Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

00563e5c5a...53.apk

android-9-x86

7

00563e5c5a...53.apk

android-11-x64

8

dmss_v2.apk

android-9-x86

dmss_v2.apk

android-10-x64

dmss_v2.apk

android-11-x64

dump.apk

android-9-x86

1

dump.apk

android-10-x64

1

dump.apk

android-11-x64

1

dynamic.apk

android-9-x86

dynamic.apk

android-10-x64

dynamic.apk

android-11-x64

Analysis

  • max time kernel
    2524862s
  • max time network
    160s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 11:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    00563e5c5afeb28a1997db65cef42ab2dec5210334d1e1b899c81aa453a7a553.apk

  • Size

    6.8MB

  • MD5

    f2a5f34b2aaf963a2c9abdbe142f4489

  • SHA1

    d7ace731baf77da28db41a240fc3cd60a45674dd

  • SHA256

    00563e5c5afeb28a1997db65cef42ab2dec5210334d1e1b899c81aa453a7a553

  • SHA512

    7ecc667ff7337283b215e4aec6148ead7be17b0e4d0e6b1c368df17d8ff488832ca917b7bbba42020cc3d79ce15d33252efadcffbf0af0e68a41aea907c4d17c

  • SSDEEP

    98304:Gr761NF7mPgOA0bzmrxQuB7MmNnt1d/AYs/I09XfbCFXruTcECHD+/OxN566D6bD:GrsOtM2uxMGwJCFFZ+/jqguPC

Score
7/10

Malware Config

Signatures

  • Checks known Qemu files. 3 IoCs

    Checks for known Qemu files that exist on Android virtual device images.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • com.qihoo.appstore
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4496
    • /system/bin/sh /system/bin/pm list packages
      2⤵
        PID:4559
        • cmd package list packages
          3⤵
            PID:4593
      • com.qihoo.daemon
        1⤵
        • Checks known Qemu files.
        • Acquires the wake lock
        • Uses Crypto APIs (Might try to encrypt user data)
        PID:4526
        • /system/bin/sh
          2⤵
            PID:4669
        • com.qihoo.appstore:critical
          1⤵
            PID:4689
          • app_process32 / com.qihoo.appstore.rootcommand.persistent.CoreDaemon --nice-name=com.qihoo.appstore_CoreDaemon --daemon
            1⤵
              PID:4742

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.qihoo.appstore/databases/download5.db-journal
              Filesize

              512B

              MD5

              23bb395306d2a86eda4f97f41b1c2785

              SHA1

              5869203696d16af8cce9a4e86da49e3e5833ed8b

              SHA256

              032e78d8449c13ee5dfcc5946d60cb8abc135868b054156e402da65a07e671b6

              SHA512

              2464c0d01b5910725037240ad343ad1c5a4d48f30aca8f6b3df7d05269208c4746b87d41e7e92026fa47503c912174140252ded3a6a007f9e962da9dc00e9e0f

              Download Submit

            • /data/data/com.qihoo.appstore/databases/download5.db-wal
              Filesize

              16KB

              MD5

              9247dda91f54d7955171848a6f52cad0

              SHA1

              01de9987d379e474afabce5bd6f64de8812926c3

              SHA256

              2b2d35ed91cfb3ce29db630f1bb6f11156fede129b2567fe094f1bbd0b98214d

              SHA512

              831f24830020849367370d176071a613c6c563d5d388fdaf863c569ebe52d52c1e6d6799c559123b949640b42cf0e37c842243a8d4c737d11111b51970366a30

              Download Submit

            • /data/data/com.qihoo.appstore/databases/filelist.db
              Filesize

              4KB

              MD5

              f2b4b0190b9f384ca885f0c8c9b14700

              SHA1

              934ff2646757b5b6e7f20f6a0aa76c7f995d9361

              SHA256

              0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

              SHA512

              ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

              Download Submit

            • /data/data/com.qihoo.appstore/databases/filelist.db-journal
              Filesize

              512B

              MD5

              dcdb9b817deb10360f4437943157cd62

              SHA1

              2052107ed66e5c7faee4f312b347cbe5bcf4d97d

              SHA256

              7a56ff9307ab9d893e8bdb47ba0012a8e79c64d1c733c7010639c383b3a64efe

              SHA512

              bf4870293b75fccbfcb616c98fa91570a79f05965494356ab6dc67264519c524a64c196e08686f9d344b48ab4233a9caebc7153617b46c8d4497f31bc051101c

              Download Submit

            • /data/data/com.qihoo.appstore/databases/filelist.db-shm
              Filesize

              28KB

              MD5

              cf845a781c107ec1346e849c9dd1b7e8

              SHA1

              b44ccc7f7d519352422e59ee8b0bdbac881768a7

              SHA256

              18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

              SHA512

              4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

              Download Submit

            • /data/data/com.qihoo.appstore/databases/filelist.db-wal
              Filesize

              32KB

              MD5

              44f917d60cf48138049ae4778e4f018a

              SHA1

              98082533a76ef85be7f6176ae1be5dfaf256fd55

              SHA256

              19596c574eaa8a05851a7660fb913f52cfa9992e4d0f26fae0bb76e69b67c5ee

              SHA512

              782be503a2eef820e15a4f5b47be349649216daa312bb64c3c55a97d8815847dbf1009798e62ae7ec713bb9d2bc572dda4aba7a842926b8f2fbc65fdb1d0d281

              Download Submit

            • /data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db
              Filesize

              20KB

              MD5

              60e4cf217e77c56efd3707b603797c5b

              SHA1

              816247b4883d3adb30c4db39fda16d2288e27de0

              SHA256

              8e2b8343f703045fb8596dee1888f65fc66b64d10304a4a49fd4ad1f63bd67ea

              SHA512

              22a8cd2974663e8caa220177e7bc64aaf35735dc8abc3870a7e47ea86b02d8b06b041000e5505039b3116290aee67e9645ad2d9c26218749f5b5b2e332712af2

              Download Submit

            • /data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal
              Filesize

              512B

              MD5

              abe371a969e14c24fc2e7a72220f101b

              SHA1

              938b0ef2057b14d1d22592be236f2b405c7e8be0

              SHA256

              50a96203a629092bdea0573dbc86535e16837ef22227e5b83ef0fbde6a5617e9

              SHA512

              2cc64e0b5559bb9aae7a92267f685d5a983fed568366b64e8c0a0f3d63f7d274d898d8b086e797bc353d9282f0e9d4885dfa05a971c9e7724f4fcf6116066e9b

              Download Submit

            • /data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal
              Filesize

              16KB

              MD5

              d941d36bb8949f7ab4f31eaebd6e315f

              SHA1

              5cca6064a9b24b08da2cc05b8030cacf35b93e87

              SHA256

              dd61acdddfdffc945c675c36690566a35a100224d909438e69b2494389eaae70

              SHA512

              76f6bed3d7486df635e0ec9094249952d63693e908ec3b66bf66e13955b28670b2f56feb6dc1cb86ff88ebae0713e5e044087094052a1511c90019b7f56585d4

              Download Submit

            • /data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal
              Filesize

              20KB

              MD5

              c7565b00a101a50bcc2243098722ffd2

              SHA1

              2331786ea83f6f9418e9962d1a22c2e50f8098b1

              SHA256

              32e258206bc592c838a9b7e610465c9b9bf5c556d4eb9743d30f251266e999ce

              SHA512

              89f3689e07148a6779c85cfff04a4a9571d3be00f0e43b197b8a5d67655e10aae1e50c45ec084293ffe40c131612ea5ada08cc8accd54cf447380cba705c1cf5

              Download Submit

            • /data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal
              Filesize

              4KB

              MD5

              c2dc69dc047e979ac8abb47566ade7aa

              SHA1

              ebe5f9e177cab3cf1ef87af7b0acc017430c9a80

              SHA256

              33e009daf4ff49f332adac2e6fc499d8fe90f6dcba08a029846f8e7afcebb2d0

              SHA512

              e40e7063c5eaa50038eed743ada29bf9d841b059ae649769cc23168aba8ae3cf87e4c03cdeae2257ba836532e5a12338f06de62d0160da5e78715f4be7fa4866

              Download Submit

            • /data/data/com.qihoo.appstore/databases/new_downloads.db
              Filesize

              12KB

              MD5

              3fe30614d7e0d11db870b4624f6c50e0

              SHA1

              053ff0fc621ab40f2afeddb3e7b4a73ee41ec533

              SHA256

              67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d

              SHA512

              c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

              Download Submit

            • /data/data/com.qihoo.appstore/databases/new_downloads.db-journal
              Filesize

              512B

              MD5

              db51335b32be4043094a600736e5e20c

              SHA1

              1edbae9239a598a20ab962be2dfb86afdc1c1fdb

              SHA256

              ce398de7cc486ff28f68c706e6b916ceb5b5d8e5d135e4fc609fd695c3940f4f

              SHA512

              d79206eb2c2272ffeecdc4cbb1eabba0b5115eb8b629969a314952750ec81628e3ec0119549d8da9879707e4cba42986755a1b9b59e5993fff1a20b336e4a270

              Download Submit

            • /data/data/com.qihoo.appstore/databases/new_downloads.db-wal
              Filesize

              16KB

              MD5

              cba8699f12692787095d0fd81bbd2652

              SHA1

              a7c416922930b23f11b690b32b9296acae0977a9

              SHA256

              922ccc1c3f142da9aca12932de52ea220ba1dd6ac9f62ed0b3a77fd66823b6ec

              SHA512

              d8cb025f8d02792809a34f28f51c6ecf6c6e751d7fd12132c4c9df4705b3e70ba59ac90ec4d913c77461f86e11de71e49090d8dbd4bf460a10e998888be1e4fa

              Download Submit

            • /data/data/com.qihoo.appstore/files/360/sdk/persistence/backup/Y29tLnFpaG9vLmFwcHN0b3Jl
              Filesize

              32KB

              MD5

              43486c123448ccaf33756b2862367644

              SHA1

              9ed5005c9fe6f71f3a05e44ebc2a07d9b115f50f

              SHA256

              b234c5744994076d20a3d6b7e180fedebbb768019036b7339cfa3a2ec3981624

              SHA512

              199079e2545333eb6c7880a1f099d5d854a0de81daf1b39f0a9db26997cb86202009768ff8a94f02c2fff3d96ce3a9258ae586af5dea2897285640f363963642

              Download Submit

            • /data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl
              Filesize

              4KB

              MD5

              9c836fecef491b57d71e92f9a58b6348

              SHA1

              ea9a177634efeea0f29189bcb842f583bb6160ae

              SHA256

              4fb6ab4d3bdbaa89981d70012862d83e03863d040b0d9abb0815cb592a876f78

              SHA512

              599f06aaeadf555edb17d6a4807aa415eb9608979a5ea39a40c65a0b8d4d7e9f41c457e8a784d09139cff4575bdddd9b7dce3776207b864d67e46784ccb9b617

              Download Submit

            • /data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl
              Filesize

              540B

              MD5

              50d1cb8fc3004d18491c9fd04f4ff447

              SHA1

              ccccb40e99ed4e5ecfee5ee40183837e250a4ca6

              SHA256

              a6483b51a00db0b8a706db7c2ea04a5c5890ec005ae2eee363bebaac8fd299d5

              SHA512

              5a10b655e86898937a1c54409b4718bbf1e786cc34cd6d4d3b486f9bf8602d3e3662a1d822eef9c693f4e85e97189826e9be9026d31128e08535a7a7bf864739

              Download Submit

            • /data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl
              Filesize

              632B

              MD5

              23ff9f6266e6c0dfea5d49b7fbbc9475

              SHA1

              60286b763808a86614bb378ba0f61d91b1bb63a7

              SHA256

              f45d65943eb652466ec19d58fa70ad715be955dd62c8369cfadd63244bc7aada

              SHA512

              6a0a668e515faef6b2b79de3f50d4003fb4260ac6bcf415ae2c640d2afdcce9f5e4612cd99d8071ba8aec99e8e5c4aa43a629e971dd2968dc6591a3de7b120c3

              Download Submit

            • /data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl
              Filesize

              77KB

              MD5

              293cda47cdc0aa8598d3781051b2085a

              SHA1

              4d13e7b16c1433a86001c08ba7b6be5bb747b75f

              SHA256

              d2771915f26ca3635b91e5087fa501247fbf006de4ef42ce956dcdbdd6afc310

              SHA512

              3584c7ae568ac0e4e5771d64baab0f5b2f78c9371dd2c9c907851c5c99606d7db14bc51d987049ff0b91c28faff141bfa29c1379b70828af76b918822efd2517

              Download Submit

            • /data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl
              Filesize

              32KB

              MD5

              a07a327aeea7323155950b4cca174914

              SHA1

              c6fdfe97d63dc24f373d9bea651e745c08178b35

              SHA256

              e9de5e141064f454e02898f48e87c60fea9ed6cc436d4561e1a116f61efeb0c0

              SHA512

              dea76064ee7fc03eddea1d443831d96cb89df13bdcbcc38c14237afac0d3bdeb1927a55fe01b9b7719f7d1e4ee50824c622714fae857f31319baf888c9dcbbc1

              Download Submit

            • /data/data/com.qihoo.appstore/files/sllak/opt/4496/finalcore.jar
              Filesize

              77KB

              MD5

              c14c8a2f5d3a7c47eb2ca8c1b6e69adb

              SHA1

              4e57b3c0f34427aba8a5be40c2e9b627172a89c8

              SHA256

              7d7ada76ea057847b5c47ed0f16a6d0e52cdbebbbdb08c1a9519acf70a1a4107

              SHA512

              2be420b849c0fa84d3c594ab6bc85255eb54915e05aac5fd3d711e8dc93f484c5a2add2c662a858d4c2ce316a716c9e930122e9cb1047be7482c495242d766e4

              Download Submit