91bae2756939c7852a638212bb64c45124196c1e3ced2b6efe7f2a3470822365

Analysis

max time kernel
175s
max time network
189s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22-05-2024 12:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

whzhyw_v1.0.17.apk
Size

12.7MB
MD5

4de6d4c2bf46cabaa0e7b700ba0a1460
SHA1

f64fa3f5bf94bfc45ff1826797c17b67e560f4f0
SHA256

91bae2756939c7852a638212bb64c45124196c1e3ced2b6efe7f2a3470822365
SHA512

d4de588a29000556d8c7d1d6be7493fa4544b532a8a5da9271da430ecc5bb34e5915b14eaa3deeecd55d2405e8c2da8637341455cab7a745b92104274e8dad62
SSDEEP

393216:/rQzcMLMDWXwvl/tQdPXJ6Ylr8lvWzvpiZqpNS8NVXFo:UzcDDWeQdAYlQlv3ZHSo

Score

6^/10

discovery impact

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw:pushservice

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw:pushservice

com.yunchen.whzhyw
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4654

com.yunchen.whzhyw:pushservice
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4699

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yunchen.whzhyw/databases/cg.db

Filesize
20KB

MD5
54b1e89f09ff97eb7ab8f90a754f9c43

SHA1
f1f9e2330759d950088302bafbbf38010a5eff90

SHA256
fb48409b3be40ff258bba7c9eab204292880010e37c1e6bb9af97815954c5d34

SHA512
0438d5beb3c7bf0823a01cbf20e76673e39e321b8975c0abb53dcde4a5efd1eac087d72b77a1cc6f1e1ac6d175a9d4b3c86923ad8724f844204d3b592503ae7c

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal

Filesize
512B

MD5
60372b27f14b5dc9efe8736886de4c3a

SHA1
aa0db7eedd9bacda82155d5979685f9391eff9c5

SHA256
237bce6e7adf135d8b9700e2b3f2170dff1a2c1f12ff7082f63562964a941022

SHA512
765154d1c6f9dbfac29438664f2b0b134749d34aefb5ec9c049920f9400fb3a3dec55c0ded99ad39c5d02f8153173ec26692d380afa7648c9a5484e7879c68a8

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal

Filesize
8KB

MD5
30571b8236cd97f4252893db23051318

SHA1
1c150ae184e8664bceca89367332092dd9a457ac

SHA256
c712218ef49d351819b88dca0c58a6df894c7de143d7c0f330302cdf32284ce4

SHA512
c61c0f1a8833c2d625944dd66f7e756bab8404a7e40c1e40a4ad2d676c8976a6451142e843eae190d41aa40549b520f0ed8a74d7fb18b652789b1e481f9103dc

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal

Filesize
36KB

MD5
042664864b6d2fa5ad729da1aa84b11c

SHA1
e1a78741b9229e1e8a309136d218c01d2b970249

SHA256
ac067a56e2f7c8ea3574530438646db25568f30b72c8ef7956c4d47d50c1defd

SHA512
37f051fb893bdb5b477394658f58167cae01ebd3556667a5bab7d2e20b1be0a3234633e1ade7608f0ec7f2dc72c4d70d4c323c8d6005cf39ec468da75dd4aa89

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db

Filesize
20KB

MD5
4310febd2ab8ffbb0b6dfde8769763b1

SHA1
f54ca9f563394ddf913af86f5b9f915f6f372c1a

SHA256
27f69d0b64dd888e3cad1f044de8c7ee651b119383c58dd2359b8ac2d26dca87

SHA512
e9ee62ef8f38d10907bca84c600b3f96e95d9a220ed124aa3f68ef436d21ff5353671c4377b28c37f71320e227c0c61f20f629b4cc88c07b99debe681e2a9144

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
512B

MD5
47e7761e37d2c03200d8e2e5df329d1b

SHA1
ea9cd32bb61e56e727c5dc54b3b6cb325bfb6738

SHA256
f52f43b3126cfa9ba80ffb236f02bdb2257bc863c5a65111deaa7b9854443dbd

SHA512
ccbb6391cc08252e6c51a5a875f7c0250f031a6fba88b2f0e5ccb75d908011fd9e616d6de13f699e6a85eb917b08b5485e3da47901cc6422a742f4eb2a6ce06f

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
8KB

MD5
0499eed3ab6ad4e6651648873e82a54c

SHA1
49423424ff47aaa900a8746f22c1819152411453

SHA256
3268edb79c9817f5b0a46bb039501ce12bde25096b100c3fd6ce0a4560c8dfea

SHA512
00b7e1adf9065b1e379f18aaa36f0d8cc183908742359b2775d59da64d194c1b85b53c9e9414889d5a8660a2ff3ab9f247629ad71618961be144cfd07a4edd35

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
8KB

MD5
74591de6efc36068fbe47f18a3acc122

SHA1
1ccf230f0f9e1b0bfbd959ad53223c0c2f568178

SHA256
b4d7e2c9411c001c2ab12d19fcebd1d1f15d61480c2442d0ffc7dbca9dd44e66

SHA512
6a64fc15056013418b367a5216f31d75771132d20206cdcf9d3fdcc78ba0d7617a1f7ca73901599d0fc4f00f142325ae3e67e29c143420510c5d186f5b85b114

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
12KB

MD5
30370d1db60e9652b43266662cc47ede

SHA1
5ccd2211c9f3bafd406f2f92c6e6819ff00939ed

SHA256
a01b65896c1d09e692c5576000ffa1d7ea3c0b4b4848a9c4a4a2f6dd44177b13

SHA512
93e5b18f34019e7b83ec4d646fbbf0a7d361c8568d397e9fbf94223c1aa19bc5f62ca5aa19fda13d448989e0f5bdaaf9cfff3229ec2c46472e6e32a6dde54f85

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
12KB

MD5
53f3551f32663b46d994a0d9419f46d9

SHA1
6e46bcaa641587dfb704cd121e2e01cecec8c5fd

SHA256
7a0675e1babe7fe9684c88d2911c894a10ea6de5802a6cddff7fd806b060aeb4

SHA512
420740275c2d6477c83b89f615bc16c5538f67108ad8369e6dc4ab50a3b7f61621fa7a3946e566e08c037732235acdbcdab604c9a41667bb31dfb1ae7538c6b8

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
12KB

MD5
c4e4df3626147e59864877f0558f497a

SHA1
18cb001421cb16f095925c774fb714f185ffffbc

SHA256
e753c9a5c1edc286ddef901fcaf939c8cb83265dd3ec6d250b66fa86fcebfbb3

SHA512
bc4a7758f8a64be1bb19caefc5e7f988c92039417f6bad19e860c5b7a7d1d2e7905fa711db609ef196e4658ac4dafb9f2e6c48b6b2be3ef3c2dc872b94fbf291

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db

Filesize
32KB

MD5
059f756d6749a5e576811be5be756c24

SHA1
4780d23c9d6cca158b961a375f02885a7667891d

SHA256
3b25d3ce3c9f79024af4032b668c420f03b6ce076a5761c939027201787ee84e

SHA512
1e9ed8551174530a1e1045c29ad216b48b5f1a5b631648e8dc4c48968c3973bd4b2f309b82e652b240f863641c35b4985b983bbc60c83f8195c08d6208b91552

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
12KB

MD5
a0a9fba09e2f8de0e5478416bfc69b55

SHA1
efe8f61fdf50b08173a9d974909f779bfbd9ac28

SHA256
8dc7679d18df09bc979e89e344bf11489e2abc5194e19db25797058a10496a75

SHA512
51f80df23c112d99f2494b5cbc8195f03ca79545c41a4e320f3c1f361335f7797f04aec2a9ba05839a95122b6f00c9f4a34c051563457cdb568a8a0493100a94

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
12KB

MD5
63ff8bd6cd942810281fc63e56a1d856

SHA1
e81ca29c4e0c949599387484d19d368e337f6930

SHA256
ce64b0abb774365ef1c4ac6a4ccaca40084936a38995a3ea00fd9518f8b5c2f8

SHA512
a43791af1c0fe689fc915cdd83c70bfa608f9ed07659d4c3652a41b3946666d86fdeb22f26f941671378a1ed7f51942128c8ad54137c14a736d89fec4bf7d66d

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
12KB

MD5
11095645a5c080c5ea55395accf9bc17

SHA1
ea7f04759300be9b94a6396522c56fdabe47588a

SHA256
dfa812d6848235fd5c4c1b148954fc1be4ebea835e8a123a0c17b10c1dec581b

SHA512
12143fb2b19a0b4e0f528ed67b8bea56ba349e88a32c3322deff7caeacb6403c51d5c35d08ca80d711f0b43a87e2bf0de34b546e1c6f0af759071491906d0b98

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
8KB

MD5
cd3b08fb6aafd75a24a802339bd81abc

SHA1
95257c17e09ab9ef127644e8a988e7cb543d8802

SHA256
0a4c72e802b826fc597fda7be84d883dd3814dc14a2028a19ab1d43c053ea54d

SHA512
d842e857f893c5d3764250fe7bd14040faec74d631ea779a6c797718093ddf7d26e48c4e6a6005ad937cbe3511170142bb61b26c2fa2c740e8bae65e125f6364

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
8KB

MD5
abb46c5f5c602d43b8e9eee6731b70d6

SHA1
56b3c2a20435b5ebb1e98f9e0b1b46951ffdf66f

SHA256
f0266d291745c0f303072e19c3de0df100e0e6253705c65510cdb513f66868d9

SHA512
8f5fab5e034877a8154257f3f6d8af98e167e66f3a5e10b7179e3fc2f0726355c68e79310c9379adbf5f4fbfc9c42687a94034823d3a99639254715eea9a9e66

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
8KB

MD5
a580db8e7c70e68c16c851224f1a8fc3

SHA1
83b5fffd81da7c32e88bc3227d51fe52d793d8ad

SHA256
04e3c75afe7e10cb73859d92c8342bbd8c8b894ca4e2aff68e3ae09aa3ffa7a3

SHA512
2b5b922560a6f53368913b2b0d2a7e9b77419422869cbd68188e6cac061c4025658c475778d8a1b4f88ea288fa323d7cdc26c1c8b6c253d629be2432a1453a81

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/pushsdk.db

Filesize
36KB

MD5
f20c87943d1605275649ac66825290d4

SHA1
084cce5a5c2e716e37870635a80d4b970bde9ed9

SHA256
170e072960671c0d56403259e8c7d5a8da8a7c55a5870adbf919f61c19913994

SHA512
85fbaceb1c12db64dfdfc47929fbbfb8f57af31103927229c16be1f001725329ae14da14d3b15389a430da7dfdaacc413359d861ca29cd036c45f794f75c3140

Download Submit
/data/user/0/com.yunchen.whzhyw/files/12d43d5c59368fa926e317c4cc43d72b

Filesize
128B

MD5
94b31130c582bc465596cd46700b721b

SHA1
0ae2ff743cf62549cf96b408dcbfad59afc93bcd

SHA256
56ba738dc265eb42c405b06374bec1086a133a109ed0c635006d64bd5eb69f13

SHA512
5eb1e52b619aa549b040e75be9434a8d73049e15f9e1aca39ac8f9045777c7c9f7b81ee42d49468d7e329a81981d6b80348a8bc245880fc13f3676a197ca954f

Download Submit
/data/user/0/com.yunchen.whzhyw/files/59cd8699e9a04db6dfcea5b04c6a45a2

Filesize
128B

MD5
2defdb84bbcb24cb96ed0dbb3b5f5e60

SHA1
4399c8cc5b09b46ae33a439d66d30daefa9470d8

SHA256
7ce3fd7cb7733c573e78a6f97dadeeabc9ae957eb8bf2eeb397da13b55171b7d

SHA512
3a32e75de99ae4b70956fa31a3f2c704bb5bad2ad35c3716e3a78c59c29804307b96af7de46f08853bd387e586240fd5ab21a44e194167ed4336aaf9550ae915

Download Submit
/data/user/0/com.yunchen.whzhyw/files/mmkv/mmkv.default.crc

Filesize
4KB

MD5
620f0b67a91f7f74151bc5be745b7110

SHA1
1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

SHA256
ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

SHA512
2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

Download Submit