Analysis

  • max time kernel
    49s
  • max time network
    136s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    23/02/2024, 12:51

General

  • Target

    795fcd8ea1ed56ce08bf20ea94c1dfa3b7c00b59f76c24deef80ab8500e6f39e.apk

  • Size

    13.4MB

  • MD5

    f516062d3fe2b617fb21b80e729df37d

  • SHA1

    7cae2b4977056af6918903a7dabc0a78bcb5d284

  • SHA256

    795fcd8ea1ed56ce08bf20ea94c1dfa3b7c00b59f76c24deef80ab8500e6f39e

  • SHA512

    03e262c97674fddf0f8ba689f00d7e0f98cfc1cc5d9f15d1c47daaf4a7a377cb7eef7512b765950050bb0b4e46d346f4e5a5100876be69f99809f28595a94e6d

  • SSDEEP

    393216:XN5FQkc//lK9OJNhlphsChNo3u+FsoXWiu1L:XNhc//l8OJPlpO8EussqWiut

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 10 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator. 1 TTPs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.glgjing.stark
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4458
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/stark.ext.jar --output-vdex-fd=56 --oat-fd=57 --oat-location=/data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/oat/x86/stark.ext.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4492
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/stark.dat.jar --output-vdex-fd=46 --oat-fd=49 --oat-location=/data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/oat/x86/stark.dat.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4523
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/adcBMbxqC.dex --output-vdex-fd=46 --oat-fd=49 --oat-location=/data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/oat/x86/adcBMbxqC.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4547
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.glgjing.stark/cache/1610724645094.jar --output-vdex-fd=132 --oat-fd=133 --oat-location=/data/user/0/com.glgjing.stark/cache/oat/x86/1610724645094.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4673

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/adcBMbxqC.dex

          Filesize

          2KB

          MD5

          9114826b08325b51a48fa576c076484f

          SHA1

          d291fa21161f1157edb0a313dd81b1150fd70598

          SHA256

          aca73a49aeb7db4ff6b6eeb2dc0c9b2733270bf2076e88a976ffe2802b88e84d

          SHA512

          dbae74484ee456ac7cecec9f23835c658c63d68feaa7f82befaee19821b0a70c1e178b5976d92bf2c5aa701ac4fc7524a95ccd82d4a6582fb4dbab905e8b0d02

        • /data/data/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/oat/stark.dat.jar.cur.prof

          Filesize

          77B

          MD5

          73655a8f650ced0efdd12e4683bc7ea3

          SHA1

          849f4e8018e291eb9484d9cb31ad7200e437f5ae

          SHA256

          9b1d57c6cb23acd923c8abbf3d5f9d2859e62b7b1ed26357a580b76363847faf

          SHA512

          261e2d74546980c144525a228cb663ca7a39387da215ef8342596a8ce2027cf078fd3e74da568faf5faab02217cce2a1b310c27a61623f0fa6f65926d7258902

        • /data/data/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/oat/stark.ext.jar.cur.prof

          Filesize

          829B

          MD5

          cdc63637c88ed5fc366c0e85d7cf442b

          SHA1

          68f00c2470bebef66e8ee7cd8b15c54e65cdffd8

          SHA256

          06ec539f055902e093617195f8f08ff42483e1c069fad6ad7f5d7c438f75de97

          SHA512

          fa616f080490f305eb909db8f6472d5bdef603f7446ea2469ad2b631596b1072856fb3bab0cee8078724fd345c61cc0226d097abf2a82cf1c6c29072920665da

        • /data/data/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/stark.ext.jar

          Filesize

          2.5MB

          MD5

          3fbe2c6daaedfd63223da1cd20ff09ac

          SHA1

          f4b343529d86a82af676bc2ab111c14166c3a26c

          SHA256

          bc9963ddd87661d5415cb67690e4e7d815f94f6d50993f522aaca06d7c9b2dc8

          SHA512

          9183e70c830f28059b64e5ca210ba5c2261657358db3c85f7db0e3c04fb483e9579ca82063398675abe924704024eaa382ab1647701b006fff5cb372e2ae75e3

        • /data/data/com.glgjing.stark/cache/1610724645094.jar

          Filesize

          9KB

          MD5

          03ee9d194982da8259d81957162c9795

          SHA1

          f05ab5cc908262c4dd51f3e8ca49bc346dc136b2

          SHA256

          d44cfb6b41231f150cf310c7c4d399be9587294e3727197e046db4a1c2c3ca3b

          SHA512

          241f97312aa3e4547ce7f3195667301872bded70880ce33641a26292530ec2c22614a85c7e2437c5a88fff0e6359ef9c253caa79fa49a025869ae5dcbae524ff

        • /data/data/com.glgjing.stark/cache/image_manager_disk_cache/journal.tmp

          Filesize

          31B

          MD5

          8c92de9ce46d41a22f3b20f77404cc1d

          SHA1

          8671a6dca00edb72be47363a7071be65cf270373

          SHA256

          68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

          SHA512

          30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

        • /data/data/com.glgjing.stark/databases/a

          Filesize

          4KB

          MD5

          f2b4b0190b9f384ca885f0c8c9b14700

          SHA1

          934ff2646757b5b6e7f20f6a0aa76c7f995d9361

          SHA256

          0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

          SHA512

          ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        • /data/data/com.glgjing.stark/databases/a-journal

          Filesize

          512B

          MD5

          4e020f3e429065da3153ee6a3d2c1339

          SHA1

          d859d88245bf9b4fcf62d314de27b0bff3f0d86d

          SHA256

          46bffa25d85adcb94c503e35ed7c067974b1c2021f9871f208bee1c583c744ae

          SHA512

          e1e6fb578e5734c96b33e892a0e6bcc061516993afff8cd62ed219a12ea6a72b44f83fb0b262c939d7f6ca01434ad028fe7db65bb84bdbfbe5abb55e345dd936

        • /data/data/com.glgjing.stark/databases/a-wal

          Filesize

          16KB

          MD5

          e7e7111386d82e2ca4d479d0377c537e

          SHA1

          97c226ca48f156a952d614a56ba26dc0c4ccf5b4

          SHA256

          5f34ba4be87e16a49babbd323bb9903b4fba7a77b77366e6be7f592a68c57d1b

          SHA512

          32e8e1c7020adc6a7bea34f2871a106951e4ebd3b754470ccb28320aa9d009d3cffe52ef6cf1c7c76d32423420db9e404156dc74d7c73083daa6348a7966b855

        • /data/data/com.glgjing.stark/databases/androidx.work.workdb-journal

          Filesize

          512B

          MD5

          4bc4280f64ee60f6c56c6bf137571237

          SHA1

          812eb35ab38bfc4ffa74cbd1740f4a3cfa870565

          SHA256

          e828e35766e92660f9c651ebaab01da205ff884effd059047bbedca42e7c82e0

          SHA512

          bb984286e678b3f6b4710a7fdb0449fc1cc57c80cd30e05e74dd0c96557b94051b2e027fbe9e566ec47a827d964c6312d8f36e0c562bac14ff4c88d7f02167f5

        • /data/data/com.glgjing.stark/databases/androidx.work.workdb-shm

          Filesize

          28KB

          MD5

          cf845a781c107ec1346e849c9dd1b7e8

          SHA1

          b44ccc7f7d519352422e59ee8b0bdbac881768a7

          SHA256

          18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

          SHA512

          4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

        • /data/data/com.glgjing.stark/databases/androidx.work.workdb-wal

          Filesize

          16KB

          MD5

          4f0d8cd46fdbeba04045156566942f2f

          SHA1

          b90e521ff06e5e14643a505bc5dc495f7b1a5ac5

          SHA256

          186e51b1a8652d51d0055bf20766b2928e95e404530589de49182eb8bd3a5eb4

          SHA512

          812d2afc0fc08f06c1013617140884e9fb42f5d94c447e19132971c40a189da9772b2fc2222ca228852efb31740013000570f0fd73212836391a5756a8fc52a8

        • /data/data/com.glgjing.stark/databases/androidx.work.workdb-wal

          Filesize

          88KB

          MD5

          519966b474de9ae299fa35cf4a1cedc1

          SHA1

          0ba55a74b4caf2920eca7a3cfc1e1c8e5a87ecf2

          SHA256

          28e5d6684719fd273aba9d4c70504b45abf5f63bafcf0a321350e4367254f9bc

          SHA512

          5f7889c80b28893787a34a9e336a0b694647bf37e1293d49fd6bb18985763f55870ed41b7957148c93d3d729713921cf8f9713e5eb57241318dfe341cb18ce4b

        • /data/data/com.glgjing.stark/databases/stark.db

          Filesize

          2.1MB

          MD5

          f4751251507b07747e940671e2f24775

          SHA1

          e7a291f9b6e41174f7412090e0b129ed90a59fbd

          SHA256

          b561f60bad9e9d080c8e5db0ee4f36e69f1006c80ea40827e700afad91e57eb9

          SHA512

          f6f3a45bb2d824982f7fa4848e83a30239b19ec0c826eea023c89a746d31e79fc9a52c642dd9e79f8c59a70dc5f093894167784f869da4cf0eadff3e43374bc8

        • /data/data/com.glgjing.stark/databases/stark.db-journal

          Filesize

          1KB

          MD5

          bae2d71b76145ce6016d24c8dd6f5d93

          SHA1

          eb0564c568d21e4e7ab1a7fee510389ce3ca2313

          SHA256

          32d3b476ad2f19f6351f642f338a74a89b5ce896f8ba163a48ba43e728d5e593

          SHA512

          6737c1834bef3960e07ddeb60118b8c077a1d877dfa4373a76df0284c67119a339d048f1d1c433b0dd116ff5b95e7dc4f900015fcc98e24e102c85e2e01922e6

        • /data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/adcBMbxqC.dex

          Filesize

          4KB

          MD5

          cd9689dc447cae57366db537314f71fb

          SHA1

          92d7e239c7ed92d2bdc0d9ca41c180b4c2fb5530

          SHA256

          c463870614444f58d1df36e0af2126cf166cbda22c8b1b618314a7ef5265f48f

          SHA512

          9a95d362f1313512c23e98c1c5536b308431c8c67cd01fe32dd162d38ddd976a1a700e6f4e33786853f347980f15483ff749ed994f7e8f2a9360436c89fd3693

        • /data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/adcBMbxqC.dex

          Filesize

          4KB

          MD5

          b8559b62073f2c99afc81d175aa6225d

          SHA1

          876c73f55a258aa7d82fba6f6376622b911c574a

          SHA256

          ca52ab13fd9f3c67fa32137897ed366e2defede6678cedb19ccb11275d84ef22

          SHA512

          2ab922eaa2dfb3794365452f80a0c4a16b33887b091c942decb7222d487d1568b832f16af15ff8f5de0d41b899ccb637c4620137b5fa9b15f198b6b0404a8560

        • /data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/stark.dat.jar

          Filesize

          7KB

          MD5

          fffe9430048a22defaa5ca626f8c1669

          SHA1

          e55ac62d94b111cbab176ac44df2dc6cdae2a677

          SHA256

          0619ad0b92785de36e475599497aa8adfea3a5ff6c86a1488226579c9525545b

          SHA512

          58c253dc1c0c52dec65f39f81db704fb9b12e6146df2e9ec1f424de465be3f0326e56b66eb7766c59d77f42d512a261548fa9fb083600e78c3c4d2385bdf4086

        • /data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/stark.dat.jar

          Filesize

          7KB

          MD5

          055f73bbfdb7bbda3df579326a80b3a1

          SHA1

          d4a19cb6c09078ab4baf356cfb1eeb0f8478eee5

          SHA256

          76dc12034758becf7449f25f30833bb86eb70bb67c13bc2776cbfd38d61bc894

          SHA512

          65585dc1bdd2896c43016159583a3b40b54222217fd65b28be4460895fa38d91af17e184c6ac5f495e55d3e177d04349c34c658acead98f9076f8b1267b576a3

        • /data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/stark.ext.jar

          Filesize

          6.2MB

          MD5

          486195161b29d239b80255b4d3348709

          SHA1

          94e2b46c86cdaffa3c3a116f593cca3bf6d8e8d7

          SHA256

          8bf8cac966cde2d765514997f7ffb2949b371cce78f629ff3bdada8209271c5e

          SHA512

          e3e0a8fd2008033a0d25663c6a75d77e32b21cbc7b92927cc796e56837030008e89b944ceddf42e6d5d8eb6bdbb82aba6476e2d77da0652d1a4990636c9812ba

        • /data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/stark.ext.jar

          Filesize

          6.3MB

          MD5

          c370fa7e36236d4cc3d088079022ea59

          SHA1

          33e6fd422783fbb4407216ef73d61a6443740a59

          SHA256

          d4c4df5d14398b50f356ff15f7845b5b489bd3a27ff0ef6ddc8155b95abb002b

          SHA512

          09060c4f1d5c6706597ee99df25a36645db937efeef72fe6307161b063c6d4e6787a9d4dee0a6b01c252dc1730bb617988c681e4c51d1c8560d86ede1ded275d

        • /data/user/0/com.glgjing.stark/app_u62ngq1ruio6nr2g9zfr/stark.ext.jar

          Filesize

          6.3MB

          MD5

          e1a5b482a8631fdfe44db65cde49ca83

          SHA1

          f602e272f0589ee87bd4859b7ae78ff8291a9cc5

          SHA256

          fab2e6b9a34e7dd7c7d581f224a8a7a7ba33cb7b4228e395dd07f22a327daf4e

          SHA512

          37b68000589054d41553ffd0e541e5a8d2f1dd05df51a78097c6bd78322b7827918c683ef53d3fe647b80203ac123962cd5f7d3cb5cebbbb8e4198cfc04055cd

        • /data/user/0/com.glgjing.stark/cache/1610724645094.jar

          Filesize

          19KB

          MD5

          1ced7d2175dffa49a034973977306116

          SHA1

          3f8200a08b62466017e817605c5386b31bd7810d

          SHA256

          ab58700e1e6ebd3427baac6356ac257a9e5d4b51119132b6bb2c9591355ae98d

          SHA512

          b0e9791e2cd69962a0b5e64a77c6cbe932b2e4f205a533ee551b68968c702d35c52cfeddecf743b497e6058c0884124e3dfd3d9a471d0774eb7ae7046d8c63b7

        • /data/user/0/com.glgjing.stark/cache/1610724645094.jar

          Filesize

          19KB

          MD5

          cf2ed89992c1145a27f078b9da17e96c

          SHA1

          2afc75b5bc6329198ec01829e6c6acbd0c0dee01

          SHA256

          84009ae4f9125e2d61a670b88e41ad81bba2161dc0910b4506ef6356f0ebeb78

          SHA512

          8240cd4dcf4087b5f02400853f6820afe4b2a8825089aaa661662539fcb857b78013f8f3a9dc047034f6f42168fffcc6c1727076ab0e4eeaffcad956659de6f5