e0429af00e61838415b4c5238ebed8286507318d81c27b697cce871aaeee11fa

Analysis

max time kernel
129s
max time network
188s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
23-05-2024 12:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

6.8MB
MD5

aa6c73ca48f59503e6ceea1cb145b8dd
SHA1

2664f200027eb6ba6e03b1bff7679869b234c594
SHA256

e0429af00e61838415b4c5238ebed8286507318d81c27b697cce871aaeee11fa
SHA512

7b845134fabd8ff9b07b26ae27ee097d86684b7eca633ef7a0f9302c8db37e722326a195d8c2d403a98178ff9de4d61e228ff7eb8a874c3b7d6ad794fb285305
SSDEEP

98304:+HSXDZaqLFrPaEwIM1RBO0d92G6zM7JbPg34PtHsshoe7VNGs9bbAuNLHPpY2fss:+yX0qBn8iUH6QT1Hsve7VMsRbAIxY8

Score

7^/10

discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.hzx.newwms

description ioc process

File opened for read /proc/cpuinfo com.hzx.newwms
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.hzx.newwms

description ioc process

File opened for read /proc/meminfo com.hzx.newwms
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.hzx.newwms

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.hzx.newwms
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.hzx.newwms

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.hzx.newwms
Reads information about phone network operator. 1 TTPs
discovery

T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.hzx.newwms

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.hzx.newwms

description	ioc	process
File opened for read	/proc/cpuinfo	com.hzx.newwms

description	ioc	process
File opened for read	/proc/meminfo	com.hzx.newwms

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.hzx.newwms

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.hzx.newwms

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.hzx.newwms

com.hzx.newwms
1⤵
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4629

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.hzx.newwms/app_UApm/6073b386de41b946ab46a776/ready/4629/wa_none_1_1_4629_2564_1716468782810
Filesize
707B

MD5
a0034e63e802e67c340a0022144a2990

SHA1
42aac0bfed203fb971c98e2fd5fedbc0526dcebd

SHA256
2408097469f4c209dcca4be5b680788dbcf92da77089a514f41b9c3074d0f582

SHA512
0dc4ec70dad49e613e80869799f2da80c737bd8bda5c3172b6901c042d3bf975ce4838cfc83794130b304b9ad2a966c50c7913311cc36b279bcb33ffb77bcbf1

Download Submit
/data/user/0/com.hzx.newwms/app_UApm/efsid4629
Filesize
36B

MD5
cca82fc1462834aa70ecad0c59f2d523

SHA1
7d24444e1d0d14bee9c84422e3b22e2a809eb2b1

SHA256
31c4e857749cbfa662c13a745a18d17c6e1a4ab859e5c2b83e9bae679eb7f5cc

SHA512
3092f0151df611d96db08af62acc2df78d31e877d4e34b60f3975d8805843a9a871166def9f86055c63dac631d273a8d98b3646a722fb2e5b018a4de07aef0a1

Download Submit
/data/user/0/com.hzx.newwms/crashsdk/tags/SMWWEN0XZH0MOC.ss
Filesize
1B

MD5
8fa14cdd754f91cc6554c9e71929cce7

SHA1
4a0a19218e082a343a1b17e5333409af9d98f0f5

SHA256
252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111

SHA512
711c22448e721e5491d8245b49425aa861f1fc4a15287f0735e203799b65cffec50b5abd0fddd91cd643aeb3b530d48f05e258e7e230a94ed5025c1387bb4e1b

Download Submit
/data/user/0/com.hzx.newwms/crashsdk/tags/SMWWEN0XZH0MOC.st
Filesize
28B

MD5
d4f85cb19631c53feedef81b383118b2

SHA1
bce69e25aecc01cd0647ba4740eebea6afb9dd56

SHA256
de7cd4a0168e12149f211e93878133dee30e235420ce17ea6dd217b8f30831fd

SHA512
fa93bc40a279d4e903092926da85cb31310a4fe572cd418d67487f42a6dcc259c0ec1fa8b0391b89a9210b22e00dc2e359d26c21eb66070fa8035ed07a3cfa07

Download Submit
/data/user/0/com.hzx.newwms/crashsdk/tags/SMWWEN0XZH0MOC.st
Filesize
28B

MD5
83e1ab4936be015b707d63b4151b590b

SHA1
0ab43bb3ab1f670894edd154181b0ce640ce953e

SHA256
704d33af759d8fbc8ae6bbd959c4f0ac0ef34a608ea0f8aec3ee6d2e28c0d643

SHA512
10e00e3adeedb74840c063211c3cf97c90e1d16a1433a38cd86deab11126a3ad8498f0bffad620180d3dc22b47bae826821e879a0e308c213df9fa3956b5c0c4

Download Submit
/data/user/0/com.hzx.newwms/crashsdk/tags/cr.wa
Filesize
44B

MD5
96d317514a4a2214eb45a894b68462e3

SHA1
d8c149b3c8071124e1d0428a77aca068e4e375af

SHA256
8a71fd0d21933dd9fd5daf34d351549c6bf1d7b38f634b24767d8dfde2087a83

SHA512
86a0f7c8eb8e70f04ff0fd589132ec82d38343cb8df71717ea261e47fba27fe44ca1fea0b29c07bac5f10e6c1a9b166975597e5ce3179278c01e3338d24dcb8d

Download Submit
/data/user/0/com.hzx.newwms/crashsdk/tags/dt.wa
Filesize
32B

MD5
dd8f048e7f9f45910f1c86fcd94118d7

SHA1
17d1f42cff1a3243a3810ddf118c9c29270f6b58

SHA256
49f0436d2ca6f12e922d91ee2a33632635b7e637cda740c75e8e9b986fc941b9

SHA512
cc84f9324a557282d6d29d3d89eba3ade3a6ef71eb9c58e28a6cd08eb8c494ed3c4c6e6ca98b4a80ba49afdc37476ebc9e57c21a0f7900284f4c7d2763c166fb

Download Submit
/data/user/0/com.hzx.newwms/crashsdk/tags/unique
Filesize
36B

MD5
81f2ec654ea20ab2dec12a8f5591c2c9

SHA1
bbdc9c9b6ce0f49875f8d43504fddbfc88f5acdf

SHA256
869c6c4c8f148b186964357ac2e839b7cf092ad197ef279b64ab489b65219ff0

SHA512
734b79c0e960d8261c1b6ed44cfe76766b450277f5244f726a8cb1f514b91cf83dd05fd43ccbd744f695907a2c26def72ad2a7f588af4b9c5b7d1f5de3518b8d

Download Submit
/data/user/0/com.hzx.newwms/crashsdk/tags/ver
Filesize
25B

MD5
71ddeaaed6e0e4b3da20fe834e793775

SHA1
dbe6e62c86eeb6abe4a5b84cfd5fb039b3bc8acd

SHA256
b16067700dd74ff2b63c96f24997e2e094287b985b2074a146e8399c002af401

SHA512
d171db6ef217d9925898c2162af2bcb6e542840e5e070e8163c892f87fa7eb3af17b3dae8f3c50f6d16e177271c8bb2c1e4307f3daf31f29107edf03d74e0347

Download Submit
/data/user/0/com.hzx.newwms/databases/hzx.db
Filesize
44KB

MD5
976960f6285a3e464cf079796f6f82a0

SHA1
401768f99bab287ac781229c003b6f1dfbb7d031

SHA256
ae89b9d3958392423ff9801bdc880517ee3e4f200663c7a7748ea584b7c5ad72

SHA512
d6b7546b9ce80fd8f4d8185a0c1326d7c9be0bb918b3a82dfc2226f9cf265fdbcb5254c1d6ae3ac3ab347916310f2c9c8377d1d94ef1cc4358a7f477221c4aa4

Download Submit
/data/user/0/com.hzx.newwms/databases/hzx.db-journal
Filesize
512B

MD5
52094e8b2262f2a0b78311526e42c927

SHA1
e8eb28d641eaadc907b74ef2f31a028fc09f0535

SHA256
9a3234b961296dd281805229fadaf9385502e1b58b6550dcdf80a6e5e4d8eef1

SHA512
64ef7f5efe41f343dc2b60258d154003c5c644dd8989c8ff148559b6e2b7b65fc5b6e07cae01c9b8ae2e2ca889c9fa6a3666e4dd0586ac4ef9d412c07ce9ed83

Download Submit
/data/user/0/com.hzx.newwms/databases/hzx.db-journal
Filesize
8KB

MD5
cc9612be0abc7f020eaa30f622cccb56

SHA1
d115eeb8661d6e805a42e915932bcfbde5a2a5c2

SHA256
ad9b09b51857f46ed61f810b9fbeb4ae2a27c6dead1f310e9ad43aed9fd72121

SHA512
5938c6f81ac41a46c29743b2a4a9819de53c7b604fefdae0ed478fb67d2920f257bba06416a68f55d37a96830cae53305d29fb9c5dff1065d2c7a7cd77eb51ff

Download Submit
/data/user/0/com.hzx.newwms/databases/hzx.db-journal
Filesize
8KB

MD5
0ecf6b6df681b8a9952cf1e1b9fef0ab

SHA1
a1c55a682fd75aeb52fef8e569ac1e598b6da42d

SHA256
2c5413d8892f5ec32460aa8609ca2744ee329ffa4046a1f06409e692112991b4

SHA512
554aadf0c23b236be508ed69981dc9510089bf368992c5f8aa8288610dab43d4e7379e890ca032e6acc580801394c63245ed10e19326dcae561e525d3f056662

Download Submit
/data/user/0/com.hzx.newwms/databases/hzx.db-journal
Filesize
8KB

MD5
690ca89e8970541b0f7e3cb5436a5a02

SHA1
289b73cbb087ad4fbb14cab9b053781797d07188

SHA256
da195a671e575e5f4e96274e85ca42f5988fbee62889531678d4d1c79cdfcff4

SHA512
0694fb26fa231dbbf14f743b39bb4fc1be6c83cd97ef71e4c902e4774235cfd71c2502a58bedcbea014afabdad9bd690c4e032bc6ff2709837e8c8e35993c02d

Download Submit
/data/user/0/com.hzx.newwms/databases/hzx.db-journal
Filesize
8KB

MD5
f2e20bd0eabc3e502ff011abec289f2c

SHA1
dbc96c86edfd86c162e0330ad77ecc230230c56e

SHA256
d397b7c038a606048ff554f2f49be49d4ca7a7cf3cc3f946c448368f942dc46e

SHA512
1068b2c80e64c1197b10fca5460014e383fdacce202b07755974cb27f33b2e72bd474e2098df744de8bcf0f25a77945f2df0f69e14dbb7af6884eadc1ad3a6de

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db
Filesize
40KB

MD5
817d912166e3dad8ec72f59d6965c9ed

SHA1
5c39564ea4b59d51edebeaf08ffed5a7f5f276e7

SHA256
689bb52b07062425c2b3ca5cb8b34ed463b5eaff304a3d28c08bc6e89c7de0ae

SHA512
5c78be0a37f3a4d0d7e66082d18046e898d1def4fc32b0e1f9490c4793b471429c609cd0a4a74e290eb51cb2bc87a1d813783d5e15ca961467424794a26e59aa

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db
Filesize
24KB

MD5
c2a608b638c32614b7cce73aa6374fa1

SHA1
5fc72d8ffb974851a3a7fcd6241ad57a4e851fb9

SHA256
5cefb8d57907e84edf2ab58f393884013aa87c4ae256d177e85fc6abf96747ae

SHA512
2012164f50536ba3cb331f4b39b95e00e1e93f9f236af90083bb71b28cd1051713750c155b063854c23c1ff919c40dadb4f97057c23404ef128efc196dfe12bf

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db
Filesize
32KB

MD5
49f6936ffa17b8e8dfe7379984bca359

SHA1
11ffa9866bdc46f40578fc7a73b5d738db698c46

SHA256
d7b3bb89c514b8703021e8068275bc17caa4405e4fd9f4a67e8fa1f0169bc35e

SHA512
de724d393889b4d7f43f748c853217aae4990246754f5142604496f9219f5ded273cd138db872a2d94adaba6615a12c504ea03b0881c205b15250d06c4394d9e

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db
Filesize
36KB

MD5
5c0c2a97a56c8b4737fae79112decaca

SHA1
0a525c75c462e54306476f81e72a01a432444d48

SHA256
8f6a5ff744f678a3d0fb670ced4d1266c1b401b2329c7e0638b8efa0baae427d

SHA512
ebbd561a88fdab03903297125a5e8c8118dec920d571a60e4e88f1806f80f7b40ee90827b257f828c50989cd445c71863e9395e959bc07b1223e5981f72c87f7

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db
Filesize
16KB

MD5
8d9f455db44783f0e1e6427bb75250b3

SHA1
fe058db6a4486e8e0935587668c89478a700af4a

SHA256
622ad20f08d1ee5a73fd06d4f6d35de7b9d6bd51758c5ade75ca0343a59e04e5

SHA512
6e754cf33ac14d33c3952ebea1ab58abc5a4ea92c553063049eeb9c09318a62496c4a995832dadfdcaf1cd385edb5a5d72829d9ef33c7ab7282998f4411f3ba6

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db
Filesize
16KB

MD5
13a7fdc147bbe80c48f7dec290438867

SHA1
a263b8afe29f1e1ed47cfcf48183bcd7ee32fbf5

SHA256
06f8a1bb22e1c19bd2efe66515ae002a3624fd33d3483845c00b6053c68f1edc

SHA512
4a52189f57aa21dbd9c94f093009e55b8ef51d08168ee3c2c33e6c8f0afb9ffab058fa0ce497f218bae79b0c061ab08f492c6806d395c09da34222056c58aa7c

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db-journal
Filesize
512B

MD5
2f68ff480467bc0c52ed2c2594769143

SHA1
d0c24975b7b3617ff87001267c5e58ae2636344c

SHA256
55e1c59b7531bbf09829a8d169015992c9ae287b2e0f0404928fd26259c3b993

SHA512
d355b3057fd420637a560441d1088abd083eb0d59153ff8fdede69fe56b2ba4d32cfe46c0a11c6db15250100ca733ebb8f2cbd4a6a98a870edc51e785dc05e80

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db-journal
Filesize
8KB

MD5
8d225aafe90b0768f8f6fbd7fedb5be1

SHA1
793c7b90bec077db59a5b7417f2a16b4287a4701

SHA256
df92eb71891556156eda436ba4b12b27a06b1b7a2e29fa566463439c49931dd0

SHA512
b0e2bc7a6932952edb97d4e5bbcfc541b1100c70b067cf3c7b1a819066708b2e065d663f7df2fbd8182ec5ae6cf3df7f8962c5f7444f0e1367500db19cffe739

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db-journal
Filesize
8KB

MD5
bad732638d2029f0aafcf7f5d0885f13

SHA1
d7f05635b718d94d80be39a5b41cd85bf882ab13

SHA256
1a8c73cdd57c52625d4c9b6176f8d1e3c08e53d9e9c895c4f755b969cd038796

SHA512
fad10eb682c9c4240cddf90b32332202876791d32278a8e8f671018e7ac27024c04f9289432093c3a7b13803906f2869858cae06f5fafd605290cad4c11700dc

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db-journal
Filesize
12KB

MD5
67924686c31c7f7f7c12583b0dc79667

SHA1
078d10a6d09343ff471be1204d02cb2a8ee98f52

SHA256
4bdf111342ddd44994e0c38cd9e6bbf95c87ba64116397ee24723f57d6cfd701

SHA512
36bbd7aa25820bec194bde7e65894873023c52968d9c8a7e6cddb340077f98815754024d4b3a7925dafb4e386c2acfc46758a3ea08068cdf1e1c1f43af11a3f6

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db-journal
Filesize
16KB

MD5
2857d0b0c9f8de95c39276748c189445

SHA1
4794b9456aa1b8c785195e5245b081f76bd4d3ab

SHA256
15b6de5dba433eebba339059d7fe302ef225a37f95b0e513447ecd5ef59dcc7e

SHA512
1940cb5fea5e8391b7cd06c0c15d952aaf1c99b7e73260e07a76fddd4a60bdaaccac94107fcdfd43978b10dec498a4cfae3c9c73dca245a0e1865780e45701a1

Download Submit
/data/user/0/com.hzx.newwms/databases/ua.db-journal
Filesize
16KB

MD5
ff4bb3a74fd6ffede4ccb1626e1f6509

SHA1
3d1b32128df5933fe807c574710994e9d9c04552

SHA256
5c1043f4d5237a46c0145e8af12fa23dda548a44c4e49be5f7cb56e5c27d77c4

SHA512
6d6b98910cc9293bedb6ffdf20908fc504492bac0e90b4ca0ab4eae4ea1377587e6c66a4b47409a41d4af855284ac1abf5b02e61967ed07ecc0579b0a00f16b8

Download Submit
/data/user/0/com.hzx.newwms/files/.envelope/z==1.2.0&&2.9.94_1716468782778_emNmZw== .log
Filesize
300B

MD5
e51560b4e9346e9990bd56048899de8a

SHA1
75e60eeba50eac4dca35deeb05bfce29e444f5f6

SHA256
c470e8bf3c28fcd237043a0da8233168669bacd188d3e172f2e33544c85355e0

SHA512
64e3dbe1ae76f75d2c59a09018bac9e35b8d1b6798ed0cdeabfd73b8a2c4bb0b00cba4fc016b3a433234ef1c2da5ac71187178a7408d431955673d575a370235

Download Submit
/data/user/0/com.hzx.newwms/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
1edf33c663710d0afaddf1f9b99bc5d1

SHA1
29a443c480fc711f0726b770b77ec51740bbbc15

SHA256
dcdacea986458476d3f07b62f41ba6f5bcd003433f23dcd6cd3443300a4cdb43

SHA512
c3e6a51721c37c6ae1928f6fa586076b71ac8b6bb776a35091a559377cf5708df99f45bed05f655c4b543ae081382b8acaeec1fdd0dd2d5363cc9db27b9bbe78

Download Submit
/data/user/0/com.hzx.newwms/files/exid.dat
Filesize
55B

MD5
7cd0bce2212aae97fea7535f0ac0eebb

SHA1
b4e9674a4b14534c0feb1a6c46ee7a6d15ebd75e

SHA256
be8f567d1f9416fd6c1d869d7b5f5a616317b46b0d6f87212de78a49a5796334

SHA512
35f518d30539f7f436d231877078f7276c408dc6682f0dc6f4c99ddf05674b4b0698fd74a65781d8a4c007130989ad5a4af31f6fb5e672a833fbb32af9970b2a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads