Overview

overview

8

Static

static

6

67ee22e185...18.apk

android-9-x86

8

67ee22e185...18.apk

android-13-x64

1

bp.apk

android-9-x86

7

bp.apk

android-13-x64

7

gdtadv2.apk

android-9-x86

Analysis

  • max time kernel
    165s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    22/05/2024, 16:47

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    bp.apk

  • Size

    474KB

  • MD5

    630e205b88b107578d97ab862cbc1d54

  • SHA1

    6e2ddfcc443e3970883419b4a941d126e9704796

  • SHA256

    007ab42a427a8a0c441229102b4dcadb47a38f53dff93072feea16f0efd8bd40

  • SHA512

    fa03c32f28cc6531be979dcd8ce8f76dee842cfcf3ed5adbcfc0a9185e1b638731985a43f4c791d8876642625eb37d9dff7ddabb488e7b174e5470be929d6413

  • SSDEEP

    12288:nNUG07ApFrt3w4Z1cSPmL+fHEZXc/EXjFfR2PKMW4yEQwYtyqyN:NUtALr4SPmLkkKyuPKcpYt7yN

Score
7/10
evasionimpact

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 6 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • cn.bmob.knowledge
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4289
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/cn.bmob.knowledge/zwr_bef/m.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/data/cn.bmob.knowledge/zwr_bef/oat/x86/m.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4314
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/cn.bmob.knowledge/app_zwr_dd/m.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/cn.bmob.knowledge/app_zwr_dd/oat/x86/m.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4339

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/cn.bmob.knowledge/app_zwr_dd/m.dex
          Filesize

          511KB

          MD5

          9e1dd99fe47ec72e5ab3509039514d4f

          SHA1

          8eeb0e95647d7c4aa8421178518ad15e7ba895ab

          SHA256

          f11ec2fc107dccfd21345f61f118983ce994af52ccf41fcdd6e582a0eeb4a528

          SHA512

          fcd45f6dde305dad8794c54db62ba193cf066607d7533316e35ec8c84523abef8647c3fc5e89bae1d083c0b89c6deeffdf35fce7338fba82f0bc10400e67961f

          Download Submit

        • /data/data/cn.bmob.knowledge/app_zwr_de_170523/m1716396456816.zde
          Filesize

          220KB

          MD5

          99f91c65cffa135718c3bd8a355224c8

          SHA1

          1a12cb45ef3658b14bc72c644875dc4cda360b50

          SHA256

          2477499ae0ef4a9695b0ba3de9ba0884c12205e613a2e180c2fd72214b4ef71a

          SHA512

          d1fc7c80b8a202f0dba6c482aa239c9fa8b050219840a3125a13ca195dbe03cd93750b3d3d3924bbb21c4061fdb0b60925fff1504152b56244ca967a57bd94f3

          Download Submit

        • /data/data/cn.bmob.knowledge/zwr_bef/m.dex
          Filesize

          12KB

          MD5

          195ab9c5900fd3ee8b80fcdb6dab8bea

          SHA1

          8c1bcca6c906c3fca5c6e5058ecbd62ccefa28bc

          SHA256

          f43f4e6455ece6d6a24532f92584e06a6b3f94af5cae46dd430255573d515440

          SHA512

          0d43a091f420cdb5189d2f18d6638a0b375f7f9f692bdbae45976186a4c1a616bf610b524443713dccdd9a9d5e461fbe7e4f3ba8d2cf9a0db5acfb098f394fd7

          Download Submit

        • /data/data/cn.bmob.knowledge/zwr_bef/m.dex
          Filesize

          12KB

          MD5

          fa6b1f20ac638054d49be9aa9bb65f0a

          SHA1

          9455d28a286bf861b7c1e3d537ccd731d7b1e382

          SHA256

          5316d2922a989d6b40c3498ac4bf86b7f3fe295c161a88cca1c16d300bdb19b8

          SHA512

          d877c1f5e5d6e4b9872b22476e5d8df1ddfb50d460c5519fe15eee397daae4adf4eeeda8f7db501c72fe0e30b9381a10182ff852d7be1dd5ad30aca801063440

          Download Submit

        • /data/user/0/cn.bmob.knowledge/app_zwr_dd/m.dex
          Filesize

          511KB

          MD5

          5682dc9fb4b95a84ff2f0287e43c5464

          SHA1

          c95043322e6da5151aaefb0c42db2101fea1c345

          SHA256

          1f887040e1c6c415189e3dd144e566488bf996b337ad2da159114ce00f5ba302

          SHA512

          86c22fd16f6b6c98da432f1e281aa292c736aec0804eadc29d5a6cce68fa321e751f89ddac6f071c968dc164989e15c53449ea7077153283d343d4956f48520f

          Download Submit