5248aa86ebaf414c75378b70a8fac9cc457340f2fffc03341a9fab412f5d374a

Analysis

max time kernel
172s
max time network
188s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22-05-2024 11:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

whzhyw_v1.0.15.apk
Size

12.3MB
MD5

7a142ce7b941ad825383ce1b0e746dac
SHA1

0a03444adaaac947c33c55261a037c9504576644
SHA256

5248aa86ebaf414c75378b70a8fac9cc457340f2fffc03341a9fab412f5d374a
SHA512

3c9e806f4790165af43e573d75921d9b3699f9a13f89d191ffdfb700d8edf356f9715e1ddaa95dbe3029a750e77aa167d0b1363a1ce6833823d22cc445e922dd
SSDEEP

196608:uNFbGBleHlfokQqNGwp6YlrBc3lbKKWvrvpnuyXTnmbczASm+d2K6JRVEQXdL708:EkLsQkQsp6Ylr8lvWzvpuyq7NSqRVXFL

Score

6^/10

discovery impact

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.yunchen.whzhyw:pushservicecom.yunchen.whzhyw

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw:pushservice
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw:pushservice

com.yunchen.whzhyw
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4535

com.yunchen.whzhyw:pushservice
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4577

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yunchen.whzhyw/databases/cg.db
Filesize
20KB

MD5
810aeb662b3499c85b464601ebef19b8

SHA1
57e3081191602215e9487d7310ef81c3f2302b33

SHA256
8724e21d3e7d969703dc050a786ab4d53691dc0d60605c95115504a7590afe0f

SHA512
412a86201e0c41ec5f7e71ed36c59d872e2eb09a2e47dd83e93026e396bedb42c6cd701931e9149ad8ad3a13b3f0316d2f0a87ff0ac9fec45a167cd13dd4b1c4

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
512B

MD5
7d0c30e2b0aeca71ff0961a909a14bbd

SHA1
817915a2eefb66e21fe3b9af452c8ecd20cbd095

SHA256
b3f87b820361f79e80fc88719e494ce70a297c4c3043a704ec4bef9b328d9857

SHA512
109eb3b4a7c2f71375a72987b3ad44f88a768bdf806708a7e12b836a5f855a27f8faecbf8880d360a991a6ca23b9d9af24dd68dfc4c0c0aab7ab94fa71244d65

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
8KB

MD5
4870761afccbd62a4f5b3fb5c1002049

SHA1
65515225d8ecf6794fefbc4b0d2c9242fc84a52a

SHA256
a82e311c59002a26fc20fdedd58e11c2b5d138c111e6a73fbaeb2478afd3d0fd

SHA512
f34e3b59655ddb414470175ae4e1749c01fa37e1d69ff7f6da4b566cbf237d0d3d72fed5a2ae194baa4af7aee5d34976c3c4f4f99e8176671d01aa4ca73c1c5b

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
36KB

MD5
90ccd8a604db5a600c00a4de01fa63e3

SHA1
dfeb065dd033166afd6ce8a4bfdcf81e6f669e38

SHA256
08136ff090340ab53d22a2be023f2251dddc509e044b5bd390aa0eaf4a4d5438

SHA512
44696ff4e98fbd9a9b25c03dc9f681f2d876671eb2b1fa164f2ee791e3f8224864866a50acdf443e5839160c6ed1818e513a4d29c460ea470b4e1abfcb5deb64

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db
Filesize
20KB

MD5
44b40d5aa1281160f3691e9cb9dec8a0

SHA1
50928c9f60cdc17af80bc73ac1d79e51bae40cd1

SHA256
cbb2e89d1f0eb0d00a11155ed50b99b77a90ed409c1354405a7a69c14d4b2162

SHA512
a904d10da50563dadcd318465147f4dbe98b5c29660ebead3153697823a8ce902bd33c0b0dd4a27163967fe8bfda4c75666a54cd72e170a21c41a755964ef7a0

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
512B

MD5
309a2846ccd3638f018e68fcf8a2a085

SHA1
f7d2313b7198ebfb87a7a62466e2aab7920e14e5

SHA256
89cdc74b435ccd3bc8df9e91170231f81977a262754e2755a3d42f18a699a485

SHA512
94daee67a55eaf2e2d22d7cc9d91cc4eb62743914309a601823e16ea5ee2fda2a25f1c16fd882a967f62e3351e1bc7a81f15b452f911c2a66a62b7f2ba39b75f

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
8KB

MD5
169c2d9d50e51ba0b625a59876374f4a

SHA1
17477fa5275acbf89d50b33703d6be549fb5aa00

SHA256
3e6d387b567d9603dd0336e7140b78dd5fa90a6bd21582b5a907435d8c6d547e

SHA512
eccbc06c05a2ab44f8cf3e9490f584b2a5645b9e3c9983aafd0893a021af51892e3a44d7d31bd8ab5c07a8633bdcf1e8a7a9aaf0869c88aeafa94c8bc85e8f92

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
8KB

MD5
a1b7eec226dabc10ba3ccae5190a959e

SHA1
8de2e0fe8f291d10a512e98570f7d0b6ec89d3cd

SHA256
cff2e4faa496d46b446b2992765f456e7e7f8e4031fe04c581f5cb6b0a6c8035

SHA512
3bcad2cfbdecd66ca6dce94d05967795430f2f7e4627106e4fd40dfcba3de315e3fe0f5a4e55953951d6f20a84b381537abcec5d1e8a07c3863f54972741c012

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
08e34b7385002df5c367a699fbadbf18

SHA1
e6dc77d348a22d7f30e1ba0e235033a6b7eeef04

SHA256
9fd30f4082a5901d28a045ba1a638841e4a7276d0b28c2afd101551bfcb88a60

SHA512
015b1fa03037c964d04525bf9f72641a7accfd7c1eb263f265198b102d68f84a32f663bd08b91edbee627b8d81a9a74cdab4321c5e8748be6aa8a2056845436e

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
63cad724ad60ecfdd2ae8dc6c106b5d4

SHA1
a31d9805347b0d387f1ba41337091fa5ca4ca662

SHA256
697802497d507a0f241d0d3173ddd966faa716ded37bf335dce71732c87b76a5

SHA512
51dcb90d90563e5a373cbf23684c81e1f0800b2bf987b542678bbb449be0e45ef80b4deb07dafa29213120d07e57c0806453c57f0565291ea5b9a0a08a66e9b0

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
c4f41c94bc4c0cc284bd70f4830772ac

SHA1
97571803f165412cd8e89b92765055f01d294b5c

SHA256
a485c81fe6e8b3f048e0a1386d54dc867e1d573eb4a6395d444dce665a3a4f98

SHA512
7bb5b911a740ba9082063f28212cd6adb57b4feabed22ce422f686b24e9ebabb2d70c9134c7755ae7fef2a8a523e3a16e0e8f084b8d95dbcd6cddb4a803c3b66

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db
Filesize
32KB

MD5
d8160d3b4c97b5911522059a1cd42b54

SHA1
dbe51283e5aecdef686892ead9e0ed86498b7d5e

SHA256
54c7349faeeb9cad2446603f8a11917bff2b546c3941fc325d5e2781d3bc8e08

SHA512
c4531decd07863b262a8324755157eba9e52b9eed4bc8ae24897d9971b57fee4acadf0c8c36f0561ce3028f734bc4d129b92207123476737e0d2473d60ab04b2

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
1337a8b9ad021a7d65f3453487dcf092

SHA1
39ca9871a52cf934363422568e4b43dcba50e016

SHA256
db1a601d2232ff3494c0ef2b9a004cdf77612816ef3da51211b359e0a1d61df2

SHA512
11e2083008163e6335486ad56a81c8d352b3d0ef0ffba95e545ac6faf89eafe269d24c299c4a16e2a76c7522f374deccb73e8c4091325b52afb367c0dae9a4cd

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
2b3ee354ab70745e1c2bc35c8fe2afe3

SHA1
3b4f91ce71e07893b2148c97a03d652c08c6e307

SHA256
a6846cb4ec62e7a72e2a8ebf380f1c40faee1892b98d1e422c19ce4f3865ddb8

SHA512
06eed1c5b0dcd19ee8202f77f024b8b6b420ee9601a6d10be2f10ab85bf901c9bd5c862d792ef601375627a7d08d0da6a2a13cf7e7b73cbf6f13537d728a4869

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
1949df88cd13852a90b6be14a33bab6d

SHA1
995ee05402427ff3f6e582914544c6528af5dd8a

SHA256
6c1f06987774a8de336ce6422a455ca71ad04cd174eeb768efd071af8263a6c4

SHA512
fb46721de9ec84ec80469e13e0bcf42ae4ce4569ac52673db8de7b24598f4c64743021c5ec612611874dd41a5f96c4a62242b020b7922f28f3de840e54629a66

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
346de2bdbc998e831ff47a181fe1c8d1

SHA1
84c3dcaf17bf7c3b9d259a7e42bc20ea93d0a9e7

SHA256
9446bda486a2b2003658cd3146c577853d08e2e35c65a273bbac3ccbb4fa061e

SHA512
0db5bcc23f711707eee800f462013d8ad4ec1e5ac38f862cccfcff008675ab4d71a69a11aebb9e3378e6f632b4da78d0917594e61f3b60c0fa47dfb0a57d5647

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
cffc0a9200853b1dbc44b5978f2e3e06

SHA1
66e25ef4e5203ec54991668c3ab85ace3030410c

SHA256
f59d65510bc107dde08338db0f9fb3c676ece593ffbdc7db6b3b35ed46b0c448

SHA512
ed97621c8845259692941f60ec883bec59ccaa88126512ab6edcbaa52d11be5b7b48d5d0e3ac8940c890383a823cac24380be71ff999f0f20d88e8350ad0d8fb

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
fc4373c9fae0eaa7f9d49b5709076221

SHA1
acd27223d0bb10ac21fa1557506549a6a9596c56

SHA256
e7924807fcea7f74d09c48c800fc12442304e284696cc3111dd568309d8629ad

SHA512
7ba2c399782aff7a75a8d6145afaac2dcd535e3ff61c8f85bf0534f9e76fd10c710e084413a982bfdd808fb8346367fd48285da2feaf7e89b1bceb99050e3ebf

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/pushsdk.db
Filesize
36KB

MD5
3f3c52fa095b1819df00c29fbd9738b4

SHA1
ffb1fe4f788f9eee0b2935e3f0c381f1810f9955

SHA256
813185182dbaf9175cfe2c4eb8c78a254f06d4e17accf08db3c831784a1eb664

SHA512
c4cc3b2e125c2be9566ecce5c006cc87750b355ceea8cc27281ab4f3f0dced6853dbed1ecae7af43c8f26ee4f2522b428c55663e4d063efc98164f7ca006e97f

Download Submit
/data/user/0/com.yunchen.whzhyw/files/66b676404eb96b10170db8450ee31ee7
Filesize
128B

MD5
ebbd3641ab28b4d771a30ef254fc8c8f

SHA1
efd04dc33191f70e44041dcddf8f565fdea68634

SHA256
5abee1fa04e7385d1ab29bca9cdc9633ff25d5e791da5450fa87ed09416195ac

SHA512
1aa8e64901dfc5d38b20b689fd91b71d2a88d5b69d1187a36960a93b31cd8b1c704202e156ffcd9deda353d229e9a94a2b84b8f110d593b8b56d0b20bc12ca11

Download Submit
/data/user/0/com.yunchen.whzhyw/files/7757e26dad55bf31b0d8eef68fa601ac
Filesize
128B

MD5
edb73d7ca8bb15d009d13955d8f61de9

SHA1
ca13f0ed2c96d64467b576bc909d1a813ea9fc17

SHA256
7670abbc84049fc1a73a9c3b0d4625f03a079b8913323c7c124383a8505f249e

SHA512
55018748b76fb0d6c0328e3410f3b2984a544e2bbf34290bf88993a2345c8bf64fbbeef546d2d3b2eaaaacbef0b720eea28b963a600f860f6bb744ef8df398c1

Download Submit
/data/user/0/com.yunchen.whzhyw/files/mmkv/mmkv.default.crc
Filesize
4KB

MD5
620f0b67a91f7f74151bc5be745b7110

SHA1
1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

SHA256
ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

SHA512
2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

Download Submit