Overview

overview

7

Static

static

6

005f45ca0e...08.apk

android-9-x86

7

005f45ca0e...08.apk

android-10-x64

7

Analysis

  • max time kernel
    2523968s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23-12-2023 11:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    005f45ca0e142d73c834d48dffb3523fe7f1a9de46a408b94419bcf038e98108.apk

  • Size

    14.8MB

  • MD5

    1fae6fdb6f8fcf3c0e1b47caa0ecc212

  • SHA1

    6de3208b757f89d2026bc06c6fea14d3987ed3d3

  • SHA256

    005f45ca0e142d73c834d48dffb3523fe7f1a9de46a408b94419bcf038e98108

  • SHA512

    bc180648139bbc5e0e9926770cd9051d3a3dc430ca32e5f3138431251df073dc5ebaac3d3b9c667d42ade392bb035cea7e81e81a0f3a44bc53642b9cc4ae08b6

  • SSDEEP

    393216:SJ4vkBh9qEaN4nLsy9nBLNSS9MQq5gJQ5pq7c:SmvehcP0d9BhSSuQfJ5g

Score
7/10

Malware Config

Signatures

  • Checks known Qemu files. 3 IoCs

    Checks for known Qemu files that exist on Android virtual device images.

  • Checks known Qemu pipes. 2 IoCs

    Checks for known pipes used by the Android emulator to communicate with the host.

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.guoshi.httpcanary.premium
    1⤵
    • Checks known Qemu files.
    • Checks known Qemu pipes.
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4221
    • /system/bin/sh -c getprop
      2⤵
        PID:4267
      • getprop
        2⤵
          PID:4267

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.guoshi.httpcanary.premium/.jiagu/classes.dex
        Filesize

        3.6MB

        MD5

        8a5bf2d14ee0fa4f5c9da39f87a7f4a7

        SHA1

        0158af650dac64d08d202a39af099bb460071f67

        SHA256

        6280ec653cbfa0b360e89373a9aa3dfac314b4fd75d24e8895dfcddd9e58d3b9

        SHA512

        95e162624285f8470e769d1a2f3643edc3a6fb1c37cfe773806314d025e1f8554f92b20a4ec6867b913be0c59acac98c493ee0d0991eec1b591f3199053443c7

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/.jiagu/libjiagu.so
        Filesize

        485KB

        MD5

        1da618896802fdb4b6f17c92703424f4

        SHA1

        b48aa81ac014a5a7f6e95e618e4f951ee12d34c3

        SHA256

        2cbf986b5e1357e00347d75d6f631539c0f368208079df36bb44603ac4e6973f

        SHA512

        620a06d8df24597467318582a12bce45e2e2cb66069ffbd6fa27ac5a164c58398ddb9c2348e6ef443272a22ca85fcfa03439d0f0f22109a93708d562e0737cb6

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/app_crashrecord/1004
        Filesize

        58B

        MD5

        0d210bfb2a0e1f1b4c082a6a0f79de07

        SHA1

        bb8ed9e364db79d1d9f2fcde3f15091893222faa

        SHA256

        988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

        SHA512

        536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/app_crashrecord/1004
        Filesize

        238B

        MD5

        06c3afe2ffead43ffaddc0633e8be6a3

        SHA1

        5eff2aa2a39c4dc1dde6426f1fe76544dcdcc19e

        SHA256

        b423f3a5d1c67ec0a16d86845b5d3c9a4bab57de01d79f80493ba1c44288f9a8

        SHA512

        f25f077e6c3b03af1365f48fba66821b1211f868f72e9d250a6958912c14e1f5b07df9c21b638ce860e5b4ddcdf9707e95daa1cb1dfa7a67bd4cf2460e230d6d

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/cache/.root
        Filesize

        2B

        MD5

        444bcb3a3fcf8389296c49467f27e1d6

        SHA1

        7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb

        SHA256

        2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

        SHA512

        9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/cache/HttpCanary.pem
        Filesize

        1KB

        MD5

        af164ed14163c72dd719e88086e27f71

        SHA1

        02774a70dd053a1554bd3f3cf10ebdb9d41c86d6

        SHA256

        d5297afa044472095819fb3bad83a59ec2c32fd06fd0fd4df90e645c9eebae41

        SHA512

        8decbb83056ee785edd5e715f2645c0f3d368f8bd45253976e7017a2ce4d8d34e20d3b8c0b881342e380aa7124071f2b3f32fe95c74cba9bff162a8eecb6325f

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/databases/app
        Filesize

        4KB

        MD5

        f2b4b0190b9f384ca885f0c8c9b14700

        SHA1

        934ff2646757b5b6e7f20f6a0aa76c7f995d9361

        SHA256

        0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

        SHA512

        ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/databases/app-journal
        Filesize

        512B

        MD5

        3dce6f1bfe47470ce0f43d655b0244bf

        SHA1

        2315c786c28e297fe10114ad5dd545e129e4048e

        SHA256

        c44f0c23265f9fe38f3706692a6ab5093f6621d5aacea834d6db1de9499cbdc5

        SHA512

        89b12d1af3986eead734cafcb8d1659b2fd47f2257ac6bfda4039db345747badd1a09b5c6797ae2fcb3c2056266a49072a5b40f42a93b6a80e4a2b6e36ed3e76

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/databases/app-shm
        Filesize

        28KB

        MD5

        cf845a781c107ec1346e849c9dd1b7e8

        SHA1

        b44ccc7f7d519352422e59ee8b0bdbac881768a7

        SHA256

        18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

        SHA512

        4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/databases/app-wal
        Filesize

        80KB

        MD5

        a3342b04c89689b0730b3390ea26a5af

        SHA1

        2762ed84f97de2a9729f5013a5e6841afa146d61

        SHA256

        afbcbd3b5c31f1b415f9b912a533567497b8db624c843890f67a233b3ec219bb

        SHA512

        8ceb8b4e8d9aec8fefc6c35c3b8ec666b2987d5769ff35a80c7031cab56390a84b44c16d7436269cb0450267639db4dc85848aaaa2b52ca6229893f32ce395a5

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/databases/bugly_db_-journal
        Filesize

        512B

        MD5

        4b7a081696fafa8a9deb4b05ecd6f634

        SHA1

        db3530b34c06191e8307ac060c396a09abe27de9

        SHA256

        f5f9afab0c61949e04bf9f86774ec748a71330f53bb14beea68ca43e2de4d208

        SHA512

        5d975ff409fbe3d370961be346e8c8f8062498b53394aa5a6c88b2bdd7abb39b3c0f5dcc12436c919c1c5957400b07433f87560a878fe7d561f1b84c311a1e61

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/databases/bugly_db_-wal
        Filesize

        16KB

        MD5

        f405b33c586c8b9e7cd79f4f598841b7

        SHA1

        41e6a5bd6f82b11a2ee97bf5e3c731b5051cf3c5

        SHA256

        14a27c8d20245e3134f0ef7b1e5263063253b1879d5b25b19b09e0d08f34f1bd

        SHA512

        9d7bc606be34870e637d67b19e939fceb02ffce50dbae4c78dc5d173fe26b027028b080ea091c06e99441e9803225c06b91fe522a2f515c8e0bf24406cb556b8

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/files/.YFlurrySenderIndex.info.AnalyticsData_34NWGZ6J2XKH7DBJGBTD_278
        Filesize

        87B

        MD5

        2f02e4e0b7fb4ca96bd2f36879211fce

        SHA1

        0241d39ef8f03854e1fa70928020beb623df57fd

        SHA256

        f56754d69a0ef1dcb20f24237757b2ee27d89dcef9bd4475ffab3e1da4999b75

        SHA512

        fc9fc1b29561a2bf6d42470d8ee5665013e2832bad805d915e78ba618bf6fc3c0b7323db4c2eb9ca540a35cbcebc928b6011c994781c16f72f156df73fbef337

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/files/.YFlurrySenderIndex.info.AnalyticsMain
        Filesize

        72B

        MD5

        b5bd623e44a86805fea92aac8de3c1f4

        SHA1

        4afbc0fe2b54984383f63cc992b2cfebedbe1578

        SHA256

        3e1afb635302ea6bbcfa341ee83869f2acf2294047341ed17982fbd0aebcba0f

        SHA512

        ea254ba169a0e7ea6d7abe625f6715d65da1df29b4c8d17660fba23b35ca73115d36561352fc23d5b59266fc634cfe21084a561f17532d89762e124408ff1717

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/files/.yflurrydatasenderblock.944f6c00-b014-4272-bb1f-b0475e08d8c4
        Filesize

        337B

        MD5

        59125c492337db846f9c54f95059ab10

        SHA1

        7041e95d34b2e1f841e2d299cab80bd31c6d30fc

        SHA256

        60bfd9344c90cc8eac98228a58573feda534ee94ef9cec3ada741947137047c7

        SHA512

        b7d63a0e60fbd376f5c0ead40d4e893e252b57312fea401a459df368e6c0ad8a4d706ee0ade14ddf079513728bb17a2e1f123efc4f80217a6607cc564b56831d

        Download Submit

      • /data/data/com.guoshi.httpcanary.premium/no_backup/.flurryNoBackup/installationNum
        Filesize

        99B

        MD5

        1bea9aa5d86c4af2c880362540e66450

        SHA1

        5ca681bb3dfa2bfe81ffc6a87ec227e8cb5fa032

        SHA256

        1b257ce47405e4af04bab5f048706fae5c9f8dc11197ad9a5374178682a22d1a

        SHA512

        a58fc1ed814bb604ae13e711de2806d1db3a72e2144844f9da217ec3068585c46a6c3945b62ebc9923d13b99052c266f5a71ef4ac026152cad353cd05c20870d

        Download Submit