Analysis
-
max time kernel
139s -
max time network
168s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
-
submitted
27-04-2024 22:27
General
-
Target
muzhiwanapp.apk
-
Size
6.7MB
-
MD5
f166fff17a539f053550965c87c42054
-
SHA1
8be071793576b6e324db218f02a017439fe826a3
-
SHA256
efa8e431c5d5b3bda3cfc0da4392d14ef447643412bbea22536a155c7aae82b4
-
SHA512
26869689b5a58e52e63d95b07cf04f560c4580e9bd408a432a61acace492201ffe93cb7e4166a360530eff8fa3827ae0df83ee43e30daa7f670010d59a8bab8a
-
SSDEEP
98304:thCSkJBDmTuhW+7eF0JUQ4KMB6NQP4WfxRENHpxPOJHMMC1dh4Zadvtvc8Y6dtR3:nru6wUQMBj4WfOHp+HPC1z4mkKdYIx
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device 1 TTPs 3 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 2 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
Processes
-
com.muzhiwan.market1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
-
com.muzhiwan.market:mult1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
-
com.muzhiwan.market:mzwlogservice1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.muzhiwan.market/data/mzw.apkFilesize
17KB
MD5e65188742e10046597a4c648d045699b
SHA137b2f1e3e89d3b0d8683737ccae2ee725e82a312
SHA256d0990058e5204d1a1bde2eff40893cb49d1e8972ee9b7e1b03ae35ac3cd5df8b
SHA5123859b177492c74ec9448f7c57cf37beb7c747dca9580125cbd7c2e1f3a7761a3736072b1ec2ee14fa1f844f13df4163aa167b5cb9010e7e7fd00b2724553d481
-
/data/data/com.muzhiwan.market/databases/notes-dbFilesize
16KB
MD52667900bf3b5ab90121d0a3ff8ade390
SHA1d82120444613139e2f4547f2872aa2c95ed9dbf5
SHA256bddb108ff2c0d509cd953c8dfb2b7c4e838d205291a4da8ab6c65cb98986416e
SHA51203db7a94d3760f47c9546e3c033647e853a984385e871d46d056509b8812422a2a3389551c30ec5a9360cebb5e1786315c6891611638c60642d3107dfd8006c3
-
/data/data/com.muzhiwan.market/databases/notes-db-journalFilesize
42KB
MD5c04d422c5a4bf58a127bbf2bf014965c
SHA13b1f3f4ad21fe0febe567e5a56996a7e61658cf9
SHA2567a28fd857e1283e351d37931cc6e23cd6de5ad2fd4d3d23337a6f162b07f3978
SHA5126cb2768a8344e3da470472ea906b5be2e33a24384efe35cdc3c0b0c24351c3b34444a4d2d6a9e21c48927b85554aaa3904fb0361071c0711841565222253e0a8
-
/data/data/com.muzhiwan.market/databases/notes-db-journalFilesize
59KB
MD5b2a8fd2dba92c8f75869f79c70d441da
SHA1faaf88b3c3653fc205a3a125ccb77fbc87b76215
SHA2562514431fe50d909ac1385e07341ed8878b5f2400df151df5a43a59b98a31ea02
SHA512a66893a5bb935dfefdc12ea32c2407cf9d8d040ff82852b415c599beb94d002ce77ec15bbac3f78ae6758a8c7f5e83c799ad84fb8ce2e6763da88a9bb20aa7b6
-
/data/data/com.muzhiwan.market/databases/notes-db-journalFilesize
8KB
MD54e2b68d3478e394e1fc0846ffa81f9e5
SHA164ffdb449e76d17fa9c3463b4b458d6fffc154c9
SHA25601ab82a264d12832523c1575fd81d355833cec8c0c4b9e7410e48bc689d38757
SHA51284cc8530ba837bfef8c05b0b9925241fb78c69a99d2a0b55d2042deac5d114cd3645065ed30c74a9a17a509001bd1733866fe006ed194f3a7c9da52da0c90c2f
-
/data/data/com.muzhiwan.market/files/install_file_dir-journalFilesize
2KB
MD5e5bd8217635e5bcaa93f3547c4f21e82
SHA141b31760dd1f61e9a6c30cf7592f005973e54a2a
SHA2568a5b6be6c605b43ceb0f1fa7969bde434ec5450ef8c75e62ac59047d75c28c53
SHA512cfc16feb0f4e269fb5fd07c02928aaa9c15beaf1a91aacc350581c413ac5748cfd97bc3329820a104836df9c1b937daf9c7e0c92428a74eb2c82fa2ccbf40158
-
/storage/emulated/0/data/.push_deviceidFilesize
32B
MD5549c98a28b2b9306ee4fcaca9512e1aa
SHA10590baa6c0f171ea1fcf8debf9e180232788edbc
SHA256847ec036a16f29cee1fb6618728edbb995c96d40dd0e74e573c77a768ce1b50a
SHA512bdf111129005163ba97f3fbe7a8fc8e7d5e8a6f99f75c342bd3c8594ca321cb719c0d8aeb835a529823ee103be1313d9e5f75adaafb2f25fb305c0132015f0e6
-
/storage/emulated/0/data/.systemidFilesize
42KB
MD57bc525aa5cfd71cd4d2ad570fd72a906
SHA1b411e1b345b5e9e4a0e4f603b46277278981e921
SHA25614b68457395896d3ffe12b777f52fe2cc4182a6c9ba383555b12522c93657b00
SHA5125f1973360665bdeb536d8dc2a9c5d2077990fbc6fd3653747de9d54c7032a776151f39986792ab57773623a143b2d65cfbb585aa53c823197485eba9e75c8e2f
-
/storage/emulated/0/data/.systemmacFilesize
1KB
MD551110ecbce5d198d21bbf3e1940fe761
SHA14de4d27a822570c8374c3b1878b22182768cef22
SHA2563b6ffaf28461a44ca4bcb4dbd0ede8a30fcda6775456e468c90a0a47a3a2bb50
SHA5127efdb979627c4b526553b25319eedcc2d7101eaaa580c85bfb63fb14af7b085cb8423426c17c90b5e8290563e6fcc4bf52b5f25fc07b7dba3ac71464b4e0c794