2e16d60e4f75d094bf5c453c66009658314d7487d6a75f9055fe87167d36ab0f

Analysis

max time kernel
4s
max time network
132s
platform
android_x64
resource
android-33-x64-arm64-20240611.1-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240611.1-enlocale:en-usos:android-13-x64system
submitted
24-06-2024 00:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2e16d60e4f75d094bf5c453c66009658314d7487d6a75f9055fe87167d36ab0f.apk
Size

3.2MB
MD5

d59bc0057fd59a3edefa8dd57b2d0812
SHA1

094635c23bff465b2cb239198ad6839d2acdf44f
SHA256

2e16d60e4f75d094bf5c453c66009658314d7487d6a75f9055fe87167d36ab0f
SHA512

7db485979b0a302d9ed86579f27d7317de19148bc40ff12ef97f6e5fbd7f777b39579918e616aa7d1b0088d0e9cd5ec0eaffa7e8947e72d513313bd126b743de
SSDEEP

98304:rvE9N5HD3tMTx9Y5rz5QOH6iDsw7sVO3e8qG:U3tWQrz7HpDzsl1G

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 6 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/records.product.fires/[email protected]	4310	records.product.fires
/data/user/0/records.product.fires/[email protected]!classes2.dex	4310	records.product.fires
/data/user/0/records.product.fires/[email protected]!classes3.dex	4310	records.product.fires
/data/user/0/records.product.fires/[email protected]	4310	records.product.fires
/data/user/0/records.product.fires/[email protected]	4310	records.product.fires
/data/user/0/records.product.fires/[email protected]	4310	records.product.fires

records.product.fires
1⤵
- Loads dropped Dex/Jar
PID:4310

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/records.product.fires/.jiagu/libjiaguv2.so

Filesize
277KB

MD5
94884d288d94d53381f179b97d91b160

SHA1
1c274cdb2388e27af3f1281d29234872d13e7414

SHA256
a84e99701323e03c0f7f902c3470c3ca449bf21b5dd3511bafdc475d8aac45a8

SHA512
43ba85965ca30448515a0326fe55b4d76ae9f46d66d14308386003ebf275dd8683c1456c221b31f0ad0aebab3ada5cfa8e9455ec4073973d43483a38256c122a

Download Submit
/data/user/0/records.product.fires/[email protected]

Filesize
719KB

MD5
5d42e04bf92ef507c22b227612e2439e

SHA1
7d4a94d3a7741f8eb7154d7ad80b64f02da8f09e

SHA256
3546e56e29a8d799164766e151d6b18215c6063beaca40e32a8633c6751d52bd

SHA512
a429ddff637fd4b38d264851e71d9ca2a9d46c5e6a204df6b23565a63fdddd4449e24e417a7a8b9c64c00f920d681b2505c8cf733d3d4abb185af69cfd39fee7

Download Submit
/data/user/0/records.product.fires/[email protected]!classes2.dex

Filesize
739KB

MD5
58aef6665430683cccbce1b721a4ba4e

SHA1
69e0183e303e8f94244f9113b3b97b9e9e9062e6

SHA256
bcfe2081bcf968b7fe04c25857ebddbb4c2969bea3eca776fc45496370dee001

SHA512
2f3aa226939051ad912af09a3e7e309a08a39d9584f59a7dcbaef520ee115872817577bfd7f7f83bee3584701576f19ad0937b7f6f71537a7ab663891fe5d009

Download Submit
/data/user/0/records.product.fires/[email protected]!classes3.dex

Filesize
701KB

MD5
de0c4b9651db01ad2ec6b3aebd50cb6d

SHA1
c908c9c5ec122250c344dbbf84b165ad808c90d1

SHA256
feb1ba024e75fe4b695b2351489cf7d09677fae4234210f3cd546d71b639e800

SHA512
e5d973e0e1e5723ef0caa3823be84393883d1940afe64e3b8acd486e6dfc401689a5f58fb8ceb03eef04d31a54b51dd118377e2bf45281cebe1f8988d3e22da4

Download Submit
/data/user/0/records.product.fires/oat/x86_64/[email protected]

Filesize
43KB

MD5
62ec54a9f5ed1fb56e3e379bb4ebaf98

SHA1
ededb654a30cd523d789b1ddd95f52a3736a9511

SHA256
46d413da99a70c43050c82660e59ccfd1a18c9f93aace7e8f41cf3f5cc6d92fe

SHA512
ede52fd8111b0cc887e74b8ead0d1f6204740b1451b48139396cebc1169f62723c7833cb20f4ebea694b82c521476bd6252191e3158a5c267fce8bcbd077341a

Download Submit