b17fec8f357130122913624fa16dcb12442bdf3851a02b2aefe5593167636b2b

Analysis

max time kernel
11s
max time network
142s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
17/05/2024, 05:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

muzhiwanapp.apk
Size

6.8MB
MD5

25a12b3e3d69b621f16d6809d57e37ee
SHA1

7c3026ac9bef20aa6c274a0ae0b2894ed27a39c6
SHA256

63a4443e53422abf80dffa60c088c72921a4d839d4070613427d9165909ea7e6
SHA512

d04d3fd4fa2d0911f1831b29c5b3031cd45349f8b916a1400a1789751c341272edcdb37b20ba468f759962f1aa7da174a58ced8cfaab1ccefa27dba19b445b47
SSDEEP

196608:udfDsgl7Fo3HcMg5+knzUsd3wIm1vM4MY2oNs:eAKm3lO+kz7dg3oGs

Score

8^/10

discovery evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/sbin/su	sh

Queries information about running processes on the device 1 TTPs 3 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.muzhiwan.market:mult
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.muzhiwan.market:mzwlogservice
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.muzhiwan.market

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.muzhiwan.market

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.muzhiwan.market
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.muzhiwan.market:mult

com.muzhiwan.market
1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
PID:4315
- sh
  2⤵
  - Checks if the Android device is rooted.
  PID:4375

com.muzhiwan.market:mult
1⤵
- Queries information about running processes on the device
- Checks if the internet connection is available
PID:4352

com.muzhiwan.market:mzwlogservice
1⤵
- Queries information about running processes on the device
PID:4415

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.muzhiwan.market/databases/notes-db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.muzhiwan.market/databases/notes-db-journal

Filesize
512B

MD5
42b1dd572e4f6ba486a753a6e4470356

SHA1
0cc9dabb9d941466df1f35cb910e8e2112e9d1d1

SHA256
0b9c4e89f876552876e1d74b2dbf6a6ea6c891e0dbcb0ac061cdbc5534db1aef

SHA512
bb4c1d96a2eebe217fbc6e15fa198318d65d9ac2088115d7e7a3c2a69e397beffff69c8c0058954837556dc3d036914d14fbcbf2c8431dd06e850619ec3244b3

Download Submit
/data/data/com.muzhiwan.market/databases/notes-db-shm

Filesize
42KB

MD5
b626e94f40929769b55ff7899ba12cf8

SHA1
8c0dbc8c95493590c81ced5e5e8d8391bfd652ba

SHA256
dbc8dd59723655ac518d8c73b65a9323fb0b1c2de9f3999fef25c8cce9bace7c

SHA512
161e7bbc4702a11bdf87b11605f12522394d8d80c7fe33304744d654cf43eaf955f82e763f51b9b6722b1863eab29dfebac04c67dc926188e8d1515de80fd422

Download Submit
/data/data/com.muzhiwan.market/databases/notes-db-wal

Filesize
28KB

MD5
904060ce2117c81d7b31897096ac5c86

SHA1
617aa4618a3e87daeeeb48c909ae3670a1094aaa

SHA256
ad39eb464f1554f5fcf67fbb3a7615b1735e89acf0e288843551a391fcd99ccb

SHA512
4216e80cdcd8c787a8df60dcf1b68d95ea592fb269083760ee9d5f85272887de042afa0e0d759188662a40d6ca73ea0e3338ff2ac63348ba2ab0bd5481f9ce90

Download Submit
/data/data/com.muzhiwan.market/files/install_file_dir

Filesize
4KB

MD5
c78a791f9d34fa117d217e438e7b3ce8

SHA1
fa4fdc4a79c8bfab96a6781807687ce1e48aed48

SHA256
77bb0f8e92ec297ec1e604a0fc989daccd30f6cbf1cced20266a8155aa00f107

SHA512
c35ea49fe2c053dd9af3c74af9f11fd034fef20b91e3bf10505a50ff2dadbd07cfa83f42662138a924c671d176b0c47a816ddc142332697131aad6dce29f9212

Download Submit
/data/data/com.muzhiwan.market/files/install_file_dir-journal

Filesize
32KB

MD5
b83cda124ff625034bc7501347b8a884

SHA1
799d6188096ca0f6f2328192a11a1dbb60bfe445

SHA256
600e1447d5bb16d61bd608dfc5de3818ee7505d8b7857e0623640febc2a61fee

SHA512
5557008326d2fb37a9f8ee75e04b69b1390a2ca2ec94ce3421f10112338acce64eef47a724bafb3a556d4ac4b324b3851486d6f5778367cddafbda43ee5afa46

Download Submit
/data/data/com.muzhiwan.market/files/install_file_dir-wal

Filesize
3KB

MD5
a4751b417ea67a896c192e3d8da014c9

SHA1
87cfece4b9a098130c0a7c07dc1facbf3565af22

SHA256
f7d8708315731618e8473533016b0f94bbb31ab61feb1be9260a110ea22468aa

SHA512
b55bc070ff19e24241f80f766819e491d79b1c37b33aab41aa9eadc8efa95360a0abc16c5a0d2ff0603ed3bf0ccd7798197ed308c2bb5d46a0ddd0c978de119c

Download Submit
/storage/emulated/0/data/.systemid

Filesize
59KB

MD5
1f78dbf021cc63edaf467200d58d07d0

SHA1
83311b2365856ded1844d9cef2b9b1c4addc58ed

SHA256
fea09ae5bbfb387d5ce84e49acf6ddd7ebc25cf643359f897844c7e9abfa2648

SHA512
2a59cb4fed707d6b5d78c789216bde76ab86cb76d7abfa6c7a4a4fdb7272d099eb3137a98b42a6c55bee4dc85ba664ccffe6ae05218b72eed39fa08739c57d54

Download Submit
/storage/emulated/0/data/.systemmac

Filesize
42KB

MD5
7bc525aa5cfd71cd4d2ad570fd72a906

SHA1
b411e1b345b5e9e4a0e4f603b46277278981e921

SHA256
14b68457395896d3ffe12b777f52fe2cc4182a6c9ba383555b12522c93657b00

SHA512
5f1973360665bdeb536d8dc2a9c5d2077990fbc6fd3653747de9d54c7032a776151f39986792ab57773623a143b2d65cfbb585aa53c823197485eba9e75c8e2f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads