abbc87fa1439c09814c13498d4423edabf23d42a5ed6a031f95993fbaac45763

Analysis

max time kernel
5s
max time network
148s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
08/03/2024, 00:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ba054617f90525ec6c02424633718bfa.apk
Size

3.4MB
MD5

ba054617f90525ec6c02424633718bfa
SHA1

7e4c4ba87061ebd6f2f547940dd6b79158c160fa
SHA256

abbc87fa1439c09814c13498d4423edabf23d42a5ed6a031f95993fbaac45763
SHA512

828dab834391606ffe90f3d39efa2cfbe02719f217fbc8931bf2c009b0ad66ebb8debe9414add47fdf4a59ad48d312adf00ab7e10f9c5a4e0fcea656f441de2a
SSDEEP

49152:hrlA+arKyM+2Pb2TBK7JXHlGSCzE7hAjusadV6sFTY1VKb0j3TBYhtqKI5t:lbCKR9mWXESCz++jusaT1uyb0jr3

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/com.qqzzs.apps/.jiagu/classes.dex	5036	com.qqzzs.apps

com.qqzzs.apps
1⤵
- Loads dropped Dex/Jar
PID:5036

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.qqzzs.apps/.jiagu/classes.dex

Filesize
2.8MB

MD5
c5ba68b07892bba8b0ad57b22fcd62d7

SHA1
d94816c11bfc367381f693574b4603fc67bff88a

SHA256
ff1d44386379ac1b596b109ca201668f40dac83287f7872bbc7814946ae8326c

SHA512
11f5c707aba6cbf346b190ac7b9f011a9b5402557c7f91a49df6f640f06ac332f561bdd7aec8839186d21877a73555161642c90e49e980acac4be37de263b42e

Download Submit
/data/data/com.qqzzs.apps/.jiagu/libjiagu.so

Filesize
562KB

MD5
d141f6661f27d70822c7021d752d8af6

SHA1
e545f7442dca4490cb67b745f6f13ed782b1971c

SHA256
e0313c66404c4fb7d023824265ae5a922079d422509d4b59c6fe45632c60146a

SHA512
0b2a4c540c077ed93561f249baa75a65344e75dbfaefdb3a68c0d653d79bb5152fcd42c13f34a87b09583f33f1a40231b4f31416b73c323859885374ca0667f6

Download Submit
/data/data/com.qqzzs.apps/.jiagu/libjiagu_64.so

Filesize
573KB

MD5
42abe73319c2521e0fbda052b9d5f1a8

SHA1
9ba99e9d00782c0cd94cfee590dc5f540c14c737

SHA256
7f33251c6ad0df0db7d313803a1339cd2ee1ce91f832fd7b0bbc651bed74d32a

SHA512
0a5362cd28aed0db67bbda3e12e8afa24ec0edd722df732d3b8c645c6351b1864909be9eb155da2ec195ae7d4c42e0bc0b1db083232cac82e39fa4c79dee1792

Download Submit
/data/data/com.qqzzs.apps/files/.jglogs/.cl

Filesize
32B

MD5
d562a11df02beeb52d645aa4f494c1a2

SHA1
24f391335e136535ec37690d641170814fcf25ff

SHA256
de88e6cfea3117994def70abb9c78cde8f12a548bdf4f76653532e9cce0ed782

SHA512
95f9e5ab4a91768fd8ec6cb53f30ea7b3dbcd07ad25f54bdae405bad9f0f06c06385502ae9e7dc5050845ef4cd8a681b5a7db6c07f1ccf12804e2077e4fc60af

Download Submit
/data/data/com.qqzzs.apps/files/.jglogs/.jg.ac

Filesize
32B

MD5
3b07adbf935b7c5ea1d30e37fff90a09

SHA1
a9e0e58eee56e73683331a63b52df2d082f53dc5

SHA256
fd9dd189f8719435402416f556fdcf078d645b0059966cb699f37ab7cd42f97a

SHA512
bd81133a7b9a2471e177a1dc3a910cc4e79a5b4b2e20e1f2462e19f75041f2d9264a623714ee2ba097c01a3b42629101f346bacbbe07593145850f226f890134

Download Submit
/data/data/com.qqzzs.apps/files/.jglogs/.jg.ic

Filesize
32B

MD5
23adbf4e7a687ae48a607303b62ea0b5

SHA1
872f301c09f61f1742b453ff909aff8d0aaca970

SHA256
3f3099ba39b84c8a4baa746b8143827b91e0d4cb0441d53fe932ecf97ef295e8

SHA512
2a937d5a12db71e27190863efeaaa9fb3a6460002fdff686065611cfa4e9bdedf6cdb58c63c4c34183e43cbd977cd63824d9371d77b30cfecc1f11736bd9ea83

Download Submit
/data/data/com.qqzzs.apps/files/.jglogs/.jg.rd

Filesize
32B

MD5
d0b49e0bec4f50049eae5092cba7cbdf

SHA1
71329e9103d48dd1a40294b7276e9f13a031f305

SHA256
8fd05057af3079d27a332af136f4759125859c2e0977bd749b60ffd58814c8bd

SHA512
9a0899c654ca8405b79a54bfbdc06ebfbbda60052b002680290f8a504a69f35bbf921f5b110f69a6632b1bf3c12510e4659ae99fb93cd802fac0207e383bab39

Download Submit
/data/data/com.qqzzs.apps/files/.jglogs/.jg.ri

Filesize
307B

MD5
5b3bcc0c1340ee2924fdeafddd296356

SHA1
024eeeacdd817b88bbd1d1dfaf796a9124107ce6

SHA256
f8379c92e9f3b50dd2b7e8ef2bbe2d43d19fb4bc7bb516909687ded849a13f20

SHA512
6b3d5c0b1366bd6affae38b89b3c1ffe2e692b3b0f0c28e6c866d0ea36cd60b0104c96c3434b6e8e775929dd9147195c2186f4ade5829157bd7be898efc9e6e5

Download Submit
/data/data/com.qqzzs.apps/files/.jglogs/.jg.ri

Filesize
314B

MD5
66c6049d2fc5637945bd4e0d9e849ee7

SHA1
03964e10f603836271376b81120cdb897f3a5afd

SHA256
2bf04b94daddb8006d5a108aa9c8c5134e8ae7a614a50428d212c01a89035050

SHA512
7c17ad3e19b1e4f27f767236da2f85ac7b08cacd63d5afffe4d0cbb5f7ecdb7f4ea3a204f6bd2986356c4c8a10c49f6fa5abd42d94c0885ddb9a4f792817c193

Download Submit
/data/data/com.qqzzs.apps/files/.jglogs/.jg.store.report_pid

Filesize
32B

MD5
b347618718512b6b20272c16dadb77a4

SHA1
c4bd8a0a205593ce92b828ffa36c75298fce917e

SHA256
082c28469638ba5bde6baec549b783cf0c26655612a675359df00ca7e1d806f9

SHA512
a3739ee044ff7e7fc6d567cbed4c3f84e5d64dc3685c3ad88abfed2d62c4aa0765611bc79bf2349d2ed0e817d1e19f5b46bc7ed05a7bc21ec23598680059339b

Download Submit
/data/data/com.qqzzs.apps/files/.jiagu.lock

Filesize
27B

MD5
0fb68066aadc4c98fda1120da9f77257

SHA1
dc57c84f5a2bb9a2ced7317143ec81a48745c44c

SHA256
c8c7d71729a20f5c6f0237d47da0c9a4f5d9f583493842f020c4be5d0662c8d2

SHA512
8d0a76a46199c6d8ca70a525b78d17a74a52cb54a5422acf4c0bfa471eaa001b12a545216b8ce194328281b64eee972f303fea94d23064f0186afb59972d4abd

Download Submit