754ad637546c9620bcf440f29e759e6cf0b5eff8844dc844a1672d94d04eab78

Analysis

max time kernel
14s
max time network
154s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
25/02/2024, 12:35

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a3cc0fe6fd62c46cb7868a513f36afce.apk
Size

19.7MB
MD5

a3cc0fe6fd62c46cb7868a513f36afce
SHA1

8e468db6ada7f52562bd02ef4bd5afdf4f1cd482
SHA256

754ad637546c9620bcf440f29e759e6cf0b5eff8844dc844a1672d94d04eab78
SHA512

30bd665a94d883a41ee8fc198eae62fb77fa0a86d292b88255c1d2bd81522058590016c8befcfa3ec8270e3981d0767416ca18ae7ea97451a570a8b23f7576ae
SSDEEP

393216:LPm89k+pwXemBYnfUdS29wMThaMkfP8rqrKLuwb+5nwU6hKUGoStboItLrRw:Le0wXifsr9xNrqOjb+53bvoSxoIVW

Score

4^/10

Malware Config

Signatures

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.yuecai.haidaijiekuan

com.yuecai.haidaijiekuan
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4186
- /system/bin/sh -c getprop ro.board.platform
  2⤵
  PID:4216
- chmod 700 /data/user/0/com.yuecai.haidaijiekuan/tx_shell/libshellx-2.9.0.2.so
  2⤵
  PID:4237
- getprop ro.board.platform
  2⤵
  PID:4216
- /system/bin/sh -c type su
  2⤵
  PID:4266
- logcat -d -v threadtime
  2⤵
  PID:4323
- logcat -d -v threadtime
  2⤵
  PID:4342
- /system/bin/sh -c getprop ro.miui.ui.version.name
  2⤵
  PID:4364
- getprop ro.miui.ui.version.name
  2⤵
  PID:4364
- /system/bin/sh -c getprop ro.build.version.emui
  2⤵
  PID:4390
- getprop ro.build.version.emui
  2⤵
  PID:4390
- /system/bin/sh -c getprop ro.lenovo.series
  2⤵
  PID:4416
- getprop ro.lenovo.series
  2⤵
  PID:4416
- /system/bin/sh -c getprop ro.build.nubia.rom.name
  2⤵
  PID:4441
- getprop ro.build.nubia.rom.name
  2⤵
  PID:4441
- /system/bin/sh -c getprop ro.meizu.product.model
  2⤵
  PID:4466
- getprop ro.meizu.product.model
  2⤵
  PID:4466
- /system/bin/sh -c getprop ro.build.version.opporom
  2⤵
  PID:4491
- getprop ro.build.version.opporom
  2⤵
  PID:4491
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
  2⤵
  PID:4517
- getprop ro.vivo.os.build.display.id
  2⤵
  PID:4517
- /system/bin/sh -c getprop ro.aa.romver
  2⤵
  PID:4542
- getprop ro.aa.romver
  2⤵
  PID:4542
- /system/bin/sh -c getprop ro.lewa.version
  2⤵
  PID:4567
- getprop ro.lewa.version
  2⤵
  PID:4567
- /system/bin/sh -c getprop ro.gn.gnromvernumber
  2⤵
  PID:4592
- getprop ro.gn.gnromvernumber
  2⤵
  PID:4592
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:4616
- getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:4616
- /system/bin/sh -c getprop ro.build.fingerprint
  2⤵
  PID:4642
- getprop ro.build.fingerprint
  2⤵
  PID:4642
- /system/bin/sh -c getprop ro.build.rom.id
  2⤵
  PID:4666
- getprop ro.build.rom.id
  2⤵
  PID:4666

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yuecai.haidaijiekuan/databases/bugly_db_legu

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.yuecai.haidaijiekuan/databases/bugly_db_legu-journal

Filesize
512B

MD5
241aaaf3960f2414e10635ebaa2bb86b

SHA1
6a280e513aa64aab772dc0470c75c9408e5b1697

SHA256
75b6e660d0c51a1db7f239aafb7f0928a110df5d2cf3b9f25c8a6d3eace33239

SHA512
e2bce88b554e873221c1a83323fd91e410073438cea03e262c1d65cd02be4a9f159d3249a94999fa4e9979e7837cc77acfb658a5dced04bba55926084055ee98

Download Submit
/data/data/com.yuecai.haidaijiekuan/databases/bugly_db_legu-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.yuecai.haidaijiekuan/databases/bugly_db_legu-wal

Filesize
92KB

MD5
5081725c7a4b26a6a45f8c356ff5aaf2

SHA1
540f9c7e17197e6d1add5d6392579c454a9d8a15

SHA256
b2f9cabc38e78a458d7a587dcff0c762c7396efc1e5605519b5a35a395e49dbb

SHA512
71738b8ec9c461be4ccef845901ef22c4e9d84d55d5cdb1883678ebf4d54de41adf10437b7cc22eb81c91cc7d9e32a4cca329528ba659562dbdea0909842a622

Download Submit
/data/data/com.yuecai.haidaijiekuan/tx_shell/libshellx-2.9.0.2.so

Filesize
117KB

MD5
4499e8eb481dde2716df92aa0225ced5

SHA1
0a6d5bfa0d42c2638cc3081f4cd6c06272e92a94

SHA256
d1ae2559b2cfe48d3fb199cfda3eee3e2237d7eeec0d88a7bba0692f7ce5a8b5

SHA512
4ea90e517b73214234b2b6c97a1e99b0204c44a3c31d891e244cde892eed4d00a33b86128df073d86a787070ed7b79008a312e647973d3599728a6dc4ee590c9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads