fdfc98e0a5de5250d4691392506c651326f2335cf9a24711b9c7c837e548288b

Analysis

max time kernel
6s
max time network
147s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
12/03/2024, 10:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c3269d82e42fc019a0c7c8f8e56d81cc.apk
Size

9.9MB
MD5

c3269d82e42fc019a0c7c8f8e56d81cc
SHA1

2ec5dc948075b046fb1fa30d6be45b9db8d76016
SHA256

fdfc98e0a5de5250d4691392506c651326f2335cf9a24711b9c7c837e548288b
SHA512

32374d173f1e8b5f565f3fcc135b365b925dbdcbb99608f5cf83d1cc5aa874ae4964a813aeee3bff9fd628b3edfa4a2766ec21d67418537f0de70db64d868867
SSDEEP

196608:kjTsDa17HsGBseyfCrSJbPHGstK1G60pcGnGWU5XDtG0r:kjTkcHWeBybPH6/0GWk5

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.sportstouzhu.langxunwangluo/[email protected]	4554	com.sportstouzhu.langxunwangluo
/data/user/0/com.sportstouzhu.langxunwangluo/[email protected]!classes2.dex	4554	com.sportstouzhu.langxunwangluo

com.sportstouzhu.langxunwangluo
1⤵
- Loads dropped Dex/Jar
PID:4554

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sportstouzhu.langxunwangluo/files/.jglogs/.jg.di

Filesize
340B

MD5
5a46afd8e946b3a05ae4d0ad841a5607

SHA1
19ad5eb961339b84868d49ea24615f74ae31108f

SHA256
7f6b8299c87c09e8779e1bbe95905881340d392022a263ec890e0745e0dd4ccd

SHA512
61f0c32e240d7772e8a638f32d73cc967a6c7d1eee39b419b4bc7501ef0c5a59daa488c69a269eaef29020ce1a28b9d6050b1084573ede495d6c0da228d3f8cb

Download Submit
/data/data/com.sportstouzhu.langxunwangluo/files/.jglogs/.jg.ri

Filesize
314B

MD5
5e21608018916919f53b2eb7b97d644a

SHA1
e79d7068f6e9af119d6d758fbf0b77be0c3f73da

SHA256
e6f0541a6ab9e924b932084447423cf8809f119945498a9990b52c4e0156c0ba

SHA512
d5424ebc7b600a1e6c787e1c1ab007498ca0a66c9b91148dccc240bdb282491d853b0310e077de28e672fbef2d3a0a5231902238bf56cb71688ebfc717c94b2f

Download Submit
/data/data/com.sportstouzhu.langxunwangluo/files/.jiagu.lock

Filesize
27B

MD5
2e1ce225aff5be67d7e746e2085ec2c9

SHA1
7f218cb619dfdae9a4ef6d145ebf045f2a8f0366

SHA256
1cb9d73820084eef03e79cce88a2550e732074f413a5871a314c07944761d7d0

SHA512
e3a120ce2320a0048ed057a2ba64bf3462b793206e296a0a453dce59602b27281764f69ffce37327b6f96d4d5ef1ae87631561ba0d1317db97ef6537bf11a405

Download Submit
/data/user/0/com.sportstouzhu.langxunwangluo/.jiagu/classes.dex

Filesize
3.9MB

MD5
e88a8bdb1d4150e3a59e243e2992f4f3

SHA1
841ad6605692356e7900bfca9c5b505ddad7308b

SHA256
981455c9cfa13942ab9c6c47cd8f9ca329cdba870fb58fe0b11430379030f40b

SHA512
8c557df9e74d9036c7c4c142da26089e3098a9f65fd0f81e076136cc69309bab001c04ad2406071592e5873509303f6438e25971d4ec817c9ae750204832d04f

Download Submit
/data/user/0/com.sportstouzhu.langxunwangluo/.jiagu/libjiagu.so

Filesize
455KB

MD5
e5a53000766ebc433b27d6a66ec4f555

SHA1
2c8f53f1c03aec2005bcad67d731f07261dabde0

SHA256
78e4ea857f10c2df6c7b94f0584524b52ecc099ed29478fe3964037b8a86ed2e

SHA512
370a1cb93b14556ad861724f4e9995c9a4c6d37cf2d570f888d1c6000c66d27ac63496b0703361e9fc9bc7f309b7aa4407c5f339d186b0a5b72520d23d04b68d

Download Submit
/data/user/0/com.sportstouzhu.langxunwangluo/[email protected]

Filesize
6.4MB

MD5
8e33f95dda788ff3ca82deeeff61fbfc

SHA1
2f2552c77f11aa892759326019746770098e37e3

SHA256
7f8e294100a753baa721e7d888c04a816f7a37e3f087c242049d37f02cb216e9

SHA512
da5aa64267c7d77d7bcfc6191be7f15366edfeefeda7f482cd125965ccda5387dad6cb9ab30ad955f1a03178d4d1252322df3ec596385514726a12fd1be0ceb9

Download Submit
/data/user/0/com.sportstouzhu.langxunwangluo/[email protected]!classes2.dex

Filesize
668KB

MD5
a23ae1cfa177f586cfbe57d9293f63c2

SHA1
be851f6e857e3d2fc83341e6f3b1e36f1d3ef6db

SHA256
47c7603c0e6d62b729519bf5585e53099fee7060d2055afb2e0d317e5eb105ee

SHA512
d75a329d0018f3103025506eae36faa73a4cbbd47dcd6a37d3b69e972f8bc7ebcb900a3747368dd8ab86327f35de38b5341997160423d2ec86fbf6c0dbd7c2c6

Download Submit
/storage/emulated/0/360/.deviceId

Filesize
48B

MD5
4c4c5285293d5141f582aefa4e038669

SHA1
e01852a72e5a8e6f7d63a21426b515118196047b

SHA256
36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731

SHA512
097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Download Submit
/storage/emulated/0/360/.iddata

Filesize
32B

MD5
95ee96376724ee8b489571c95aa02f0f

SHA1
544b40cf7ff5167d69bd5c8fe9a40d70b9620fe7

SHA256
7aef36a7338d6c2571ef7a17ab899e45e38b1c37c7cf700d8fb4c66d11c60727

SHA512
3b34cf82bd3064fa57bdf0c3fe971ef255c6a058debc5e551a4f9932f6907468f12038db96a9c71af221bf9f77276d8bc093d943c9447fdb7469ddfdba3f38d7

Download Submit