Resubmissions

22/02/2024, 17:48

240222-wdtnzsdc3y 6

22/02/2024, 17:47

240222-wc5pvsdc2z 6

Analysis

  • max time kernel
    68s
  • max time network
    82s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    22/02/2024, 17:48

General

  • Target

    ay_1000.apk

  • Size

    31.4MB

  • MD5

    f477959f3d3bb8d12e3450200a40cbd0

  • SHA1

    cf8506f9f335e0779b568520dc991fb32284b3ba

  • SHA256

    8c4a2a5b5b55e5eb9fa279a316d678878958b7ee4ba69706d6d9c09e27cd7bed

  • SHA512

    78f6d27bb9450e6f82c90cfb8aee75bcd250a5485734cf656ca2a43433e335cc8f7991dd019057cdfca77a1b5f8e362472905a24cfaa8fcb4e6a21e5411de6fc

  • SSDEEP

    786432:8VkUWI5a/Z8JypTFDBWeLFIQsslktw/Dvt20lWO:pUWIGZCoTF1WeLvkuxH

Score
6/10

Malware Config

Signatures

Processes

  • com.giraffe
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4223

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.giraffe/no_backup/.flurryNoBackup/installationNum

          Filesize

          100B

          MD5

          453064760b95c70e7040b5e0fdd414e1

          SHA1

          29ee6395118a896fc47c7f5f48b03789a4cd2880

          SHA256

          204a9040cb473f9f222d531bb6790659ce2c8179c8edfcbc48dc1013343ae891

          SHA512

          84f56dfe352d8686aaf8492155b0481aa0911e39a546e1b2735b9655b47ff5c10ea8960167ece78d6f6f2b59d8d264fd89e30fab55b43d270b8afe6b7f57c0c7

        • /data/data/com.giraffe/vars/--_KEY_IS_FIRST_RUN

          Filesize

          2B

          MD5

          b026324c6904b2a9cb4b88d6d61c81d1

          SHA1

          e5fa44f2b31c1fb553b6021e7360d07d5d91ff5e

          SHA256

          4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

          SHA512

          3abb6677af34ac57c0ca5828fd94f9d886c26ce59a8ce60ecf6778079423dccff1d6f19cb655805d56098e6d38a1a710dee59523eed7511e5a9e4b8ccb3a4686

        • /storage/emulated/0/.taobao_android

          Filesize

          35B

          MD5

          2106ae0b052f7d190ae276f933f82798

          SHA1

          90a3afbfc46135a11143c0a0a3654cee4c7719de

          SHA256

          58699806d4a0633eb924e6d6176084ac7a3b5502afddce35d0a13b4f7af2de9f

          SHA512

          3bbf5319e40b682fe956ed38d76dcdd001e06f8d46ca9a1970f598eedba4088cad0ab254860bf48835dcf943ee20436def7ac0fa1525b47acb5d4245b68b4ec1

        • /storage/emulated/0/Android/data/com.giraffe/files/tbslog/tbslog.txt

          Filesize

          4KB

          MD5

          f8c98b78b0ec41ca5c37ee0a182f04bb

          SHA1

          f5d7d3b8988fb69e3275d2fa509b208a735dc699

          SHA256

          f2651da3d58c028f1f2168299dc607522a7f36a2f32e30f3657d50ec5726772b

          SHA512

          a5feea7edf77ba615d5542cf9da22eab11a7f64737d9d1cc039a181c72f41227364f7fc2fa9c449a32f4afbdfb3a3d3fc690087aab6ca928ee9fb30262396f05

        • /storage/emulated/0/booster/http-image-cache/images-new/v2.ols100.1/18/8LkT_NCux7pts7vxUyPEbzdkd78.5443611869783972282.tmp

          Filesize

          5KB

          MD5

          1598b0ac6b85d0143924799c88a826c5

          SHA1

          263d82aa6f84a1f3c2714628d2dcd3f17e44441e

          SHA256

          106c82a044129505a06428c87bdf132f7ce5fb14aabcbfb8af1deacd5f334663

          SHA512

          b638f19407b4e3f4a987577e4708defefed28791d55c40cc6b792a6ca3dd0443152e317441f9acbacd58a80e0635193241ea166669a88a06ccbfeca1df52141d

        • /storage/emulated/0/booster/http-image-cache/images-new/v2.ols100.1/38/QDhhNmQzXkIwhrUx94xwlHB_1LM.5067086357263520923.tmp

          Filesize

          138KB

          MD5

          0843fcb40708c6357174b4e0959315bc

          SHA1

          85123119e340b8da8f62972f6ce69e4f93c60f72

          SHA256

          cc558b2319a15983614a4408d29b9903634750460ca588ee55cb5f0997bde1dd

          SHA512

          03bf9188050e678d00ca2cd662f944550c4e610e9a4d92ad189a4b7d51807103b5f02d886c9569057097dfae08ac9840800531b1d56aa465589f91e4f4b3de20

        • /storage/emulated/0/booster/http-image-cache/images-new/v2.ols100.1/42/mguTjNQFO7VHbU7fYBQmrGg6oQo.5095300306742997371.tmp

          Filesize

          7KB

          MD5

          7e3d314f8dd21e6fb5f8b55ec39f8e0e

          SHA1

          fad0b0fe4bea3c3a139cfc9fbda1cde115773863

          SHA256

          1dcc07775ef64ccf80673a8193f0ea6dc84f6c218b5ffb2e46e7cefbcd83d72e

          SHA512

          9419480e210b6152b19592a7b460d05d61a1fb733a47455497e5e37e1ef3e5b8c069c8d0d8b6c0506325aa556686e3bad0e649a4a0995c7612948351a593b373

        • /storage/emulated/0/booster/http-image-cache/images-new/v2.ols100.1/56/GjKnN6pIAnJT-b9_dn2sUpplttk.3137934713136608956.tmp

          Filesize

          134KB

          MD5

          36af8374aae849ff6e967aca569b3a58

          SHA1

          8df61c7a6a96b5d23b8ac019e591463f48f7e980

          SHA256

          f8235282ce7b39b4823d9a0787f99bc7e5bbd13c9bdba674946f188c28ada0ef

          SHA512

          e7669f34bbe11abf647f99b505b428176c0d8671c0205e91ea04be693818ebfec5c514dc947e4d5b4d79f309bc1053b45b22bc0229312e11199b241cd5794896

        • /storage/emulated/0/booster/http-image-cache/images-new/v2.ols100.1/83/8ZtMl4fKdGxizt13ueYTbbMiUho.6473013054237698618.tmp

          Filesize

          2KB

          MD5

          fa055269e04bf87f735d1a77ce925dd1

          SHA1

          2fd8d89227bc3b8d2681f3179bd24f56aa11ce2d

          SHA256

          632f5cfc15e6d3e01248b555633c76083d238ecc6dad2cc36605bf9c1198b9f4

          SHA512

          a1491624efe2f91ed0e1eb6bac627c5b600e72c738eec1e27243fbddd8b2377233a39b8c374110fd058aded322b062b10e71e75ad421529c7b2dc5a454bbecfc

        • /storage/emulated/0/booster/jph-1/logs.txt

          Filesize

          109B

          MD5

          e157011c38c8fe958bde3c48dc47fb68

          SHA1

          300ab0fcdfd8d154baab8736a059d1d636470e76

          SHA256

          9d66f8a86c3cf91d539361f35740dcdd35289ab439107afdc009fd7dad763fef

          SHA512

          4c42ec43a452a1d730ba02b3c09a4464e692426c24c108e9ec4f9bc70f2305626fef7d2e05588b2a23b97a12a647ea8d8df3c865f7e1a2ccbd40c9233e145bad