Overview

overview

7

Static

static

6

ae220ac90b...bc.apk

android-9-x86

7

ae220ac90b...bc.apk

android-11-x64

7

Analysis

  • max time kernel
    9s
  • max time network
    136s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    29/02/2024, 08:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ae220ac90bbaa003532555f50786d7bc.apk

  • Size

    9.0MB

  • MD5

    ae220ac90bbaa003532555f50786d7bc

  • SHA1

    4898e0cbaf9dc4af5ce57025750d848617e85ef5

  • SHA256

    79c9c735d362d95c834e4739752f027085be6a79e8bfc14eb61560de10a0b680

  • SHA512

    63119317c75e8f4dc353cb4cac1d4dc002a05d99ab7792aa29b6132719d67fce080f22dd38bb2a86b43ca935c095904f5536d9094430f8d89a1fc2cf103896a2

  • SSDEEP

    196608:3ydjKK8vxSDlHcKyh1wc2OguplZYC/A36an+wCCQpIMeE:3cN8UVwpguplFAKan+wCCQ7eE

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 6 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.forward.pioneer
    1⤵
    • Loads dropped Dex/Jar
    PID:4234
    • chmod 755 /data/data/com.forward.pioneer/.jiagu/libjiagu.so
      2⤵
        PID:4264
      • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.forward.pioneer/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.forward.pioneer/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
        2⤵
        • Loads dropped Dex/Jar
        PID:4290

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.forward.pioneer/.jiagu/classes.dex
      Filesize

      1.2MB

      MD5

      fb494a0630ecd60a1b11736fb6859a0e

      SHA1

      d7cfbfadae1d17efeeec6dfa7b126a39b2277078

      SHA256

      2dd90bcf37117c8ba768249f1db181d291bcfb60e36c43a285f8846719d23201

      SHA512

      448cd04bc5dd71a0bbf9458e0233203a2ca75350cc9e5071addeb9b014fd9f4fa042d55c922e2786d0ee11bf529e72ad463a9f3b78f575051d8e0d3615b87188

      Download Submit

    • /data/data/com.forward.pioneer/.jiagu/classes.dex
      Filesize

      5.5MB

      MD5

      26b681649474449cc5f522eef9e07218

      SHA1

      509a8715a381ccfa21df3b5f5c098186be2691e2

      SHA256

      b50b681d0d28f3c0b4ef82fd7a66e92136626ed05c397ef31f881bfa969dc32b

      SHA512

      afa9ac458d2867ff7df765400124ccb1ce2acae92c643cdcb37b21feced403bc0104c54a04a8ec0aa6a78741afa85bf5191f962044ef0bfa187721940ee28bf2

      Download Submit

    • /data/data/com.forward.pioneer/.jiagu/classes.dex!classes2.dex
      Filesize

      6.6MB

      MD5

      3de4d57cca239159b252d71a977bb5af

      SHA1

      9ae2a8fce85793db844e62818048e12cc2aed2a2

      SHA256

      3ae1fd0c3a318897a6074d8f80061f22d054999296a2d433ba295b681eb17db1

      SHA512

      4a4ce1e641131e227f806194e617ad1fd8e051ac6201257e4f86c663580a4fcfbc0ce85db7ad376001d01ae20c40b43dbc4256503e6e23e64adeb8305a337ef2

      Download Submit

    • /data/data/com.forward.pioneer/.jiagu/classes.dex!classes3.dex
      Filesize

      1.9MB

      MD5

      79a4dd0f2f6cddf967b37dfe34715fc6

      SHA1

      69e25b7915fb47551f4d813b2d096308acdea82d

      SHA256

      229f5d9556a2eb74ba2661503329591fe5a129468def0ae41ed66998db531a6f

      SHA512

      4cf2818f99bb377cd8a06067a26740b87ccf861d814414e8119427eb11eef1fcd751cef8192262c72658548b1f30eae1d50ddb3c0d87f1b8516885be74a6ecfc

      Download Submit

    • /data/data/com.forward.pioneer/.jiagu/libjiagu.so
      Filesize

      446KB

      MD5

      8f55d5deb281d8aa1a0b9f72f7185e58

      SHA1

      5ce262af6a74a11931bf4b1e92a59b9acab27f37

      SHA256

      b57aa883bd4a8241fe2ebbeec0988614da1ad453f5784f3439335a6f800c7944

      SHA512

      4d74f007dc4a19ac3a8ae3434f06d2509397301c0a9b0288475280801c8907ce48248459436416fb14fc5a3a6ce790d680b6b9c95d35afc49c2f0639199b56f6

      Download Submit

    • /data/data/com.forward.pioneer/.jiagu/tmp.dex
      Filesize

      284B

      MD5

      f1771b68f5f9b168b79ff59ae2daabe4

      SHA1

      0df6a835559f5c99670214a12700e7d8c28e5a42

      SHA256

      9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

      SHA512

      dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

      Download Submit

    • /data/data/com.forward.pioneer/app_crashrecord/1002
      Filesize

      229B

      MD5

      a241f099f97b74a151e413bafda86488

      SHA1

      1793fe75d4d0ae5421e5fd1c0a7315e3893f11b4

      SHA256

      3ab5ebdd181466bc98946fc8797fa36ba32ef02dc8c07908379d8c72c24bd2d2

      SHA512

      ad2b4e82043f7db13b91de023ea937adad8d94e5237e19f395c94ac5845edf3d144a0a0258609a099e1692b80b876563a5836c9cef5f61a3a21c0c13f01abda9

      Download Submit

    • /data/data/com.forward.pioneer/app_crashrecord/1004
      Filesize

      229B

      MD5

      5a70e4a515bb2656b0caaba9ee7d811b

      SHA1

      e01b3ba157bab9dc9c4b3e284f89b31f83f147cd

      SHA256

      68dfca759049308576f8966ff80a0ccd08bf335c509ac3b07b00dda33dfc6677

      SHA512

      bbb2b366e3c48d5cba415bc0eaa5c58d48424040e7bf82179d67707bc5b58ea5ca1ae1c9981bee60c356574530e2bdfbead5729d0549eee3a6ae9fbf6cc86f23

      Download Submit

    • /data/data/com.forward.pioneer/app_crashrecord/1004
      Filesize

      58B

      MD5

      0d210bfb2a0e1f1b4c082a6a0f79de07

      SHA1

      bb8ed9e364db79d1d9f2fcde3f15091893222faa

      SHA256

      988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

      SHA512

      536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

      Download Submit

    • /data/data/com.forward.pioneer/databases/bugly_db_
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.forward.pioneer/databases/bugly_db_-journal
      Filesize

      512B

      MD5

      3ecaa622557155039457a7f70b2cd888

      SHA1

      50185f5275681e69d1966a249695dede04999486

      SHA256

      a72898cb688a27f09053152e93548ca813719f038442cd67c77df8b6a8730937

      SHA512

      bf2ca86c68f13928bc5b21367eb30edfd6ceef08ad4e37d10c3e3c46790c7e6cda9f3e7bddbad5099f216093105aff0b2c8240b5698af178a77c16c2a39bdba3

      Download Submit

    • /data/data/com.forward.pioneer/databases/bugly_db_-wal
      Filesize

      16KB

      MD5

      e9da89c8b0e664eb5884c7ef783bcfbc

      SHA1

      1c56908723c650dfb00cf8f1721dab5d85d1c641

      SHA256

      c9f7f9d03e04f965ba429f7d424c2783f94ee3378ee30f5c53ff274400856c27

      SHA512

      62c743ea8572dd9825474b7d24c06a84f5db62667a5746a052f2dfc72b6373b56a10d5e01ba374b338def140f35ee7668d5f5008a7798b5dfa580006851f2b8b

      Download Submit

    • /data/data/com.forward.pioneer/files/.jglogs/.jg.di
      Filesize

      340B

      MD5

      d99a265f87c578cf228ac3e0f6b9ea85

      SHA1

      70bfc28bccc0c6b6daa38b9c19a4a01e6dca37be

      SHA256

      be2f9f2a9b76ab9801d07e0a196bd52a3f86cb7ce45f35b7442f5354966b8edb

      SHA512

      ef4fcc83d105419db3b60b8dd273826982c3528758ea39bbe0808a9ce4641fc5a8568a8bd9ec33d34756e8906dfd17c4c193016742999d14240b5a071ffd3915

      Download Submit

    • /data/data/com.forward.pioneer/files/.jglogs/.jg.ri
      Filesize

      314B

      MD5

      bdb8a55077f53cc738f83347046e77cd

      SHA1

      aaeb720aa5eea79ce0f29dd7bd6183ee279bf63a

      SHA256

      09028d0c451bdec47e3347e532f007613b278e158c17f54fdf36328a86305f9d

      SHA512

      ce69c373a5c0ed78177c95b6b0cefa5188617e59e23e4d50c28e3ce08e80027c1698fe10a5ff2fb3a828d85bf163b2d429488fe3e32ac213b195c246e7efe077

      Download Submit

    • /data/data/com.forward.pioneer/files/.jiagu.lock
      Filesize

      27B

      MD5

      b0c323bcb00f5bbb90536d3aa7b503f6

      SHA1

      f8c55713e49d1e8c381a52720832ac4e7958805a

      SHA256

      d07655ec22be222fcb4aa987c61b34f14acb04840a4b053157e02a84110dc9a4

      SHA512

      aad6e259c481dc9150d21b5928972caec6bccaf0e2c75891186bb4512053ea2dd633273f82ab6cfcf371dbc4fd874a0cd8b00e43affc4e6297e0460f2f7c7fce

      Download Submit

    • /storage/emulated/0/360/.deviceId
      Filesize

      48B

      MD5

      1d8d16c4e3b19ebf18988530d9b9a757

      SHA1

      bc94c1cce05cd848a53271ecb9c5311e27ffebf5

      SHA256

      abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

      SHA512

      4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

      Download Submit

    • /storage/emulated/0/360/.iddata
      Filesize

      32B

      MD5

      6025c78fc6c4b7f2414ecb808f757b95

      SHA1

      0e473fec15be9a86121c12844da76f9ecc4af20d

      SHA256

      aab501a6b1954ef672924b704bcb2cbac2cf21346179638a352a9c1779bed6ab

      SHA512

      f6f68acbe218972084bef32f08be4effbe4a2cc2c695af14bd930eb19b01cd57f7b5ddb3d797d1fddc10818e679fee13c57cf25204571f885cf99199c906b1c1

      Download Submit