3152588a1046af34389c4c01e3f011dc00fcdc6bdcf0de9ba20c5b27fa4a60dc

Analysis

max time kernel
129s
max time network
190s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
23-05-2024 12:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

zan5.1.2.apk
Size

11.4MB
MD5

de5e6582431c19c8e512a5164c3c13c2
SHA1

5904e555facfe88f43343856207864a1288337b5
SHA256

3152588a1046af34389c4c01e3f011dc00fcdc6bdcf0de9ba20c5b27fa4a60dc
SHA512

6425d0e446e9c78af4919472025c9fc13fca39911a35557c2d0f818722642a0df878d599456d8c717fc48e2c1d94249608c2899dbd783143c2732bcf5bb40b8b
SSDEEP

196608:cHU2J1fe7ad+E9jLfyuoPZTWJewYss04D3GVHvAiGJQOWC6Sj8lBM6hHAHI2ceSC:cHU2bmaZ9UWJBgfstuUC6SMe6VAHI2TJ

Score

6^/10

discovery impact

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.zms.android

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.zms.android
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

com.zms.android

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.zms.android

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.zms.android

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.zms.android

com.zms.android
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4524

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.zms.android/app_UApm/efsid4524

Filesize
36B

MD5
f5aeb381930481352b068c881a24d679

SHA1
71b3ac1f23a9c4df1c9d7722f42b5631528bef7e

SHA256
427fc62d79d6a734a0c2b294034a69626e7cbc39c1b75dae3b2639b1129d283b

SHA512
3049be2f99b3619b012e809581b4cac4b8c1c0f2a8b0a5afab41311e71d170cfa0b3cd372fe5b6201d76e16a14e52bef36f94fc21fda789a0267c9a259498950

Download Submit
/data/data/com.zms.android/crashsdk/tags/DIORDNA0SMZ0MOC.ss

Filesize
1B

MD5
8fa14cdd754f91cc6554c9e71929cce7

SHA1
4a0a19218e082a343a1b17e5333409af9d98f0f5

SHA256
252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111

SHA512
711c22448e721e5491d8245b49425aa861f1fc4a15287f0735e203799b65cffec50b5abd0fddd91cd643aeb3b530d48f05e258e7e230a94ed5025c1387bb4e1b

Download Submit
/data/data/com.zms.android/crashsdk/tags/unique

Filesize
36B

MD5
993baca57be4a1743266f7fc3afd8428

SHA1
90fd5a32b8cdc5f19e600e0f88ddd659654d700f

SHA256
79d7715e64378622197de83adc3d0c985c586e6748f309b838de2d85ac70ff10

SHA512
b1e496a9312f21d4d92ead8e1e15c8d66d4e497c2a3fc3eefcdad0d300c22a9037ce757b9516b51588df8e5fb95c118f4db2df31d83228d97cd735be787157c2

Download Submit
/data/data/com.zms.android/crashsdk/tags/ver

Filesize
24B

MD5
7702f80a3adb6488815260a46a5bdfbb

SHA1
c5c812ab215db60d819f784d3c54095c853aebdb

SHA256
5eeb8aca4feff0d5372a873341610cd93a02dfa897993d01bacc5f5050ffce47

SHA512
8de51501ee4bb8cf57b8639ff385093a75ba7d7ea833b17c65b89b58e6fa8197206b90e2c36c146b3b8c904ef0b2bbc7d47f25bd1cba43dd0219f470b3a890a7

Download Submit
/data/data/com.zms.android/databases/ZanplayerDB.db

Filesize
60KB

MD5
b03b2021349bc10981073083c9c51c9d

SHA1
9155115066f2cd6436007cf4a9923219b011425d

SHA256
f47a8a58c684d96782ea81d62ecffb708e3e4b0f66de5934674c38978369876f

SHA512
60fc12ea6473814d3ed3fb5b04cf557cfb5eb0d1df23046b2086fbfabe27dc25040316a77a0aee4ba47f1742a64d23ae39767b9151dd8e0b460cd824a50d3556

Download Submit
/data/data/com.zms.android/databases/ZanplayerDB.db-journal

Filesize
512B

MD5
1f46dcd6479e75b26d02097ad1734291

SHA1
82bb81a11deac7ad55084729cf97ff72dd5f27e9

SHA256
4ba443b128a13a1da10240e0d0d6007837550b87eb755172eea682c9df8d4c34

SHA512
bbd0002c50cd1b331840eae62d5be32d35bd73124f11384ac1783511962fe61eaad26ab3c90b4fe78bec33037378f770fa5b99ee53ac5211b8ddee6fe810eddd

Download Submit
/data/data/com.zms.android/databases/ZanplayerDB.db-journal

Filesize
8KB

MD5
3bd5fc14b5b672e19c347b517a83ec0c

SHA1
1a386af9acd4faa8227f08ee9bd5c5d481aaf325

SHA256
1c71d4f29cee1ae1d0e4a020c79fba6edc8ceb229446233310dc042aab3f459c

SHA512
40ec48eec9b0d29b9db68fdfb94627097d7c69ce5ae5650a79969104017615d2f9eafec6e6cdb2e6df887ee075b7be95a6eaa3cc4cf5f0ce34eac61ca6e2aa87

Download Submit
/data/data/com.zms.android/databases/ZanplayerDB.db-journal

Filesize
8KB

MD5
72c9626071964006e9087b3438ac36a0

SHA1
4f0005e26fbe1fc8a6625c2ad62e1098baa145de

SHA256
e45350af893c91b8538e1b3352733d242796a176e29d4ca8139eb17e0c75bb4a

SHA512
64c5b2d3d0e8edf44adbdebc354c4112a2df20591e52bd31ee1b3b4e3a825178b686f64c506e90b48fb7b4e7ce967afec82229f6e8225258d0d26e2b00d16deb

Download Submit
/data/data/com.zms.android/databases/ZanplayerDB.db-journal

Filesize
8KB

MD5
c9de22d651379351bb0dc735cc69ad9d

SHA1
78a805ecd9e4de0026c20f4d2faf0f59529d1cd2

SHA256
5a83c179b04b5d872ea77d4083f13bd5003c0d4f98ac1dbc9095e7d9553635aa

SHA512
7d3287e6eeb28ee38014530e169878e2366944a865188cfa96da89d81f104d8b19f927689e2a08011b3f88b90bc08fa21b30bdb7944956762a043f8eadfca7a7

Download Submit
/data/data/com.zms.android/databases/ZanplayerDB.db-journal

Filesize
12KB

MD5
b4ca3318580c0fbbdc48c472b80ca0f2

SHA1
f67b61ca3a1226f0feb0950f31817a538afa21c0

SHA256
d6d765da82820ed680d049e08fb9062f2eec21b1a3a7f1013201758f2ce09eb2

SHA512
67b3f8f9b94e4d8c4a22577721380c5d8db8057d850344599da20c816e2fd8d51f7f433e6de938700b023a6a5500af389c4c6c8679fc2e50a16bc1f3ddd6a7ae

Download Submit
/data/data/com.zms.android/databases/ZanplayerDB.db-journal

Filesize
12KB

MD5
f3d731b0c38d0f951e3f1bb4b1de130d

SHA1
84c5280686d6ec6e8a293f988b4e2d3d9efa4215

SHA256
4e6ca7ce1546a07053eb0b4d849bff0b58d9a328ca6341ad1217af83238572af

SHA512
b88406215aec7c93ff83bf1ea8dc3a0d56f0d8d326bbe6b770a9cbaef96034845d25bf4036431a056cd3a64267491b2f5bf8a67ad326def1c84f26876ca3a74d

Download Submit
/data/data/com.zms.android/databases/cc.db

Filesize
20KB

MD5
97df5f238404e59a7bf4b3c02f43a137

SHA1
7041d413e5e042c1f15c6e7dd6c8388e652c8cbe

SHA256
ec326b1083280137f9cc8b7ee47c6b63eb05f2db82f17e0188d4a2243d1bceea

SHA512
baf6734346e26ae594863705574158d7c1c2020ac7ccad787ff1fc8729eda143ae7b362182b24509f09ba15f70cdaf284d01f0e3f2c05952b10c42202d6e7b3a

Download Submit
/data/data/com.zms.android/databases/cc.db-journal

Filesize
512B

MD5
b7c0663c2087771bb48873e788514f07

SHA1
7ddf27600fc291dab34f4339207283f4edc071d6

SHA256
15691e7b5bbb5b20eef680a07e39b0f0f09f249c3a1ab69fff1b81ac19d827f9

SHA512
776438d7b5469b29d91053ec5ed45faad2d77c323fef99539ed8b9b62b42b19d31e21da889bd8dc401df7dfb99f1346bbadbc6aedcf2e9746b984c57bb69c3bb

Download Submit
/data/data/com.zms.android/databases/cc.db-journal

Filesize
8KB

MD5
1462185eecbd4004e7ecf06e4a50dd55

SHA1
b99f4b940ca6cc5451d4b3efb934cbae5923f82d

SHA256
ae589b7f1ae48999dee5e1dd2aaef6375042786d6d493f5dabda388c859514cb

SHA512
d8bfa9664d68f025b4830be66c45a1fa4d68c38132ca79063a7f92957a19b8615dbfe2cdcb804fe57d8833123f627832732d173ae217f9ce7bdcb48f86f5ac52

Download Submit
/data/data/com.zms.android/databases/cc.db-journal

Filesize
8KB

MD5
01746d18280f76cf76ec2a6ef4c65848

SHA1
2c853577034b0cfd37e179bb6cd60f481f631594

SHA256
2e6698da25675ec03cde36b0e4d7c5c62a8b02afa1d0dc16b9eff6fd658bf090

SHA512
e1d490e505ccf118dd7d18faa161995cd3424db6c90ab73e465fcb9e3815d60630319aee48e781ed9e119bb51ad9090bb3312ccfd284398f4f8203aed8625a05

Download Submit
/data/data/com.zms.android/databases/ua.db

Filesize
40KB

MD5
4ed4fa82f6132ed45757b26e7f91d194

SHA1
3536a906efa281356a6890bfd36b6c0c34cb0022

SHA256
2a7f500c6dedac81a8cfbd0a1d8520859ccff0e0b33f46c73d1d800babefc71a

SHA512
44b91f5ba70a4e750bb0dd43042ea95b5c92b231edac76b915306c0ec4b46fd11ae7029f16535188cc67fcd3066927dfb649ef86e3f6153c208f80c1af102b94

Download Submit
/data/data/com.zms.android/databases/ua.db

Filesize
24KB

MD5
b02958b5e7e561bbdea95b666c8f4377

SHA1
33e73f775f08052279cde910dc3bf2496dbb2742

SHA256
08a611a242f4e4f3587da505cf83fbec16c98948fdda51c7ef96b41617c394fe

SHA512
0c4d5f5f80f16c1f680d8d0f754cbc02e6c522c135c548e937a42f11bdef6bf9eaf3117b3e569b260ea9feb1e5da7e6a274b09227e925875204086229c736739

Download Submit
/data/data/com.zms.android/databases/ua.db

Filesize
32KB

MD5
8436f558c40aba34a934d7a2be879e85

SHA1
0cb60c6ae091b3414ce090afe6124aaf8d69d910

SHA256
0bceba164c0f5ba131b49a430aa72a00d8ef1c5307caf26e364a5fe222293da8

SHA512
ee388e9bdb966bea82257c50e7cd6da25479f1e02871744b1db7d91cb1fbeac618f47d3ea980d2b7293fd5b41a794688dc556b88298f40bac3f41b2342f40d83

Download Submit
/data/data/com.zms.android/databases/ua.db

Filesize
36KB

MD5
3e63fc0a0f58165db3370bb0a95b654e

SHA1
3081ee90bb0b95f869b65761a602f1b6b03e81a9

SHA256
81af699678711113690d915f93491d49f24cf387fd466493f5eefe54129a63a5

SHA512
0e3013d836a5ba239571e53b5f034afc10b041377de6c6e049af34f5485b375488e2cbdd5793281c18dadbbeef618f87ca630b51ebc17a7fdd03594d65d84746

Download Submit
/data/data/com.zms.android/databases/ua.db

Filesize
16KB

MD5
c493cc282a65ff9e90d3caaa2cc05ea0

SHA1
78e8faf816f2680c88bf9971ee728589a6be5b7c

SHA256
5fa809b83a5ab0ecf1ad88d50bfb479a7734b1e5a8b7980d6f2958aa265fddd5

SHA512
f5ec99521f9aac3e70177a1f6ae40cfc65b89a389af33cf29e5de885ccc79075930eba01629648b4f5580879cb63fb432efa0a75c3d3f71bb39b97cac88bcd95

Download Submit
/data/data/com.zms.android/databases/ua.db-journal

Filesize
512B

MD5
f873c9617e8087979242f49323968298

SHA1
003ac504ef96c1d90c9d9fc0b305e580c4d2db77

SHA256
ca5bb5f173b76882b7d27beb7b35e991a7d6aeb304c5116019f07a27574b8dba

SHA512
c94554e01f90bc5e048ca50edce92ead0eec46b4bb49f72d5c7c33b2fc1f5b245c6026664d3ca531fc17ea0911bcb527063fa7fa76ba1c7b53eb2ea15cd6b6f3

Download Submit
/data/data/com.zms.android/databases/ua.db-journal

Filesize
8KB

MD5
e27417e971bc2e1dc3f961c48fd350bb

SHA1
bd49e98278d33210820949c940398a5dddc22588

SHA256
6f64b014944a818493886a5db719e6af43c92706a2d7e804acdb77023bece8a3

SHA512
f4db007be5a5943d0530e995ac2006f25be0812cd6ec220b6aab649b08c828efa6e605b910ec17a922f3e696c45e57a9fb6214e9b3b2101eca195599e72c24a4

Download Submit
/data/data/com.zms.android/databases/ua.db-journal

Filesize
8KB

MD5
a82308e0a2026d58f0e7838d2cb76b74

SHA1
404f5a942e70e6c4ad900f77c23c1a908cd31510

SHA256
16c400fdeb1ab1e8f1f7b8580f27d05f778e506b049dca2cb2854c1ed938d3fc

SHA512
3bfd9b466009ed521afbdc27130382b9f1dfcc5e2a81108b1b22042974271cbed005f7d21c4d8d0f5af01a6730248e915731e2cdb60c10155e924b1cdaa92ba3

Download Submit
/data/data/com.zms.android/databases/ua.db-journal

Filesize
12KB

MD5
048ccc7837532bc39921f7f8d9a6429e

SHA1
0316f60cd4e520031f74aecf8011e3ce7ad2be42

SHA256
bc833088e46902399ba9d2386beb4b70bf754cda686ca5806857ab970dbb0919

SHA512
c1213f1cef710f4f52d84371ddc5307a4b33e959dbe4f1ac33bc7023758b5e40f7da1ad3c7bb3f14c6da74b92c98727edf180167b3210bdc666e0ae6ea6d2144

Download Submit
/data/data/com.zms.android/databases/ua.db-journal

Filesize
16KB

MD5
8caeada3ad0c9636e15783240a0da2ea

SHA1
946ecff2b062a4bae39ced66d52f1d86f5f4000d

SHA256
a9f98593ecfcd9e719bf3478a8fae58f5277a9d963b7aa25cc6b373195baed9f

SHA512
7a78fa15d51663997d36e94f0c2671c7e2f9006ebe2f3cd9f791394b21d8a9ed7437bcdbc35d3527dea72c56ef8a381f97e268f3b3743862b23e68b24a90b089

Download Submit
/data/data/com.zms.android/databases/ua.db-journal

Filesize
16KB

MD5
9677bef4f5af84670848ec99edaae4f8

SHA1
600664b890565283ce792990ec0bbcab687f368a

SHA256
491d26e0795fb1daa705c9c591813d26553b0c1dd23404583aff4ea59201dff5

SHA512
c5d6b13b3c70747671a58d8dd4cce29179ac02037749be8def0e906e8322d1be6a74156bc95b9f163f051c7ffe8d7ddddf18e75d9692c60cf480bf051742c5c7

Download Submit
/data/data/com.zms.android/files/.envelope/z==1.2.0&&5.1.2_1716467015982_emNmZw== .log

Filesize
285B

MD5
41891e7728e0faa8c0db78e8cfcdc4d9

SHA1
044245a36f829aa975381dca9f0dbcdfe2a6698f

SHA256
9f0420f1fc0eadf823d7abdfc7d84fe7c17ffefe0bd3781e3fd38514dd5dc97b

SHA512
bf9b7e79344f60b1727967107b66cfde77a44de91c0e33252de911423956fdaeed401cdfa2d9d4f607893d11eae1cfe1f301b4272e9a02919bc72864df455f07

Download Submit
/data/data/com.zms.android/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
17048123e8baa9e206964607c8820a9b

SHA1
2219b11d97de962695a32b346a944534f8be01a7

SHA256
627b0e26f2a9ded55e356db7061153289be588ced1e751fd2acd365a78dda016

SHA512
2874d06815f5b03e88f2351f93e4e56b27f6ee65adf982e6d1bae4de1d8f54e42de3797c1115d261d52214f69a69adc4b4bae53ebb2602e0eb2a07e8ea329573

Download Submit
/data/data/com.zms.android/files/exid.dat

Filesize
55B

MD5
b62640f1056442a159d1917766277fae

SHA1
e72b7179c222f7f96dc7b670f49ffb9a7490bdf2

SHA256
3ab7a12ff0e031cd17f14708895ddd06e63a45363c03d93639da6bba20b70736

SHA512
78a88308bdac3bd79464b646051dd4aeef2cc23a496aaa27e8eace4a46ba680d3b2f366d306d2e5d131c4dffe73bb54990d7ebcabdb05b3e6a22e95b2865c494

Download Submit
/data/data/com.zms.android/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.zms.android/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
7db4da2942bf20a7f2692caec920347a

SHA1
9de4a45263568cfdcefd54c32f2e24316a8c3269

SHA256
d745c37c278633582d7827651d0ef5df4e817265e9a6a88f56669184acb9c9fd

SHA512
03f813e9ffec5d553b53a0f3be1c09ddf1690f6a27e30c6b660157cb21aae0efe0e58f8084c153353f72898d3c8132eee7b48b31e3b9c722fcbb17db03228068

Download Submit
/data/data/com.zms.android/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.zms.android/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
4d70ceb3a3749b767a54ba6e186954d0

SHA1
df1e052430ff0d8266b205a56a3b8ff6fb98ffb4

SHA256
1866b2d926f22f3791285dfc9755f6c87309a87e362635ef2e283fb4e4ad6a70

SHA512
6397502c86dfcce6ed3d742f010ecf5041b69d7061368a9487d3031371e7c85a3f32771719f39ee115678ad44a48b4d6403f0e8b05115e55dd4c97934db46e03

Download Submit
/data/data/com.zms.android/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
05a94d807891f523c40fa9f7bf6ed90e

SHA1
468b5f5c67cef782781be7b6ef819fdd7473894e

SHA256
4b2762e07f4e48adc77312d68fb681e5ab73371e82ad9782a82e0b2254830a45

SHA512
f68ab5c37dc5ad463489fc44ef3a3552390c321e76e9811a4afbe58ab857277236ea7e475c1981552d1a121030eb555954cc2b2c8f9ccedc6d7e45cd20322cee

Download Submit