cf91cb1cf5cc7be25d10ccba5cd48db79498a732d9206f3e8beca980ebae41ee

Analysis

max time kernel
9s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
28/05/2024, 11:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MaskWechat_2.1-bug_1713546383180.apk
Size

974KB
MD5

55d16580d34f6ee720ca31dd6e383640
SHA1

063ff7e16541ce012cb29b9e058895ae1685ca40
SHA256

cf91cb1cf5cc7be25d10ccba5cd48db79498a732d9206f3e8beca980ebae41ee
SHA512

3882e9693d638fc369d52ea8c652fd3907c494d55302b893ba0916cf102a98d4c9295ba330fbe4c8f79e2a8045eb14d152294629ace3ddef1eb50bdcbaa02319
SSDEEP

12288:QYSBNVuddWdXYRDgQJCzyY3Ws7bHu0Jg+kKR1zXUayRHPMGzvlPvdS+xNsgHyUDl:qBNVuXWPwEvGs7Dnk4INDdEa2gSb9I

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
26	raw.githubusercontent.com
29	raw.githubusercontent.com
25	raw.githubusercontent.com

com.lu.wxmask
1⤵
PID:4632

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lu.wxmask/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
2d3e3a256f9e78b352948cbb07250290

SHA1
7c4b23c7efcd90332bb89834a07ef638a38a7aef

SHA256
570f23160f0fb40750f63d949db10c9a3c5cd64aa75e52de920e32c8cc7328c5

SHA512
1d2850a3b2696a9379b9b3460014011032dd2b102764209d1b4396aeb5589e0c870d5d918b79883f1c57d520279094cffcee95eee9a66230517469dc2f48143e

Download Submit
/data/data/com.lu.wxmask/files/res/raw/app_config.json

Filesize
275B

MD5
c0e11eeb81704b71f0084b4d682606c4

SHA1
9d0165a31e6e0aefec78f09d677b4700adf65a88

SHA256
ff63e6eb39db69980234e27e2a45432b2cd2317fb1b1490cfceb88edc5de06ef

SHA512
9b293e2c4774576393554e6063fb0c40c365c38c34f86625ceb122a89594175c24bcc2cd5e048faf3241b143286902a3011a9e7bd6329731d6c72f01bc1ec638

Download Submit
/data/data/com.lu.wxmask/files/res/raw/menu_ui.json

Filesize
1KB

MD5
c3948bd01fada3c92279128bd69a28c4

SHA1
53b138bbea02f41c9be857150dec092bb9c528d3

SHA256
d464f6c379a21c6997363714b50bf894da4d092bd766a42028e7960744eb1655

SHA512
e5f2efff5ef4b00cd25f452abe82a55acbdb23b41d8dfd9e8736e92b60d59e12689a966272e1f2434c65c188f32919dd96be529fa58df7e2097f3d3f21af67d3

Download Submit
/data/misc/profiles/cur/0/com.lu.wxmask/primary.prof

Filesize
823B

MD5
10aa4c336f1910dd839a66560edd7251

SHA1
7495238be8b8d233c809bc0c29421688cc745a16

SHA256
6a543e6563652b3a9f2f70ef7ee15c02e572a00fbf5b220c6bce3d96a8cf7a09

SHA512
0432bfe630c9ea3df1b5e9a90f2f3ba758e03b1a8499c953dfa2e18475db272be76a2cea6e1d1c8a0e96e38a6dc18ea4b913dbf22c92e5c41d73c29383eafd78

Download Submit