Analysis

  • max time kernel
    140s
  • max time network
    153s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    01-10-2024 02:32

General

  • Target

    ec1106a9735034ef21a1126717ac337d825844a1b60ab8bcf32e0c835fde60df.apk

  • Size

    20.5MB

  • MD5

    adcdbe1e25a3e03ae1e454363012432e

  • SHA1

    83381d32b8a6ce9854e8e7213a6c90ac3e17f011

  • SHA256

    ec1106a9735034ef21a1126717ac337d825844a1b60ab8bcf32e0c835fde60df

  • SHA512

    597546c877c4ac04c910f123c3bfbe236a342e61ff7a94ddcf1639401da76b04df858da2bbf145c8d10cdfe299f2b946d7ebe75554afd6f749acc8f4d387f9d6

  • SSDEEP

    393216:3OsJA35z7A79L+r2d1mbgafiubcnZbb3T9i/zVN2I+TXadaKpPbNiRSKcsjJY:3RJA35z7c5zrmbBffcZb1i/zVN2IkKk4

Malware Config

Signatures

Processes

  • xuzjgkd.sstlojddh
    1⤵
    • Checks if the Android device is rooted.
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Makes use of the framework's foreground persistence service
    • Requests cell location
    • Schedules tasks to execute at a specified time
    PID:4384

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/xuzjgkd.sstlojddh/[email protected]

    Filesize

    2.6MB

    MD5

    c804156b95a21c4bf0b1e2c8a133894a

    SHA1

    dab8c525d3c86618f2f70a8de71979df529e959f

    SHA256

    395c690bb3c3ec85b3c36ae8498ebbb895b71e745acf9e7f120578a9033d9a68

    SHA512

    52110dadace88fb28be4d9289d797346d5b4e4dc753279769101be18e7d2fa90c2b315e9cff2f89e694c2e0a64f943002116e46c4807ead7d852adc2cf54e7e4

  • /data/user/0/xuzjgkd.sstlojddh/[email protected]

    Filesize

    1.2MB

    MD5

    336921950a9f279733cd787f1203d73d

    SHA1

    cefc36a7c17909054cf2a507b34f545af96c0e36

    SHA256

    c6f157d3401cf969f57b4d102e14fc097676f11cd4911a68a3e08cafaf2aa94c

    SHA512

    6fa4f733298e00a8495648b623c04a5a7912a6a5af26089749e9ad26f30e20ba8295dfb901084bbf7e6976acb65ac78d7ce7a0037b1a4044ec5ddecd29801f87

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    124KB

    MD5

    011cd6a11afb071cc79ef5019e0548e2

    SHA1

    06456658c8ad8e29492347ea80b83b0cd1dd20f0

    SHA256

    9b72e53428efa4d1b97f3e59a765390e5116af3b6be16c645a61a8f96c040c97

    SHA512

    ad7ef191f6be037bdad532e90c4e48c152b6665e720a640f4bd7ba35801d91b5730f131201da223443b0a964b8bb815c719ca7b6344d8d1ae5655aac4ce16d30

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    d72a28788d29efd58efd4a6af38f0c46

    SHA1

    e1a9ebac15c2816c8b30e0c3b477b87b88c67f25

    SHA256

    3545dc82c6e41973289cf940efe0254f43f8a300d99e9a305ffe6151f6acd823

    SHA512

    c79e580ed5f4e4b1dc21763363ef50a17e816a6fd166e646595a77623ddcab6ca72a45bc5a1ce2e6c2826145da716d9bb6d4f3d3705b45190fc520c0f82d7c4e

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    447ce39b1053d941992c2b978a07b8c7

    SHA1

    62e74d88150579ac2d5a79bff3e13ca3f7fa076e

    SHA256

    9ecd5d08f48cec98ae40817b91f7778327674e32338f3259b62b39850966d4c6

    SHA512

    192636beecd8bb31a0db64e0318388cbb7c8ecfdc5d5f0ceff96ae43eaef4558763ad30ecc0933cdc01999f48008e1113bbd7f3a9a5550f20cfd84b10a244013

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    d5feb4c65528167d013c3e9aa709505c

    SHA1

    37e3c7a9d79acd36535839c67b852f3a01e445c6

    SHA256

    470b7cbdc1e9edf41cf0583d7bac0954d65618c43184afaf0fa8f07dcc0e8ebd

    SHA512

    e8061793d0679fb7ed6f135de3d9b670e12b347016342ff9a9dbd8fec4d4f8cfed0617f45a62eb688a6e2fae4724a182bb0321056b420fecccc215abca136d29

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    ce803b1d007b902ccdc7ca57899cc5f7

    SHA1

    633c8adcab1220d9179fe43c2e27c008c8150339

    SHA256

    308aa1bc13825dbd455c394d449341efe2c37fa4f3f221d65d76e60ca64eb821

    SHA512

    2542ab33cdce9f58e349e36a3a41b38d035926019fd7915510465045cde5a3c6cdedaaa609f72da738b2e733b98170ed0184527b906110efafe527c6797ab933

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    8c06a8b84e0a947be35cbf5a1ea7eaa2

    SHA1

    4e47d2bf9cc18a280533e9978ca41bb8e39aa187

    SHA256

    49988987dbbe1e043e70c92a09f6a023671347673972bae03bdca4b2f8396a21

    SHA512

    357f708c36bef64947713693805542bc416cc71a33cc3bdcd436be2bc731887b5ddb486971179c8655ba7da26b38c9a580e1099863cb5c76a1a6321ff3237f78

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    a85688b9d3dadebaf5c01b96a24b1d23

    SHA1

    271cf8cc555382d5fb8d6727e8a415385b843125

    SHA256

    52c0d0493cca2889a293925414a986a9aaa14360f52b804200d64c9381253f7e

    SHA512

    61800f1bb4577e143aa24d30ec94f63995e88de96812b9a1b6a3dc4e2dcaf372c72617014682203a8b633514399d65c473aba9fd0511f13d06fca6108a9fac0b

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    07e9e7086febc99df932be18bf21eac5

    SHA1

    e8b1fd315ccfc3831a0804c732ce4d988817f686

    SHA256

    cb28d7a349b716d9bda82c9a8fdd0e718ab179dc024f562546c093663a8586e0

    SHA512

    903ba7a74ec1b72f2ea802f76dc81fd9be7ed3027b17fbf653704f7da9dab2c6706efac782db3ea0ba32270f0402d67e0035508551597d7b585791ef2cebf441

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    4KB

    MD5

    5b99c2acbae1e8e6be8044c4f52948bf

    SHA1

    1939b713723ff3c0fc5a06face516900f7e1127f

    SHA256

    6bae61223f303d4c6a9b547588a024973391b179232fe0ed241245c95d570542

    SHA512

    18b231192f2a6d5c49debe6272707289e0e5ba66707b2e29d59421f31aeb4c95e76cb39f37c9cf97eea883afa1dd40908115782d019135fe437928c91d1e1c44

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    0a1d691edd52abff025c4fb61d4f2af6

    SHA1

    d92d8d3d1a30cd3a9b16fa4a095e5bdf761ac8c7

    SHA256

    6c5d5d2765754babb033112f243faef16d43b1b10f9fd7d7de4c8ec0f6747e6b

    SHA512

    83fa8ed5e55963412f84b5847aa9cfd6847216bba6c39464f89763b53c6f2504ad5e105389334176b13da7ace04e6e9330c032a6f93078848a48fa8505bbe71b

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    12KB

    MD5

    9047a6451e574986b21359cb124b94d5

    SHA1

    be2a81a65fa09d44db518797ce8a0fa9792b8577

    SHA256

    09215a44f8aac98efa53586927d12d5b1f5623d4450079af0677db1423b567a3

    SHA512

    a101a17a039a5fc8d32b0a4a3d78b8cd5b5a5a4c5cb95a48918a1c595ac5d8ab2e06aaf95269486f64a8f53102054f40a01532f057e53fcf61096a3217c018c1

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    20KB

    MD5

    fd6cf211641757fa532375f46eeebd22

    SHA1

    3df30799278d71c8add073cb9e0373fac20a7ecf

    SHA256

    3c8e8a1ffbf8b7670a53310b430d7775a2948fa6852c3c76198c0c72707f5fba

    SHA512

    065e749b792bfade8e29ebc35fa22902f2bf4afcdf08ac4c5e1d7a08e4afc712a9dad94b27b8e55c95d829c0a0583bd0f9aa43d4cbf224ef5569ebb678a2c20e

  • /storage/emulated/0/.am/dm/md/main.md

    Filesize

    2.6MB

    MD5

    ebec0623df12f3d7e493604884e808dd

    SHA1

    74fa9c2749e8af6bf4f00bc232089e4ba8876ba7

    SHA256

    546b24036b300cfb4b6f17e5df3a0b14015d2eb4d654faee2283526f337e1d2c

    SHA512

    d404aca340c2461c5611b0e4822d552ddae48771ab059e1b13edd3493031e9f0b0d95fa82b6584f6b75bfdc5bb54b76526cc4790cda994b6405a275a48ea8ea2

  • /storage/emulated/0/.am/dm/md/main_tools.md

    Filesize

    1.2MB

    MD5

    51112e0a7f7962a8e02bc885025414ef

    SHA1

    40622959af4fe349d8881c885b9b30441de8804c

    SHA256

    2b089f76930214706716aceba0bc6cefe6e132d14dd7d0a7c59eaa4f90f126f0

    SHA512

    f02971a0f493fb72539381c3d1503d8573e8bc67f147014f443df8c01e71bb28437f832c5702d25a8bef2c34c64fb1f46d0000523eed04ea7981186ada22e402

  • /storage/emulated/0/.am/log.txt

    Filesize

    173B

    MD5

    8dd0ef4764a0930023d850141c15959f

    SHA1

    e30ef544f9c64134bed264bac1a4ec851fee64fc

    SHA256

    2126fad88b36ab8990f777109a5ac30a8d5d690dfb68b8912402e968d9fbf897

    SHA512

    c1790c7775cf56f8d27ffa0d189714d2c767347def27aabae2a41ac55606b58dd2ff43fcab8f7b752236a8f8df39cd344eb2fe00f4c50a0ad9ec8efdf487f1b3

  • /storage/emulated/0/.am/log.txt

    Filesize

    152B

    MD5

    683f4e55957437c691963ff2d426539b

    SHA1

    b834d7416c00289e192e2ac74296c426e96f18fd

    SHA256

    373851d87ceafa832235f9b6551371ba8d4b50c326d28f3167a05d5a40e6b93f

    SHA512

    cf6bde9d61dba91dc828f53984e622976e6a31139e1ed2e3fa9643f70c490cb6a5ad56911581c999b8bb9e14219aef59960bfbfd7d07a6b3414477b6e5eba452

  • /storage/emulated/0/.am/log.txt

    Filesize

    4KB

    MD5

    deb26489002beacd4293c9d47720c7e7

    SHA1

    346644f1d621082d788554ef7298ea6c59b34abc

    SHA256

    e0a04ee5ce12a3c2d1a38f1ce9f3e865460a8654c63e644dac034a785af84461

    SHA512

    9410626a43c1e8bef4c53aa073540ef909296996bde968c8eab4a2363a28035f2b3d8cae3674ca19ff71f1964ffb127c851f5e88a08c73734da4f616a8c66494

  • /storage/emulated/0/.am/log.txt

    Filesize

    64B

    MD5

    03367365c377b15acf197bfa4b919057

    SHA1

    44ee944da31f32fbb1eb70d11dba1f1fe920cb95

    SHA256

    2ab4708596a1af34e52f6359fb8e3ffbf030ab63bd041def475e1c77d4a41996

    SHA512

    dec608715d3c66eecc3d281b0d94f8957210f671508b44cc18a0298ff6c19fcbb5e91559d1bf69278b2eee93f221b50bb49b2c83e0ef818b7dfd961fff2b4611

  • /storage/emulated/0/.am/log.txt

    Filesize

    72B

    MD5

    60e35b8cd39c7fd2b98e177c5f083d94

    SHA1

    e51e9fb5848a0e7030233918ed29333144ad714d

    SHA256

    2d8a8da668ff29a9b23e2c71df6d16676535fd4f158c5654ac52e42acb59ec6f

    SHA512

    5d74b217462fb40eb559dce948cc65fc5e153c3820dab22e9e516961fd3a0c7d10f0e436c26043ae6c2dc3f994d790d1b12e1120f4141542ed4bde4f63ca823d

  • /storage/emulated/0/.am/log.txt

    Filesize

    193B

    MD5

    a80f67746d38fa285a0b0cac8a50eab3

    SHA1

    47ce26c02d4fa7708fcdfb5ed2722e32412e99d2

    SHA256

    f5038f0c8a71b1f7d031c53d45cfb40fa1680720ba8a7c6e9605515f92dc3e6f

    SHA512

    97e17de8777ce377e1459f1081fd91405bdcbf4dd13dfabf929dfa553b15cf61493bf94979d92ca24b5c1e25e9d37418730681e3754c3127148d0fad1167b009

  • /storage/emulated/0/.am/log.txt

    Filesize

    134B

    MD5

    82e661b772b440fd7b25c20609539f86

    SHA1

    011e1ab0fd086c3ee1b07d522688e95923255515

    SHA256

    ebca6430e3e8bf8e1160ac35a75215ddabb01de21b93486ce010aed443ed83c1

    SHA512

    d9f3d318df7b60ae797690f3570c58c04b242e46fc97639e0c9f458ee365b529b812c5862c6ee22a1a64de35f760f17c8cb2db6b520eb16b7f1e5e6b4de820b5

  • /storage/emulated/0/.am/log_.txt

    Filesize

    22KB

    MD5

    f9754d02873369e98e2bcee2d47685eb

    SHA1

    08c56975e13214b34115d69b5219de3a96bad2a5

    SHA256

    a1d9fd2c4be14891f292a95c0303c13e19ba77956c8404ecf84101de037b3b50

    SHA512

    7dde6de4cd0436f88740e0565d1ce6aebcc3bfa05783dac94e798c2d6ffe93a5b463287e9e2e5031b4fb044a57fb809f31d156029acaa65346ec817691e4bd9d

  • /storage/emulated/0/.am/log_.txt.zip

    Filesize

    6KB

    MD5

    b4f33c05b28de66132b8c6fa714b05e1

    SHA1

    0250bfeca024ef933d1dd10849710fea6409f335

    SHA256

    1af0f4df70c173f21e8908539e996e9b53c5e1dc2097aa194ae87754a6ea7d93

    SHA512

    44e7681f6565124d5cbe89047773754d5c7a3f3e4e804e049412611c68c21b36ad9cd94194da0336db102da59437f63e59659415d1ef76b0d83294e2a94be2f2

  • /storage/emulated/0/.am/log_1727749961445.txt.zip

    Filesize

    220B

    MD5

    e8ac1370acb950de38c8e2812c0e6090

    SHA1

    75f8d3620090ff9a7385c0a0f7cc8c2c01ff4579

    SHA256

    0de924ab93ed3ddba5bf1760c6720ff1917cbde224f2a15aea82c8d20605b09b

    SHA512

    cc0a0fbe278a077920677fbf623e916625012fcb054829451343a6106c88c3cb8f1407d726c5ad97342c9561e974cdf6180801b587c3fea3add421bf13490d44