967f590d415732ada59e27d6c6ef37598bc7daddd7c87c539212651faff25244

Analysis

max time kernel
173s
max time network
188s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22-05-2024 12:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

whzhyw_v1.0.8.apk
Size

12.3MB
MD5

0c98f1af123261cf88134f91cb8318b5
SHA1

5a65a93916770f97c4023266ee52a36d415fb094
SHA256

967f590d415732ada59e27d6c6ef37598bc7daddd7c87c539212651faff25244
SHA512

09d37773dba1f8a29eeeee694c5fc2aeb3123c86c046a796a42dc7e162300a8bd67dcb9200e80f533f693ddfd75772763edf25d9a7ee8e9ee04661c5c682e45a
SSDEEP

393216:0xuUHNYT6W6Ylr8lvWzvpuyqyNSFTwnQFp:NUCgYlQlvxyG1p

Score

6^/10

discovery impact

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw:pushservice

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw:pushservice

com.yunchen.whzhyw
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4626

com.yunchen.whzhyw:pushservice
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4671

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yunchen.whzhyw/databases/cg.db

Filesize
20KB

MD5
390f08e9fd3deb4c17ed9bbbcab534fb

SHA1
06dd03f5709e1bb6538645a01adab0ed44992542

SHA256
36425b2831fa5c138e72997c1cdc23b8f67314ba396ff4f251c3786690b2ed6e

SHA512
b665250301b7207c124009b9d0992036e6705425978f22c1f848b2eb46a4ed9c4cf692f7ffb26bcf094166d321b14ee7f8d4a4dcbef43c719ba2ef6f9110f851

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal

Filesize
512B

MD5
49003b1a70e8bb0667b10112fba78c76

SHA1
aa37f65b5c807af0a605c3c69732337ea9374f74

SHA256
eb13b39fcc22cfdf2fcd5f5a40543c434bbc7a8ba0bf46e6dd9cc49652f25675

SHA512
73a6877089b736a699d12d176f3dd9e76222e81e5864a1df8ef4a6b841e6b5bec406f4633f4c5dc624badc66267a0a392591d770ee5bc46b4e6b9894edda876f

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal

Filesize
8KB

MD5
aa6e25e95559d1a950d9290a79ac5140

SHA1
d5e2505d20db410e662520ce02dda647a4cfb911

SHA256
5d76dcd3b38eca2550d5db66a720082faf6d35bfcd6195af71b477fd7bdd795a

SHA512
b43620069dc40000b998b48a1e21fc18a550125c2261c1a63c99cb7923613c0a0c65e297ec56a926aa119621dc8bee0df84c415321b40804837577e26ed46460

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal

Filesize
36KB

MD5
f5f3b0153be3b3f0541e3fabf1542644

SHA1
6222a2f6f77eebab40e1ca6fb455f39011c9a2a6

SHA256
b29e49ad64f45818c37f6d1a214302f9a18bc7e33c56b3772dd36906dd7fc9b7

SHA512
103154f0e127cbe875aabf3e713f7f51f6e1c441088f681effdc694ce832c1e8a62ae8306015bce4a38dbdf2e25de78da232311b132d21189e006bf5ea3238f0

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db

Filesize
20KB

MD5
2b72c22b078676aec3a6ea4ec5e164c7

SHA1
ca41fb712f16da1ce8e65383d03388f707665061

SHA256
a06f5394e496df03cdd3cc720a8ea1bd707ab2604daa07ddf03483d0af8b4e0a

SHA512
259b86bda353149edd5a8c680dc720da9a20323313e45ac81353602eea392c73ac54f6ad085b999a2bf4f4d3f0feed8d03746a710d08ccbecf46205977b4f736

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
512B

MD5
f48cc5eb386b770b8023a6a41be7ffb4

SHA1
1f067c873e6e81178a8c69afca85bc77323f9109

SHA256
be2e76138b4bf692ac726176db0813bd271be221c161eb81f26c351dbfc9cc3a

SHA512
538ac3518a667ed7370085ea1e341530e9695a033d337d64984f1532b2b4c90287fca0eadb658432e800006bd656422fc69ed6f76379866b6db3ee511c0e2ce4

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
8KB

MD5
9545c81ae171038eda53a2107778bfd0

SHA1
4d29d60fddd34c40813dc8a277f0150c53faeb46

SHA256
f5e7e694151e21c6da4753a6878a9fce13191250d1b5756c39b5aaf371da0dfa

SHA512
accdfcdc576038c650f2f6463b08517c1f593bcbd3cf3f322930df1d7cf7a94e5c7148d8fc727e9eed88d65760c6d6ee0770e95169b0053284ae5149e8f47d49

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
8KB

MD5
0b4e186ff8b0276b17b0044b3280d3c0

SHA1
b902713c7e0af0f2c908f95e8d4538833fb982ad

SHA256
3381ed62d4e695236a0c0fc512b39a213b4e4b287b541dc869e3b30692514e36

SHA512
fd8dead88fa23f632e8052c16040c644605e2c67671de6e6a42d46ae4e3a4f43da24a483984ef52623eca284a9a0e56d685386ed64bd8a201ec60d0751baf130

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
12KB

MD5
4551f6b0ae7a896e02d660a56fe8c0d4

SHA1
51e5f46d7dabff92b1df82620e3d1bf2ffe79fa9

SHA256
af33d2069939ace7261772aaa0a1939ea2152319846a96a9e55bbbb69b59b2f0

SHA512
5108ee8dc164b23c43b4ec799b7d234c6e8780caea86b6c6977a9ec2c4d18cdd7af1d64c50864645ac21d8447b4f3a72b4aa0481a474033f5bd91f1a5a0ef8f5

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
12KB

MD5
50aea70af05e15885b667ae099065766

SHA1
945408e2786b7a9ebf97318c03fd5c81a93728fa

SHA256
6da250884068b6b9ee9c07a7452e8c6fb7dd38929330b9f753bb031535d83fb3

SHA512
921b2fb4713516613f7d17e13a094bdc99035c94abb7b71dec82e410e5573d9877a618371d60cb634b73a36ce182de49bcdfd8c90c2376dd1cc4940cf78ae78e

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal

Filesize
12KB

MD5
355206f1dc69767f350ff5dae31354fa

SHA1
89a42d6cf31225b7b14a14fc21862ec189d4d4ac

SHA256
af541092ac4e5578dbc962e9c374c21903042a78b27a1c5c96963e34ab6cabfb

SHA512
d2f979ed7523ab0ef6f1820e9b567eb56b1fab7ca6990e82f10087ebec767cdd7ed7222b44bffc0a579a9adc397cb0112edb554188998da56586d41adfb0e311

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db

Filesize
36KB

MD5
3a804b7c6709b72cceb429c2ff78fb75

SHA1
ebf673f7bf391dcfe439efde42f67b0761fd68c0

SHA256
304fa805c621d62c3bf0bf2780641eb28a1002bf614305069140d14c3b536336

SHA512
5f14ff40dc83976d4ff51c81927f0050cf400d1b4572735b90137f1c4b6e7dd49e5bf7aefe415e003ce1a92ef719c99c7d96345c413a80fad344fe4528380475

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
12KB

MD5
58922b1d7f2ac9064bdd04037818ee42

SHA1
a93ded911d9ee619d0e187cebf92db67a87c6dff

SHA256
dbb10156762632b3eb61b85b213250ad813858e75508d909dba5f9832eba00ee

SHA512
b786b90f24e92a2546ced037c0560f0cee8bb2f01567f27d882f3659465dec7a776755b86947ed73405c1a66bd40746238abceb417c69c669f3da143e1b969de

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
12KB

MD5
ab9382e733ecc790ee685c967af6f985

SHA1
580795c5e1a5f03a55c9d86f6e7e2b3915157e36

SHA256
0f1f6fc8ace397da1c49aec3849d4f1364d558a6e4117a5549a88cd479bc4c23

SHA512
0ad7b2a24404511f9a28218ab969b7041b3f51b1daa0779517ca158b0f7abaa66463694b8a7b09171c80fbb08bff329319f953518fa09453fea9eb4270f685f1

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
12KB

MD5
0777fbd5d4b42a1408acbcc80879eb88

SHA1
e1a383de6dc6359f5d6f014ece9d421318e1ef01

SHA256
306c97b60f63276a95f72d53a5e4fc96461416ad757e44ad28a299cead2c58a5

SHA512
11e2302eab9f1f5e6d61c758f016865aef5a505e291b8a3a1926529adb2f4a46551c3dfb2cb16701e2175ec5f416dc5f4f6fd95851bae03cf62eee86019164fa

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
8KB

MD5
941c6ca6f153d2b497f43419bebc8f80

SHA1
7d7f84581dcc18dbc53e561e1b6a120347ffe6b2

SHA256
36256fe93ccb4148862ff5cdc884e5e39819e0fb799322cbc2ee990e6197da2d

SHA512
71e504eed226f68dae6013c2d45322f84ce09cf4bfc652c94dbf9047dbe393d7fc47a10242449d644c6242754fc9019af8ba04128f3bb48e91cfd591dce88be4

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
8KB

MD5
1a1e69dd5e5135121b8fed06b8cac799

SHA1
950ed34bce31c6ba07a60f8f0aeff92e10d9901d

SHA256
dee3c1ca545ef320adc42bfb4bee1c44aebe47db126164d174b975ab3f6c53f0

SHA512
dfb56c3b6227af744a2f1300bac4e817ca986b464722a165b07ed49e684e4de360d63a4191591597897758d0d57ee840a17f61a87c9eed35525f9036e1c6db32

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal

Filesize
8KB

MD5
7c46b1e43f93b5d77c20fa7f04adf201

SHA1
0c1ef1f8568b52d6b8ca5b2d0da7fe7ccefe52e6

SHA256
86b6f1a80a70825a50419d0127865886593ef2d5a2bd6be94a79e7a8bb1c6702

SHA512
51a9d285fe93c957b0790b94eca5cc559ad6b1f2f3c09817b4567d79bf0c5c800d6bdca75e6ad13ab3bb5f99710a73a0d1a889af9bbce42ea710ac53f34d902e

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/pushsdk.db-journal

Filesize
512B

MD5
8bfd3edd2903280eaab5ce992095ab6c

SHA1
92a0758364f77570e6a2514c08368bff66992e5d

SHA256
4e2f76b8ccc6a089e3d1053c913320c9377d5c7d7d0913d3c7b80ed19189af4d

SHA512
b77bb466724a7d8c58a2cf2786fc044950571cf24ddbdde012f3d45f547116c623ffbc653b049d3eb0753a960c1fc655dcf1aa1528c4d49ae7dff9fb1d6dfb5b

Download Submit
/data/user/0/com.yunchen.whzhyw/files/aee6bd21e14566a71546a509142c2771

Filesize
128B

MD5
5cf481e0a113474a6d4a366b08c1292a

SHA1
557ec74927ea4b455ca9dc6b0bab622674f5ba2d

SHA256
d7ac3509dfb3310f005abd8e1d41159a6c427147662c7a4e5dd2787ccc99c145

SHA512
5e8cb0c5fc4ccaa2f5373d8d1d1f97623ac1a060d2ac4f40f5c144c7677af1531efe605c4754d8b81e56094979a313afab5ece4b10e9c13cbf8bf7b594c14ff5

Download Submit
/data/user/0/com.yunchen.whzhyw/files/fcfd61132eb42735d634843e8ad618c8

Filesize
128B

MD5
33c043f67df2a379bc587579f5c501f7

SHA1
b4c3efb69e8c3e2098d5b465c1ba7d6368cb4d04

SHA256
c013272cd5af5e887a439bcda749f0d39609e5660c028d6d31e22902457149c6

SHA512
8d48b120a19e305a45a11eb1068fd93118d2b212fbee10cdf86a041d58aac0871b2c1b11fe3f6115d76a8d486eefba628f4468f682193273e60ce0dadd94850b

Download Submit
/data/user/0/com.yunchen.whzhyw/files/mmkv/mmkv.default.crc

Filesize
4KB

MD5
620f0b67a91f7f74151bc5be745b7110

SHA1
1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

SHA256
ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

SHA512
2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

Download Submit