e663e504cc2170d1b9de697e908705e922a6e91e851ca09e61a30b7fba599066

Analysis

max time kernel
176s
max time network
191s
platform
android_x64
resource
android-33-x64-arm64-20240514-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system
submitted
22-05-2024 11:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

whzhyw_v1.0.5.apk
Size

12.2MB
MD5

f74090ca909a7409bd533ebf25f740e8
SHA1

59c0bbe5f95cdd8d4f30603d905edadca133e082
SHA256

e663e504cc2170d1b9de697e908705e922a6e91e851ca09e61a30b7fba599066
SHA512

19fc2f748fcb59d33437c149ca1eb9f3524686826b8d71182d1ba87a40b4ac070342632b2861c3d1f757b5e2db93b4c6318ef22efecc7c9044e29aae757c6c43
SSDEEP

393216:z6crehXyy5Du6Ylr8lvWzvpmyqDNSYIkndwO:0ND5DHYlQlv9yVXO

Score

6^/10

discovery impact

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

T1421

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw:pushservice

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

T1471

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw:pushservice

com.yunchen.whzhyw
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4312

com.yunchen.whzhyw:pushservice
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4406

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yunchen.whzhyw/databases/cg.db
Filesize
20KB

MD5
cb9b28f6b0a6c4af711a3dd5fd976466

SHA1
fc264b42601aaa9c23c1530699aeb5c7c00a7970

SHA256
cb365967b9f2fded9669f908404ee94c4c1205e9cecd2bec818f3cbee5254c9d

SHA512
61170aa31e7dd719f192cf46b49f8109d1e0241cd8fff38ba3fd61b6668c0725b2aa033c68b64c8bd4e9205ed7733f99976431faaee3a2d72b787b9af0f7ad77

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
512B

MD5
f95d6c7312cc99b478bb9031a9de8326

SHA1
330de696d12b308f6fb886cc7814cde3cac776f9

SHA256
2a3ed69fe63e69b9b83115b440ac91ef98fb21dcd3830cb14858deb149c91b98

SHA512
467ad23ca11a66df705a5f2311adf6c82602de3c9112b8d85b7982a94cf0a0948d1c7ace6101e259cc5af0bc0f632e34c064bec4be1529563df1607493425a5f

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
8KB

MD5
9fee7cef61be246999aa4779dde95b12

SHA1
5d16049c4f9a6a27bd5212e0cb65d8d1f3a58ef3

SHA256
d28356e716b8ad5b97bd52dbe7a221376b894d082c1e9fabf1571ea1a2ebaaaf

SHA512
d623ecd3dbc58b84185ad570e78de69cc79797924375f59ce124382f78e181f4e08fd4938a93ee67235745e1b3d59928bb39f18ee2ca45d626335bd0bcf2d586

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
36KB

MD5
839e96ed5c308d09627192b72cffe4a5

SHA1
f97834a4ab62e51b69d8383b6806d796367df9da

SHA256
e85c36e27e9809374d97d8c050e2518c6fe7d31d1c84f5a7ac6256a89200a8a9

SHA512
10ff2c55ad949beea2da2f6243bf8850d43be68021da6948ea45561e7d8740346cfc13ea966ff869d27cd662b08ff17738cdaf894667c7dee3f2efdc29d80297

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db
Filesize
20KB

MD5
5b487ececc3001c8946d84d65d2211aa

SHA1
c25fe14874b2bd8d2ec886db6ea5d6d80037aee2

SHA256
7bef7d9401ddd501fc9df015bb1b3d4da1bf87fa4e3bf1fb0a4733b1c90b951a

SHA512
5c471632545608312f66ec32a08dbbae6b64663fc39b45add19281bd418fead27518a2216878d0350c69b3e00df3371aa65177a0ae5dce249d4d7ed497e18329

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
512B

MD5
de5e03be47068151247ec6ec2ed567c1

SHA1
26c68a524258b34dcb5ef8ff518b32d78b5ed24e

SHA256
0c0004b01fd964447d75f55c3caae3b2b60b7c10bfa336607e382a27833c2e27

SHA512
eb4491ad1124c6bb1cd508920075ee91fb242b6c70021b28d706c4b204162a6edd95607478c88acdaaab37ca6c9d19f45ad626e62a968311ff9e1c84848acafb

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
8KB

MD5
d30b9c06622ec2e8e72bf8ee2c758303

SHA1
864728ed77ae8d5380887e0642f2d92eaa523cb4

SHA256
a3c94455b53227d5128d4f7ce60d3103b573f3a3c4a46d0aa812fabc09b6b612

SHA512
818470d67d93a7af54343a35c1b92e2914cf76fce6df3001e647bb6e9daeb3ce1c9b7f110ee2ec3a14fdac62d79af0f636ea3afaab6f51aa65ff8758fe1ba42f

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
8KB

MD5
7c57b0b99eae320b059a5917dc43cc32

SHA1
b632b3d6de31dadf6023e7717861dfdfcf618996

SHA256
d66b1e346bb5a16069594101ca19537cb60f92dc9063a020b2f811fa5341b55d

SHA512
91ca90307b1fe2e898565ca90251ebbe8166e94240b3e0faa870b4b3b18a0b4626963b465d3453dab13bea2e511d7f40c0e6583703f58dd5ef44a156e5b61418

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
2fed7492eed87dfbb5c6bc3778542ce5

SHA1
47c362feff38f50e4eb96d732594100d56e63411

SHA256
37017977ca5dd24e5c6b7438b1b11630a268bf2dea20cdd1fc6e995b377225be

SHA512
032d62ad1c5e825a24f34d43c0e80bcfb3892b4b91e5654f451337300d8e713b5dec88393686298d2f338cd14ca63ad36f7ba0c0ad62775ddf2c89363e224239

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
4e4f0323115fb5f8189c766c0338a9b1

SHA1
2b1784250da3634e4cfa48d2790ecddac3f4f9a1

SHA256
c535aa1cea3bd02cc96371c5f8b03260458cad52f11ecb79b490cd7e0bab9437

SHA512
7215499ff71ee5cb770a013eb6e24cbf4053e3d8a3d83f1635e0740b4798450a9a6b6c06d95c955ffb638e048f0406103f82c2db055abb8193d0da8c750e421d

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
4c435e78b5fc5413d9cf5280a8192249

SHA1
a3e6d6bc2dd81580d5581d5722c2aa535d187250

SHA256
6157ea14eacf9c6c1277f85e60ac21e68609447cad80aaa1b67083663170b7cc

SHA512
e781612b983db9fa609ead1b781431540416542ebc110ca034a25c21b34cc99eded1aa7c6822d015c57e53b4f74606c351cee113d256b0f61decb5a3f8e28235

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db
Filesize
32KB

MD5
f9fda71d07be0836bd139cf266225ea3

SHA1
d570c8a829567e89571d73eeeddff416e292767e

SHA256
b216aa477a2393161520aaa07a35cbd0d98865954249e2f9a6fa41871ca081e5

SHA512
1506a05de1eb07d4c7494a0c76070a74c18089ddaf4531ffc5614f63e35090031b7faab1596708954ca29311744685eefba8482074d0801a23539d0152d574d9

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
51d9a4e567cc1f5a4a084b1380ac89c2

SHA1
aa93be280d187c6a280d989af9819bba9b0d9f1b

SHA256
a59942ab3aa45a5b5a8622021cd36fb797382b05859bb6127ebde3cb2aa97284

SHA512
76c405ce463ab85ef49f1ee0dcd18786169cc5919059e3eaf3c4f0e2edb60f4ed75f0a6866c72a6c47d0431b625af11ceb79e14d968c835bc92d9c8aa4d50a41

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
d9b4f64350962fe7e2ba6f1f31800243

SHA1
42d6f5260a27e9b4c203901eb68a0fc992da3a3f

SHA256
88ea32e870831ddfa2473242aea0dae6fa0dfe9028724e6f911af571bef9ad72

SHA512
a2134f1a5dfe0936f2361d9dbef763582d312afb5876d61258244adef47be3d346c0b13ea5b37f209b795987f344fc861d28c7b51552cecc5c2a0f0bfc9cf176

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
65bb2f3d75ce4caf6ff548d109805c03

SHA1
0b5950cbef791b4f734638a60fbf2f2a90a62070

SHA256
0adf88ced0f06ef926b0b713c68f4ad855fbbaebc85a85de3e7cf439045c25a0

SHA512
a13215f8385d630b86e24cec05b4d28d610400b173f4cb9fcd1a6a0e107e3c4969c9571ced290b2d002157cbbdb61fade06939bf3ac0b48de27ce002c59fff7d

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
f2704ee8c5b069376706a068f690f961

SHA1
ef7e0a6f38fd3f65d8c685c6761660e7bc85022f

SHA256
6a16d0d446b7e2c5daf315278af28a9da337c052a7cb18954a3f93780d9ed38b

SHA512
040dc4e2347adce9f7eb93b0e0c74df41a13dd5ecf980db56347e393f304846d271be8c1c990b387b6741555c1fe112ed2a0f8b462d3e954d6dcfaadfd2b9726

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
4d370ac5dcc44542f9be94fc03a55134

SHA1
72329b45bf4856dc8f04f836d7ed54aabbe489db

SHA256
684605a798249bc20794bcffc07ef7654ef3f486cbca17adf784ab85ab0fd8a5

SHA512
2aee1c2ed32e13fcb52fee1f97c3fde2bada086a88c4cfccb79363800d2a24b7e94338544d2bcb039e0e8dc89eddfc9dbcf0afb5f74e9932597b148a4d79f2f0

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
68556b968378e7c88daeae16e510ac3c

SHA1
75edd1134621c8269bfcfc702256b750265aa802

SHA256
c18439a2a2f56a15661ef4ac09902120cef530d31f50541bf7b920c56ad73f6b

SHA512
f8e053bbc769fecd141845fea7c2c4bc69541aba9c405d136f4768e9a46abc1ebdfbb01e07844f0f9fa7e0c84a653420cab6e4ebf75163cadd6768e428890b34

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/pushsdk.db
Filesize
36KB

MD5
8ec6b40bf4afc8bc69ad52a7c8d6abc6

SHA1
9d73be6a85e3b9e1d325a2d014a8870d5be70789

SHA256
fbcb726e5c4e7a1658358fd6babdf2c3aad9f237f211b90922a3056b9149478e

SHA512
a1d44abfd8c81233719a58049b9f73c71d9d907ab3aeb9abf342f493d3cc5bf2e3d912d4108dcf18559f074e487ca71117006262e42f243551386e8554192490

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/pushsdk.db-journal
Filesize
512B

MD5
6365cdfb91ec4ca117466f75124d313d

SHA1
b505233643d03c58d15fd665253141e104a08755

SHA256
3dc66de649872840de1715188413613be42f66170bcf741591abb2d9c4281120

SHA512
a8c2bf8876c5885f82b9781cf0cd2f2066acd27431696a6c3400a50c1fae285ebce44bd9b4dab85c08c852e410473b9b1cc4f0391de1b2dfd7d332be9e084b26

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/pushsdk.db-journal
Filesize
8KB

MD5
99c7d23591225345c05a782f23cc8ce8

SHA1
c0e28d6b115b80c906636b0bcda11df7ac843e5a

SHA256
792aea240bbdacd84636e2033c53619f249fbb76db0c7a667d6debb326d111f7

SHA512
4833cd316d7b2200a73e07ae1408eed0272576a71c44c4240abe069cb2b27df23cc7b18ee68750e8758248450d51bdfb22031250a8aa0e1343ba4c1a973dc0b8

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/pushsdk.db-journal
Filesize
8KB

MD5
557f7f9518132ebf186b137d48908e03

SHA1
d9ca61c8bbc3244a4783c32850098af29004d5f6

SHA256
0b2ab61766bc07b9b597633623009d41161447bf84ad56e5968839529291826a

SHA512
f6f3fcba027cf643cc8f1b36aff76fdb6b584942c1fc0b229067c7164400339edceef89786b3a2da7d366e2d6943aed1d5f723f40b0e88f8d34ba21408b3f16d

Download Submit
/data/user/0/com.yunchen.whzhyw/files/12d2feeaec334a40b66e5fc344fddb88
Filesize
20KB

MD5
c4bc6e1029b399208429ba61c4fc3f4f

SHA1
4aef512b66241879bf6094a916b8aa13cb454f8b

SHA256
31cfe4d210013a3d1975e4f74b6d909eda52b964e34e217afa11111f515e576f

SHA512
f1033865a791fb4a7abd18e33c0a0d287f4be1a2b7972eff9f73e83ee5460226579c05faca675d55a4605af31c0d219e3ed6f9bcea18f43121880f3003bc237f

Download Submit
/data/user/0/com.yunchen.whzhyw/files/65c3955b16d1ab762acd1d78451917c4
Filesize
128B

MD5
ffe8e50b81c408c98dd302c73689d82b

SHA1
47c6a05549fdb52533f8e6decac263b8a4abdc13

SHA256
2d11b2536d78258dfebac12a28f40efbd9c6237844d64dd5bed451c5e85beba4

SHA512
7aa27f26d68cb1e1add504babc62a7fd4dda92455b6a30196d7f6a211086cb13c8b005d88aa9a2168dfaafa4c83b0962a4e343ae5fb7939941078292f8046bd6

Download Submit
/data/user/0/com.yunchen.whzhyw/files/mmkv/mmkv.default.crc
Filesize
4KB

MD5
620f0b67a91f7f74151bc5be745b7110

SHA1
1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

SHA256
ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

SHA512
2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

Download Submit