Analysis
-
max time kernel
7s -
max time network
646s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
15-06-2024 05:41
Static task
static1
Behavioral task
behavioral1
Sample
TikTok_31.7.3_v8a.apk
Resource
android-33-x64-arm64-20240611.1-en
Behavioral task
behavioral2
Sample
TikTok_31.7.3_v8a.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
TikTok_31.7.3_v8a.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral4
Sample
TikTok_31.7.3_v8a.apk
Resource
android-33-x64-arm64-20240611.1-en
Behavioral task
behavioral5
Sample
TikTok_31.7.3_v8a.apk
Resource
android-x86-arm-20240611.1-en
General
-
Target
TikTok_31.7.3_v8a.apk
-
Size
177.4MB
-
MD5
3565772148017926d8f6914327ac40a7
-
SHA1
0d6acabfb4a2fa985f68721fd421b3f5ccb4aa56
-
SHA256
5d7384ffba61f4cc870f5629b4aff508f4a64e1fe7bbc244ed7647c1e3c66980
-
SHA512
6c7d8c68410e20f6ab843a5dbc6bc6540a9d1418ad432de6ec6237adb108ee0c684626a091c4aa3add651e779bc88646c65599e038c2f5af4570d1b602e56fec
-
SSDEEP
3145728:je683aNiQFcxEQNbr+lulUFNUU7maQ8IzQXP0uy3gcuUhCpFsk7vV3yK54z/JIrz:i683aNiOQNbr+sCLLQxzQXswcxhCZV3t
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.zhiliaoapp.musicallyioc pid process /system_ext/framework/androidx.window.sidecar.jar 4541 com.zhiliaoapp.musically /system_ext/framework/androidx.window.sidecar.jar 4541 com.zhiliaoapp.musically -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.zhiliaoapp.musicallydescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.zhiliaoapp.musically -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.zhiliaoapp.musicallydescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.zhiliaoapp.musically -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.zhiliaoapp.musicallydescription ioc process File opened for read /proc/cpuinfo com.zhiliaoapp.musically
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.5MB
MD5ceb9bd6d645c05bff898d73aa8aceec7
SHA1c469c2239bb6255fd58400e3334d38678f5ce483
SHA2567c3c0a32d50ca781a68e758af5570ce9d26c8091426b1b2db9ea40d5783f1111
SHA5128e4eded75dc645132ca8bda8f064bad51070edd80517a6a52da6adc6f9cc37c5f289425adbb9ccfccc5241464e43dccc4b23f0adbd5078054b7b411f787fa447
-
/data/user/0/com.zhiliaoapp.musically/files/npth/RuntimeContext/main/1718430306371-1718430307654.allData
Filesize2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
/data/user/0/com.zhiliaoapp.musically/files/npth/RuntimeContext/main/1718430306371-1718430307654.ctx2
Filesize803B
MD52ee4ef11c5c1938d78369280f841b03f
SHA1d22b36b54e8376c2d5ebca137079a427a594a994
SHA2569402e99d3688145d0e1cc81b50d195976b47431ee4cd343e2583502646363f09
SHA5120c4740839d5a7544a02bbf49de17d376b31f9fe0d5a8b24995e8204c6d328c838714b295f62501f3db773ce85db8d3f6f8e7aecb1593adbd4003349bb1f0b4ff
-
/data/user/0/com.zhiliaoapp.musically/files/npth/RuntimeContext/main/1718430306371-1718430307964.ctx2
Filesize803B
MD55ac1b4ceca6557d5f26acb9fd3d9031a
SHA117c4a77422b91b4aa8cdbeefbd3d4b0ceb08d70b
SHA2564afdd433b30b976bee02c4ba8af11fb239503a86f412b5c1382c55a7f74bd418
SHA512fa2a6ba2572f370bd833288949d1f57cddd12997c9da74391528663fc44ce3c021f036f618de70805d0aaba40fa01f83aeb416f46a4f4ccab2923ded70b6536f
-
Filesize
3KB
MD542e46d0bcac8ae16febcc4a37e3d833f
SHA1b77a17af345712a2cac0465a8f3f1e8b30e5b6c2
SHA2563121311e5cd65744e2945a13998acde6b08d9c73133f5ec37a8eadaecb8dff3a
SHA5126cda8bb01e32786cb3643493ffcdcecd2c12b9b555f2647e6876fda7fc1a85bd1bcd15955c2118af008ecb5edbf7611ac936df5c9d273f743e91d1de671a743d
-
Filesize
53B
MD50774663f90efe02bc29521d60c39ef23
SHA1138e72975eb6523cd2a3c74474173a28afda4245
SHA256d77c09e1188eecf0f0f7cb7600d1ebb8711a33aa25d3f248a612cf406a922ad4
SHA512dc9aed0a72793ed5d568f71f53075581ea50c7117691e5663ce10e041e5ccdc3a0a807dedff4f74cb939dea8eb8643631b77f81ecbce89c1114fb032c9d4451b
-
Filesize
13B
MD59613817b7ffbace515c905833bdad931
SHA176784f216fbec5ce101426ce4f5df0bc47ce0e76
SHA2562610dc2e89a6cffff93686068cc660b411cc4ee402a0e9af902bc95756fe92c1
SHA512e3db705f8f77b6d8430558c6dc15c00df9220f522cf367048bfa5c83b05f5aee84e00c0aa706db2e21a39acb98a5add5dd24432bb1f9d032743413bf32483bb3
-
Filesize
24B
MD550ef9f5a0f3fc24b6f0ffc8843167fe4
SHA1cd9b2558bcf52078c64242e751017419651181d9
SHA25647f7aa1df82bc1b22c8bd4f539f704ea51ca37b8260f02129c096b736f86f104
SHA512351a8597cef0227e433991befcdd14bbf304964161fdbef54d74ea2ee7ffc1374ed4ac3cb5cecf7c3812eab0fe75e6270bb8d6cf790d2eb94f4043c6a1761707
-
Filesize
55B
MD5514d5b892eb973f57b33ed6769c66fd4
SHA12d465a294f295550f0007a1c20a2c3b149d4f490
SHA2563beb5922f00b1d29ea1da3a4e7aa0afb4f57de272d9950dfbc7af47fddae8a48
SHA512b1cbca8c027274e8ad9cfaec2401062f653546bbcf5b6e8998a0667268df531c54bea63d59c34f61ab83ff7bf31ade19e6843ac67f83c4a17e2cba47d8b65452
-
Filesize
120B
MD5701957a7b7f7acfafb13a878990fe0e6
SHA16ab6b6edec9de409ae9246f220a4026ce9acbce3
SHA256b1442a9c8a49c0fd4499bfdbf6f0d6f3d203370de9c77f0a5638d4aea86e21f6
SHA5125576a5f1b3fabeeff1ab4d2b17dbf7efc71e1c4da72c453c573a3d7d4afa22e89d7e3f2bf862fd112b367d51ae1e35ae0cfa6683a23289c02dc85f062241907b
-
Filesize
119B
MD51a384620ed4ac750bb42458c70f4c971
SHA1128717b49c563a2841709b7ccd8fc127252fb236
SHA25616763f08027f85137000349cb648d933050f6db0d2fbdaab38cc6ab6b515d164
SHA512a457438cdb8b77fd42e2df4612aeee0dd261d69cb4f1abecbf09303aaa94b3d3837a36367afa722da467fffcac576d29ec3a24b90ec4560c1d0c3c1d88a72bed
-
Filesize
120B
MD5c818120b32905ae3389f2309559b1220
SHA1e40f8797590aa40b24b5eac2005a2ced846f49ee
SHA25645018c81dd3d97d8ed6b1dd80cd4bdf03300b484e71d4c07ca06b0cdc0b5a78b
SHA51229097ab760348e0d6186e1ab59ff0704c76ea3e25d6db05a3e4c8e1bffc13a8a301606a9484190d40a28846c58e1fe0abb539974c21514b7eaddae5f6859e35b
-
Filesize
42B
MD58929bb1bff3ffc803547e9aa739328c3
SHA1cdfafa8b1b60bdce289aad939e23c0cdde063eef
SHA256b0bbf87898e5d8671503554eaab521697a311ad624c3ac46971a073542dbbd4c
SHA51259ddf0a277beb234a170810963f13a54cc23df045c3c7cfb58480e414d1b7ee65e7a8bc1aa2a523095f41461b44bee99d76fab07638fb8141c5c0c6a3738d2a7
-
Filesize
909B
MD562ad4936055b157ebb146f0f02406be7
SHA1dfc37aafde9eca2ad49523c5921e599b1e53b2fc
SHA256ff8907c7bc0511e09a849fdb0fad63a6015ceb17b3530142796da19df7594d81
SHA512ea2e8b7c78f5c2c2e1e3232124ff619b554bf493cf60edd3ab2661f332dcf8e2bd9951a9f364a88d2d94e18317994dde5ba64a6070682b55cd9680f04af72757
-
Filesize
541B
MD5ee1044cb1337fbbeb02af3f5a0da23a7
SHA1d9177994b54e689856057c0f7396952264c1a144
SHA256781f787196cfda48a72f54d1e58bb84e3c89b378c16ac43c81c418f53de25113
SHA512ecef096232a0d5e8e241e1b084654daf2326f74f81af6fdd5beb19740bbd67f247445184e03cc837968b51026124a95934891fe2942dc2bac20d011f61452cfc
-
Filesize
136B
MD5b63f0f4b33db794e21a8622e47d8ae23
SHA178a1caa4989222ad7d390be2b22b115a79869ba0
SHA25670bc7085a1e1801522e300467a6ca5ced14eb16ee38ea5991fbbc209f7fba850
SHA512bfca9bbff6a720bfa57620e8cf347422bf59aafa4961486273cbff9ac80e9c9204a546b7a4fdd8cfba9f5584aad1bab9b90b024f6e2cffd7d20f0d167af4a25c
-
Filesize
116B
MD5fa22ee6bbe623af1507f03bd6d92fad3
SHA1f7629ccf0ede95c044269c748a0a839d907d782e
SHA25664b63ed9c08e7bc28931f6ebcaa1bb87da32a99089869a7ccf3b45408e893fb9
SHA512a4f5dddcaa160763d414ac0990c33a15a2f1ac9a1713187f2f51422e8603a4fe3e1ad030a1f4c6fb5afcfd8986190f1d62f19f2550287e316c8fc42b695115f9
-
Filesize
8B
MD5d46bf94e9eb1d22281a71504685082ac
SHA1e4e0629aef7425ba63e897bc471f8625de44edd3
SHA2562ddb67b8a8c259ffaff61a5abdd38f5b5d6f1c6e2af4344c85b17b77af2451cc
SHA51268a1a1fd4de784e3a2e0e956d0a63ac4ca540ef90e7fd9a2ddc92cf68e52e29792db64f6615054a6e5460467f0b7abe055c899136d98ce6ebab3d580bc55ec86
-
Filesize
12KB
MD5bdf3529e80318eb14e53a5bf3720c10d
SHA125c9ace4b1af6e80ebb2572345972c56505969ba
SHA256bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b
SHA51248b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b
-
Filesize
8B
MD533cdeccccebe80329f1fdbee7f5874cb
SHA13da89ee273be13437e7ecf760f3fbd4dc0e8d1fe
SHA2567c9fa136d4413fa6173637e883b6998d32e1d675f88cddff9dcbcf331820f4b8
SHA512991294f43425a5b80f8a5907ca7cdbb611401282585a58bb415077005428e3b4c0f661fc07ba5c45f627bd8bdcb172389ce2fda461c029b837abc70f0abbea20