9efa7d7db7ee4688f188708ae2d857667ffab59f1c866a55ac1cb312827799a0

Analysis

max time kernel
163s
max time network
177s
platform
android_x64
resource
android-33-x64-arm64-20240514-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system
submitted
23-05-2024 12:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

yishengdaojia_208.apk
Size

14.1MB
MD5

b6a23b529e9444e0430934b30ab1d518
SHA1

e5de0b81cb066ea21cb3fc343969048b3c4e7e93
SHA256

9efa7d7db7ee4688f188708ae2d857667ffab59f1c866a55ac1cb312827799a0
SHA512

1708897a1ef19a8019c49ac317ca98044d06b5b54576d5b47f5706a2e1877e9277c1bb1f0e71c74f906f857dcbb5edc2f2798ad092a0ef585630be2b04dff527
SSDEEP

393216:CjASvj91cQ/LTjwEVs7Hp82tFDyopHNfg:qjzr/LTj3gHz7Dy+to

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.yisheng.yonghu

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.yisheng.yonghu
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.yisheng.yonghu

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.yisheng.yonghu

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.yisheng.yonghu

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.yisheng.yonghu

com.yisheng.yonghu
1⤵
- Queries information about running processes on the device
- Checks if the internet connection is available
PID:4354

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yisheng.yonghu/databases/umeng_community.db
Filesize
168KB

MD5
e3b0dd2531a2c83c7ca0d9959b96b0e5

SHA1
60e8c473ca883e65715a233aa4d14b609544a3c6

SHA256
fb96a2a99ffc619565135be53763bba3138caf0bcdd2e6908e9e5db4991eedae

SHA512
cd2e4315e71074b4d8adfa555e52a00557df7e71b66d678ddddc569675e2b65cd726dfd9f29fe0ba66e0cd8e0dd35d7be5946a0a79bdbc19cba28d5da89e41ee

Download Submit
/data/user/0/com.yisheng.yonghu/databases/umeng_community.db-journal
Filesize
512B

MD5
ddd1b7f4caa50fa0abad2cee43b69c3b

SHA1
c817d6630e3b568bf6afbff5b93c297fea0deb66

SHA256
73bf8686640ed1c0e44c80fe11390e88421af6ed89f9862862038b552dc66c44

SHA512
dbdf90e1ea9dae579ea9f98207e2ce029a9fa700f0919033a5cb3a3c97f7ccd9a94f95d1ee67c44d9a6a96622750866cd9cda975b68d8b725cbe8d7551986da6

Download Submit
/data/user/0/com.yisheng.yonghu/databases/umeng_community.db-journal
Filesize
8KB

MD5
c5f06a97c5bfd013a96c025b9d615ea8

SHA1
e088d6fa8557efb4800a10e9d902e34921165d47

SHA256
1d2eb6acecc2b01fcc77e7db8e7d9d5a74959e75ad79e335ea759a224ecd0e2d

SHA512
a2f6958c463696700f46a6a0e4a390c0c785dfd4a064dc97c72dd3d2886af6b1aa84093e3fa17a32a11be6da435766693560d31bf5dcb556e9ba9a6009ddcdf7

Download Submit
/data/user/0/com.yisheng.yonghu/databases/umeng_community.db-journal
Filesize
8KB

MD5
4f8e19ecca18a4aa64df66fcf728b7f9

SHA1
e505a2b88fb9564d2f8b3d12c9fbf798196a9c92

SHA256
11ce7b652f5fd4d80021f6277c327d26ea64d30ac49d516c334eb7df7bd265d9

SHA512
4707eb50fd605ac95568dcc0de699b05d942b48de2d2f9da88f33da91b959779630cf3b9a9aad2333f84de4f34ff40155b5436d5abe2e4b978c02b8a8f9c407c

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
5a07bbb2f67f938c5c57b44092e156d5

SHA1
5b5352fb7abb5bfff803f7fbdc2bc800410640fe

SHA256
df6d0e0b71f406dbbac92f8294d5d249de41b2d3b7192e5f3a0a08ba3a491fde

SHA512
b0fe75d5e53240efe2a2dfae2527098a1c21d63b55192f5651c96d52e65a9f3e5b7555dfd5abdce671ef516ba1731bf922f57fc01b6902aebfe9c0448a867c80

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
408B

MD5
68da96780b40dee35dc30adc7301c83d

SHA1
a2bfb2cea4f37b19be126855ed682230db8e4226

SHA256
eb81c6d911a28c9eb5aa4f1bbb756d0d5aed8d386c79f351ba91aa53e808f1fe

SHA512
7000a2c96cfa0719968e4d8b8013f9b753e196e07dc619ce945349d30671c0dff508735b18d215eeaf187a53d05d9349b4663f1a154dad1e517ba9845d5efaac

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
1b5f5c816fd2200c285a0567397d62be

SHA1
e4eead36ab9e3e94360734d68b690756bc57032f

SHA256
1649906aed17de90d412e5fffd19b4f5ca44fafdbb4fa95e0b2550eff1a18046

SHA512
921e35794ded88997dfa502a232bf246c8653fbe7773d02416802a12e3d530d4fc3b780c3bd48b58d0180dfd5b6605095cb5086367fc574073b0e086a61b30d7

Download Submit
/storage/emulated/0/Android/data/com.yisheng.yonghu/cache/bitmap/journal.tmp (deleted)
Filesize
33B

MD5
835b0bf5ee019b69abc2a4b04491ba71

SHA1
4287fd8afe805fbc52860ca36cc8b90e05ddfcfe

SHA256
164f8bdec0ec2f8e748f860d14b0d03885052fd801bbd6e6b532b008243e0a78

SHA512
7c72849c5aa1d01194fe21024752bfac326512348819dcf540696782ede7d8765b917496e09b383e2aed1128a5a6bd0d99932cc4a8bd491a659b5f89f7bfac55

Download Submit
/storage/emulated/0/Android/data/com.yisheng.yonghu/cache/xBitmapCache/journal.tmp (deleted)
Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads