9916a032b206aee7efb050687e9cdf44db68c0701909d5f464737abfece9a395

Resubmissions

06-07-2024 11:56

240706-n36qva1anh 10

06-07-2024 11:43

240706-nvn6tsxhpk 10

Analysis

max time kernel
33s
max time network
204s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
06-07-2024 11:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

origin.apk
Size

105.9MB
MD5

60ed00dfb0f63bd9d7b80e588bbcbf54
SHA1

ed2a13328f0fc09a5e81987e821efa8c23bddc2f
SHA256

a9bfa254d1896a2b0580da73bed6f685ae71c06c52e06d555e7ec5a09930cd7e
SHA512

84611bcc70e2f937420c0f29bbe627796f55ba9eae8cfa9537bde6364e8a87bdaa7928c8b9bf052a2bc88d11549138488638cce0eab394342ffbc9433f4e7051
SSDEEP

3145728:H+TzrDgr5fVsUMV6fXlZkBRILxKD/Txicny:eg1+UMV6fXcBRILkbi

Score

6^/10

discovery impact persistence

Malware Config

Signatures

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

com.huawei.healthcom.huawei.health:DaemonService

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.huawei.health
Framework service call	android.app.IActivityManager.registerReceiver	com.huawei.health:DaemonService

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.huawei.health

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.huawei.health

com.huawei.health
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4286

com.huawei.health:DaemonService
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4319

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.huawei.health/app_proc_status/proc_status/com.huawei.health

Filesize
12B

MD5
bf83fdb4da9460b0143dc2be00051d41

SHA1
b87fce3876cf05cfa81fe8998cc02cf7a79c866c

SHA256
cbaca7e43157d0958ffdb67866a5131a0886d37ebcfa26fe54828e3cab578551

SHA512
9f7263cde78906902169d6c5ce9f0209a60beb3e10a254fd9fc96f33a077a733465a1d7aa277974eb660ff993c3b53d81ad1c05a7e60bd94b6901b8b7dcba3e2

Download Submit
/data/data/com.huawei.health/databases/HwCPBackupDatas.db-shm

Filesize
32KB

MD5
c4ff85997b79045aeeffaecbf25ea533

SHA1
1fb53af745fbfffab40cb210b952ce78ba3922ee

SHA256
8f3aea3c90a568b83f6e16f25c4aa8f54849f2099a95e649cb096d3476da2daf

SHA512
8f5942782bd910f801c7723cd35e2f2c1d106d0e24ef4363ea8f744fb3203ba9d17528956f2fd4534bc43655aaa917e63761cd9ce52184980b0f58b008c695f3

Download Submit
/data/data/com.huawei.health/databases/HwCPBackupDatas.db-wal

Filesize
32KB

MD5
40f479a61600c6a8c3d2ddb90dde36c7

SHA1
3945d7911db5f4c0ee6b25aa39504c9660f11499

SHA256
ed48f40406d9fcf15e75a4d5cb62ff30b8d8b2f8d86650fb44904b2895d05588

SHA512
3a0cd1531bb2bb1ac955838e714079cb76725fd51e698351661d3bcfcd8dbc14c42a2ab75ac888896e456ee191c2f1af9e279aac09b03319adf9fa91535b86db

Download Submit
/data/data/com.huawei.health/databases/HwCPDatas.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.huawei.health/databases/HwCPDatas.db-shm

Filesize
36KB

MD5
05ff1a95d361341cd9755584fd741504

SHA1
97429c30c0ae2cc64383364ccea004d70fc71f11

SHA256
919431935ceef359bf16ea4302d2bb0b998d551156755b113c68a0663733dd9a

SHA512
7e157da12593e491f87519238055e9dd59b7bb6c7e2329892cd5ae5fb202794bda48c68c65ae1bdc98a6ef7a54baefeece9c3179564d5f6ffd30b5bde7cce4d6

Download Submit
/data/data/com.huawei.health/databases/HwCPDatas.db-wal

Filesize
20KB

MD5
01971b76b8122fd3f3dffb42098a9376

SHA1
668d007585b64f2337e09618a031c03058fbdc65

SHA256
4695eadc9ebdb6eb5dd4439cae639345ada878b71665947906070c93047141a4

SHA512
c561f1e8ce9f632432f015f7bfb7e55d8262f59b56a2016a041c564d8ae9fb0b562ab3035fe69ed4ed9eccbf0cb31732544cbb19d7e59ef312ec931e5dc99549

Download Submit
/data/data/com.huawei.health/databases/HwVersion.db

Filesize
11.6MB

MD5
61ff198a1f3e0d04cf60b0acc8ca3363

SHA1
f8fa4472ef5d91654552f614866f799fa17b3b6d

SHA256
f54b0b81d993a51b78fe5279142485cbc53ce453c8435aef66d0492b1a1099a0

SHA512
ef3ec13db5b63e987254ea282b473d93fa8c783bd14e7b2d56442386619d3187d3297a4c3cb8e103c34dbad10d16eb79b28f5e932d5bf9ed99c224b89aba3409

Download Submit
/data/data/com.huawei.health/databases/HwVersion.db-journal

Filesize
512B

MD5
6f0fca1dda890af83dbda4cac06759fd

SHA1
dc18c2ead63b8be893ed54c9a1ce94f6b0b680b4

SHA256
d47b7494a01c9f471131176b7877c1c5532200b973f6e42fd2c8e00ed0d52d9c

SHA512
b40e1d1ade3fc7493e1b44b2d30afff288fc6023763b6bcb73ff96bd5a701e3fc75257868b2d136761caa3777014651a9cb92f771c4220dcabc4c7724d684536

Download Submit
/data/data/com.huawei.health/databases/HwVersion.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.huawei.health/databases/HwVersion.db-wal

Filesize
156KB

MD5
13903bccb531d19631a017a475b16cc9

SHA1
556b6141200db605f8f54098358e38b59f40e0f4

SHA256
315f9c6a0d4292a9a9b942f20d1a71946977e765b89e52d4ec4062818437b956

SHA512
2b4ba8e7ad3a7cfa909c1481037979a6597801b86dc65275f1c46b5dbd81cddd3cce0f3bf8cb00b5433712ddad387d3645de6ba8c272a674059d2dccf6d1fd69

Download Submit
/data/data/com.huawei.health/databases/com_huawei_health101010.db-journal

Filesize
512B

MD5
2366d5c098f98421d531ac49ca678c7e

SHA1
e6c9b639781ace1c04df1c35888d30652dce160a

SHA256
d5c1710d8e8ac95e2ac9e9d73f259129f8b38ab1783fd85877eef075d4094d28

SHA512
da53ff4a6e4411560c034afb6358ca0863f4c77f061b9c1e5205dc37d2bc14ecb8643eef1a127018505ad35550d0d1b5a102658b73eabdc53cbd35c566a3fa9d

Download Submit
/data/data/com.huawei.health/databases/com_huawei_health1020.db-journal

Filesize
512B

MD5
aa447f2eb68a264f869c8ab94d52a5e6

SHA1
ffdb09ae8bb4d4776b780ddd193064f8280f910b

SHA256
22ff28bcbf14cafb74ae7c871a7d13e457e034673d5b344484db63bb79dd1fbd

SHA512
49fa08a1ae1f464bf4e5849f8232b175c8dfc45aa59f6e87a7fafce94911d0531ff5da83fe4db3e529d357cd97086816479d7ad7c995c8015db6fc34d783820d

Download Submit
/data/data/com.huawei.health/databases/com_huawei_health20005.db-journal

Filesize
512B

MD5
73288324aea013da01e771d6a13f2681

SHA1
1c2f1dca69b620bed4326303f2eebc1fa6b180b3

SHA256
6715be0c3417eb3fdcdf7fb667fb28528a7b0e04b245249cd5c29fa475b3570f

SHA512
ed07ef5c2e579e209494976072a067a2931e8a1a41646a339e353534e4421ca7126df7e0ea54e2018c7b512df4473f8174b282d77823c0a3cb77e52d5020b201

Download Submit
/data/data/com.huawei.health/files/mmkv/10100

Filesize
128KB

MD5
0dfbe8aa4c20b52e1b8bf3cb6cbdf193

SHA1
67dfd19f3eb3649d6f3f6631e44d0bd36b8d8d19

SHA256
fa43239bcee7b97ca62f007cc68487560a39e19f74f3dde7486db3f98df8e471

SHA512
4ed83e40c9cf32ac2c59125a01170bc97f20550952c8ca20ffe1b2a59d1b1ed9c8426c515f7629d1bb5e4cdc53dd70ffcf67203d59e70a559492e5ff0e712278

Download Submit
/data/data/com.huawei.health/files/mmkv/preference_save_module

Filesize
4KB

MD5
ceb500e27c46243ff9b5b258ec352a93

SHA1
1ce1520337254ef259b532e9f795c287ccaaa9e0

SHA256
d8cd8b017dc8b1004170ed87fade9b548dac2c346f7d2abba74644bd6b81be5c

SHA512
91ba82a397cafe25024ec4b7d8ad1d0e8a0c0e2237e3a63a4f5e99b0a793f5c0ab6a852cbe79a307b7580c12802e4f0f643b2663609dcf885805be0047de5317

Download Submit
/data/data/com.huawei.health/files/mmkv/preference_save_module.crc

Filesize
4KB

MD5
620f0b67a91f7f74151bc5be745b7110

SHA1
1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

SHA256
ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

SHA512
2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

Download Submit
/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/com.huawei.health_DaemonService/log.0

Filesize
1KB

MD5
982211717958877223bdd50546b9f1be

SHA1
5c64d99f8e3c9ecbc34da97dc7998bb3db7e1169

SHA256
1b792487b5802d912d76fac058b61dc395fabadcf70fd05656bc891f6b65c312

SHA512
c44e79a5953b01c5c89ad583ef5f9fb8bacc38b68960b27dde9050509409bb9724877a4a853cad7c3fd5085b103b52c6505c946b520319cd3b0067f41447da13

Download Submit
/storage/emulated/0/Android/data/com.huawei.health/files/huaweisystem/com.huawei.health/dfx_log_14.1.4.171-wearBeta/com.huawei.health_processLog_0.txt

Filesize
838B

MD5
eaec73c105b619dccc164d7275af8c07

SHA1
0ea9b2cf34220f4a2ef98489dcfe2ee19b63b99a

SHA256
264fe25c2ef450f45a3c376fb6be6b2b148a71d6c9cd4a2fb0ce6c309f664cea

SHA512
4aad9f6e77e05c439f6360fadd9f7ce0e9bd654b20f73cd40f4970c0aed36066b95e1a1d9934c62a8e840e50752ca3fb77a7c1ab0f3f9dc54a624117c7e91cb7

Download Submit