dbd9211c6aaee007765d1fa6508dff5a5439722b566751b146e8d1181e739356

Analysis

max time kernel
10s
max time network
152s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
12-03-2024 19:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c421603949dc0fb582f55e227db2c35a.apk
Size

20.5MB
MD5

c421603949dc0fb582f55e227db2c35a
SHA1

0fbf8c0346262ab1352c2e21a0d34e357edc419a
SHA256

dbd9211c6aaee007765d1fa6508dff5a5439722b566751b146e8d1181e739356
SHA512

6fee3897153d44934e2c3805804212c0ec74fbe4afaa9184f830f3e87bbd622cac993fe37dabd309d4c230ee76dc4e114b9206033e0f7f940279d1aa9c6e0452
SSDEEP

393216:b061dgP4Rd8XgL8PKEiMLFpu025zYK6ACzQjbmfXOPW+4miZ5niim/ZgNEbftLYw:b/sPSOggPbBpun58yCcjaf+PW+4mAniz

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/com.mp.qiwei/mix.dex	4587	com.mp.qiwei
/data/data/com.mp.qiwei/mix.dex	4587	com.mp.qiwei

com.mp.qiwei
1⤵
- Loads dropped Dex/Jar
PID:4587

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mp.qiwei/mix.dex

Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit
/data/user/0/com.mp.qiwei/databases/bugly_db_legu

Filesize
20KB

MD5
29fa26fe86f66eafbd400a536083f9d1

SHA1
796e0d46866786a6cb0e24804444a50f4b719a05

SHA256
4535b1d52536a714ec222883e9e96af96dec21aa392cf31dd2e3bc629618ab54

SHA512
1a7129bee0527ab51c240492b7bd6ba54647426c1f8efe26ebff801dddb3ea3c2973594b59828efea48c5c3ea53240369c8501e36723ab0f9274604d20715615

Download Submit
/data/user/0/com.mp.qiwei/databases/bugly_db_legu-journal

Filesize
512B

MD5
3a71315ac5efc1fde5382c621584616e

SHA1
17db7e6cd00116f544c6cfc298416ae783d01504

SHA256
d8a05998ce57cbc3b11ffaac49729a34908d4b69b924cb4120d3caf60001f14b

SHA512
1a926d9c219add912b930204417c9e249809c5809c866f4edcc9564da2c336ea9cef263554863739c0cd9f7d116766a92bc5e891072c86c2c65ac65599ade712

Download Submit
/data/user/0/com.mp.qiwei/databases/bugly_db_legu-journal

Filesize
8KB

MD5
c388dff301ee3849830f8fe1024ee4b7

SHA1
5b2d111e7943b43d1a247d31c77819d1aac157a2

SHA256
fa8ffd94a9fc9ffb2650b4ab96e575d018ec7405af1e172caa867878ca39e368

SHA512
d5e29882252e2fdf2b306bad7b76a1761898e39c0120b4a7f7b6cd04d31664635ba3e0e43696ff8114d032d02ea79e42ed827ea2a5312edf885d1eea5b17fe03

Download Submit
/data/user/0/com.mp.qiwei/databases/bugly_db_legu-journal

Filesize
8KB

MD5
a60d91c7a69fefe82506a5a635079844

SHA1
a282aab4ba4da8b94a1410eda2571dc132993451

SHA256
bf8e7e8a327853042ef423cbb0ef0d4aee4498386469143ca784483d0df699d6

SHA512
27d42cdfa679354d7fd808a64376dca8ea146edf8ccb834c63727eed7d6c375696fe155b3f63316552c2e83ceb2cf985cab7b4f14903b8f8ec190a727a025559

Download Submit