75c030d2922e7264b61dbba996c4597d8fff9c63a777426e46b006ce9ee75de1

Analysis

max time kernel
15s
max time network
88s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
14-03-2024 03:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c799047049214c20d16c45a7514008b0.apk
Size

14.2MB
MD5

c799047049214c20d16c45a7514008b0
SHA1

37eebc81ac34c42760c8cf8d11bcd989ae40d049
SHA256

75c030d2922e7264b61dbba996c4597d8fff9c63a777426e46b006ce9ee75de1
SHA512

07220b4c627dbb0182048a2977ae9b5e986b2ded48759d0cdb30d6b51834641bb326a20c1d5bd6d5acf63d9fdf788b6b2e5b047cff08eae2c0db33f5190db67e
SSDEEP

393216:FTt0N3ffQH3aVenRvEbXuON1s02ixmRmqvX/0xTS4Dzs5Cfq9ryAV:FTt0tfQXySdEbXz+02iIzX8pXACfAV

Score

4^/10

Malware Config

Signatures

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ftz.fzscjh

com.ftz.fzscjh
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4322
- /system/bin/sh -c getprop ro.board.platform
  2⤵
  PID:4355
- chmod 700 /data/user/0/com.ftz.fzscjh/tx_shell/libshellx-2.9.0.2.so
  2⤵
  PID:4375
- getprop ro.board.platform
  2⤵
  PID:4355
- /system/bin/sh -c type su
  2⤵
  PID:4402
- logcat -d -v threadtime
  2⤵
  PID:4439
- /system/bin/sh -c getprop ro.build.version.emui
  2⤵
  PID:4491
- getprop ro.build.version.emui
  2⤵
  PID:4491
- /system/bin/sh -c getprop ro.lenovo.series
  2⤵
  PID:4519
- getprop ro.lenovo.series
  2⤵
  PID:4519
- /system/bin/sh -c getprop ro.build.nubia.rom.name
  2⤵
  PID:4544
- getprop ro.build.nubia.rom.name
  2⤵
  PID:4544
- /system/bin/sh -c getprop ro.meizu.product.model
  2⤵
  PID:4568
- getprop ro.meizu.product.model
  2⤵
  PID:4568
- /system/bin/sh -c getprop ro.build.version.opporom
  2⤵
  PID:4594
- getprop ro.build.version.opporom
  2⤵
  PID:4594
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
  2⤵
  PID:4618
- getprop ro.vivo.os.build.display.id
  2⤵
  PID:4618
- /system/bin/sh -c getprop ro.aa.romver
  2⤵
  PID:4643
- getprop ro.aa.romver
  2⤵
  PID:4643
- /system/bin/sh -c getprop ro.lewa.version
  2⤵
  PID:4668
- getprop ro.lewa.version
  2⤵
  PID:4668
- /system/bin/sh -c getprop ro.gn.gnromvernumber
  2⤵
  PID:4696
- getprop ro.gn.gnromvernumber
  2⤵
  PID:4696
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:4720
- getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:4720
- /system/bin/sh -c getprop ro.build.fingerprint
  2⤵
  PID:4746
- getprop ro.build.fingerprint
  2⤵
  PID:4746
- /system/bin/sh -c getprop ro.build.rom.id
  2⤵
  PID:4772
- getprop ro.build.rom.id
  2⤵
  PID:4772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ftz.fzscjh/databases/bugly_db_legu

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.ftz.fzscjh/databases/bugly_db_legu-journal

Filesize
512B

MD5
a2d2c79d172a0be9d5dca9efa88583a4

SHA1
28efffb8610a77b16608aa4ad7de7f7f9b49fc16

SHA256
a24660b53432ff4c3dce48cea100428c6e0b5f3e33875a8cc130694e095585cf

SHA512
03eb52a9553b4eda2a89ee85cc3f002618fafea1b820524ace9e54caa62f8bdc07d9cbbe388c95229d4747eedc68f741d369e87622a5d66efe0d07a0deda2860

Download Submit
/data/data/com.ftz.fzscjh/databases/bugly_db_legu-wal

Filesize
72KB

MD5
c5f8e0e3f0e32daa79fa1b9ce2a6069a

SHA1
52844846c8b8f10d07c3a1e852b6bc62f7462710

SHA256
c44a19cb9b4d27bf38ea3bb8bf8896300aee0a9b16a58766244baf9a4a5b45d4

SHA512
0580013cfc8c525f85b7eae9b3c50778f3d86bbb3f12fe2be94cb7f72adcf135e841d60553c21d59b521fa72163889909f29f63053cf491203cd3dde09fa4df6

Download Submit
/data/data/com.ftz.fzscjh/tx_shell/libshellx-2.9.0.2.so

Filesize
62KB

MD5
fdf95039b77b0a95d537c77d218fe237

SHA1
9f35877d895fd5e1694d38f6405f7bb0b48149cf

SHA256
06770917a01b5c40a24f9a7313bd4ebae5517bffaf791465a61a3096223c2f16

SHA512
1a792bf4537b8210b090ada6c3b9d8689d0131963032e784cab7e9162ef4cf234f7557147400e532c343c3c9b29418c1a16016959311087fe0c9a7b2c0862d07

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads