Analysis

  • max time kernel
    166s
  • max time network
    180s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    02-07-2024 01:53

General

  • Target

    ae4e024bce0ae2f7577d6eea4b616c585dfdc48daff98ecf24a1e36c60690772.apk

  • Size

    20.5MB

  • MD5

    69a3362a56aceeae697d711b85ea1bd0

  • SHA1

    05af8c183ee7934be6bb1077992be1aa79a4d17f

  • SHA256

    ae4e024bce0ae2f7577d6eea4b616c585dfdc48daff98ecf24a1e36c60690772

  • SHA512

    75f50d474571b4d722d623f7d74857fd831553f941bc5fe7b7b5b310ee2c8367adca0f4e32ee44ba9c5d945e76b8b6269d4197dcbd5efcea245dd6da118ae61b

  • SSDEEP

    393216:/rTNsZsJA35z7A79L+piJ1mbgafiubcrZzbfT9i/zVN2I+TXu1qKpPbNiRSKcsaT:vzJA35z7c5R/mbBffc1z9i/zVN2Ike84

Malware Config

Signatures

Processes

  • wzfj.mxwub
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about the current Wi-Fi connection
    • Requests cell location
    • Schedules tasks to execute at a specified time
    PID:4487

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/wzfj.mxwub/[email protected]

    Filesize

    2.6MB

    MD5

    1b5d7af0d254b409f3abad6d01570547

    SHA1

    7c496db9cb7bfcdb8832246bcec5276f5a280c75

    SHA256

    e2f0cbb3e3ae65a8b8289743d576d21db62b62158922993759ada8479225fc34

    SHA512

    c1f2f5a61fba8d3333d1b65eb4e1c536cb5660239f1d32183610cf463dc300a896e7b8fb96ed324946ffccb88d29ca03590e07535d4d426ed2a88b83acc788e8

  • /data/user/0/wzfj.mxwub/[email protected]

    Filesize

    1.2MB

    MD5

    cb16f947895faf71d09cb5ad792b0e35

    SHA1

    c1dc4f7d5942a9dc0e1f27bad9239a4b4e8f49a7

    SHA256

    e884e38eadd126d05e90daacf4250127ea46787315a235296d3c9341c2df3bef

    SHA512

    8ed0d22895c375649c7eee45c2911d816d194ee36c648e8cf84805dfff0889602bb3d17b376d2e4c73fdb0df23002349df0a872d8e18fe219862ad06970aa2ba

  • /data/user/0/wzfj.mxwub/databases/SettingsDB

    Filesize

    124KB

    MD5

    f15335a640f24813c9b345c99da7e16d

    SHA1

    a0e7fdc85b3c1420bf342676be577f146f5dce49

    SHA256

    6baf6ee8c7c503ed9962ff49957fe3c0b707171d1913450d97c84856a6ae31b9

    SHA512

    5f51ec199de29b23e398d143c4f0faf58ba655a4f455ecafd5b6303c0ef428f3165f5db49daf4697f1dba3033da51113730ee5ad158a9ea9f8f6b9a10b044f19

  • /data/user/0/wzfj.mxwub/databases/SettingsDB

    Filesize

    96KB

    MD5

    b5662fc4f74d89d7f1ba86749b49a613

    SHA1

    24ec8d0ccde0abd6c11c857aa7c12c3a2fe700a1

    SHA256

    5a8ac4bddaaadd96d3006f7e09c186db562cb90ddddec45b9549e07547104027

    SHA512

    221cc6ff74971b6a94c6be83edee16e7fd40c5cc45e8c9c11e97c38108a870d0d5305a13439f565dd9b99dd6a98cd130c46a0d81a8030173e4427f7f45f49708

  • /data/user/0/wzfj.mxwub/databases/SettingsDB

    Filesize

    96KB

    MD5

    2d1772056c4a9a912bd2961936b206e7

    SHA1

    c00db18e6cd3ba6ce0147ae9e499385d7ef34025

    SHA256

    08108dd34c55c69f9dc04641e4b19c61f96681187369c493a0b02ed10d7274b7

    SHA512

    9dbacb079fd49f9ba5f346ff77560893dbb7ef2c6db488e038ba8003d84ddc659386240b7123879acadb9d6ab44c00348ffb8945064c2c18b079118922d3155f

  • /data/user/0/wzfj.mxwub/databases/SettingsDB

    Filesize

    96KB

    MD5

    f2e6297bad645b267434faa28881f387

    SHA1

    132c445d57aa1196a637115a14a4a9bb4eb47de4

    SHA256

    12b56b638e532e32dc4ebed91be8fd6d60f6094ef93cdf22c163abe455fe16f3

    SHA512

    060337fd778273f6f892700514f27314fab68dea2f7d2e70fbed41898a6ea554f1340e36c20308cc6799f8e266003d2866ba62952281203caa4817f6450c3819

  • /data/user/0/wzfj.mxwub/databases/SettingsDB

    Filesize

    96KB

    MD5

    68498ed6948b9d5f59690f7975bc0fc4

    SHA1

    06e3933afd3cd163eb7038faa73a57003b9ca308

    SHA256

    29e2bd11af94b055ac815437a7f6ab90642d84922c62d01838ecdae09896b309

    SHA512

    0d8ccd66662d156f7af171bf134a018195c2d1829091ebe5781a2e6fde16b85cc27146cefd2f61c893363378e19d795555e651537edc659d100aff901d966d3b

  • /data/user/0/wzfj.mxwub/databases/SettingsDB

    Filesize

    172KB

    MD5

    5e9dc039d357bc7244fe9cf0d0e8ea8b

    SHA1

    8c972e82e460366d100344539991e4a47a212f43

    SHA256

    dbe27442e1039c3231b60ffd5b93b36ce8920fd87328eb39cd7bf3f998daf547

    SHA512

    183fe011ad96e96663c5f58925e5d580bcb89d0cfa087aad47c7dcc8e92699ad57ee7afef3d363b84652a04119ed02cef82f06cb1c1f4d0990c85203d3075d62

  • /data/user/0/wzfj.mxwub/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    3d3088f566dfaf83f70030562de744db

    SHA1

    609270bba08937bbffb9370fe5352e94cef0ab6b

    SHA256

    88ee7b069a11b07f77975496394e5e3c3a6e179d8940f112d361cfcef014545d

    SHA512

    3aa36d1b64dd721467b4a63908521abdecd5fa86c14108c185a9dab9179454ac6034f91498d03d6e8e93261e4fb2beb7b4929333bb604a3a39f801bfac99bcfe

  • /data/user/0/wzfj.mxwub/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    7eadb36b8a56b78b50733ab262775684

    SHA1

    ba8a414fecf1404a8aab74427b2a9115ed905e34

    SHA256

    1d2d6c4737309a23db9f3d1645c9cbf840006c32db5fda4d878a279b09a790f0

    SHA512

    294c1ba037cba506711dab9e1f7f34547ac8cc754539edf7a1e493c746c858610bbc3132ea9ea559d4e1cf69ed23821350f79fcab76605e6a0ce9e477fd7fec7

  • /data/user/0/wzfj.mxwub/databases/SettingsDB-journal

    Filesize

    4KB

    MD5

    e61813b01b36e91fb422a9ebc6743b8a

    SHA1

    b4eedb2336a88647e881be466a26b4a56f315247

    SHA256

    2a2828c504e3807ae62163e00dd6348db46618ef5057bba5a0257795d16b2c53

    SHA512

    07446f438bac0bc923a7799c31b106264064ee69a9a3d78624571f1001bd9b60fbbc2cd4615452fed8215657705edca4fcf3a2585ddeec499a2998ad2354d2c5

  • /data/user/0/wzfj.mxwub/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    9af7905ff4daa72ad317297eaa8fc425

    SHA1

    e4ef3312949d1e8525c02516fb75580c47e6ee95

    SHA256

    5e45d165132316c9a97606605cd680b1d77c0b72ef66da6ff8da86d001e61ba8

    SHA512

    d5fb17a275f037f08168f238e93be2fda08752800c5deb22dc58042ebf596c17fd9fc53ec9e03bd4ec8757a2d7f7e9e5120b94e342d17c95af371156892f3b31

  • /data/user/0/wzfj.mxwub/databases/SettingsDB-journal

    Filesize

    12KB

    MD5

    7f09ef2deb8f16f5158b04b06455065a

    SHA1

    623c84b76e72672ef0bdad0b88f47d5e475216b2

    SHA256

    785b65fa1873ac9ad867a6474d9f93ce6ffa1bf475181b0176e7357b7931846d

    SHA512

    fe54f4d2f0cd263322542f6495aec8443e5cae148ddafae5477cf050533f413f0e08e0848f7630d7f56c2db298501e7af6cf323579a8d1188b3856885fee9506

  • /data/user/0/wzfj.mxwub/databases/SettingsDB-journal

    Filesize

    24KB

    MD5

    379314076eb4de7f6ce49e0ad3efd51f

    SHA1

    537aa2729d66e3b358f117adcab17c411bcd42f2

    SHA256

    4dc18eb9a6cc0cab13aaa5a6e361755802cbc24aae34d6431e7f274299e9b118

    SHA512

    f35b175a87fea603b14236c39e62791d4eb4e349d572c479c92cf1d2472ef6c1ee9e74f866d7597a6f0d06e875a53bc0a8b834df08dbdc1bfcda318c62439e71

  • /storage/emulated/0/.am/dm/md/main.md

    Filesize

    2.6MB

    MD5

    558d5aa7136f7b710a2c5100138d2390

    SHA1

    27b5a2c0a2ce93b2b9186dd3cb653ea5cca9e08b

    SHA256

    8f92f889d237db8c29741086d76b3fa430325c240801f3153a90b83c42640321

    SHA512

    4a9d967d95b41257c74e1fc692bf3156e84bf1aa7221898effd8e2025d1f2b19a5384416c69865165ae07d5ded4ff05590f9a5d76c3037112bb44bcb78a9183b

  • /storage/emulated/0/.am/dm/md/main_tools.md

    Filesize

    1.2MB

    MD5

    1e05a2d987a9b8ace6ec423e1de9ae2b

    SHA1

    8ba9fad037667f9a091541ac11cf4e27965d5288

    SHA256

    743e7d3660de8e672bf0d07078d8e540b1cdb17d216e63b8703fa180c97179b6

    SHA512

    1744113900cd787eb4ee34c9fe5b72dbefd4e6c334373f6f32adde0e3de22044a2cdb1ed9a6137e4dfdb7ec53a7b77fd5d059e07976569a30e192e680233d54c

  • /storage/emulated/0/.am/log.txt

    Filesize

    171B

    MD5

    eb2b6c22151ee29ed9e11e03cfff6477

    SHA1

    8e477d2c07a6efd2e2edd05b77ef6fef075ef6bd

    SHA256

    784fbcfd94c08ba7412de3303d91b5600f1a864e419de2f7dd820d9196bd677d

    SHA512

    a7de72ad7fbbb8d178c7aca7f49553085e766220c2c44d277c6e00b4b87a98d734af76df3fe14b9173884751b761d021c587d1f24e9f877fd15dfcddabea99ce

  • /storage/emulated/0/.am/log.txt

    Filesize

    150B

    MD5

    ec716a8aaa9b91bd5c337e472bb57602

    SHA1

    1c852d73ba6d076f6897d78905a50b46f6e1b9bb

    SHA256

    6137b46300b4440836f45de3eafa9c855d8e365a7cefd3dc5628b74664c8e6a1

    SHA512

    9a5e7bb97ef76b8c7bf4419be0ccf9c8f2a9026a68a6e62d5badde2493b4b01782fa67acc8746b2d4fedce3451968f53c65a00fb8c7bfad7c8aff0325043050d

  • /storage/emulated/0/.am/log.txt

    Filesize

    4KB

    MD5

    8b595c69bd138cdda308ea37d818e1c6

    SHA1

    cf09ca7e2776f50ef349eb86bacdbb4c059f9ff5

    SHA256

    efb4a7c7627d172ff3b38c5bfe38d9646723f14939745f2f9356d4064eb464f9

    SHA512

    bd764a1026ae6bb339b879c2626c0806f80a75e0ea42ffa0ffd67ae57847e431395133469a4782b697379b2b61eb1533e85bf9617258ee9dad57132fa1a69577

  • /storage/emulated/0/.am/log.txt

    Filesize

    62B

    MD5

    d98ce4475f06012a270792a7dda9adb5

    SHA1

    730c58f832d4072cdd321263d1c8fc35a2e497ea

    SHA256

    38250f28a29667339ae8beb68be5afff0af419b9505c8b167c6d8953bab7db40

    SHA512

    e3b0dea6da6830ac4b8d4e10cc71af08b5a1474e480a8a28860745b6f9cfa61decaf3397ffdb8f43c71d9b78def1d6fb5eb5ca37fc2fe248dc892d78a719b122

  • /storage/emulated/0/.am/log.txt

    Filesize

    70B

    MD5

    069a82770da0f183a402c6787b11da45

    SHA1

    2610d2a036e83ee72267ca7935cc7f11c08989d9

    SHA256

    58484b1f6a8b49e10b9da78ac82d4b7172b4376e9e9128ff36e8aa4b16196052

    SHA512

    3e2ebe45cfb733e4ffe9e8a4eab5098d4f8e0c288033c618968ae06db81b029ee5ebfee5ea2a121d68a78b49dcfa0c7c0f3d59c8f01237a4642a49105b0c33b3

  • /storage/emulated/0/.am/log.txt

    Filesize

    177B

    MD5

    5e5cb4f3040e241e77e74f14f8b6d4f8

    SHA1

    b3cd762ab5c1e103ebdaf1de552490a8786f920d

    SHA256

    30c100c5fb142fd8519b36fd24abd0a7964a8467445c8d44339c639d00dbc56c

    SHA512

    01a35356b93d933fe254bd4ac1e9c727c0f2de0edc2d4a0d94575080dc4126dc3990de01ef346231094b9dbc9d5141768416395c65229501a9464c9ca8c817b4

  • /storage/emulated/0/.am/log.txt

    Filesize

    125B

    MD5

    1d6d0ccec113537fbc3e87dd31853cbf

    SHA1

    83fa4df55b98bdf138c7342346b053df889513db

    SHA256

    67b8bea42de1b84621eb60db9d53fc63de3bc753c4037d58352f770d67fc4b56

    SHA512

    115419effdf7d60d307d2f2acaab826a415e9d1eec33216313933660c9d88859f01925b137462e7c63ac64f8cdc44eff2375fbd17f2d5aabbfd3f28e6b442fa1

  • /storage/emulated/0/.am/log_.txt

    Filesize

    26KB

    MD5

    ababc7d510c3c0ac3b36570ec2eb2b65

    SHA1

    070a4a4a13a55766e8ffb1a253fa65fe238799b3

    SHA256

    b39fc1a15798c77be71a3c6648355ff9316e72ac2faaffe1f6778a6255381dbd

    SHA512

    299500849c43e44597050ffe933b8a2f1a450e2adb00d47ee2d3478658ea4287fb32e1316620bb56619bcd5fe31a0c4d06ddc478b4fb8870ebfeade45030caf0

  • /storage/emulated/0/.am/log_.txt.zip

    Filesize

    6KB

    MD5

    b7e9fab71fcb8d2bb2be787361ca00af

    SHA1

    357717e7bb3902c3e96d8f991c363574e7a97686

    SHA256

    442012713b58a382467b904e7ba38f9ba38533d14e3843ffbcbdccc758d4b729

    SHA512

    9b80e5a8c7a588edb939c337f2895d8b2633c30f29d6eac46f7084b22683c93eb48aa3ca6416376d9d1be8160ed76d742b5440c896d397f81bff4bb6d5dc3a72

  • /storage/emulated/0/.am/log_1719885256754.txt.zip

    Filesize

    218B

    MD5

    a1e8530b2b9ee252dedbc97d56ebec44

    SHA1

    41dcd8af3b4b9581f0ddc4527aaa8793c659c26e

    SHA256

    e0e7e12a19a4f4bf062674a5e2f515d7cae66891cef95d1b99bdafe35f7f4eb0

    SHA512

    7e7cbd4bd2aad114d37dbb232c7521819d94108d3d5f4c730e3af3ea0c1b6a1cb7f70aab7b209afbe5c31e093f73b0f1e024d3c4467a10454a89d305830a46f4

  • /storage/emulated/0/.am/prog_class.name

    Filesize

    55B

    MD5

    101c484352bb59877382ea9109d6a681

    SHA1

    d5693b21c30ea1a15a8a9ab9c3722feab1d0b4f8

    SHA256

    06c108ed059bfff10335645acedb8d014706a2b9f0f83dbafc845f256fec6d2e

    SHA512

    e5cebc32bc60d69dabebe614ddc441426c8f78e717c08274dcc227b2974b5b4f449d5507f7d48924f169084f71c5e4021dd2e11aee0cbc4196dcda537b554af8

  • /storage/emulated/0/Android/data/wzfj.mxwub/files/Download/mch.apk (deleted)

    Filesize

    64KB

    MD5

    13684d2547f64dabfe299d1c6553a05f

    SHA1

    b000477d2cb51e917f2ebce3a8c53745ba7e0fd0

    SHA256

    3cf935d3101700253aa86e9d233201e587cfdd71b44491414b9d0f8f351febc0

    SHA512

    e75a7c2d43b9223cbb58cf21640ed86a1df77fbeab56d9f7904748898feac40aa6a372dfdfd44c93ea8480dad2f9889684bf37b85549d4bf8e2a2c7c79172217

  • /storage/emulated/0/Android/data/wzfj.mxwub/files/Download/mch.apk (deleted)

    Filesize

    64KB

    MD5

    f540eafa12b7f9a3b403441c7c2d84fc

    SHA1

    6345721340f2a83a66bae0936f71abb63e14e3b5

    SHA256

    c98ab979afa6372430e3fc44722144207ce9d48ed4ffbe61417caf5683cf2116

    SHA512

    8d84a4a7b932f36446db461e128e3eb9afdc9d240ae217047dd0d048d6990e5563a17a93928b6e59c6b984466b416f0731ca4c475773d19c8d56ff0a0cdd1169