6f7ac91be3f5c8d5d75fa37641c

Download Submit
/data/data/com.ourpalm.calabash/databases/Statistics_Info_v1.db

Filesize
20KB

MD5
553937a54aa43b4a3bab89df6f6e3fe3

SHA1
6d92d7b4ab5143a21140b55f79e58b9a34258869

SHA256
a24326fa73a40b9b975f35cfc3809bcd67ffeff6a4c271284454a4de376a56a9

SHA512
0a256dc8bbc17698ed21d313d55f34f84d4f38f038f9cdc64f606c2a2979dc209d6aa786c0af8832d6bb08caaf6fd9688678779a95dad88bebf6fe409ebcf6c5

Download Submit
/data/data/com.ourpalm.calabash/databases/Statistics_Info_v1.db-journal

Filesize
512B

MD5
b5f029a6301ed24b8c4ad5e27e0ef160

SHA1
4dbea88d9e9d2c3ee1e429ce10f8720da119db24

SHA256
5a07911665ca80f98166407a0a5fb28689fce0968c7f9b3c889c8fe5cf98cab9

SHA512
91d60e954439749784dd12b67a87aa4e41d0c6a79abd7e7852416ed1e15b4df4549a3bc5cfda5e35e50ed7050b80da61014444772fe9079ff44796b4be00f140

Download Submit
/data/data/com.ourpalm.calabash/databases/Statistics_Info_v1.db-wal

Filesize
40KB

MD5
75cfdd3a1fc566130d41ab08cf4f64df

SHA1
97bb6d7fb6ba4760c350196c4098089ef2b86cf5

SHA256
dd877ae83d3ba92db81c87194c83574a675de6ec4db2fbed079536b5fe0a0356

SHA512
37a85313750533cb2f5e762145c88a52819b38f52db71aa94f9f7f53baa2d6cf36cae88ac4a98be57fc1e3ee96eaa5a74d77e39f3ac919a6867461c7a5f9fafd

Download Submit
/data/data/com.ourpalm.calabash/files/.um/um_cache_1707746620932.env

Filesize
596B

MD5
7cf4e63b091617952e39d7ce6eebc85a

SHA1
9f31418ef2abb5c6c91ac1a9939289959b7fc937

SHA256
e21a28c5d36f3c2418eaac5f714cf5a09ce6feca76ce970ff860b251ef94c467

SHA512
d28ceb97745318a47ba7ef636199b10a46602a5397273251373f84d5c65822b3c1054017bca6fafaf3880abfcdaa0cc30b06a7a1fc0a1679359ef5bb8e717e12

Download Submit
/data/data/com.ourpalm.calabash/files/rd/Hero.sy

Filesize
74B

MD5
c7638728052b0cb95e4af7908d3cc822

SHA1
1b78c2ca8b5e017a37da1013fd26dc4bc1615f4e

SHA256
c7f1bf1a07217532c3fe6fff1639e5dff5050bda4d7e7be94d0e2d05deed9526

SHA512
3e32d29e2be5b7c4dda1c567b4e4f366f0f5e512eb916ab95c775d1ac51d7dba758ecaccc039f92387daa60589026907ee4e6f40d74d19d37182484bc1363cf0

Download Submit
/data/data/com.ourpalm.calabash/files/rd/music.sy

Filesize
86B

MD5
862ed6e9b06805a0408c9b343b04930a

SHA1
05dc078511705fdec37a1e9d0e2dd67ac04bb7e2

SHA256
978a6db8f5eda9277464c0ffcb1ac106ca6c87ab0b66b0423ed7937ea967f7d7

SHA512
ac1e47b927a1fca925f3437a2561c0b15b74659c0502f1f4d24daf84084b22a2a1dfc85b41cbcf296b4cfb3129145ea2b3d6d417c0f7e7544d2c2b920dbb0e43

Download Submit
/data/data/com.ourpalm.calabash/files/rd/player.sy

Filesize
33B

MD5
8227c68866a38aca9c765886a1652a69

SHA1
584655bad010e713f08d97c4ae0581c042375942

SHA256
02c68f052477dde15ea409729438ec1700aa961fa6670165e2f664e49f74d94d

SHA512
b8197f5a32df2b53852b5cb18ec8ad7ea63a1c2e64cf5e2dd1503c46adb346dbe8086c7ec0cb879d6b0e0acdb30c8f083bd813c7103de2c6430095585ce770e6

Download Submit
/data/data/com.ourpalm.calabash/files/rd/searchPath.sy

Filesize
6B

MD5
607d4f6f8c2466cad84d8f3807701d26

SHA1
873acd6509853fb7125be44a4daa390bebc78970

SHA256
7250f06388831da04eca52ac392bb974f84a03285fdb4c336d0d0719bff83d31

SHA512
aac61eb9c68bcf48aa6859b4529d709a6e22649d4f14c44840ed61316c45955a27b72742447f436d520d6a3efeb039e648d5d149a6fa57b34ff9fdfc0dd32c22

Download Submit
/data/data/com.ourpalm.calabash/files/rd/value.sy

Filesize
78B

MD5
d3c0e359a7362b809612c5196bf710a9

SHA1
63d30964df3a74a6363e38cf10939ec7410bfa90

SHA256
75227605c94cae5c1988d3fba778e12e2cae7bbfe5c49bb44732cbc7350bb8e8

SHA512
5b4f19f551d5b763df5769816862625a4210abe7337057fed082641f1f6549c04fcb89de6b4231ed249750c1aa79667eb7fe07c8d9d88f5345c54d3909f023e1

Download Submit
/data/data/com.ourpalm.calabash/files/umeng_it.cache

Filesize
310B

MD5
84281da0abd679624133d427bf9298a3

SHA1
76789c05defa653945352f971b8f83b3603ab583

SHA256
85d85eeb72516b41094071faa4cff188cf9f6dc28ad4016d106b1035c93ae753

SHA512
999c0319e47d5b2e32c9257f4dab714ae2ca970b8d730fffde5dc5a060fb8ae4620ff4a3d221bbee8fdc33c00d28fb9166dbeecd74eef4cf919fef2953d72c04

Download Submit
/storage/emulated/0/.unicomCache/login

Filesize
848B

MD5
949eaacf27fc0cd7280808139e2dbc7d

SHA1
c054b1a3565899459c7a2820c29a4c0583636876

SHA256
ee249b626aa011a29dbdee07155832a1af83388287eb8befdf5a82e4c6426237

SHA512
068e0c9e8598c463b4b115c255af45d018cc61ba50d46d6d387ddab9b5e01e388a2fe105be5bfebc70267738e019bae88e9b0bc06cd978c60a1ecc375726bd21

Download Submit
/storage/emulated/0/Android/data/com.ourpalm.calabash/cache/profile/unipay_profile.dat

Filesize
128B

MD5
c79ed998048ecf838f080aa1a54843e1

SHA1
cd7d5431448ab67bbe5548256e800939d1ee1664

SHA256
9b42b42c58d3afe7e757981c6617fe2f6ba4a16ca1e2a9b3acca70a369ebc40d

SHA512
bf0e0e0df6eaebe28d9f9b15c688fa8a16fb62eb8937619b22b33dca1f606d30b3f9132f650ae40213a28ee962519dd88ebd96bd3ab95569cc1d4ab6ce8ff13c

Download Submit
/storage/emulated/0/wostoresecurity/data1.dat

Filesize
8B

MD5
6ec14f36db9b1f65d9bef520c69bb8e9

SHA1
6bf3b1c7b6fa3310b5caf04019300fbc80d898c8

SHA256
3c6b68079c243f18783e72cf7af5e5145e6ca763ceba2ad8e2f8bad030371e3a

SHA512
22ea41596205ac49af13ca7f32226817c79616f31b21780bb7ec67abc44111f4b3a082421390302938df69d987a11675fd7f68b03d236f3d81316f0f57b2a0e8

Download Submit
/storage/emulated/0/wostoresecurity/data1.dat

Filesize
252B

MD5
abb60780b3e57f74730354001fac7216

SHA1
44a7daa3a2e7d411c9a06f253b20d530f269778f

SHA256
575599892e376c97978f07caa0ca81f28c01101459d5b12c07cacabe684b66b6

SHA512
1c9ab9d26ac046174afea4dfecb842869d8f631d8377fb986fe620d6df070a2892795bf5bb5116eb3fd595ff3ebf002a582ab777ea58f220ec309bc45d96c70e

Download Submit
/storage/emulated/0/wostoresecurity/data3.dat

Filesize
48B

MD5
efbc4cf64a884a399f362b9e8874dfe0

SHA1
217fc6fc5d08e987381d2a35d89b6be76d20fc30

SHA256
e7014a0bd996727b5c728edb8b3ad00407a0515436a01d0c93127356777226d7

SHA512
4bc7ec04e1daa6d2ac0f3d894a33917d83679b4eff4fe641586015b034489add862ed7260838ae0e118833d1e2fe8227c4ae51a1cd660ddbf59215c94a1476d1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads