Analysis

  • max time kernel
    137s
  • max time network
    146s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    02-10-2024 01:41

General

  • Target

    ec1106a9735034ef21a1126717ac337d825844a1b60ab8bcf32e0c835fde60df.apk

  • Size

    20.5MB

  • MD5

    adcdbe1e25a3e03ae1e454363012432e

  • SHA1

    83381d32b8a6ce9854e8e7213a6c90ac3e17f011

  • SHA256

    ec1106a9735034ef21a1126717ac337d825844a1b60ab8bcf32e0c835fde60df

  • SHA512

    597546c877c4ac04c910f123c3bfbe236a342e61ff7a94ddcf1639401da76b04df858da2bbf145c8d10cdfe299f2b946d7ebe75554afd6f749acc8f4d387f9d6

  • SSDEEP

    393216:3OsJA35z7A79L+r2d1mbgafiubcnZbb3T9i/zVN2I+TXadaKpPbNiRSKcsjJY:3RJA35z7c5zrmbBffcZb1i/zVN2IkKk4

Malware Config

Signatures

Processes

  • xuzjgkd.sstlojddh
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Queries account information for other applications stored on the device
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about the current Wi-Fi connection
    • Requests cell location
    • Schedules tasks to execute at a specified time
    PID:4448

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/xuzjgkd.sstlojddh/[email protected]

    Filesize

    2.6MB

    MD5

    c804156b95a21c4bf0b1e2c8a133894a

    SHA1

    dab8c525d3c86618f2f70a8de71979df529e959f

    SHA256

    395c690bb3c3ec85b3c36ae8498ebbb895b71e745acf9e7f120578a9033d9a68

    SHA512

    52110dadace88fb28be4d9289d797346d5b4e4dc753279769101be18e7d2fa90c2b315e9cff2f89e694c2e0a64f943002116e46c4807ead7d852adc2cf54e7e4

  • /data/user/0/xuzjgkd.sstlojddh/[email protected]

    Filesize

    1.2MB

    MD5

    336921950a9f279733cd787f1203d73d

    SHA1

    cefc36a7c17909054cf2a507b34f545af96c0e36

    SHA256

    c6f157d3401cf969f57b4d102e14fc097676f11cd4911a68a3e08cafaf2aa94c

    SHA512

    6fa4f733298e00a8495648b623c04a5a7912a6a5af26089749e9ad26f30e20ba8295dfb901084bbf7e6976acb65ac78d7ce7a0037b1a4044ec5ddecd29801f87

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    124KB

    MD5

    f15335a640f24813c9b345c99da7e16d

    SHA1

    a0e7fdc85b3c1420bf342676be577f146f5dce49

    SHA256

    6baf6ee8c7c503ed9962ff49957fe3c0b707171d1913450d97c84856a6ae31b9

    SHA512

    5f51ec199de29b23e398d143c4f0faf58ba655a4f455ecafd5b6303c0ef428f3165f5db49daf4697f1dba3033da51113730ee5ad158a9ea9f8f6b9a10b044f19

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    dd75a0ee35a19ef4b1ccdba11fd9c69d

    SHA1

    e5b0ba4dfbd8424d8fd5c0d997a6de7d3ce33f52

    SHA256

    79e7cae2fb19a8481632c1b6ed7e2d08e9a4e4204296d16de3f731163ef5f9ac

    SHA512

    773ddf204bd372e5fa69470b3f57cb13e366d1039861e677321df09728674fe881c2c0860b292b82977fe3b87d4e9471f0127493bcca7161e08667c9eb407332

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    e46e644944aa8a03b25169ddb6c0b37c

    SHA1

    56ff9bb8217f0bffbce4113145c7b8e65b3c3cd7

    SHA256

    09080b36a41143b95da7782f2d2dd134557af1df26bbd349035a0c9c9079e27d

    SHA512

    f33972027bcc8b6c750b63dcd0f6a5166df6707cbca9c0561ee3c7686c57155c8ae579b4eacbc0c3fdc8a0d635a9ca3fded3eab1bcfc8d5dbcd1231050832b09

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    777e2d534a165e419bd35fea2dbf5f87

    SHA1

    bf76dca8c51b90a5059bb8826a61fb4911c64178

    SHA256

    33c372234407f51fbca9c5ad80454a2b8be86c716baa439d963a7815b5eab1a0

    SHA512

    f5dd15a1c80e6e07ad7abca1da8c989e4fbf191e2809a4200c4dc0d56d5411f070af3f9fce796dd6a6cccff7b9913982a241d38ef4950446b7e59b2612a7450c

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    96KB

    MD5

    12294c940ed8a1d063f570f0d6229a84

    SHA1

    90ff419188ac423a90e99c32133aacb0e263d40a

    SHA256

    92ce2adc06fdf79cf90113b4f0b6371380b47604a0b93ce0d3675a1268f3e372

    SHA512

    f378a64bb97b1c9230da85e03f600192bfc09e22448b9c5e39e35494afb66a8437f04dc4bdf103104bc756077bd058fe27728d3be9f9f74ad27350cf89188b3e

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB

    Filesize

    172KB

    MD5

    bb7853a25bb59b1165f2e87e7fc133d3

    SHA1

    d5f87dab3a6b8621d30c75c9c4d7011355f0e134

    SHA256

    c6ae860036e710a65caea105eb1a8ee0130b84c590ec97368c7de83b686eddee

    SHA512

    027331cad14b4a3839674d85aea61fc419143750301c7ab1f98be845a5c801ad524b0ec3e897ff5df60f6506e2ee2c4b264e0fe0538f6f8533f244338928a045

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    512B

    MD5

    7555d7fa08eb5fac621c412203a52a20

    SHA1

    e696ed1275bed4ff29b11dff3124b0c8a931717a

    SHA256

    fc7ccb0964018aba2782cbbe90b8b7c61206a461f58c49811abfda4646b4f912

    SHA512

    be4907288ecbc85f3d62fd56006f427e19714ae4aae8a1db28129ddd49b07d7c17422a7b269d074b56d12abca37159d39ac1fd3774c64750204b3ec6f914572c

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    30c2596fdfe556b25bb063c00867f901

    SHA1

    9553ea4eb42cc9274aabcf204e38757c6ec1db5c

    SHA256

    74af3dcd04c3a6c68da5d5d8e53b00d0873e3fa47badf58688b4c4b97e94a1c1

    SHA512

    f303449da063ac81f3ffc9965091e98960b8e803641db80cdbd7a7b1459ea21c8c3c2a1937aa542b26ad42f30ff2ae7e9a0c2511d7acaed70b2a4332dc2fc645

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    4KB

    MD5

    531696ca08d7370a6e834943553a6113

    SHA1

    8e8e0920e6f3a6a8b0be2d4b4204df24c33cd1d4

    SHA256

    ca6e62c531c7b7f80eb8e1fd4651579ca98b7fb402c21570da8492b728f5907c

    SHA512

    1d28badde605685208fb6a19fe6fc72499efa62ed73b0a2660410d92eff06ca603ff400a50727d21a2ec546f4fc6cf1dec37b0fa227692a4f57d6254c4356166

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    8KB

    MD5

    3577d3f3692bfaf274cb3690779c931f

    SHA1

    72d96df4d70f6f8b6a60e02fd38728f50c14e35b

    SHA256

    f258f774ef66f928722b38ebe66ddf3991f11463556500ce9b662590e5617f11

    SHA512

    2f6169d8a20463ea8be197f1c456e32aa7e469549c27190a79585ba8152f581aa4efa5ce5b75e289084937a9cef903cbce01cb3567bddd3e4cdd86fed98a930c

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    12KB

    MD5

    eadde1bb15107bcc7c93b923a453707e

    SHA1

    197d5c9a4b11708f0dc4444583371b57eec1305c

    SHA256

    ce222a56163922c863d615d75d8dd2e825667ed46e7faf514e447ed9ffb90cb2

    SHA512

    7ef68b02a4e01d32c88d9b5a05c61f03b7b0d908f41d39baa60e0ac51a6425029f868778b8b1437a1db0cda85ec039fc0f999dc2e7d79edb9e5ba837243fb649

  • /data/user/0/xuzjgkd.sstlojddh/databases/SettingsDB-journal

    Filesize

    24KB

    MD5

    f4925ba1651441f5d1cc53e906d26703

    SHA1

    750f3af6e35c6f700a1f4617745c23406efd0b35

    SHA256

    60ce9f807109e82e108ccb50a6bf689a9c6de7e89e202b18e999b1c8f2b6c1dc

    SHA512

    e49e1def43dea58c6776bf31ee4487a0f7277c25801bac0da71051ec60f3df5093d2fd0c916cad9113c3e2701cbda3e7b1d394ed7141a72de7c9a02ffebe87d7

  • /storage/emulated/0/.am/dm/md/main.md

    Filesize

    2.6MB

    MD5

    ebec0623df12f3d7e493604884e808dd

    SHA1

    74fa9c2749e8af6bf4f00bc232089e4ba8876ba7

    SHA256

    546b24036b300cfb4b6f17e5df3a0b14015d2eb4d654faee2283526f337e1d2c

    SHA512

    d404aca340c2461c5611b0e4822d552ddae48771ab059e1b13edd3493031e9f0b0d95fa82b6584f6b75bfdc5bb54b76526cc4790cda994b6405a275a48ea8ea2

  • /storage/emulated/0/.am/dm/md/main_tools.md

    Filesize

    1.2MB

    MD5

    51112e0a7f7962a8e02bc885025414ef

    SHA1

    40622959af4fe349d8881c885b9b30441de8804c

    SHA256

    2b089f76930214706716aceba0bc6cefe6e132d14dd7d0a7c59eaa4f90f126f0

    SHA512

    f02971a0f493fb72539381c3d1503d8573e8bc67f147014f443df8c01e71bb28437f832c5702d25a8bef2c34c64fb1f46d0000523eed04ea7981186ada22e402

  • /storage/emulated/0/.am/log.txt

    Filesize

    173B

    MD5

    e99d3d3d3b5148e9b08204cc02493c87

    SHA1

    bb5d62bc42e90404ad4db70533087b946986661c

    SHA256

    6a8a04832c1781b599d83a2e055dca1bb6e7ebb26d8e0e60af592c0b7591517c

    SHA512

    5432a5db43b48fe9a669ffeb3890fe71719419f43ccf3e11838dd16a45be1e6fcb2689ca647e7563bce54a2b05b7fb5f124071a906487b5b45d160e74f1bd3f4

  • /storage/emulated/0/.am/log.txt

    Filesize

    152B

    MD5

    8ac550e1c47d2127230346410ae7a226

    SHA1

    f509126f7d50df8b7fcf1824b8d8cb9d096a04af

    SHA256

    24cf5640b9fac535a47e0255cc9c0726806b95b67fb709bd49f970d0c5eb6862

    SHA512

    7dbf0600b654b6ab5469801a77e9d93b85a3b9d726c77dab7ed5837927d6ea3aae041e7ec40c73000b6c8c59434f620e0de8986d48f6093e312b013daa3791e6

  • /storage/emulated/0/.am/log.txt

    Filesize

    4KB

    MD5

    8c8db9cc25e48733adf3b2ef2be54f7b

    SHA1

    291bec70acc6efa3554df7f9f517b05487733fdb

    SHA256

    a74e057c17ef3f514d5a5f85610d42fa67a57617f21737936a95790790d75ce2

    SHA512

    a9d20e2c0bafe342eb24f406257d709bd2c5ad7288a1ed26f8a400b5344fa5d34e8c09f92414d70ab9d6e7dc7ba656b6a9e3612d356acb339f0456b7dda13935

  • /storage/emulated/0/.am/log.txt

    Filesize

    64B

    MD5

    50bfdb2698fc797906469a385d3ccd63

    SHA1

    13090c23551e8519d796fd6c2c140077072fb947

    SHA256

    5fb940f62d4f7cf89aa474299ec34c27c3be7e15e16f2ecc2c30e7ac81853e81

    SHA512

    5086509a219552555eff91485b8d7f28fe7c7808c788207ee117891395006d4df1694d8058be24e538faadfb15f7e316ed230a55ed80738832019ca0f49cbe06

  • /storage/emulated/0/.am/log.txt

    Filesize

    72B

    MD5

    6a4743bc80cd4e5ce240571393f8526e

    SHA1

    373f8050c99d9283dcfeb9fd4aa35743202fbcf1

    SHA256

    454b721cbd2c04b2801e11f820b1c2e10bd8590614abc2fa6a2b6490cf9fb7df

    SHA512

    985847c8d9f663cdd80e17f7b5477605ef09c3f6ddfc2f5ea0580b9e194e64e83000982b10d5ea78c749d28926300ebabcefa3727ce9c85de7616e412559bac4

  • /storage/emulated/0/.am/log.txt

    Filesize

    193B

    MD5

    6709d6fb39f2557ed4bc84ebc134a435

    SHA1

    4c7fa5c9553009d974241749c3c127fc32610805

    SHA256

    0357eb2d3b2715d30d034ca7232c9781a5901d10c2bf4764d5b1a5b3144d5168

    SHA512

    8106510af0121d93426f2fcb250d754f1331c6884b6f05b182729abef677ebe4c1260d25573272a085ca20824e0f86c501767c77d6ce4f61256056903a1fb70c

  • /storage/emulated/0/.am/log.txt

    Filesize

    134B

    MD5

    b04ba3bca9cfb1d72e4566a128783041

    SHA1

    22fdb251df3f45db5c7215005363cd94e7764324

    SHA256

    ef4713c6a5174de28c760290d7259f0cf25ebd6bde95f7d748337e46ea19378e

    SHA512

    96dbb552949be68e1540ded0181ead8e2200edc8a9ffef5c0e1dd4c2720979cd9670828a02a19753cc02cee38bdcb177ad71238cb8ce8758712896f13ea4f61c

  • /storage/emulated/0/.am/log_.txt

    Filesize

    25KB

    MD5

    8217020e5c86746da4c75ba7648608be

    SHA1

    336d5bb483859e165ff5a9f728483306426b738a

    SHA256

    8399b08865c9b0aa1ef52b98d67471ffcf680ad7f2cb530776c546e52ff0ad7e

    SHA512

    51c0dbe4f55db88af71f951e43a4bcdfca3831f7392ba753353fff32bde2971afcb59abdc7d8e059099664f0a13a587ed22855fa37ee74964b6d016fdb215d1e

  • /storage/emulated/0/.am/log_.txt.zip

    Filesize

    6KB

    MD5

    4325ef384454cff77f90b61ad2fa784c

    SHA1

    1f7375b4fa74297881888ce9d06ca93167e676e7

    SHA256

    d0d955f60a25e5b1a7d44b92e290ce63081c8ec3eb7de1cfcdeb2e14fcc2a0c6

    SHA512

    f2e7fda8c2a60fc7bbed5213e842061cd549cd2afa0378f96084a857cc511c5977626213b3cae6ea28deaf67b14983759132925ea92a0dfd2ea0f94f0138cb93

  • /storage/emulated/0/.am/log_1727833299535.txt.zip

    Filesize

    220B

    MD5

    c6cf37254c9b7abd2595b3b170a35702

    SHA1

    5ee0edda7a7f577c963b49db11afe17ba0ea82f9

    SHA256

    1cdeb43dfd1f3895ad4423cf333696281f7058e35c6c49d6d7abf78cee70baf8

    SHA512

    f218c9cc202198e92f74ee0a90f763561c26e2d2ce8a8e636bcb4806ff9e37cf7c6b177e5eb61a9164e3d0d21f6e5063242c928b23345131f1cdfd8c14cd31d9

  • /storage/emulated/0/.am/prog_class.name

    Filesize

    73B

    MD5

    647e6c66ab347eab81c9d3ea0462cbb8

    SHA1

    18fc7323e638dd74eb14290c550b6af4d9957ab9

    SHA256

    4a5fbe96836d0122c584507966ecacafb22e8542a80922cc7198b59fc1287a54

    SHA512

    721e0b6fa92636dc0b310f16b4d9aa2f0c34c0544d5df4cda47a07fc2f2a1a7a5029bc175a2d24d751d0cb1664475f3642631c4a92a462b3cc8b7f4b65aac2dc