e0429af00e61838415b4c5238ebed8286507318d81c27b697cce871aaeee11fa

Analysis

max time kernel
5s
max time network
129s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 12:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

6.8MB
MD5

aa6c73ca48f59503e6ceea1cb145b8dd
SHA1

2664f200027eb6ba6e03b1bff7679869b234c594
SHA256

e0429af00e61838415b4c5238ebed8286507318d81c27b697cce871aaeee11fa
SHA512

7b845134fabd8ff9b07b26ae27ee097d86684b7eca633ef7a0f9302c8db37e722326a195d8c2d403a98178ff9de4d61e228ff7eb8a874c3b7d6ad794fb285305
SSDEEP

98304:+HSXDZaqLFrPaEwIM1RBO0d92G6zM7JbPg34PtHsshoe7VNGs9bbAuNLHPpY2fss:+yX0qBn8iUH6QT1Hsve7VMsRbAIxY8

Score

7^/10

discovery impact persistence

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.hzx.newwms

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.hzx.newwms
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.hzx.newwms

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.hzx.newwms
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.hzx.newwms

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.hzx.newwms
Reads information about phone network operator. 1 TTPs
discovery

T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.hzx.newwms

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.hzx.newwms

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.hzx.newwms

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.hzx.newwms

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.hzx.newwms

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.hzx.newwms

com.hzx.newwms
1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4279

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.hzx.newwms/app_UApm/6073b386de41b946ab46a776/ready/4279/wa_none_1_1_4279_1059_1716469368098
Filesize
705B

MD5
7708cba18d0e2ae61369e86ff4361808

SHA1
5f37a64f1681f8fd17ad7e69f7c73bd0d8720a0f

SHA256
d667d1050572fd4d97e0ed5316eeea524b7458d522698bf6cd27581e144e2e8b

SHA512
98e57cac277ae991fb0a50c5157525299a90287479abfe016d9e84c0214137aa9c706dce8d250dce34bc4120bdf5d2054c1df11d2425c38482b8bce2d021f81e

Download Submit
/data/data/com.hzx.newwms/app_UApm/efsid4279
Filesize
36B

MD5
3b530db8cacf061a9d7ed8dc37c4472c

SHA1
90bda89deb7550ff3d12d2144c1a1d14cfffff07

SHA256
b0fa31634f27143a5c90f645e80a1f265ffe561ff5f673242ece00bb37343608

SHA512
421f57459c5e8f2837efb0de4d090367de6a2eb59a3d9e7274f583cef67cb355f731046bcd111862b9ab7807adfb7fe4ea95845081a96b812f831e3e7c0123c3

Download Submit
/data/data/com.hzx.newwms/crashsdk/tags/SMWWEN0XZH0MOC.ss
Filesize
1B

MD5
8fa14cdd754f91cc6554c9e71929cce7

SHA1
4a0a19218e082a343a1b17e5333409af9d98f0f5

SHA256
252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111

SHA512
711c22448e721e5491d8245b49425aa861f1fc4a15287f0735e203799b65cffec50b5abd0fddd91cd643aeb3b530d48f05e258e7e230a94ed5025c1387bb4e1b

Download Submit
/data/data/com.hzx.newwms/crashsdk/tags/unique
Filesize
36B

MD5
c7fbd7f09c9e565ebfd5211178787d98

SHA1
52a485e8ca0e1bfdec5e334099d6f68fe852d5ac

SHA256
8c180026240d1e60e6bbbc7ba4c5df73e5ef12163794b61ea3b6605168c54a28

SHA512
1e805aa1fc0768af490935fba8868a6607c04efff7f690537d045b8d5f589a1985ef8b07b6f20cdd6be33969cb327da0e938aa96ab1033153a4d991c89ef4a8f

Download Submit
/data/data/com.hzx.newwms/crashsdk/tags/ver
Filesize
25B

MD5
71ddeaaed6e0e4b3da20fe834e793775

SHA1
dbe6e62c86eeb6abe4a5b84cfd5fb039b3bc8acd

SHA256
b16067700dd74ff2b63c96f24997e2e094287b985b2074a146e8399c002af401

SHA512
d171db6ef217d9925898c2162af2bcb6e542840e5e070e8163c892f87fa7eb3af17b3dae8f3c50f6d16e177271c8bb2c1e4307f3daf31f29107edf03d74e0347

Download Submit
/data/data/com.hzx.newwms/databases/hzx.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.hzx.newwms/databases/hzx.db-journal
Filesize
512B

MD5
eb3a7e5e5bc66fe64ce7e9209ae965e4

SHA1
28fe89fff0a59898bb71e8cf1bb8da119440ef8f

SHA256
a1b376fb66b0c73d336376719d6567b1124bee3a884ed6850d2d1be29b5a79dc

SHA512
ed3c728bdb5f085232659d4c03c90e2172d4e0fb0670f97bf60e3013bdcba24b8c62979064c124128b27040da8905495ced8963356ff38ded0d51e475a6b107b

Download Submit
/data/data/com.hzx.newwms/databases/hzx.db-shm
Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.hzx.newwms/databases/hzx.db-wal
Filesize
56KB

MD5
f9bc02141dabc992ee638b2b569ecc9f

SHA1
2c94e26f5f4e7b844c70ac7e506e7be7a9615826

SHA256
0516dc26e45b0d7ba9eda6922b30e5181860d652b593d356e942f47108c3ef2e

SHA512
a2361716ece009830be7849da38881d339cb5ef43aca28d34c8c1bd8aaa7a0f206904b8c7f6789329caa9e18ba671b8d8159286d4bd8d0c885c7730c61bf3fb6

Download Submit
/data/data/com.hzx.newwms/databases/ua.db
Filesize
40KB

MD5
c4f90034739c5396ffdbdb3d87410a2a

SHA1
d09b4f503bcbc010510e5c05ebd3244991423a9f

SHA256
81f84dd9d3f9aff62ddf5bc1ce9223cf1feff373b1f6e383d0dafb528cd936b1

SHA512
0239609e01f64d8e338dbc0cb22867d8042b372777e4673af27e0c593303f7c6c45d8e3357a967069110425a75eda5a5a452f063bb9e1fb81a62256d91e4012e

Download Submit
/data/data/com.hzx.newwms/databases/ua.db
Filesize
24KB

MD5
070a1eb160f30f99e560951f9bb67bda

SHA1
d2e444a9caddf197350553efcba94a491edc9047

SHA256
907cc623f0622d8253ed22b33d0ec0388c17b202c53760e642cede12b062e9cc

SHA512
e715c719aa17e244297c04bd062c0f743e29c26eb1bda428c0742b52d6233189b74b4c278e7ff74a2dac0f08aed05da23ee1f9be55aca3c71beccad9d137c326

Download Submit
/data/data/com.hzx.newwms/databases/ua.db
Filesize
32KB

MD5
442b9c660c651ea846ef8b32f47a7f41

SHA1
a672c505cf44e712f40f7cb65a234b257ed591c5

SHA256
2b556669d6833411209972b921e20db81556810cae7f74cb5483834bc0c0b458

SHA512
054009fd1bc87db6747ad2c69cf5fea3bdd70e394f23e224564bb4dcccefd6f2ab353eceb16ce5a5e11f48df9cf7e65756240f6b3e5b1f7a3752fabb58e248b5

Download Submit
/data/data/com.hzx.newwms/databases/ua.db
Filesize
36KB

MD5
852948691ffbe9171b892e92e7c525e9

SHA1
d6f0b19cf8b89ba70a1567eee000d36fc67c92fc

SHA256
3997a5020e0234be7c67d7aaf7de5b99fce81dff936c950b1f352cba36da455b

SHA512
ee046cd71b4924405d2fe757cc23a56f1d29094b1a6495c12dcec0b4241db3e0329d0d22d0fb0c35307064992f755db3f5b9b4a21e1fe92442f397d83bf67535

Download Submit
/data/data/com.hzx.newwms/databases/ua.db-journal
Filesize
512B

MD5
ffaacf126fd606880fb602b6a69b073e

SHA1
8fdc51dd4801d1c4061ff468d4fcbd0baf4430b9

SHA256
c11076b9e2b460eebaeee6a5021a7054c0fa1999d6c79b43721ae47fcd49c7ea

SHA512
b83f002b360eb664d9ecb3ef132457be7e77808b841441e539a59c31f78b2689c7795d6adf99ee1f35a9fd426585e47d9ff2c06f80eeb17a403c92db05f5cfce

Download Submit
/data/data/com.hzx.newwms/databases/ua.db-wal
Filesize
60KB

MD5
179999571cbfcc6a255d578efb1f5fc4

SHA1
0737939ee00b4f291f6bf2b5d33ba320f8bd42a2

SHA256
f3b291480b32cc66bcd87b303c325993e86dd11cba978b2ce7f30e70adab8ebc

SHA512
ca7b39b09d88fe70d8d73442036b024a6333a86788959ce13c1c0b7b163c628f8befcb186026cd32b39036d1b04dbd79dd362a8b84b35eb4e8c7344f0cc559df

Download Submit
/data/data/com.hzx.newwms/databases/ua.db-wal
Filesize
12KB

MD5
c83c0d962ff3fe493c7dd54c7530be20

SHA1
c515003fcf25313b6021c18980ef936ac323d601

SHA256
20dde705a72f8ae7773f06e97eda276c633177e9fa474a4b2a27d9ca93e0f36b

SHA512
787965b7c7a20dffb9f8cc2cf0301c4e3b682ddeaf0be9039230befcede54c5d51f7817f1a8952f649a4802b2bf5e8b06420cb718db512e9a083702b7236a1b9

Download Submit
/data/data/com.hzx.newwms/databases/ua.db-wal
Filesize
12KB

MD5
145046309e876976c796342979a05e2c

SHA1
fdda7cbd1a89f6633068f256724d1691323491a9

SHA256
22c5d8239002f15bf69ec5a451168f2ccceb13b8234f0488e1be60c775f042d7

SHA512
7a43cb3b95a0186cfd6cb426b4242b87521ed200e28a72ddf0de608aec908f7c0d31f0698591455d2b054359e3e2681dbce8bc9e1b71f606b9bc15755f7ee3d7

Download Submit
/data/data/com.hzx.newwms/databases/ua.db-wal
Filesize
4KB

MD5
b72ce25a9ef66d860fa857c1bd532c50

SHA1
207eb2a8703148529a8758b4f77f0760d4a52f8f

SHA256
003a1790eddd5a7924b10fd1cd403d6d02a25dadf4daa76aa9c6d7f9d756a407

SHA512
d7296b16c5a5dd86d104dd1a1808656d72e6e8c3bcf898510bb8fd7a6568a85a81e5abb71c9a6da8f46c4d50b20e8d8f25826988fe8eea97c3be07dad86192ce

Download Submit
/data/data/com.hzx.newwms/files/.envelope/z==1.2.0&&2.9.94_1716469368036_emNmZw== .log
Filesize
300B

MD5
c4a4055c9909f7e13cbd9dfac112fdcd

SHA1
867dca99b80b3478a421181bfd3486cd0dc01b13

SHA256
fcbb61ec72aa3b8d884042f3d716f5f67bec4aadbd17ff74fb0aaeec9fc01ee3

SHA512
31468f23daf2b15349015bf6d41d245766b6ac8095b10f108004d6bb5b9f3b1410d995ba997426fbf6afbb9273cada27e128337b9efbc61d0181170c544bf3b2

Download Submit
/data/data/com.hzx.newwms/files/.imprint
Filesize
136B

MD5
99c8545e861635d76476626761703e7b

SHA1
cdd2e98be27de636a1169d2644b7b15d96c670eb

SHA256
a8431996a32d018013741d6c01799c2465fffdba058d33cbb79e05f3fbc2f244

SHA512
4be922f08b736ed0f2aefcd9d518424306cb09f54fa42cda167e0e7b8ed477428cc50ab22377c2987b725627a316e8fc1b58b6d12d49aab9aeb001482a65a4dd

Download Submit
/data/data/com.hzx.newwms/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
c2f221b76e678f9acd9f0b058acf7456

SHA1
3099969d992f037e918d27ffcd29f1d11f532352

SHA256
5838bef803dc9e04e2d40563ca6592adb10b9b2e6dace06e8afebabda0275427

SHA512
53515497f0d83aac5e1cac4eb4ac25d68939f24d688eff445022a3aa639f0f9df957a6343028badc374a858a175cf71af86868c0fc0494678482b0a7ad7c7500

Download Submit
/data/data/com.hzx.newwms/files/exid.dat
Filesize
55B

MD5
7cd0bce2212aae97fea7535f0ac0eebb

SHA1
b4e9674a4b14534c0feb1a6c46ee7a6d15ebd75e

SHA256
be8f567d1f9416fd6c1d869d7b5f5a616317b46b0d6f87212de78a49a5796334

SHA512
35f518d30539f7f436d231877078f7276c408dc6682f0dc6f4c99ddf05674b4b0698fd74a65781d8a4c007130989ad5a4af31f6fb5e672a833fbb32af9970b2a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads