c152018e118e7c2491f16cf9eb51696dc6afd9afa2d695ff4ade452dc65bde91

Analysis

max time kernel
143s
max time network
160s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
18-03-2024 15:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d3e1542b72682590a669ad24789a6f51.apk
Size

19.2MB
MD5

d3e1542b72682590a669ad24789a6f51
SHA1

f32a91e3488fc823f8803603c13aef6da0744274
SHA256

c152018e118e7c2491f16cf9eb51696dc6afd9afa2d695ff4ade452dc65bde91
SHA512

4cd0b8101c894d0237f26dd2e763820ad213d3734b82351294332a046bdda8d9199da2d775a825c123e4159383f71c2262a260daf76088d7b5145662bed57877
SSDEEP

393216:gZ8dmdNdldKdgdOdXdmd1dvsGMtQdgwrbsXGMWH470ylDMAWZARQ5+k3mo:gZMubzqI2NuD0LudR3MWH+RlIeCBmo

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 2 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	cn.com.educloud.ui:pushservice
Framework service call	android.os.IPowerManager.acquireWakeLock	cn.com.educloud.ui

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

cn.com.educloud.ui
1⤵
- Acquires the wake lock
PID:4584

cn.com.educloud.ui:ipc
1⤵
PID:4624

io.rong.push
1⤵
PID:4657

cn.com.educloud.ui:pushservice
1⤵
- Acquires the wake lock
PID:4689

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/cn.com.educloud.ui/databases/pushsdk.db

Filesize
44KB

MD5
e0ee5aa7421630a33de23c92abc4d3be

SHA1
281e849ebeee3ac5259971d05594a8dc4160c888

SHA256
e51e1f22e6984a84da4bfc7a936bef49c2b2c63ccb64c216e2d722950b2805b3

SHA512
2b1b54ed4eec5032c696ce897bd3f26a41404cc7d09d0608b307d3acc16db68983679a1ef335c82c0f19df7d104eb30c452d0b904fc8eaa020a5e416f67e5526

Download Submit
/data/user/0/cn.com.educloud.ui/databases/pushsdk.db-journal

Filesize
512B

MD5
ad103a335b6adcd7be69df2997b67fbd

SHA1
05e7737bfa04eda369cc5a0de03f840739b75269

SHA256
25c8cfc6d9d14acc5d46264f4d090df623b79f68c41f2b0d3ab89122e6459325

SHA512
99062db1c41513513d05a073a0eb46d261db796f715545b2603ec3d3bc5ceb3eb6c511dd71565750d714b72c2c22aefe85e0116a4b3a15905452298df0d0ba7d

Download Submit
/data/user/0/cn.com.educloud.ui/databases/pushsdk.db-journal

Filesize
8KB

MD5
68fb0eb2ea81f3576f1403bfbb1c8359

SHA1
48f7234f2894878a077afb79558a837ca807c4d5

SHA256
0b68fba32e6891b7262f9145466dd4710baef4ea7630306d21b426ac54a864bc

SHA512
5a39e38a1d61febaa9e41c39d3d30b88b49e406240a6a4c433d00e808d5fa0f184a35b3adf4273f8501d3e1e06c78e610f591db6ca3a302f9d7f56412d705b60

Download Submit
/data/user/0/cn.com.educloud.ui/databases/pushsdk.db-journal

Filesize
8KB

MD5
ad89acacf17057e990102bec8d1b343b

SHA1
692cee0532a019cebe0b2147181c0237473dcc09

SHA256
46f84d5c6acf8ba7796f810ea3b7d54831b0b30898a3972a7342c71c926b8e50

SHA512
755935facdfd2597a7eb3057a637118ed46dc5fb3716b3b078ca6a2b4d23d721b7669acce6e4a685d8969356dcb6ad0b49ba930af86398b78ee379ee3dde9f2c

Download Submit
/data/user/0/cn.com.educloud.ui/databases/pushsdk.db-journal

Filesize
4KB

MD5
e6ffb72d092022fe3d4a77d61407e31e

SHA1
7810bd6c36d5efac21977d055fe50d7034edfd6d

SHA256
9ecf97f0a45d3e566c51d694550397abc882d3caec02e434cdae2fc535f1a1e1

SHA512
5bc54b201370a0ffc08a0e5cda707029ac32f9de15f72cc2cc138947fa0c9bdeedbd2850fc95c03e038c3b0397ca024b00f2446de658c63905317bf78b42f245

Download Submit
/data/user/0/cn.com.educloud.ui/databases/pushsdk.db-journal

Filesize
8KB

MD5
244a7af9d04d64f4f64111e91770304b

SHA1
cfb5cfe29acf3ef1bd0acea0c1d37d7ee3312140

SHA256
516f3785a02055facb3c8fe24d779b8eeec6060cfb38640d84805622d6e7c895

SHA512
1ff5e22a4af5e03392380c1ed5c693e92f89b29fdd1d0469406a2dc0641143839fc77dca1a8f8002b521baa072c7473a16c092c1dd3e6784599ca3bad13abaa6

Download Submit
/data/user/0/cn.com.educloud.ui/databases/pushsdk.db-journal

Filesize
12KB

MD5
3482622a498804b28b2da3a366afa72b

SHA1
61ae6387a79c8abcfad3001372179b4369aea5f0

SHA256
a982a2593614d397fa9e59f7d302a7b01578f65616e70616a83050e01a5f023b

SHA512
058f4f9bc151fff94139422ee9762e8054ee428bcd283326a9ed41efca1e1919f6332816bb8610398ab7abb7c63295a080b3acd58c006b71cef4c7659889bcdc

Download Submit
/storage/emulated/0/cn.com.educloud.ui/cache/image/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit