Analysis

  • max time kernel
    175s
  • max time network
    192s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240611.1-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240611.1-enlocale:en-usos:android-13-x64system
  • submitted
    18-06-2024 11:15

General

  • Target

    muzhiwanapp.apk

  • Size

    6.8MB

  • MD5

    25a12b3e3d69b621f16d6809d57e37ee

  • SHA1

    7c3026ac9bef20aa6c274a0ae0b2894ed27a39c6

  • SHA256

    63a4443e53422abf80dffa60c088c72921a4d839d4070613427d9165909ea7e6

  • SHA512

    d04d3fd4fa2d0911f1831b29c5b3031cd45349f8b916a1400a1789751c341272edcdb37b20ba468f759962f1aa7da174a58ced8cfaab1ccefa27dba19b445b47

  • SSDEEP

    196608:udfDsgl7Fo3HcMg5+knzUsd3wIm1vM4MY2oNs:eAKm3lO+kz7dg3oGs

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries information about running processes on the device 1 TTPs 3 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 2 IoCs
  • Reads information about phone network operator. 1 TTPs

Processes

  • com.muzhiwan.market
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Queries information about active data network
    PID:4307
  • com.muzhiwan.market:mult
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    PID:4356
  • com.muzhiwan.market:mzwlogservice
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    PID:4417

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.muzhiwan.market/data/mzw.apk

    Filesize

    17KB

    MD5

    e65188742e10046597a4c648d045699b

    SHA1

    37b2f1e3e89d3b0d8683737ccae2ee725e82a312

    SHA256

    d0990058e5204d1a1bde2eff40893cb49d1e8972ee9b7e1b03ae35ac3cd5df8b

    SHA512

    3859b177492c74ec9448f7c57cf37beb7c747dca9580125cbd7c2e1f3a7761a3736072b1ec2ee14fa1f844f13df4163aa167b5cb9010e7e7fd00b2724553d481

  • /data/data/com.muzhiwan.market/data/mzw.d

    Filesize

    59KB

    MD5

    b2a8fd2dba92c8f75869f79c70d441da

    SHA1

    faaf88b3c3653fc205a3a125ccb77fbc87b76215

    SHA256

    2514431fe50d909ac1385e07341ed8878b5f2400df151df5a43a59b98a31ea02

    SHA512

    a66893a5bb935dfefdc12ea32c2407cf9d8d040ff82852b415c599beb94d002ce77ec15bbac3f78ae6758a8c7f5e83c799ad84fb8ce2e6763da88a9bb20aa7b6

  • /data/data/com.muzhiwan.market/data/mzw.g

    Filesize

    42KB

    MD5

    c04d422c5a4bf58a127bbf2bf014965c

    SHA1

    3b1f3f4ad21fe0febe567e5a56996a7e61658cf9

    SHA256

    7a28fd857e1283e351d37931cc6e23cd6de5ad2fd4d3d23337a6f162b07f3978

    SHA512

    6cb2768a8344e3da470472ea906b5be2e33a24384efe35cdc3c0b0c24351c3b34444a4d2d6a9e21c48927b85554aaa3904fb0361071c0711841565222253e0a8

  • /data/user/0/com.muzhiwan.market/databases/notes-db

    Filesize

    16KB

    MD5

    cecd02eff55973896bd98843ebbb1871

    SHA1

    da145bab244f53a7fd72d6df86ed262a391baa3a

    SHA256

    4dc3a0a01bf2e0076f64b8e45ca34602f24fe02a59bc06cc7c6549fe4de0452a

    SHA512

    93ad6a78931eb7478abc2940e00bd65e9c00fafaa8d042ca76ee3462b668ec4debc0e963b15c8758f390ab7bb7c155a1e986c98d16825ac421adfb7b67330ce4

  • /data/user/0/com.muzhiwan.market/databases/notes-db-journal

    Filesize

    42KB

    MD5

    7bc525aa5cfd71cd4d2ad570fd72a906

    SHA1

    b411e1b345b5e9e4a0e4f603b46277278981e921

    SHA256

    14b68457395896d3ffe12b777f52fe2cc4182a6c9ba383555b12522c93657b00

    SHA512

    5f1973360665bdeb536d8dc2a9c5d2077990fbc6fd3653747de9d54c7032a776151f39986792ab57773623a143b2d65cfbb585aa53c823197485eba9e75c8e2f

  • /data/user/0/com.muzhiwan.market/databases/notes-db-journal

    Filesize

    8KB

    MD5

    9f7eb25011139ef9703a333bbb2143d7

    SHA1

    35dcb4e9f50a28e5f4ab18ddecab0158248b9bde

    SHA256

    18b81030f5ff6f122e812b4f150b51609f66e812f3120c664ac0fb2caef6a1f0

    SHA512

    7db20612eb770b92061c7c0bd1c96cbacb5480f6dadf8db5ac6dd165e6b09d7393e2026cf8b6c2cf2f4797bf8de50cc062ec357c0455f386e7aac232358848d6

  • /data/user/0/com.muzhiwan.market/databases/notes-db-journal

    Filesize

    8KB

    MD5

    e5cd89b2fe0832052acac5717140959b

    SHA1

    e9f6285d3bd64b9046c9286b9cfe84717a2912f8

    SHA256

    5e82d557dd9a324602bc9c36b1488c46cbe1e409e795d97ad3c689144564d502

    SHA512

    040cb2bc06af4ae229ae1a23026808ee96202c04f5d3a87c5a49eaf4c8b2835aeb01a4c3f7c2846494b41edd4769b55df2bb4a242e932ad19e8273075e3d5620

  • /data/user/0/com.muzhiwan.market/files/install_file_dir

    Filesize

    5KB

    MD5

    8378a9dcd1c20c2a77639fa406ffcde9

    SHA1

    1dadb7f1dfd0b3a7c3a6607e7feb44913349b59b

    SHA256

    473e9169fdf2af40f61d45f33ce7cfb6437744b4db5799cb18e4087c91d3b7e0

    SHA512

    bd8fa14f63647bc29086f9464f1c98d1a56a218ac9c26e8e2af5cbf300bf2a3170968c90cb84edbf11ddeb75a0802bfb28b8dacbd4a053a1fd426590b40d1676

  • /data/user/0/com.muzhiwan.market/files/install_file_dir-journal

    Filesize

    1KB

    MD5

    8e772a137206ac4d19330e25613acfac

    SHA1

    64df6147f83724f8e82ae7d5c60d49a4eb8453b9

    SHA256

    d3250e297705d5dc7a883cab0ca36af17023d6ae7c0ab8a660f414e6a55a8bc6

    SHA512

    96c5675ab8a681fbd1299b6a128d66ddd36dba12fa6f5cfe4b448826b115d1ea5c827c18e4c67a21bab9306fa6a269121bf1da6e4bb9df5d4f1836e53261c338

  • /data/user/0/com.muzhiwan.market/files/install_file_dir-journal

    Filesize

    2KB

    MD5

    29027c0e8dae679b978250f89a4c41a9

    SHA1

    84febdc60fb778f9a869efc4478c8cdb89905327

    SHA256

    3139d63b43d8643d616575fc952c7003bcb24a97f33ecd2168f2947a027adede

    SHA512

    f09503806478eba3429568e640830cf4eca24d6c878683dcb591d85733cedb91f551dcd568d69261ed506d274b2826e3b5357f39094b64fe9e36cdecbb0ae549

  • /storage/emulated/0/data/.push_deviceid

    Filesize

    32B

    MD5

    225530c4c3f1b3ba8316fee217c28f9d

    SHA1

    975268b81973ebfbbc0114f34250c1b946260065

    SHA256

    bd586f468321f49133825d5bf5ae317e65942cc8cd8a3b1939e44c6ea55235be

    SHA512

    86dcf562a28f1977919e792913b3a5ea87e1cc52777ded7bd87f75648a71357d6c74f9e4416d90f3c312d49cfea73bd251391853061a30c713ee86e4cbb1e9e6

  • /storage/emulated/0/data/.systemid

    Filesize

    2KB

    MD5

    841a896539d4c7ac7741e1d0595a6769

    SHA1

    6dcacb91228e53dfa6fd2979404bbaad0c9fec11

    SHA256

    98cb02436d73fb6b70f7b716844517732d5aded0089909883616b31627f66db0

    SHA512

    3d85682b278df00a8657a97300c3608aaeab7ce777a2ae3c86b54835da51273f531c692e673fa1815a92cbdd7ad461eaf94f4da6a1e6cfcfb9d936f8118fcb57

  • /storage/emulated/0/data/.systemmac

    Filesize

    17B

    MD5

    0f607264fc6318a92b9e13c65db7cd3c

    SHA1

    c1976429369bfe063ed8b3409db7c7e7d87196d9

    SHA256

    c248c629af1fe0a8c46b95668064c1d2952a9e91d207bc0cc3c5d584c2f7553a

    SHA512

    9dbd40b135b46c7be31b8c7d11c75b0b179af3a6550fca52ec447583aeb50aaaedb4b1e9373cf8826615149549a2efaee04efdc9a282e3a6b387c73099c13fb1