733689cd3886da71d0142a32b9c71ccec3e1dc602251f6f935a318f9307ea610

Analysis

max time kernel
5s
max time network
170s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
15/06/2024, 14:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

muzhiwanapp.apk
Size

7.6MB
MD5

c3229fb323240d6e1e76777fbe0a9295
SHA1

5c664e6942479ca35c25d8b315a075f36a1d90e4
SHA256

7c0d0a3e65ce73b3f365a644cd86b56324d368e47049b04c2ba80d73ccb6d1fb
SHA512

cf4309e0fa7aada4fe27cbc0d5d1dd9d9c41cdab459a02c7d205f3d47283e74c303242c148aac12f8badade9e854eff393a77309895f0132de34adbe3d6b02b4
SSDEEP

196608:E29yNmkMvAdxRIZJ/kZNHJN37TlSTcduZYNxLWO:E1VMvIaZiDJdXlSoXxSO

Score

6^/10

discovery

Malware Config

Signatures

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.muzhiwan.market

com.muzhiwan.market
1⤵
- Queries information about active data network
PID:4152
- chmod 755 /data/user/0/com.muzhiwan.market/.jiagu/libjiagu.so
  2⤵
  PID:4183
- /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.muzhiwan.market/.jiagu/classes.dex --dex-file=/data/data/com.muzhiwan.market/.jiagu/classes2.dex --oat-file=/data/data/com.muzhiwan.market/.jiagu/classes.oat --inline-depth-limit=0 --compiler-filter=speed
  2⤵
  PID:4212

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.muzhiwan.market/.jiagu/classes.dex

Filesize
4.3MB

MD5
3c79da0d95d99b9d5a31436cdda76828

SHA1
969c7d830f245df06f40238c35f36bc6955057f5

SHA256
86634370a791151dbc829b6475fd64389a06582bbee718c8fb5ea18b85d50779

SHA512
beee337d38a2ce5c60411f64b794dce54839f32d58e2945bac5a8216a75998bf9db3cb441f5f5470cb4bab84f60a3efd1c2491aad0f605ba8b67af317bf5f4d1

Download Submit
/data/data/com.muzhiwan.market/.jiagu/libjiagu.so

Filesize
358KB

MD5
9885f6c9682fef5e0ab72e530eb52ebe

SHA1
8b480c3ec2bdd236c26e3b3a6e7d95fa14df43d0

SHA256
0e17f244f4927f3fbe422cbbfcf19c829500ff0dec09c4442b0801b4db7e8fdb

SHA512
f7e39025f354e75e826eb023a5687640796e8a343926a1f6338f353a6930655b0dd5108cea246f5592b56fe32395f95814f469203dd70ee22f20d420f79692a9

Download Submit