ff3575d76dce8546c743408c8d7600f8ef2ba5830064b90db3b7a178d2be1dbe

Analysis

max time kernel
153s
max time network
164s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
24/02/2024, 02:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a0bb27b3b4bdcd59cbec40916718a82b.apk
Size

2.6MB
MD5

a0bb27b3b4bdcd59cbec40916718a82b
SHA1

092734c5bf464de2b1be33d6631be2f73146c8da
SHA256

ff3575d76dce8546c743408c8d7600f8ef2ba5830064b90db3b7a178d2be1dbe
SHA512

70d3911ed6ddeb1c62eae652b2b3173e0f64ba7e3668fddeb683482bc9364ec0e234b7ed4c8ed7e0c0fee64dc205e6d0a5dfcfa4a7135534ebc1d4b1a48ed5bb
SSDEEP

49152:VYAhAKzFMoyYCLokMeHrbGXE6VgxrkEBRyugMygtyMxrUhGMJt+p29C0DWAl:gyy0CSeHQG3uMygtzUhGMRUW

Score

7^/10

discovery

Malware Config

Signatures

Loads dropped Dex/Jar 6 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/storage/emulated/0/.push/.app/source.apk	5029	com.zxfh.folvmefx.ilepwej
/storage/emulated/0/.secur/.app/framework.apk	5029	com.zxfh.folvmefx.ilepwej
/storage/emulated/0/.secur/.app/framework.apk	5086	com.zxfh.folvmefx.ilepwej:remote
/storage/emulated/0/.cache/.app/.lib.apk	5029	com.zxfh.folvmefx.ilepwej
/storage/emulated/0/.market/.app/.mini.apk	5029	com.zxfh.folvmefx.ilepwej
/storage/emulated/0/.secur/.app/framework.apk	5086	com.zxfh.folvmefx.ilepwej:remote

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.zxfh.folvmefx.ilepwej
Framework API call	javax.crypto.Cipher.doFinal	com.zxfh.folvmefx.ilepwej:remote

com.zxfh.folvmefx.ilepwej
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:5029

com.zxfh.folvmefx.ilepwej:remote
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:5086

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.zxfh.folvmefx.ilepwej/cache/AnalyzeCache/1126940025

Filesize
982B

MD5
5fe759afa4bd00ef6b35b602a6645d68

SHA1
6fa349d6254cd4197e5b2f6d42e68b13c3f67ec1

SHA256
d5625f0b2ff52b5945a8a5406ec87ee04ad19a502ca5b3079708ea0c05a96a38

SHA512
13ddf00f97b870662134d03c1c322f453ae38d1cae3623a9f9c9f54af2714dd2acc5fe979612dab5b5f591213c532c530b957462c10c1c46f0648e43303d5bd9

Download Submit
/data/data/com.zxfh.folvmefx.ilepwej/cache/AnalyzeCache/1126940025

Filesize
646B

MD5
c9acd5dac1f8c85710fb3eb3648e1590

SHA1
110614c3133a67c0c3f652a1dbfa47318c219c31

SHA256
6aeac3b93c2b0e647b21bd41d361976cf8f40c0300c6842715173cdfc12aadcf

SHA512
f8a345d32bbab46d30132a07aba820be401f13b2e1552854cd6f6bacf943e0acaaf691170dbb6c1db8d61d122cfc336ded490c8a075092356445293334447079

Download Submit
/data/data/com.zxfh.folvmefx.ilepwej/cache/AnalyzeCache/926934164

Filesize
1KB

MD5
daf55f0f73fef3ad52a93693345af557

SHA1
0e143a8d879bde98b57ddec310262f6a4767bd8f

SHA256
55d548868146091bd05cdc4ff4b3fbad830cc55e6fc699f584665e52cd8e6d41

SHA512
bb3c39a7eee3ee98b1b0950f4d56a77f322d9d63039b4fbc9ccf49148dcfcfee27358e1b59e59d6d6b7f5ff9a8a72618d595dcfa219568f0ffd6ecb75bd1a2e5

Download Submit
/data/data/com.zxfh.folvmefx.ilepwej/cache/AnalyzeCache/926934164

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.zxfh.folvmefx.ilepwej/cache/CommandCache/a344bea54b9b2fab21f588eac5413e5b

Filesize
982B

MD5
66e8403439587f1f98400140c233b590

SHA1
bc40313e7a9aa30bd2c9e21628a930503d52885c

SHA256
9fee6be04a7ef1b90fd2192cd3ac8d37db156d1d2d70378e4279d263ebbe040c

SHA512
296447f00dd863ac91ac0a9210f74176c07589b1bda1de8cb0ecd8a01f32a8f452e8aca3964424096b4974f511fca7d9f2adf6f7fdfc066d427be63995c6682a

Download Submit
/data/data/com.zxfh.folvmefx.ilepwej/files/installation

Filesize
1KB

MD5
6acf512c5929fbb2c63bcd46f911ac0d

SHA1
7bdaed6859c87fe424d5f0c1a3ee9db49fb3f00b

SHA256
636e38b29ec922a52a6b2287a95dd98555592fd80be5f0ddd1d8719a740dae02

SHA512
5bd56f1113cd0d7b26ea4459fd54c7d1081260197aa38c1f96f0e9f739cd323a3e2a6d5a6af57650d1df592db0567bb301cc4c0c1130e4ac5cc432f510eb0022

Download Submit
/data/data/com.zxfh.folvmefx.ilepwej/files/installation

Filesize
1KB

MD5
1b3a4e6c602e18bca16bd60698a3964d

SHA1
6753b5e01d163ea1ace31a49dc91a932e01db33c

SHA256
7b254866c95c6ae6dfbe68e1f6dbe920b5eaaaa5fbfa0f9fb9351a4794f8ffac

SHA512
4f7c36dec7a04224566b102b65e13c2d1cc53532f2c560557a4e30c50d615c826848d36dc8599d2827ba802a50afbc8778d2cddaa9329e5962fe2c5a8061a5cf

Download Submit
/data/data/com.zxfh.folvmefx.ilepwej/files/installation

Filesize
1KB

MD5
2ef6192c31c55d9923fd2260976261dc

SHA1
515938b7daf933c0d3bcff85d5498763f1150975

SHA256
3479a74d1dd5ca968bbd26ec7b89976c2cd98ae01670332f4840e720be9e8bca

SHA512
0a506846f1cf4a7df9d243049ff9b3c2cad78450ace46dff95d4986efa937f4ef9b2ad0d41df0592ac1b8f6c3501ec8646bb9f301d40b9f845207cb5983140fc

Download Submit
/data/data/com.zxfh.folvmefx.ilepwej/files/installation

Filesize
1KB

MD5
205f3d5749fd472f3d27b3dfea916576

SHA1
9d8e49a79d849c09c33e4a070b32ad23d05eab6d

SHA256
f99e393656ddd538c050f2c8d90e0b3026331eba9bd170c449465872c4fdd333

SHA512
361e8e2ac90438f5cb2496e036f77ab34bee2b25a1051ede5aa8790b7acdf295c3030e86c38e2dcd4d54e163c1fa537540706a77b67683362b1bc6e2ab387e97

Download Submit
/data/data/com.zxfh.folvmefx.ilepwej/files/installation

Filesize
1KB

MD5
8b3b05fd778b8a41a5b3078e03f9b041

SHA1
13a2ed46cf4acd4dbb0e48a080ee0dd144fbcf5f

SHA256
053b152f853d78571c47a2d08dc84af2898fff7cb8415d1eaa5eda4133dfbeef

SHA512
14fcfaff95f35626e254a69a01f2af2b8b7857f11ce6b3036c96af14f1e5dd66328a87f95f8c7b75bce4d23b825939015a2ffc6c0b9054d909cf8dee9f498c7e

Download Submit
/storage/emulated/0/.cache/.app/.lib.apk

Filesize
566KB

MD5
b2535c3d7f877e2d4a7ab349b732a98e

SHA1
1799d1cb540a9e3787b5d64a0a17f38facf16090

SHA256
34e9ada7f133007725944f8f9d7171f242be7633a0d576e8df5d6f1f0e2f8066

SHA512
d6f022e5e853d29ac005532627a32b4907d7b4895bfe5973d70f6e87c1ef1fa20d512d707fa2f2544eacca03841a66e779fc94fbc34536306df07c19ad53efad

Download Submit
/storage/emulated/0/.cache/.app/.lib.apk

Filesize
97KB

MD5
e712e854cd4824b463eb1fd05cc497e1

SHA1
0b7d050bfc2341f9e6a14a5aab325efc16525875

SHA256
376c780d87fd786530fe4a44e01c24e968a6998c2f178da6dfea894772311916

SHA512
0cd135614c5a4996d59862441b21ef3b1673047e85576289fc2473156648379cb505f01dc1a4aca12feeb8f784e53c10b26c720f3eefce9869234379e3162713

Download Submit
/storage/emulated/0/.market/.app/.mini.apk

Filesize
70KB

MD5
1753d734ba9ca4780c1762e9572750f7

SHA1
dfb829058c3f050141c85efa206c0602bd9b51ed

SHA256
1607f76cc9cc5ba62c15a2d80524eb9702af26cbbe06595b78e64ff06ebb276a

SHA512
ba5f4269ba414bee4bfa9d34dec701ef4f8e0417a78b31de7cd2eae1cc260328b22a7e4e094ed796e4360922aeceeb8d7d06e324de3f95d565d01ac2ec747eee

Download Submit
/storage/emulated/0/.market/.app/.mini.apk

Filesize
78KB

MD5
fe701b18e66d038a5f8f026bae81dc8e

SHA1
0cf005d580fed923c442a7baf6f5022fa5c936fc

SHA256
ea7a779fc423f70ed5159bba447af8a7c335faf1b0c1c071c4f015dfab814d04

SHA512
0f9eb011b8c99e89b4739c52ae26bc0d9b53ba0a032213e73db62f8121143732cc1ffdf1dc2fecb547e60b3c8ac98b3a72771cbc81e133dc05200b2e0dec8bae

Download Submit
/storage/emulated/0/.push/.app/source.apk

Filesize
197KB

MD5
bcdda60dc329384687cb98f76118cb27

SHA1
ba99b996524c7bc690e86bbb859b535c1555bc57

SHA256
39abf9aad0f60d122c02835c9c1377c0e340a98c59651465f5fbffab665de0e2

SHA512
0b9ac4ef14021aba05e476771257ff5c6dbad1a210c2376f6143f58c2507b5ceaade91f18725ff5db03d06c47cdcc375d014d358d67193b47599d5d224e2cd62

Download Submit
/storage/emulated/0/.push/.app/source.apk

Filesize
91KB

MD5
90745bc24c7702fb15c78901c44a617c

SHA1
00404a163a4577902b5ff43397205f3810da9a81

SHA256
b12f74fda48c46cac0d09dd7bc85d8440066d4a384161b7cdd1ab5be741304ef

SHA512
c421ba8beb93b0780776686709eb756525a217c11252237627161a298464994c205920633ed3eff8bb46bccfa47850b942792fb92eb8e8ddb7fe6ea1ac5618e9

Download Submit
/storage/emulated/0/.secur/.app/framework.apk

Filesize
84KB

MD5
323bf238ed72115007fdfa8a5646dbb7

SHA1
5bdbe1040f01cc1438d53d70f910e65f7ab233dd

SHA256
9144bb31461cddb8888f09c2b641530c9a80da3f7aa9a0c088cac953aa429d46

SHA512
906154185f73e2e560e4fba1d20a1fba1347335f3a269479b3ef84a5dfdc0b4feed343f015f7cc89678b46c76d3d30c55ca6dc7929857090c5efb70d3f7d580d

Download Submit
/storage/emulated/0/.secur/.app/framework.apk

Filesize
92KB

MD5
9f7e2565b4e7205c6aba3adb542ea389

SHA1
898ccde7a4c941046a005c5b6dd3584209bf9922

SHA256
31aff9c0470317f333a3dc2a6effe4bef1453ff47b28cbc4c10dd2ec8a29d1fd

SHA512
9fdc7e48c96eaff2f4ed629cd04a500d3e5ec9451b332e3d1a96cf8c3a6df2f30965035fc260fc725bf90caaca71935e30662ac9a0394e0c5f7ddd9a10979546

Download Submit