8b01c91af75ebb92748be35b517df12dc28a159d1aa4a8e7047d1e45a8bee48e

Analysis

max time kernel
151s
max time network
135s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
12-03-2024 02:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c240032f0acd2da82ee94befcb95a36e.apk
Size

3.1MB
MD5

c240032f0acd2da82ee94befcb95a36e
SHA1

3a790a426ecb143faca48b958d1a84e844755f7d
SHA256

8b01c91af75ebb92748be35b517df12dc28a159d1aa4a8e7047d1e45a8bee48e
SHA512

fe4f41c8eed1610da48420ef5e7556fe2c647ec12b52e94be373c4553fe1ee66fa30afcd1c954e4632c493e02f046273113a1f17a6e751d27b6352688a345c8e
SSDEEP

98304:+fm2jrKkyfO1E0+B8hYHrK1trm21TlRQi:+fm2fKku6aSWrYjR

Score

6^/10

discovery

Malware Config

Signatures

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gwyExam

com.gwyExam
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4242

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gwyExam/databases/exam.db

Filesize
548KB

MD5
a7571beed4cd1d556e50c242544f3352

SHA1
e16f9dee84c5997b2393fdec923b5af3ac70a1f5

SHA256
666446cd049558133713003e64777e9323ca5b2b1737f3c9be7e25c506dc73e1

SHA512
7b07d8a2eaee2ab4bccb3ef9564cf00fff7b1c7ae4b1ad28bc98a7ef658c839ef571721feaba2f85d67e9b3e9c95282aa6087fd019353eff838ef0270eb93a19

Download Submit
/data/data/com.gwyExam/databases/exam.db

Filesize
1024B

MD5
6d0554f78edfd4499da50a7d5306341e

SHA1
e64331ae73c753757b77ab9b893031142fb34f6b

SHA256
9298b3940d9c2a57a65f58693a0533e9ddeeed3be8209a74da724effc55b44f9

SHA512
d981c10b7422369632ce5a8d828378b6e6388f0e19f17edb1a3d37f613b46875aeaf24ce9476649df167f13de73c72b13a1a169f9027f6e45cafe2d7204e132d

Download Submit
/data/data/com.gwyExam/databases/exam.db-journal

Filesize
1KB

MD5
88fd01cdcc2b8b6faf1b4ef1bd458add

SHA1
c1c61c6cc48a07d9e7268cde0ba2d5d6b2c74a1b

SHA256
e542bd233b9fb2837d1a2c74e401352aebd75254cda159109125931f0d843c29

SHA512
9b4bcb180d0f48be6e8f3b16b20b0abbd0899fe706bc0eb59a3aca1ebf7f241ddc291bc53a3f8816b302de6ad3773cb5643da05a046a6aaca589130a02be28cc

Download Submit
/data/data/com.gwyExam/databases/exam.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.gwyExam/databases/exam.db-wal

Filesize
6KB

MD5
b5341f0e894f86078510f73088114ffe

SHA1
3af0d798fe5f9c0c913fa1a6d6973bc99fb15e0a

SHA256
4609e8b59da4999186936ce39f63b44ac2e52ad1439feffd17807f934256d666

SHA512
f252eb0b4971bcacce437be4135edef7ed76e8280f158ce19433977a272c366dc4e1b346038420267b8642fb173cc122ea79ea6d9c81e720252c8bb94e3488b2

Download Submit
/data/data/com.gwyExam/files/dianjin_sdk.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.gwyExam/files/dianjin_sdk.db-journal

Filesize
512B

MD5
622f837d1e5b69c75f96af060ede43c7

SHA1
3e9a62c73c16c541ee438eff15ac9bbfdaf0525a

SHA256
44cbaa7f97ea7445c04280f54eaa060cbc90b459fe185bc89d1dc300c1f8ca6e

SHA512
a0d96ff833540808fc48afb648591a373a978e24f6b11818d12355076fbfb05d1690244eca0e64e90014b73dbc44600c69cc8e0e50dc7af09959c7a08232fb7b

Download Submit
/data/data/com.gwyExam/files/dianjin_sdk.db-wal

Filesize
72KB

MD5
48503e1c5ac074492c5fd27f98c757a2

SHA1
799e409eeb3f140c08d9051fa998a05a4ca81f33

SHA256
41998fc1a458707321603c6f3584ebb5c78f095201890ea694f0f6d280570b09

SHA512
49c1c59ba1e3f0dd4e7eb3245466035e36dbd5e64da5523ed01847d8034970d5626952c07dd2378f40f95b1e5e1c213b359834c31ef22b4617256a3693262d0c

Download Submit
/storage/emulated/0/.tid

Filesize
33B

MD5
ac546955cea957d3719c38be5ceeb39d

SHA1
1ebf01062f33fee6e1a5ca9fb4bf8013dbcfa916

SHA256
e68e0e571f1c4c169475d0275d3750ea71aee59c96dcfb4d53c8a08ff6df4353

SHA512
c17ce88500da557bf3a93357cd9ae261b09ff2de248a957fd937aa49445832ea9c14921e5b56a2154b022dcdd3ce99c24ea890ff66d8b0326bb290fbc2877622

Download Submit