7e8dd373bb75299d9589378576b6f09d75a2e3d66d650659bc1152c129adf250

Analysis

max time kernel
140s
max time network
147s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
24-02-2024 03:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a0dd9b20b9864fc5bb324163ba0c614f.apk
Size

10.8MB
MD5

a0dd9b20b9864fc5bb324163ba0c614f
SHA1

22f22c09e732859b60c57944ca9ceca38adda78c
SHA256

7e8dd373bb75299d9589378576b6f09d75a2e3d66d650659bc1152c129adf250
SHA512

cba808b1767d32b83cbd2fe18d8378c64256113f6a8211361fbe6808be9eb24674bf1378d5f35774162973cd7d7e00b59c9c0cf1b4dd6a7e4dd63ba076062c80
SSDEEP

196608:TrWWRfoghC/Zdamdo/W32OXYQs1zZ4+mICJZpG+kqSdON9M4F9czFzBAUMXvsu6u:TrWixe18eeCNGbYF9czFzBARsu6uB

Score

8^/10

banker discovery

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs 1 IoCs

banker discovery

Security Software Discovery

T1418.001

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.bjgree.service

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.bjgree.service:remote
Framework API call	javax.crypto.Cipher.doFinal	com.bjgree.service

com.bjgree.service
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4227

com.bjgree.service:remote
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4272

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.bjgree.service/files/customConfigdir/blackNight/custom_config

Filesize
2KB

MD5
1aa5e2663dd6c6f08b60b0461758d1e3

SHA1
0345413f496acf37fd3dd37cac1a3678e7bb49c3

SHA256
21799a1a187da799d62d4bc0831585aff0d5b9392dd76dfc6276c176d06a4160

SHA512
0e41e3911c25b2125344dacf1c3ad0ab1007c879b51aa3c4326cf73a83aa25386e69333e6ecb658254f46bc37de483c8b826e9f49d338c85920ed9dca5bf490a

Download Submit
/data/data/com.bjgree.service/files/customConfigdir/freshBlue/custom_config

Filesize
1KB

MD5
7d53282e76c3f4bcec580896bbc660c0

SHA1
49946ae6a66c8cb024abfc053443fc987e15bb41

SHA256
3039ea5064f590e5d078ee01e9b00a1d3316c542236ac0bd4fbb8ebe084f1fb6

SHA512
05726c3f1f45b9d90f81ca107ad9294187698013ddd411fc13fafc65843c060075acad4e878b5b268d536499e7a87160a3b614bdb55c8e11b91070022144a01d

Download Submit
/data/data/com.bjgree.service/files/customConfigdir/midnightBlue/custom_config

Filesize
3KB

MD5
65437cc6c868ebb7d60b235bc6babe1a

SHA1
7ec6fa59589421ca585e704180a879101e901fd9

SHA256
c4a9282866f01881677847b4bc0337f528444f2638f33cacb72f6b974124b5bb

SHA512
22a6dfa234206f2fe45300d60585bc360f80212b1056c6d504e2ca63b0ec01b8dfd8a99a241a5264c8638952b6a62926be7156b14438255ea0669974d23131e4

Download Submit
/data/data/com.bjgree.service/files/jpush_stat_history_remote/c91877d04308ab8e7a415d1a/active_user/nowrap/d2746870-3cc9-49bc-b3d4-601fb40204c1

Filesize
159B

MD5
c91a921cbf39cf0e9e606d1dab420989

SHA1
a15edf2398a31dc41fd7f4b28d4046827581a073

SHA256
1b98f11d0009a2e4bd0ea659fc74e0a8ab8be298ddaeafa2973040e90cb0ee14

SHA512
5625c24e5f50287f99674a35eacc18be559bc800a591bfa509575fc7d7bf4ec3e7d202a864ff8014ae2bfbcce458e24b478db236549747a8f3756e9405bf795e

Download Submit
/data/data/com.bjgree.service/files/jpush_stat_history_remote/c91877d04308ab8e7a415d1a/normal/nowrap/65734f2c-529f-4f76-b189-63c336733592

Filesize
202B

MD5
f93f0510bb485385987e438acc46dc62

SHA1
e4f4b4b3e922ffdff24ddec691c93d17f7ffbf5d

SHA256
e3be8674454e4be9502e3f8d28a91adf4d7ada91a3588179bb4166d6819a16d6

SHA512
57ecd942d840d386b79df184a6299516c32e585879ff694400457f043e15d77a9b63aae2c2f2d91c6d52982a3ef0d5085efae189331ad98a4ef9bd844966350c

Download Submit
/data/data/com.bjgree.service/files/libcuid.so

Filesize
109B

MD5
88dc25455456c8268a29c9481b9d0306

SHA1
72924791bc1c86586d30e215ebe056e4d655596c

SHA256
7ea0a1dc7986afaa7b6b55ccfcf13dc8c4f7dcd9f0fb54f93feb77b7cc06a14b

SHA512
4ad87ffea6754b1ae52163ac3eb449facfdd59cfba7742f7930cd1507fd5c076c0320bd06e5cf60321c4470d86f5d56ecba5cedae467ce17fdb27b4ebb085221

Download Submit
/storage/emulated/0/backups/.SystemConfig/.cuid

Filesize
64B

MD5
a2507e64bcbcb54d78d3737ac7b36b78

SHA1
6f7252ab3f48eee670f991f340a2b810c8deb17c

SHA256
5d8e40ce95b59ccff328991c25b2453ca4915e6c747e4d8e75363d5654c3ba16

SHA512
8fc49cedafb9ed1095f03d5cb07a5e9b5d8d3c0b1cf60a6e826404a1e7500f695737d0f1cf588eb7beabb12b72651955a5ab6319679a913ba4d67ada2735d309

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
109B

MD5
2ef9602deebf6fd58b60858d196553c7

SHA1
b5f8280b6a7cc6474c8510a1ca8df1c6f4bc8e8c

SHA256
0e4642720e038953ad7e9b8b63142e1e2f0603396befdb4f302f3927c6e92752

SHA512
5e3fa3acc763078d1918b3e4a75aec0d4f2543692ff29c44dc88bb81329a9ee163455e2933c269141b732c980fed62d77082c6516995af4d803b7753c96bd0b0

Download Submit