Analysis
-
max time kernel
58s -
max time network
89s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
08-06-2024 13:25
Static task
static1
Behavioral task
behavioral1
Sample
喜闻.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
喜闻.apk
Resource
android-x64-arm64-20240603-en
General
-
Target
喜闻.apk
-
Size
10.9MB
-
MD5
47a05e6f5e0560ea0385f1776a956494
-
SHA1
15d6ae0483d7f0788ab19abd85ef9d7ae5309b80
-
SHA256
c09a691bbaaf0bcabce974f0471e538eb0789af56361f218b5d53b5f3f8f9cfb
-
SHA512
d436d89e0932af408828ab0872d9a0d57e2d463a210e50780bdda4d1945e9078d443d2bc0c56ca6c77092976bb2504f7f95055214e6c63abea78f9b926abdaa1
-
SSDEEP
196608:Pdzx6wDC0W46BkdriofBzgoof1bgSof9ngQofbvgVX:Pv6wexkdeuBLu1Ru97uby
Malware Config
Signatures
-
Queries information about active data network 1 TTPs 1 IoCs
Processes:
plus.H5A5D9F54description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo plus.H5A5D9F54 -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
plus.H5A5D9F54description ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone plus.H5A5D9F54 -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
plus.H5A5D9F54description ioc process Framework service call android.app.IActivityManager.registerReceiver plus.H5A5D9F54 -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
plus.H5A5D9F54description ioc process Framework API call javax.crypto.Cipher.doFinal plus.H5A5D9F54 -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
plus.H5A5D9F541⤵
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
-
stat -c "%x" /data/data2⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/plus.H5A5D9F54/files/.DC4278477faeb9.txtFilesize
32B
MD53cd8376765dffa414d0feb54f8aa922b
SHA138c4c80fd54eb568702b759d76df541ea5dae6a7
SHA256e5611705dcf3a31d2e65d21395e89ec2689acb0b4d826f74e8e37f8acfacd644
SHA512b9d6f3ad5089b47fb543ce2540ae908b5186de54ca4056b1a30b54ff929734ff3af987fb33fb28c52c44f9d2625529a8c1d54898a42b7e81af8b014dcf574e08
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/1.pngFilesize
744KB
MD5e63bedf16d1d083ee7fca223e1cf871b
SHA18afb3a0ed1dbe719eabea4614c463d78bf916f99
SHA256ccbb22e16b2ec983cfd7de71ab2d9cf39e94492e8db7eb26084ed1b9172a5942
SHA512cd234e9f8ab8e6c50b22f0cac0b685fbdc537d066363a12ab3e917093bb828c70d21d735c37183c8d735290f065db774392704f58bbf4c7edf551200a6f67985
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/2.pngFilesize
246KB
MD5f2c520e615e27acfab5fcecaa5e4bdcb
SHA14262c680389720523757a452c5fc1ec0a035469a
SHA256e973f3b973bcd4759e9b3d2c312d6586ecd96a1f65928b1ebbbc220953bcdad8
SHA512ee246e66ff0b595e5ddb8766e286baffc9c7862d7cbd30f3e7ae906f4e75f5bcaf1f137e4812be40f6619970666216ca9ba37aff60cb3507de13be4e18b07222
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/3.pngFilesize
175KB
MD51cb0e8dc366b9a2d703fd9e0a366ad04
SHA1b143d154bbee1493292ad878591da588f8629d7b
SHA256fd4654f504114ca0dbb79dbd103fef54cf600c4e8987910b5c77ec750d492d9a
SHA512eae987536b45c97e27bc7965c7c50c04aca572ddde80f77b93a982495faf9e55b661c0d393a7e357cfc006810daa41a56c44fc6b403e31d72179857f14036a05
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/4.pngFilesize
376KB
MD592334f7acde52b32d9b620ef9c1dd501
SHA172b809c158a488cfcfdfb7fc8a86bce5a9659663
SHA25637f5deefb7f9a39d8ec502c74cdce7fe233131364a9fbe57057a1659857f2db6
SHA5125d670b77893f2dcd4953f51c817851a82650950c9fa9b21167476f1f01b4c69875ab024488b5220cf3fffc65ea77d87514ff7a1c1faa0005ad2bbcf34685fe7d
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/404.htmlFilesize
2KB
MD5a8c0733e9ee848e3b93ba0f466eea14c
SHA1221e026c471e29f8f5625fdafb712def71492f44
SHA2567648a4c1e8a39ee0ff10dfdf622f7384faf098cdef524267c85f50c1debeb144
SHA512028369cea228528b3e0e0e46ef46a4adb21b84f862c6efac0bcbb1abb27a32858dee4b5d50a5256e8a1128d58419f0d5c6d73b87f685d7267e46e5ff541ab161
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/888888.cssFilesize
1KB
MD55be8c13007090305527f8a3fee0b71cb
SHA16d18b573da00b093f7dc54c1f1ebda7bec295363
SHA256519a34a6633d43c96e3c399f504713f7f98999822dffb0934668618d67506a4e
SHA51282ebf0c510d564064a6d495a3c10c9bcf2523adcbd8f1f912a1f685a0fda779a94142ab6ffda6f34a908b43609a989adc768f6c9ab809e80a96289cb46427fd3
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/androidPrivacy.jsonFilesize
1KB
MD5c4231f4441889d09f18a702a5bf74486
SHA116ab2d07d170023ca2ee90d2881509a73ab1bc6b
SHA256b2b108ed76f55dcbde7b0d549260020a3d0e64e66e1e9705867d2da806b9cfa1
SHA512be316382b56aa19ff46c599b00366762fe2cea23ee7fb6637a1e1b646f44284569a24723f459d621934a398ed4b22be817c4d3d17d5e64009bd650a12c19b4ea
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/fwxy.htmlFilesize
19KB
MD59df24747499fc86a166b8ac7d726f4f9
SHA15259f61ad6ad989bc133ab4cb2c81de3798e4f5c
SHA256ba89e8bfe58d62705aeda4ae83ba886882cc61329682d233a3586103c426172f
SHA512b8b6e4c030c4cd192854e3d8d225cf94e4a5ad2b8ffc3dba8e16608d98839deb7c66c7009d3df612b9649ff9f3abccd1ef84f4acfccca96013139a4da85c7ff5
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/index.htmlFilesize
320B
MD5d8fa1ecc27700b5ae5a9c1798b541ce7
SHA1f1ad05c41c57663b86df51aa2310a072275a7db6
SHA256a1fa6e0201d29600272a2f0a33a72962a8466d9f29bb1efd09f47d5307fd724d
SHA5120d185df51bcb61a1a4ac347ba686bf43815a438afff107e1f7000539e79dc8cd56486d46708546aaa2847628e963d15f617c8883dac5a3837d737880b556656c
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/logo.pngFilesize
82KB
MD52fed2535c62e87ddeb0a163ade710515
SHA1c98516ae634c6be92ea4b4ca6f04ab5d0fd1bc66
SHA256435fb9944bc9190c2904584f21f88a3b052dd31a8ba05ba9e72ec1f98037dbe0
SHA512b6cb42a26b1e6746ec72a4f3891c5661da5736338a001922c7006fdb1daa97dfbf9b5f52820b501d44a5ad041bf77e353ce5cf430d10fc59e265cfb9cd758b35
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/manifest.jsonFilesize
1KB
MD5060582f4e3f6888e553813fabef9a9ca
SHA17b2f60274024fcf327d4c59cfdb1548977193913
SHA2564fa32fc1b9b3661a4808314fa4c61dd5c7662343982b28479d6b4edf4f11e88d
SHA51279ef77c9c7fd83fb7b8bc5f956d98d26cccfd1a25e8985031ab14b05c53e4d3efe3a27da86c1e89c9f0b1ab91c773012199159c047728ad4c36022a6ebb92b53
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/oss.jump.jsFilesize
4KB
MD509d9519eff0a2ed5ee715a47e23601d2
SHA1e565352259389a02cc1c7ddca7c4aa947bf49431
SHA25609e8ef9c5c18e5bba46834b1d8c40322849d35e6a7ac4ef317143d2c6f1dd3c6
SHA5121aa703680401dbb137ecefece97f83d3e7f0b6111b6a27e2a44af22bd26a282137c44fdcc4a1f39658789187c7d9290bc39172d40f21c0fd96dc92df20f002df
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/xl888.jsFilesize
646B
MD56b22964681b36a8643fc16d830969dcf
SHA1e30137065ca10c7f75a4a79247b2ed5de1016c5d
SHA256db1d328b7385991f59827a42f6b84b75a716c3d6312aaeac3f8ffca7d05e1b0c
SHA512a01750d763bc017e9638bfcebfff552196ae098243cdc31e7f8e9f68cc16bb024581744a0b4eef3551092f17beb5bdc82f7c0ac0ff04d2d24c1a38d2acee9fef
-
/data/data/plus.H5A5D9F54/files/apps/H5A5D9F54/www/yszc.htmlFilesize
175KB
MD5040e2b859e148215e4b4258ca769e0b1
SHA1d5a740b75be38e643208aa03b5cb464dd7b89dd1
SHA256d96a1e3d03011ecfca0c3bdbdc4844e68c764c7015269dc3960afc5343fb1ea9
SHA5126af1f928025a71fe3313a156efee5f9af5ae5b0f4de471546a406fb8bc6954f814cd4b26819923376cf0a9481f72f48154d22be146dbee2a97cbb1c72c0af152
-
/data/data/plus.H5A5D9F54/files/cnc3ejE6/eje3cncFilesize
35B
MD5762298b93820a5cd8b6d8ec469078f7f
SHA1d5b02a2ff3b235cd2b61ceff53a1d88b8984477d
SHA256dc3f98a33c26c2796dc294b354831fd5ca9796295f4cb38479c80b145d4807db
SHA51270f864211ce16679d0538abf9b7071d27c2d22ae458e32409d20065032c762dd186307ef33ede90abd9ac794a4ced8b163404e9799c05f0c515337249684311e