0987114fce3e6e76586a5701c3bb8dab0315b46892d9b011f3ceb5e0ad06c78b

Analysis

max time kernel
173s
max time network
188s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22-05-2024 12:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

whzhyw_v1.0.9.apk
Size

12.3MB
MD5

6788338c20efd43ebc63394c0bd92388
SHA1

eb6989af0ff53c2db30d688090d80b01c424b134
SHA256

0987114fce3e6e76586a5701c3bb8dab0315b46892d9b011f3ceb5e0ad06c78b
SHA512

03df0a66160b104c59839574bda504b945f57c8d5c91ebc149f43fae9c003175418e2bb63ab008ed31c462877c3a6465a5bc357de70ccb43e3f84e2ff5782079
SSDEEP

393216:yl+KHu7urZkq5GD6Ylr8lvWzvpgyqhNSjAwnQFe:yTJFkQVYlQlvlyvue

Score

6^/10

discovery impact

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw:pushservice

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw:pushservice

com.yunchen.whzhyw
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4623

com.yunchen.whzhyw:pushservice
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4666

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yunchen.whzhyw/databases/cg.db
Filesize
20KB

MD5
9404482b443e3c4cab52c727cad672c1

SHA1
c789890ea33096c503fbfca4a34adc9164a45b0a

SHA256
3e4a53bb4e4a03cda8a97f73165820430cd5a3310389cfda04a464a555e625db

SHA512
06cc1c8405568a6d0eadf2e5a66be47bebd6105d708e249e22934e1442368cff3b140d004787f08976dbdd9d45be0b529e52903a733a34decb499b8ec6d9e2fe

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
512B

MD5
bdc8d65852bc385280737da6ff3f67ab

SHA1
59788d8ad9ff4b8378bf6e4c18a3f96b6d3c215a

SHA256
f9804a734727865f53c59054f0880f2fbb566474fec650a43a2766219da40267

SHA512
e23f71eea75cf85bb2316cb11c79b1168cdf797369066393d17421124e74986111dea49afa4be5f1e3a2ab746b6d0c75096f461766e8618a39ace3e71a8246c7

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
8KB

MD5
9715dd18205fa12914e9c2385aa1bd20

SHA1
29d17e005b50412fe05073876bbb159326c632b2

SHA256
01b68fba8100edfcccfd697edfa06395a31e66261d4cdac8bf76aeee74a3d896

SHA512
fce1cfa761673d3071e886a25fa3b3c4a10edf27ef3efd0f20fa3f65198587d273b133f558d3655682bcb7ea689ccea72e7b79bd618477ee154f4babbde8d137

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
36KB

MD5
58a34f19c77257796af827ab0b65a0d2

SHA1
9a176849a7100e9cb9e786a23e789f989135fd81

SHA256
d7dcbb1d811dc689b4eb4827eaa5bf5f0f4e4a26a40b42becec07484d9df3109

SHA512
a0bb5f278affd123337a83f78036eac1f8c7d764860b3f7937a1dd536bb2f4eddd9290a78f2be458e9f8b51e93caea8c92bd0c93b936e8298771de4f9afc0330

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db
Filesize
20KB

MD5
7846f2915574c49596c9f87f970427e1

SHA1
a1ca14afa736a19edaa28205caabe4a06ea8f57f

SHA256
c035af2975ef81ea57289ecec8d839430d0314a01ca159e89437f6e3babe9009

SHA512
b3ed8188b4698ae30e12e07f4d66c5b2f1bdcab9deff3103855c0997a376eec3fbc662cf0770c46b3e3f45cc72dd09a01756e07ab9fb92b22472988af4cc1604

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
512B

MD5
40f09e747cffde4d0f0b1a707904fd1a

SHA1
078cfa76103ced8a5e6ab56b5398ca51608200bf

SHA256
1aa5d8c04b791cf464934be08d3c61b08220ec3589bab990ab3bec11808bec84

SHA512
dcc4d3be5e2cad46197cae9d110fca482acf49d9ee781d1246da771f074d4f65b3276d9851a5053f603a73c9349c70dfb1a395c5ecb2d29b91862e951a9117c1

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
8KB

MD5
6c0f97b685c095dff61d21b77aad24a4

SHA1
ca457dee30e2279ead5b4e461c45c0dc2b771d32

SHA256
036e5f15e0ce1143b95b1cc20fad8811490c35f6722c1fee33dedd7436927154

SHA512
1b65356d01fc369e8e29ad881185d2f59078638ea9871265e24c94d755ed3fc128e152834da7867ff5da4c82d078df4a91fea3117b9a194942055c69dd818175

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
8KB

MD5
51a2e3492e123f54c9af89bbffb3bc3f

SHA1
07a46c049a202ae9650b98b22f041d082f9ab344

SHA256
f4c15291b9620b51635fc465f326656aec49da1759610a5ebe7bf4fa8002d252

SHA512
5d1dbdbf7b70a02f0b49c63c7ca2337a9fc2f2d080deb3d36e65c8e1b3cf09c8827a8926e49778a887ce4e1c3b44538b5cb1072cd711469d1d595781109f9b2f

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
44360758edcf0f9f739e541282103d06

SHA1
3d4308ed94df751109e99deb5f65749e956fec7a

SHA256
501430286501d53384821ca9c05bdeee11b11187d42d46e495939d3fb922a331

SHA512
ca7793fd4ccefa0c2141eb7dcb7d075600f1631866f0df17386c2b00595995d71626d568a35fcf523a16e8c904a6ef1103acc871a2401cc5f7125894c4ba3265

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
8378ac07ffc68cfd7e0f0ed86e8962ab

SHA1
a2a89150bd13915cfb3b9dc506e4c8c5b1771bfd

SHA256
76fbffb23753ee833fec67cbe0c05a1b56cff14eaf03f7a14ed881c210875313

SHA512
53705f4f82946f27f5daf1ba487f44325233db5ea301fd880819286a8726b5a39b5fd0dace5fb92f9bc60f5f86b3990b79a6a97ebf018f6d06822464885069f3

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
6f2b13435a3951286a02c62fbc462f63

SHA1
082264feaac0158d56631cb37334962ec0b0b3a8

SHA256
74aa7b2781f42080f541a66c263983f1aca18b16d6d1265e74a5626df062595e

SHA512
4e937ee4d95dcb20ef1d55281e740a60e21ad3cdac744a01936c49f16881a778be455ecd4b0448fc565bb5b870f827c604b2a21c32839e89f4240d9f562f4327

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db
Filesize
36KB

MD5
500ca4340b04f3a695c9ad8670894540

SHA1
aec57645007150fa59931c922c006ee723e4fd59

SHA256
fba2183970288c7203754c249a641d40cc2e0a8947f0ce3b125d29a1ec0ea9e4

SHA512
86fa5d0e1ff8b433672e1878e6b64f49cbcf9ba79495199f42b9c30475b7ca01b80b90fe292156d49a72fc0e9ee68b84000ed3c2b4d46d48d6beeeccfdfa9af9

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
b08739d547de137c8ae5be2b8618aa22

SHA1
e05d19fcea7a4657ec54edc216a0b94a30e239e9

SHA256
4f9d69a25dbd9db35f93ba3b8d3681ad76549d167b7ce7a922d9e2e435028ee6

SHA512
5eeb333bbcd869628f8657623e531811193b0bb46a49b6c42cd37fe4e5bf2be7bc65fc9f1d53d6f912f0ac561777af1dae70b11b67f9bfd80bead9f835e6d91d

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
4817e396a19ab23d5b0765abebd2eb76

SHA1
d9f8371c28d067b5d6cbd6eb00364a715ede856a

SHA256
32e778cefec41fd6964c0b1b43bb03141f7332721272c7717698bcb1119c84fd

SHA512
fe316a93f620e5d89c72c66e112ff8146b10bf13be70a7b220f3aee1765b131a241f514f3cee7811cc2dfde73ed14f5248873e77f7ab0ef8171bc615c97571ca

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
f720f1715a92f33d2d46f9a4c786a170

SHA1
bd926adf7d9db827a5c8b62950f4713c4187bc73

SHA256
618618879488d3d63f555b52d9e8845100342afdaa79fd410e2843ddf1fb37f8

SHA512
8359dfeb654683ab85b767f64e52374d4e7c09cbdd0c97627d6cfbab8f35b15ca6ec1b5cccda9573224dcd692fe0ecc3a8fdbc0c13a0c00d30b0324ecdaa70bf

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
512B

MD5
ba9bc0e056adf122c00873d77fee7c21

SHA1
ab0ce8425dd2d3ab65eac9c23e2585cd9fb6a209

SHA256
690ecfc5f3b28fe2581bbb6064df4a8c3ba60b35db5926b6916bc489f230967b

SHA512
fd27f2af1aeaef1630f7ec451240105e26cb5dc9aa36514be6e44448b8f116b5cb1cba847acd8859778f705b54185fb7ed0f1566164ba363ff05ee28db78aab5

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
e51f9474bb5db5cb52647a30470133d9

SHA1
b0aa3e6450ef8cb596f6535d27ae450394bd6c5f

SHA256
271a1ea4cceaa22dce136f14f1f69ce87d3faca3db93cc984e45ccc871412dcc

SHA512
4884ea0fe99c8544221ca78368df1f2cdf20cf7166ba6623d42e1e0e314414beefd2d49d6ab4609fbbf77e0a32d041aee506664a5e4a834ea3012d5a3f9ed7bf

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
a1778264e76e7f00c1cc4d7e94511950

SHA1
d8477645b9cac7b665e69ad96f9ae3d7b87ec50b

SHA256
0535ec6f1f21d44e786b897c9e1d7d7e7b6e8aa52b0f7d83f9ba2d072315584c

SHA512
a61ca6b0ee4f949ac0dca35e7444e74931d3421a306f9c7a891d3f03149bedc9eeb974129fd8a69767b7283024a81b00618005a118eda8336ebeb3d3d469a897

Download Submit
/data/user/0/com.yunchen.whzhyw/files/54c04fc9d445a29e4e3879228752c493
Filesize
8KB

MD5
6a8f985a51de2e5addf82f020402c388

SHA1
91e140eb76ff6fa070e7cfbb2ed07193735ae3a5

SHA256
b0b61b447b0ceebefb9fc2d705a5c628d680bb75f134018ca09610a2afc8da0f

SHA512
50fd1262bdaf4fd85c7416d62ec0faf1fe72bc2fbf916388a2780f5acc67b18d2a736113c095022fe2b00baedf456319a39c220a1ebdfd2db24f53ad6299a178

Download Submit
/data/user/0/com.yunchen.whzhyw/files/f6d146ad8eb053b08f068c0672aa0ebf
Filesize
128B

MD5
1475e8adb41be0b88ca31eed01cee7f7

SHA1
79c5033de0b5c9071c9e61bcdfd8e683c76c6051

SHA256
1092a374aca6cb83d53d9b4b9df14a0769ac093b9c610b90a8a2a15e8fce4254

SHA512
a1db921376a85fddac7789e6d23a75e3408cac45061a5f7e164ce60169818e742505a2dbc7d01c2784650989f2a7856ec937287bb389bb0d9b2141faa71b46c9

Download Submit
/data/user/0/com.yunchen.whzhyw/files/mmkv/mmkv.default.crc
Filesize
4KB

MD5
620f0b67a91f7f74151bc5be745b7110

SHA1
1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

SHA256
ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

SHA512
2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

Download Submit