a22360f2058eeb9da65fa16f05e01095139bef3a2b1148aa1ecc0f467db0c4a6

Analysis

max time kernel
120s
max time network
151s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
10/03/2024, 08:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

be1d7b95c9c22a01fec4efe78fb16e1b.apk
Size

18.6MB
MD5

be1d7b95c9c22a01fec4efe78fb16e1b
SHA1

ffde47bfcd4f51b98700b62b91f62ee6674624b4
SHA256

a22360f2058eeb9da65fa16f05e01095139bef3a2b1148aa1ecc0f467db0c4a6
SHA512

1d6b08c11a97ac8db19ef85df5f52b174c8b567732c02963b6e551f7c4a21703dd3b8f483dc6f35109bb2f3b4454b538757175205f2205fd255d87dfc0c595c9
SSDEEP

393216:YKmqaLG6SzvDJxYZzjZlcT5MW5OlcT5MV5qhTAK+LWYIsCmdCgh:YOaS6SzzYlbC5MW5qC5MV5WTAfWYIf9e

Score

6^/10

discovery

Malware Config

Signatures

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 5 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.chengchenit.xddiy
Framework API call	javax.crypto.Cipher.doFinal	com.chengchenit.xddiy:pushservice
Framework API call	javax.crypto.Cipher.doFinal	com.chengchenit.xddiy:pushservice
Framework API call	javax.crypto.Cipher.doFinal	com.chengchenit.xddiy:pushservice
Framework API call	javax.crypto.Cipher.doFinal	com.chengchenit.xddiy:pushservice

com.chengchenit.xddiy
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4327

com.chengchenit.xddiy:pushservice
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4453

com.chengchenit.xddiy:pushservice
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4551

com.chengchenit.xddiy:pushservice
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4655

com.chengchenit.xddiy:pushservice
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4727

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.chengchenit.xddiy/databases/pushext.db-journal

Filesize
512B

MD5
1af0ed9705ef586eca1540da67aa0055

SHA1
54966babf51f16aeccf2e2150b39a4f5d648a71d

SHA256
fcc7f274c6f96582562c86f6faf236ae00e378f262b3b40be3bd9f5c3026486e

SHA512
cddef4e3260fa34f91578766190142d3405c68de9e89e8a568121f35c5aaf799ca6fb8ba75c17a5d4e51d61951bf2cfe6fed4a68be85c326ac3876ca1cf57eac

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushext.db-shm

Filesize
32KB

MD5
1c4274aa7a9a5cac8c6d1df71e4588c6

SHA1
abaecd685e01cc68801292e3dc7085654a22feba

SHA256
3f6cd5f480ae69859b7841450f3d032c528ba385ebf9f371b9c8fdc6eb4231be

SHA512
1adb95935798607bd36cedcd183924d3068f50097d017b278da7caee7771532b61ec3606f6189b6dec8426eb038fe40be75079ce35894b1a8e0d1d815261150c

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushext.db-shm

Filesize
28KB

MD5
670d8bc46551c40a1fb9ff8ec4b72092

SHA1
82253b089122b4d8c7ae61dbbeabd9d037ddd49c

SHA256
ca2684e4da544d08c906c70f147d8dbc91da3a7972d255e6a00e1c99419f78e2

SHA512
4977d35230c533e26162cb0e4da38345a23a87ff41510685e755a52152fc78d0b027e8e8942fe10ae28fe332b16bb9a7ba0c0644ec0efd635d579515c3d5df67

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushext.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushext.db-wal

Filesize
48KB

MD5
b1cf685e00bae694825e3695a852b5b6

SHA1
2a4f67ca2cb346b9b2a0865bce4682d3a9c1ea41

SHA256
bcb3480de495e747a4d617d8f1e04da451483995769e29105c4ecfd85113d326

SHA512
4fb1e937ed663b6f110b011b495a7a729992bbee38208541b391e76f5adc2964904955a80b7de9bbe67ce0faf047ce6e391204e251e0d5708d5d06501c1d600e

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushg.db-journal

Filesize
512B

MD5
7b860d36df8b8bd764aa0a26882bbf3b

SHA1
9a76e69f6322c80f43620b96d063e4a8bcfb6a78

SHA256
71266360f7b97e559db8b14b0ca9fccec2d64fcbea651d844eb2caad6a59a8bd

SHA512
1f0975cd50177aae03ffc6da6bf7740e7660ec59d1a8685d4004d8a7ce9d82ba66de4e02b5d4d744f44b04f2b7562a119885e022fa43445d2f834e3f867914dd

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushg.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushg.db-wal

Filesize
56KB

MD5
1e647415e9a8fff57dd1c516ba32f87b

SHA1
fcf6da651848594b8a680656a58a6caf0c816199

SHA256
47909896cbc5c6b3c9458e974d114011698d9939970f249c3fa430b1ac18c780

SHA512
a28080bf527305856512e002ad0982ff054e26ce93742eb7314dac8e34ff64340e7299ef86a2d3d40a456ecca2d0fd44b37293585e1e7bbfa348ca9627f9d6ca

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushg.db-wal

Filesize
68KB

MD5
538a678bcb03dc2af020ce20b3bd0d85

SHA1
47c8ed00b90469598042554961245a40fef3bf49

SHA256
8aedb10081516271419a826b77e0d8aab28f2409a0c018cb2f954698367735de

SHA512
6b419c75e804d8221d44c9b0a17c851b691910cd228fdcc3acb3efc656e2023cd93b81eac7f5877a6572b3c7294d4cd527b7aa6be74fdd39872dcb560f76687a

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushg.db-wal

Filesize
92KB

MD5
142b9383f5dc65dc3dfd48bae2371f10

SHA1
3ac78cd1187021a1d2f4443c21daa67a39b228cf

SHA256
fbac7a656a356279eb528d90504adfd682ae18753ce4f0c27df1b07ef5cfa987

SHA512
e1f34cd52f96a80e260a38a3cae898685217201462fbfe992e66f76ba77971f41d421d7d528acb959e3fb0ecd367ee0fe0e5c2500a6cd187c9af805372510449

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushsdk.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushsdk.db-journal

Filesize
512B

MD5
7acc859194be9ee944cd28838c1d547c

SHA1
09bc8e4045a505bb6d34dc823c27ed726338ecc2

SHA256
4d01d3a09e6f95986a0506d4fa1a17be5371ab1b932d080e487a62f38602db77

SHA512
8a920fd151de1eb1c18db046c1b5b76a60a7c86cffd018b497837230c541af1506ed9d4ef66a2516318011311a6ec4cb6b3a51f06c48b699e8f7db587e0b7f86

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushsdk.db-shm

Filesize
32KB

MD5
a1ff4513e7a5229ec5d58a551f8c2af5

SHA1
177a26f44560843b3e35ffde3cef214ea523c92e

SHA256
9a4acdcfe27dc7f0e472ea6ecf95b52d480ab74f397edd98b7b8e5163a0838b8

SHA512
7ee43cb588ffe6fb99e883a988c8f11eeae564352adb5b7613e5ade3092a6de57fade88919303a5d92e199d85a28bb939af38a04c00023fba7cdc629464c7a64

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushsdk.db-shm

Filesize
28KB

MD5
49ec0701a1a429754bb1dd63f3362de1

SHA1
02b84282b9fa9db61fe2ce01e15c7cbb91631b3e

SHA256
03b152b776f6d8a402e3e6c0ed0971ef1e82144bf3b0e88802216a00bce0e92c

SHA512
dda8edee131850c216ef4fee5550d6ef50dc1b1de1576b2b0ad592ba19c537372dbf9f2ee9900ff29d82d822c88360cd42b6f418785fb17d3b8502f9f867b085

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushsdk.db-shm

Filesize
28KB

MD5
d5700c9f617157a6c2bb4020f1afb9f4

SHA1
cdd77d45b86b5b8124a7ceee4e1e04f8091356af

SHA256
408ae6d6cab46a2a2e43a40c332683e53c81043b6c733dda0820a6b37a5bec75

SHA512
b785a84d9b028b3b4237efec7b860052544c2ce14976d45493485746189cd5d4c98fa65e33562875b45200a2eef1a48325b30f17d7029a3a5f046bc2d88e238c

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushsdk.db-wal

Filesize
96KB

MD5
8c333f8106aa65ece500de11b1922d75

SHA1
474d434906d794ddb08dc44961309305787b6f80

SHA256
d86b1b9d93e0d3d4a5f37fda5309b80fc9194a21fec0747ef7f5b702e2e51089

SHA512
0ed1f3531e76361ba395656daec012eee603eaee09c66933bba7f9d94ed1cf9c7bf5398651bfcf1169c3cd39817a39a85f1e0520680c3dc7d8c790ff4f08ba49

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushsdk.db-wal

Filesize
132KB

MD5
a4119b3283e305b7821a2adff579a2ee

SHA1
8e7fbfa41820423ea3d36b63ed5325cca11f5625

SHA256
55b5b34a99b49150db7c932c6f7bbc45ca29ccee0fc9fc966135646db93508a6

SHA512
39e0c4a3e0d68b5ff08d9b2d5426fe8859439ea491b6e8cd03c8bd8e4ab4ae111976e46282e7a3354e8fc2674eb176870ad1e9139ccfc08474c713eb1782448a

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushsdk.db-wal

Filesize
160KB

MD5
84bf59d15816b710d318568912689615

SHA1
874da46500b157cab08085741c13a6be94df32a5

SHA256
ad50e61e286c0b2dc8c8a07469d1bed143f72d922ca57a703877d6cd32d986b9

SHA512
c4e9bd604276d5de835ccf86d951159423bc3bc74829289247ce3091a4347934b0bf6eb70fb67320eea1cd9131e93007a8e97470cf97701ded4d47881b391608

Download Submit
/data/data/com.chengchenit.xddiy/databases/pushsdk.db-wal

Filesize
80KB

MD5
7afaaf2ae0b905cd9c76283f4202fa5b

SHA1
1130560f58ecd7d467475d8373a298e888ed9064

SHA256
19a3bf9bfac21f812444216fc56fe9cfbeef3351052f837ee067a05706329e09

SHA512
c177051047c9893007226025356072c7191cf85b8e10999bb96e877145e6263c9d6ff00ae1770f83b1025152c76f51bac03af748e849a3a839923f95f2b43ef5

Download Submit
/data/data/com.chengchenit.xddiy/files/cnc3ejE6/eje3cnc

Filesize
335B

MD5
585839d66722cfd02e40cb740cccb633

SHA1
374c19200fee201b26d0153487a281a934615884

SHA256
86a9bb4985cca6c9636c4fd071bef4b70ba7b3a5eb51af869a1299dc2b1574a8

SHA512
09bbe1bf1455861fd4732f2d1945c84bac34090906ac2fab75d144c22ffcf6bc585c8209e94a2b1919c8402df53966081a1af2993e12261ae4c4ac5568667d88

Download Submit
/data/data/com.chengchenit.xddiy/files/init_c1.pid

Filesize
32B

MD5
e0a0bb4d18f315b0f07b26e3ecad234b

SHA1
06dd19e4c8aac3540fe509852ded4fed726cc46b

SHA256
89ba87525f4656defc2590eb8700fd6237877c74af6facf68624f2c0cfe9c609

SHA512
9d15e0d0b2445805489b1413b512c173413155ab877ff4c4750ee813b52e5a660f9332efb6686a2e800abbf7ba4b6c9ebb247448e2202121f4406e703229a6a9

Download Submit
/data/data/com.chengchenit.xddiy/shared_prefs_ext/test_app

Filesize
24B

MD5
9d11407c5f833cf12f73ac0c842cfbfd

SHA1
7434150b6ef5131d68909b2ae1717b9a88808ffd

SHA256
a4e010c25f1be8d803be61b5e668bac638c867327d11ca6f17e1801e3e2b2908

SHA512
96ec84b69ed0699bce42e476f3516c0fa12551258ceedd8c7a76ce149ad587e13476a53754f16a8b2988dc8444469ec3f6043548f62627658dc2afb28a8a856a

Download Submit
/storage/emulated/0/.imei.txt

Filesize
32B

MD5
31484cbb99f00f0b012efa088426d79b

SHA1
ad165d5bf243473b1b3edd100f451a62f15ed711

SHA256
919c17efa153a344e25d2dad418487c5e79ae9ffe7a724274aeb866d8f0b7e7b

SHA512
8c22fbb96bd9c4ab89acc9abc2e858512560a50e85c15b0d558e187653fb9585b5054f9090527465628644957e8a7f7d0cc0bcfb570ef644a8272c84c7d51865

Download Submit
/storage/emulated/0/libs/com.chengchenit.xddiy.bin

Filesize
79B

MD5
7e151fe5626feec320fda6242e376f7c

SHA1
fda859812dd5405ce36b7e08291f46821eb73fcb

SHA256
8cafe2d58d2dba713b5ed158a7d94dc3ebb801d93ebb1ed53a473df24284454f

SHA512
9ed898aff7d57854f67279fd0faa30432d98065f3d69d84b657334c2f64bcc89ed4f06edf460fa135cc7669aec4550288e712dff89066c465ced9c586a00a372

Download Submit