31e2f57c92941780cb8ea0114c07258aa7604f01cf333769fbbc80b68c246f29

Analysis

max time kernel
176s
max time network
194s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
22-05-2024 11:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

whzhyw_v1.0.7.apk
Size

12.3MB
MD5

80c4274b3c7c60d3d46bef18c2971229
SHA1

fef1980c05b587717ac2338cc264efe43b4e1cee
SHA256

31e2f57c92941780cb8ea0114c07258aa7604f01cf333769fbbc80b68c246f29
SHA512

883d30f021dab4f169336da071b29cbd087aa20f1bb290f32c62e6f9c076bbd9a7da85d88e14d9eecf623154ecbb8b8f0463a99ae4e7b2d63e114190cc4b5e37
SSDEEP

393216:odw6/n+iCfcQW6Ylr8lvWzvpmyqfNSyIkn+Fi:odnvfCJfYlQlv9y1hi

Score

7^/10

discovery impact persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.yunchen.whzhyw:pushservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.yunchen.whzhyw:pushservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.yunchen.whzhyw:pushservice

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw:pushservice

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

com.yunchen.whzhyw:pushservicecom.yunchen.whzhyw

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw:pushservice
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw

com.yunchen.whzhyw
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5181

com.yunchen.whzhyw:pushservice
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5275

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.yunchen.whzhyw/databases/cg.db
Filesize
20KB

MD5
23803e967f7fd2542307c8b8770592b7

SHA1
79c5fda4f5e41f897df7d572984f9dd071287adf

SHA256
2aa5e4eedb487f34c06920b52903ba8352823d152d544c3014785435ca76203d

SHA512
17fe55c4fc3274bb82749d9e890315c2eb32c1ea5f940b1fec97e8def7c38c3b83b86616c39346d332ba08f906b90c5aa10ed860da388c9538c5ce216ed20cb8

Download Submit
/data/data/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
512B

MD5
c4106c8caab402245501ecbe6b08e3c5

SHA1
ac4cb0a812cd5b2071ec9f4c71004dcd80645bf2

SHA256
f33adfc848cb916f81344a4712a899107d203b66e17997a6385b5ca7bc034171

SHA512
05b8e550459d375393fa2489c80588c01ddb9c71757ef156caef32e26d8a255c61f433a734c68061abc6065c2d9826203138bf5ee79095250ffb79325863cba9

Download Submit
/data/data/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
8KB

MD5
d61022e54fd863060f8524594e8f08af

SHA1
51d9bd679acb86203ffd2165cc479e0f6991ca52

SHA256
2e479683170cebc18d6c03e26d76fc62e2ec07c775a080036f5f3017c6e32400

SHA512
8b93313139cf016f992ad3aa315aa23ad90feef2a9fdbe812fbe4635e4975dec7264e1c6c016a72b9de06e0d00553cc2ef1de4d5ad3ff3db0a5558394e1c578e

Download Submit
/data/data/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
36KB

MD5
b65b5959e423ea8722a373a80e857acd

SHA1
4925285fb20cbb5b089c929c5d9e39228e82250d

SHA256
2a022178d279bad81caf2cf3f2adb74a0a0a65a4c6db0740010e03a91402e6a5

SHA512
44142e6cde31f9c3a4f2da921309f31efb8738799330ba387525ef224c5218d51ae93f7f3ce160d2cdb97c026f78fed08ba8e7357af2fe5cc81ba17bb5b7b07e

Download Submit
/data/data/com.yunchen.whzhyw/databases/dim.db
Filesize
20KB

MD5
d7142ac667a7004253bec8496cc02caa

SHA1
c961d396f1cedb3ba5301410b6ff7088306d5784

SHA256
18aff8385bc2417335531610d3d8fc65d0e9214638b9be87e60828c64f0f7f87

SHA512
c379503598b6bde0af3351b14a499d12727a3a4f5f2d618fa5cb242d44655dbeaa02ea5f00a62c01c16b3da1ddfab100fbce00db6c882beade4df58d4fe66af5

Download Submit
/data/data/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
512B

MD5
a29e3c4aaf0eef9384a4ed5baac5ab27

SHA1
651b326e9e8f161ee8429571fee1c5496a9f3393

SHA256
745207cd7484009d17c2c0ecd1117ac0ba5ced1dff61a7ed6c01d566754a01ae

SHA512
e1b602c0aab876fc83ce0e91638db938c9f006fc9d3a9e58678caa22b10252ef72ed9c40f51bc8ca2c18fc806ed25755011ee3da002a488147f2b26325cc5c64

Download Submit
/data/data/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
8KB

MD5
a7b4e1f43901353648c2b89e0ca9b941

SHA1
432181f257be0f43c0350278e83ae57fe7c18230

SHA256
e2d4dcb69a9e5507754bc07a02abbf974b19d5a153d7786749e50296915c0bd2

SHA512
76bcc799404f6407ee074e858e433efcfeac89538edf0454d2ad156a600fcae2bb45563ee89261c24f069008700b0bd024b67c2eface1dc4fff1e5d5be96a263

Download Submit
/data/data/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
8KB

MD5
331cccdd40b011d06816e8c83ff67854

SHA1
01714591306b82c36a16d2c9670f7cc4c52ef049

SHA256
95dc4d71cf949d94ba0b6cdbdd0f6b98ee4102d17ec83e3eb7230959fda1cb9c

SHA512
d6289797cc1f7466fd331cb67e9b218793fda1aeb4b03a0c492f4159bd776256d03881d63f6d20eb7b4e6bae614ce5f70f33b437f4902fac38368c8778bee518

Download Submit
/data/data/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
303b33f7523b4ff2b59d9267361280f0

SHA1
0396b6c5537b9eee0814d0fcd1d5df7b4ffe5c01

SHA256
2f8461fdee8bdf8cbe552c835be5717f5a455af05a4f65e9bb2dcdf86892b786

SHA512
d9fae39193b70153767b9fb977a30081cb2613b54ffe0d1cae9d36310201883c62d379676e5e91fb1aed2e96968abd5ebb5e1b959223496f400f045383167581

Download Submit
/data/data/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
97e9ca19ca60d48f36fe28f3964b9d4d

SHA1
dbdd970e468ac1c26eb49a4afc49f4b27b6efbd2

SHA256
4ed96368612944443dc1e9d4ecab8d122995ec45d2855358307b01d875251689

SHA512
4b22ecf760170f863525f93fa7bcdcd0a671cde2cfbbb31ef67656b0415a26bfc03c5656338ec54c6c31e462cf132985ca86e66f6e37e48b3bd593462b87b4c0

Download Submit
/data/data/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
471e4cc0c071619ef0de14152247cacb

SHA1
19bf0b6183040ba792298bb2ec1bcd94783ef4ec

SHA256
8a7614f13781f0bc24674fbb6739218b05ac2322072daac904a08639f9ce4a30

SHA512
771a5d1eea0d77b4b11b97bc35a730321ec054e9f99555bbe3a1793faae8681ff08b3b6b057b50ef4dfc58c669974a41518b3d0ccaed71e53cf691ed9b1cbbaf

Download Submit
/data/data/com.yunchen.whzhyw/databases/gtc3.db
Filesize
36KB

MD5
b69966ef636e99994f62a024eed9bc1e

SHA1
b384fb1226173ce606ab1d8bee7aafd3ed21f08a

SHA256
d28956b64174b6faf3e1c9942d76698edd504245bff355d3592964a6db0db662

SHA512
88e3d4d3ebe73fee5c3d0a0a7474fab293b00c8004f5bbdf132e937bb224c7b01c32e52065587bd5c20cd5fc154f104476a60bdfbed9edeb470114766baa1631

Download Submit
/data/data/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
604de8ee711b7770a8e394b9d1bddf53

SHA1
5b301f33fc6aba8e5eca1dc3ef83c3bbdab7bbee

SHA256
43ebaee6499aa1c3205002a2101d942f49545b0240e2947872d102254e0deb4b

SHA512
cfdf18f3eb3baecdc361e3bb0c93883ce52c0fd0866714dca7ff972ede5d69e2b134bfd10d8258560f4113321fa8f09824dbc1c71f28cfc9d18150dc420372d4

Download Submit
/data/data/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
f7da43f25969fa85826a346410da0481

SHA1
a0cc94c360aec63e8bdd44f0feefaad292b28729

SHA256
27c40b3261a68421f03f025acf5bc6b49320b33a93d1b5060e08b7c54ac8db13

SHA512
7cbcae8da3f72832f68978482aa9723618fb768a55639c4ea27ead9474f36e36198b4c8ea57917581696528508da904d5cb5f8145711e05095013779f30dbc4b

Download Submit
/data/data/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
56b5da820b2056dc4a9121d854798a0f

SHA1
ec89e906f4a0fdd3dadd1ae612fabee9d195d33e

SHA256
1d4471072715be3f35510364758ec1abcdcf382a32f7fb076361f4dd89b68cfc

SHA512
7aa196aebd9146a7d1f76cf1137b53d40e7b72ceff386467c4dd860cae48065774db457d27c6fe0dd7fec823e9b36c17608f2b4458dc870cb7837fc31e05e083

Download Submit
/data/data/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
14311d945716c79f94e34a49ec4376f6

SHA1
b59f573500fbcaae224bb755eff2bb3b596f764c

SHA256
1984857bf4c88c08ba9586cec002cded013c02eddc3ef7354eb4b04d883c734c

SHA512
69af367c33efd22ee54cab95c41a7c3ec121854dc824b9b6b975c0848a3368b09b4822a4ee494cdae237d59c1afcaa6e79254fceea2eb5843f7d629e8d721c48

Download Submit
/data/data/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
cb200deeab604f136664f29066ccf33a

SHA1
d18b29bb4ffe7a59357cdccfa7393c578d0620dd

SHA256
63cfac29f988132e50186e5cb1ade7f15dfc7a67ae0fec0ddb9ebbd0b18f203e

SHA512
e6fd244d7f4400c7b86803966a94308ab3fd3f48fe89a8e3f2c7b9336668c44ba346135d4d1421c2fb0dbc84dfb995e93570657931862f5e99c63896241317de

Download Submit
/data/data/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
f916ef474305eac1bdda426deb746354

SHA1
1456b2dfa1abd27893470e89ed2e087d87c8a4c5

SHA256
775ca152662b261531fcfc0086390437b23d9b4e50b5a7741c2135b77e872375

SHA512
f3f841012d2b75f9d6dec617422268cd02992da33ba1cf30444ec85ec22592b68c0f6c574cd36ee27cf81b960b32364630ad7e3068178601acb76f519774dca9

Download Submit
/data/data/com.yunchen.whzhyw/files/0ca03ad93e05e5615af9390447203698
Filesize
128B

MD5
44597e22e3500f69c820fa90c0e11cbd

SHA1
7f39e22789912a19f19a999437b2c16225bc28ef

SHA256
9d3574b88e36cbb0129946371a41abbc3decb258320fb2be8007b1aaac6874d2

SHA512
6c85960b1581c942bed40b171c04a60a67998f0257580c395b5cdb3f295b24ad6094ef663d22e8a8071f301220a5d156904f43f785b592e9412cc29e855acf73

Download Submit
/data/data/com.yunchen.whzhyw/files/1d8a43d3f299212fee52771661a29bd7
Filesize
512B

MD5
7ba9d77636b1a89b1371a991e4f79f08

SHA1
7076d007d18887b63b0b1c3e356d1d84abeb3e39

SHA256
b2e39b58a7572a739385a76b0e6f536b43c3e952d76eacd869a2e6b4fdf74323

SHA512
9ec562e079e3a4733b0a51c5ac2447a4157ca5c694ef0315f7fe6fd81dbfe5a49c5bf7ba266d7ff02c4e6b3170a329c2cd3c6d736415c10a8a973d1f80c3078b

Download Submit
/data/data/com.yunchen.whzhyw/files/mmkv/mmkv.default.crc
Filesize
4KB

MD5
620f0b67a91f7f74151bc5be745b7110

SHA1
1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

SHA256
ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

SHA512
2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

Download Submit