14199869af09278a0790f9beab7473455c41d832e9d1826f1dab162a6a56d6bf

Analysis

max time kernel
176s
max time network
188s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22-05-2024 12:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

whzhyw_1.0.1.apk
Size

11.2MB
MD5

c268d1d5f41327d1de160df2ba8ff7ff
SHA1

3a939691c3b1f2787c526090812568a9e2389a8c
SHA256

14199869af09278a0790f9beab7473455c41d832e9d1826f1dab162a6a56d6bf
SHA512

4b3cdc4dde236488679047b7c4031941382029d1e2e1f424dddaf5e3e7474ec0735a2547c8992861dba469e7cb502560c4945b8f8d9424c45278d925b0666d0c
SSDEEP

196608:8swFtLZgMbBmD9o5ksV6Y4wp6YlrBc3lbKKWvrvpndxXTnmbQzA+a+d2K6Rykn50:8sw/lb2MlVpr6Ylr8lvWzvpdxq/ZSYyB

Score

6^/10

discovery impact

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yunchen.whzhyw:pushservice

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.yunchen.whzhywcom.yunchen.whzhyw:pushservice

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw
Framework API call	javax.crypto.Cipher.doFinal	com.yunchen.whzhyw:pushservice

com.yunchen.whzhyw
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4520

com.yunchen.whzhyw:pushservice
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4561

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yunchen.whzhyw/databases/cg.db
Filesize
20KB

MD5
c50efa4cf1bd798216333e7da2a666ad

SHA1
777e5701cdb74ec0a87fab5c99488c54f1eb137e

SHA256
8476c357b60c83639e61033aa0daa5068b58aa686c0594311b84e3ba1db95182

SHA512
cbd371730cbf9d6f25ca0fd2c4c9f9f398bf2b0b30a7e9f2dcf8fc5c3ec4bb6855d3bf5aab169de1ac7957c4d7dbffbf91ded2ca9f96e8f4c690433cd3b83da4

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
512B

MD5
ad9d6ea00e45a9e4b34bf82d6549d03d

SHA1
7cd3d4adda36de7216142e6b9a233d31f119aa21

SHA256
ca46278ddfa1dba861214f83479d6902acf2829f4bc9724976e8d2606f8b203c

SHA512
e8ead14004f63ef33cc7fbd5367d3acc32c3b0dd07cbb12c6f3f4b5bd7c76a65710052360f095aa0fb9220b8634a73567ab26e5dd1b95495534a7609776a27f1

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
8KB

MD5
baa8785b6e59733820ec9414511c6b17

SHA1
97c90e5b4dbe5f72482d52072425f278014eb2e7

SHA256
8e266235e309c0e4be715f72e567b8dce2e6c0b5499a8f511eb784ef9e11ecb5

SHA512
f7d96e09bd39549999d5d748549bf7c20227b905c41b4dc44e0ca4d3f82aaf5816fc5c3c613008598d69815de031be5f95e779fb6a04a4e9084cc37e54a1327e

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/cg.db-journal
Filesize
36KB

MD5
19daac46abd23b7cdd267c36bd5052a2

SHA1
1b4de927fb198b94383eeadebacee69e91ba00f5

SHA256
da3b9dceb50c63e03fbb438f21d4496c4c14c86dd5a7459f29da3f4144dd7a7c

SHA512
42535655b478c09fe1dff2ab18c0744559e506c40808e863cc59ff3034dd947a893f72d4daf8abac4befbb72e5f6ec8131761f325c4758c61a1ff3067f1187cb

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db
Filesize
20KB

MD5
08371d01c072934c2cab250b06e77cbf

SHA1
de4c9ab86bc1d07a71f07818bced59ed2f1062b0

SHA256
71c36ebdec74b7ad6b5ac8b1667a6c90057f13f9aca942c68a2ac2889ad2984a

SHA512
2656344e8751cf9c0302369bac6441b811058bb562737f88f9cfd1b2db5d77c217ae5c6c6ceeb88801f9f4a1aea646daca9eba0e4c90e820f785704f32051049

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
512B

MD5
7c39d6ee1161e8493eeb636be0010d80

SHA1
7f880dc6306c8b108708b9aeb2ba22be1f68eec4

SHA256
615e7ee30450b76d71d4fe33029344c27f3a746a2532bac143d8eae825c55ae4

SHA512
7ab0d54eaabcbde73503bdd800ff81f49bb90228dd704287907433d161b9f8d21a3463bfea7ff84f08cea9b13cef5f1a2d41442a90dff7e094d77d168a1efb0b

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
8KB

MD5
426c66bcf77a7de7a42f4c3db978a457

SHA1
1790ecd9a69c040282ada296aee20493b1a10a19

SHA256
8d8c0a5d75a8e707315276ddcfb869eb26a265d1126eb7216acd3408c693e9e4

SHA512
0d7952a33360a122aa885237affd59a707bc6832f889d22a1a47d0d45c35077aaf4255801dc393b1f3125ac32f21d6f094291554c361c7a12039a0301de02b06

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
8KB

MD5
ebb16d199205d268dc1ee842d0936754

SHA1
5aaa926fbcaac928952c198e52c3af5184265851

SHA256
371f3e76159d9b6600daa7682279b8067cdc33050098f5d806710b14dd546bd5

SHA512
e0d157a32ca23e975449b11b060e68bf8077c4e7cb3768707f6d46ff2498bfbe6826f21c5bb1bf7e7790599d243590e07e6c883faa7bad5a25624583478f718b

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
47316d1d4657e79640e6da54bc389e7b

SHA1
b4eff8831ac4cd5c10b207a291e136f77e362342

SHA256
2edccedb47ad792992b53dd9ea3edf713ca7733d39dc1318751b5c9e4720c2b3

SHA512
e6bc7860e8b16810b16f3ac99b2916032fd7feddbfe945e3b2deef1e6c7e2b5f4c64966bafee08bd5339b670bcd46bf9411c609c3897a7916494f8d0b343a1f2

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
85b2444f207ad8359cbf26ef486be9bf

SHA1
e3d53b4b54494356b7ff2db54fafd46aa049e622

SHA256
f9ea43191626d1c77e9a104b5c2052357080bfc2ee0f5224651bc886c407e3d3

SHA512
bb397a135aa0c43e2d709e5cc8317d1da605b404c1d4a70c861c300f6b0f8be94532a3f3d2897135089e7312853a2613247184e4039f138d70713951a8d04a97

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/dim.db-journal
Filesize
12KB

MD5
6ec9e412792fca93636d679a2c2aaee2

SHA1
df9330b713570750444049f43ff211f647a7f3d8

SHA256
b3f79abe9709ee1f4312b60b4ef975d5317a9a8226887e1fc928f00abbfc5fc6

SHA512
1883d6f503b42bf85a2fcc86b724fbd17838509c6d6b29d5f3d4daf9b490c69b2481aece53bec84a811edf350e7b23a9ecdd78fd1dd098295d14afca003cb912

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db
Filesize
32KB

MD5
ebb86e7fb3cdd081e63adc1c24bf5810

SHA1
98ee4a80dc50f08d96b024d7e52012072d401889

SHA256
5b57d5aca29f1685be3ef7ebccfe71ce8e92f27843447a899dcb2540f58ec87a

SHA512
b19d3d6655318c8ddaa1f40be93e5afcd89fc1516feeb2ed2e681bda036094aee24d8af2d1b5eebada9628a22fe999045053251bdb81a3a77bfc66281c54deb8

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
8b5b9d6a9c5ee21cb9375b706698198d

SHA1
0054ef7b0255e49cdd7effe77ce2211fab5e9784

SHA256
f871210acfa100c7de47266d9e2c798ce0bf6fa7d593a8d7adb2130425a7683c

SHA512
c700b80de27f097e93ae929c1bea0e6cf8ae0adc3eba7b2a59b94193ee7c8286e1fe15a48f1350f2f11341960aea2ff6e061d437b4c3bfe0c757d620d162e184

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
4bdd9f513cac0aa3417e177f2f264132

SHA1
e43414b5b4c1f9fb55c4597995bd99ec6df7f504

SHA256
9d199c2ae87731ff46fd2d35740db95f9a8eef0f0b3a879cec5063a001da8c95

SHA512
912229494c24a0fcd82fb4fd7b47885af2ce605cb8bc31a77e76f787725dc6df082678d4448a550b6fb5981b9e50f31bafe57a257fb5ab2c09bb94b98ae04c46

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
12KB

MD5
55be57a1b97c374b6ec91f045377b683

SHA1
26cf015df3cd144b05da2625830b47c677ce60f1

SHA256
df14db472c7505a8d7c1b235cd826e6a5544a96309bc45e4a2214cbdc976891e

SHA512
dd9af3af677d224ad8e8347b763b86536f34feac21dd6cdce0ab885c7617f6e3d167857eec27433f11b7f260361567a4d97dd2e0c9a8b0e7c2918ddfd6bfaf63

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
36KB

MD5
dcff7883105b50feeff14dd2253c0508

SHA1
d84063f505c642dad68232672aab1b882ca17564

SHA256
14d84443247fbb5f8762dde2650a24537cbaca9a850491170437ab3b43663e35

SHA512
ccc9f58ca17cfa4c79e750b66da0b2adef2f516cd742e02e9f3b28116c221fd7819127c9c703769049b816f6f703f9cdfa8ae3164fca033c215cf2f25e10f3a0

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
98bd01d2b9c251d91ad9bb2e7b82029c

SHA1
98457776806c7e3a2b3e2d227fa87d4c173fa83d

SHA256
00a6d0f007e9c9a84f103766ab405b39961329a2b8c8d84011dc4eabf4a32c0a

SHA512
46df0c232b8899d898735cee5c596e8d23179ab18beea3167adb46b2a9a2f64475544de7d71604d413d2c8dca399e6114c06af6cc8ea9931aba9e81ffc466729

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/gtc3.db-journal
Filesize
8KB

MD5
1233141a4034dea74fe83ff1724a6841

SHA1
ad00237f724f306fc6ba9ebd7927a9fb4176ec7b

SHA256
f802fb40233d3fae43387913d3876c9e6905de45199a48ba0077a5f8c9bd6edc

SHA512
c8afebf7d0515fd50881f780b48b87c84a0b7740f1b47645679059dd427318b5092dba09c69cee1847d12b1690d30e75182e13eb252bc12142a37b076b5cb801

Download Submit
/data/user/0/com.yunchen.whzhyw/databases/pushsdk.db-journal
Filesize
512B

MD5
50ad7078f5f00eac3a37e51889e3b381

SHA1
c238b287278ee19225b16422897ffcb8e00518ee

SHA256
cd2aba50580a1659e72475ecf026e253cc2b905be27fc5e17095b0c40423e62c

SHA512
e41dd910a02ab7372df2cb65c5440dc5b865c0caeecb92e9a106a1d46c7b054f4d55453e2429305f2cf86df79c809cc6484a37bc0f66d6fc4506bbea7246bd8e

Download Submit
/data/user/0/com.yunchen.whzhyw/files/e561f79fda365ff25bbff2e0a2b9eea9
Filesize
128B

MD5
120c41b72ed5dcaa8a9d14950e422822

SHA1
6e6a62d806626a5038fe90c8df2675cb3ad86e00

SHA256
a57bdf08f09ce0ffa32a2de7f616c1bc3591baf44a31178345c4ae661b82e235

SHA512
b84e3f30c93207876c5286adbabd1ae91ff7b45c410bc21fca3ecef7dad6a7427f6f7c202761ff2b7f4c66839a1a14dfc18a7340d5ad5b70bf94c68884589c5f

Download Submit
/data/user/0/com.yunchen.whzhyw/files/fce53451564afcfbfc4aeb11b73a9909
Filesize
8KB

MD5
dd5f81d847cb9d27499ed76b80daa3af

SHA1
4ec4bc6e769fab2a81094ff94b3a1ac4cda6bfc0

SHA256
b3c427f28cfb3a69f646d73286f526c667fbfb76fdf9a1c1583e6fc868665b76

SHA512
be355412cb50fecbfd7e1ac105e9b3f42689e5432a7d273403830acd0f76c3270efcdbc2efc6015f6b592831df3fd1cbfd051702f299d28d238ca2418698c543

Download Submit
/data/user/0/com.yunchen.whzhyw/files/mmkv/mmkv.default.crc
Filesize
4KB

MD5
620f0b67a91f7f74151bc5be745b7110

SHA1
1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

SHA256
ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

SHA512
2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

Download Submit