7574c4103a80e0afab5b7fabf8cec6ca64c95ae5f26f7c76b3c320c391dd279f

Analysis

max time kernel
5s
max time network
134s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
29-11-2024 16:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Cinema-HD-v2.4.0[Ad-Free-NFU].apk
Size

46.6MB
MD5

6292c52a1becd3371617d76ff58256f3
SHA1

be4c3d89b39114a82784ce23d329d6cdf496ae1b
SHA256

7574c4103a80e0afab5b7fabf8cec6ca64c95ae5f26f7c76b3c320c391dd279f
SHA512

68babf1776cb0c1eaafdccb926555794281c8f2515e54dfa9be5da90bc87eb72b20a4a3d05ace08e2d1ca9121bbdffddb7ebbcf3c5fa506bf1ac661a8dceb88c
SSDEEP

786432:V2j7M1PdQ0Hkn4eDgZ3sF48KiWNIKN8SkkVyl+MGueA6ndpdC46YMHreCyGHEw20:VG7M1VPEn4fsFlK3zthIsMxsndz6YYTN

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.yoku.marumovie/app_libs/App_dex/classes.dex	4367	com.yoku.marumovie
/data/user/0/com.yoku.marumovie/app_libs/packageInfo.so	4367	com.yoku.marumovie

com.yoku.marumovie
1⤵
- Loads dropped Dex/Jar
PID:4367

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yoku.marumovie/app_libs/App_dex/Modex.txt

Filesize
42B

MD5
00c4fc59e6c4525ecc84fbd035adea2e

SHA1
6c965aca8f317e85867167eb6203d8252319fe99

SHA256
3d1443fe0d1db7d04c5d699521c64942dd4d374af0e612e6525729f9b2531676

SHA512
d0fa1a0642a0154e351ef660c142e2e452801955709df6e59d6d4701162f21e8ddb52a8cf1277413761ef37274b7ff93ec3025c7d65260fad0319926b7d50f6e

Download Submit
/data/user/0/com.yoku.marumovie/app_libs/App_dex/classes.dex

Filesize
51KB

MD5
e0accb483ce50e49d27a129bf60a6e0e

SHA1
96b742a1f1774ada6c3bb05eb26ef384a3719828

SHA256
99ff34dbb65f8d9ec52bfed84803ce549a4da4516d810c0666b9ac120f24f1eb

SHA512
357ca886eaa6cd90973a7d43fa75c834c2ba4951ba257852ffcf9b6609ed088be01fc1adff52500fa66bea387282f51a706a0a9a76b8184cef7b934a2f7ea6cc

Download Submit
/data/user/0/com.yoku.marumovie/app_libs/arm64-v8a/libIOHook.so

Filesize
326KB

MD5
0b4dd78cbae504f8ca3633233d3abc94

SHA1
1e6611c409ba752cbd965ac93134d1c3549526a9

SHA256
81a4a071afb7017388a0b33c3a6d431aaedeaf7a966974285817bac637a8312b

SHA512
2b11f1dc351aa5457f86d58dd93a284ece178e909432b37ffc8e909ad7e1560b647fdb6da95e02eef720439c3fa65fedf36b2b3ba55f9e9cc38e1edcf8fa6b20

Download Submit
/data/user/0/com.yoku.marumovie/app_libs/arm64-v8a/libmocls.so

Filesize
286KB

MD5
305354d1e807626f494584e92024384e

SHA1
6b166c04c0f458b1c4efeab70047c3d25a80f6d4

SHA256
0b87193c6d8241de4d157b391ac906871f60f5b3d81b39dcd2d2377334667579

SHA512
5002a1c5918e5760941b1d66d2d0b512f2436cdeb5f35989a29164556a35840bc3f562807da7ecd79392cc441271160936eef9041be293e66ca5ed425f490e52

Download Submit
/data/user/0/com.yoku.marumovie/app_libs/arm64-v8a/libsandhook.so

Filesize
318KB

MD5
51ccb0224d7ae47f74fe1d0a9e285154

SHA1
54fa2c101ff5d50778611343e1b40f7edd5af1f1

SHA256
b9412d771d5d41f35a0e813a1612c870ba7e5e9469c3188780631a691db0380d

SHA512
61f6eb8f597be57170f2c9176a59d57c5ee93f1ec1415abd29bdd987a7988873ee47cfff16318937cbadfeab80eef1a3279e3e27048fbc1487af95c4839477f5

Download Submit
/data/user/0/com.yoku.marumovie/app_libs/armeabi-v7a/libIOHook.so

Filesize
189KB

MD5
cae33a1622a892f633922c8a02bda869

SHA1
aca193b10b4c26458b43fe7250f9c02420b2b64b

SHA256
e8ba582b36f70a26b6f19d489b84169c797440a45bacb8a2bf21423c6a24249c

SHA512
a906920964e4639e1de3aee9369d497f557398b5a7ea552e4494c4dd5288b9db702508e47773d10667b7e1927473f950a600632bf4acb7deabcf34e20cddec74

Download Submit
/data/user/0/com.yoku.marumovie/app_libs/armeabi-v7a/libmocls.so

Filesize
169KB

MD5
dd8ee1eaed4c5718b3ab660d0728d377

SHA1
73b6d7ca16aa0af9ce504a1c7b97448fa78de741

SHA256
0a9ce3706369e4869e99410bc8f33a3385b26892b4de700171f24a09ceff4ce6

SHA512
c119e6d995f468a664d40b82af44db60a0fc75b91d5f8a7542df0e056d913cfb765c9553ebb6317f2dd23270325555cb9548baf2e452417043a51adf6e0a10a1

Download Submit
/data/user/0/com.yoku.marumovie/app_libs/armeabi-v7a/libsandhook.so

Filesize
193KB

MD5
bead782e1cb0cf297240f7ae3c92401b

SHA1
f0fa0cab1b08a4ee1ed7028955a63ca9a57f2568

SHA256
2f2201c315991b7e8428e998dba677b479de6f7a5b2fe59212759ed88e0530b8

SHA512
2965bb0091fbc777139b94b19ab8e716f3a4ffb6e68b4ae5b73c8454bc999df30d449182cb58a0fdd3f8d35e24ff2caa3fc78f00e4a1fa075b424d0a25492d7a

Download Submit
/data/user/0/com.yoku.marumovie/app_libs/packageInfo.so

Filesize
173KB

MD5
8d78623eeecddeba54c08118d11c6841

SHA1
0926e28622e8f1ab15e405a336b27d88359528e4

SHA256
abe36916c6055f8662dfd0644aafba747ba75f578a904a63a849b91f2cb8d1b3

SHA512
aa0d88b17fc60c6374540039b0c0638291018420c9e31c54bdea7791f94e5a05bd7bdd98630213a42a5ad1759f7c76c9da614fbda7d6e26b542500b9fb5337fa

Download Submit