374d92f553c28e9dad1aa7f5d334a07dede1e5ad19c3766efde74290d0c49afb

Analysis

max time kernel
3383169s
max time network
157s
platform
android_x86
resource
android-x86-arm
submitted
21-07-2021 15:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

374d92f553c28e9dad1aa7f5d334a07dede1e5ad19c3766efde74290d0c49afb.apk
Size

6.5MB
MD5

360bc8ff1645a67a0d7882592fbbccd1
SHA1

9e9ad06b5ea2daca5ea62435a20d02944b54aca6
SHA256

374d92f553c28e9dad1aa7f5d334a07dede1e5ad19c3766efde74290d0c49afb
SHA512

5bf901c67ee59bf6599a360872a6dcb352ddbcf68b459926c7730a24c9203b5e70538055dafd2d8248b059f4901611af448cebffaac148469775e42b2046f0c8

Score

7^/10

obfuscation

Malware Config

Signatures

Checks Qemu related system properties. 1 IoCs
Checks for Android system properties related to Qemu for Emulator detection.

Processes:

com.kingoapp.apk

description ioc process

Accessed system property key: ro.kernel.qemu com.kingoapp.apk
Checks known Qemu files. 2 IoCs
Checks for known Qemu files that exist on Android virtual device images.

Processes:

com.kingoapp.apk

ioc process

/sys/qemu_trace com.kingoapp.apk
/system/lib/libc_malloc_debug_qemu.so com.kingoapp.apk
Checks known Qemu pipes. 2 IoCs
Checks for known pipes used by the Android emulator to communicate with the host.

Processes:

com.kingoapp.apk

ioc process

/dev/socket/qemud com.kingoapp.apk
/dev/qemu_pipe com.kingoapp.apk
Uses reflection 1 IoCs
obfuscation

Processes:

com.kingoapp.apk

description pid process

Invokes method android.os.SystemProperties.get 4687 com.kingoapp.apk

description	ioc	process
Accessed system property	key: ro.kernel.qemu	com.kingoapp.apk

ioc	process
/sys/qemu_trace	com.kingoapp.apk
/system/lib/libc_malloc_debug_qemu.so	com.kingoapp.apk

ioc	process
/dev/socket/qemud	com.kingoapp.apk
/dev/qemu_pipe	com.kingoapp.apk

description	pid	process
Invokes method android.os.SystemProperties.get	4687	com.kingoapp.apk

com.kingoapp.apk
1⤵
- Checks Qemu related system properties.
- Checks known Qemu files.
- Checks known Qemu pipes.
- Uses reflection
PID:4687
- com.kingoapp.apk
  2⤵
  PID:4918
- com.kingoapp.apk
  2⤵
  PID:5062

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.kingoapp.apk/databases/google_analytics_v4.db

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.kingoapp.apk/databases/google_analytics_v4.db-journal

MD5
2ac051865e5bf136282baf8820d4cbe4

SHA1
bce03c47bc583d365d1d14de67c3c14743d53d0a

SHA256
df1e3882416791155cc62feb4a1f384b9e7194e478b0a04c2a854dbae3675893

SHA512
876feda6a23fff137e7540edc845d1f93e93409dba1cda1e33c1cac1d1e31beeac71521c41a61f86c51d6b30349abc5dc634d916cdf94a32c1420ac717e0f960

Download Submit
/data/user/0/com.kingoapp.apk/databases/google_analytics_v4.db-shm

MD5
f9f46b12c7b2b2f3e1bdc1515f023d3e

SHA1
f975100c56f600caa3142de46bf756ac32aea88f

SHA256
89bfba0e8a900e5282169cc0010bf1632ef92773f21803d4be55c4ca7f9c528f

SHA512
95764afb8f6d6150e90c019754ba1b4b6e35bc9611c89c27e4cab9a2a7c288b352b73d244b40323b4383b2d3090066aac4fb0e7cf93bf72be2b89c8972db4d92

Download Submit
/data/user/0/com.kingoapp.apk/databases/google_analytics_v4.db-wal

MD5
dea28a9bb0c77071398f25ec266646d2

SHA1
ed06f46e3c694534e457b0c0e568ac04815358e6

SHA256
02acb1e905108eb2e16161a6e5fa2df492d0064b2ede49294df277f75fb35028

SHA512
c8dcfbe54630fb5a39eac9d6c7682e2cbc4c5b57e45e3a6ad07517b99443b0c4779de9a13f1244b2964555d7c3abf186604cfa7a04a62857f9c395599bb3115f

Download Submit
/data/user/0/com.kingoapp.apk/files/ac

MD5
9abcbfd5d00f9737568902f32297322f

SHA1
98208d77fee249cbf83e61c80b3e0aa4b50caec5

SHA256
bf198d0c99b8c02e49c53b8a2e84b31b906362825d32a8ad40c2970659b036d9

SHA512
ff18ebfe17a9ac69a21389694f541596469d7f754aeee01a3a4b2a4291f855c60446109ed3f97c648ff52576b255cb9328c8985f541d9d6dfa60d1e79df15591

Download Submit
/data/user/0/com.kingoapp.apk/files/gaClientId

MD5
1cfd30224a7aafc0e7e51ad8fdbf5ba6

SHA1
3c6c08b40e1da8049348bae6f4534fc765ed7410

SHA256
868feb024dac4b1c22e5d606eff8a1a78978d498f9ac8e640a93e93e31a1f5b8

SHA512
4228bc114503921aadad695e73fa0206240ccc396bd4db90b1ccf6a400d3abe2d8efcc5b75be00d475ad20f7a39bdcc87fe781f43a13b23df331bc3fa0bd1433

Download Submit
/data/user/0/com.kingoapp.apk/files/gaClientIdData

MD5
b54e41f838e873e57ed7ba77268a7f34

SHA1
6b76ded7ea1671323a0a09590d8861f1a56f3ac1

SHA256
eb8eedfb61435d686c1c5d970ee4034e2ce71e2bfb97ff97d4eca01717f85ae4

SHA512
396e2af6cc50cf1ba485a6bb99f1700a8f3eb16a5ac49fb7d13fe0b2e8c99091c39c6b3ae94f5a65782944e090aadb68bcc1f590a76209571b1ffcbbfbe5544d

Download Submit
/data/user/0/com.kingoapp.apk/shared_prefs/LOG_COONFIG.xml

MD5
d1893048e7473d1df5549f9d8044d30e

SHA1
8c0cf834ca1daed6a3c4f1c315fdb592ec961362

SHA256
8be1c1db714b931b93b728787522eed447d664ec4fdf34529ed0ee48e30183d1

SHA512
66f248bd98383b9a352b696ba9124299a8154591e695cbf7ae8e265afadef2752ca5562b510ead5223ca43c3158fcf55c7f1c182c2145d64a5275f41adf0af65

Download Submit
/data/user/0/com.kingoapp.apk/shared_prefs/VM_COONFIG.xml

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kingoapp.apk/shared_prefs/com.google.android.gms.analytics.prefs.xml

MD5
150b166280c6c67fc541a92f42babd0c

SHA1
9e6df54c36a7016b2864c1297e70153e60906b8e

SHA256
3056fe6672276dc83bca04e27bf720a0fa74fbde24bf18c99cf760c857e8ab32

SHA512
1be1a5c5ee1d199904f76aa4936c49955967ec49f3289ea123e993f51b52ee46b9f4db13c0227443e922bf40032c8e66535c257beef1ef701bb9e3be4f1d1011

Download Submit
/data/user/0/com.kingoapp.apk/shared_prefs/preference_cmm_red.xml

MD5
ac0c8b7f63f2de492258f17bcac2038c

SHA1
827fcd1bbe271ca29973179ee289c53dfef4ab4e

SHA256
67e5c03981717e765b1d19cbcc203100966259cdecf1407dff5528aa7c059262

SHA512
37c5f32e2529fa67018d8ea04e49b6900754f031881d163438ee443e73de7d842b89808a2b0856a4befdf7c504b18a567b94a0e3b45f64c6298464fd2c6cd6e6

Download Submit
/data/user/0/com.kingoapp.apk/shared_prefs/preference_url_parm.xml

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kingoapp.apk/shared_prefs/preference_url_parm.xml

MD5
e88355fd454a3039d7c8892b7645245b

SHA1
772fa454a3c47eb95a18dbe349a8dc0734437696

SHA256
e6b99d7a4dbf4da3e8fc67ac6f897c57eb62f0817e5237da3eef29e68be895af

SHA512
8870ae76d83f96e22c5f3df8428e9956c3b1423f3db9910a99f11ac1a0a571c25a814bc9e8fb1307191fc2388c88349c05dbe068ae95173fa3bdc573188c91ee

Download Submit
/storage/emulated/0/Android/data/com.kingoapp.apk/cache/kingo_plugin

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads