Overview

overview

7

Static

static

6

23feb839b6...a1.apk

android-9-x86

1

antitheft.apk

android-9-x86

1

antitheft.apk

android-10-x64

1

antitheft.apk

android-11-x64

1

antivirus.apk

android-9-x86

1

antivirus.apk

android-10-x64

1

antivirus.apk

android-11-x64

1

apm.apk

android-9-x86

apm.apk

android-10-x64

apm.apk

android-11-x64

appmgr.apk

android-9-x86

appmgr.apk

android-10-x64

appmgr.apk

android-11-x64

av_rt.apk

android-9-x86

av_rt.apk

android-10-x64

av_rt.apk

android-11-x64

blockui.apk

android-9-x86

1

blockui.apk

android-10-x64

1

blockui.apk

android-11-x64

1

callshowmgr.apk

android-9-x86

1

callshowmgr.apk

android-10-x64

1

callshowmgr.apk

android-11-x64

1

clean.apk

android-9-x86

7

clean.apk

android-10-x64

7

clean.apk

android-11-x64

7

oclt_v2.apk

android-9-x86

oclt_v2.apk

android-10-x64

oclt_v2.apk

android-11-x64

dmss_v2.apk

android-9-x86

dmss_v2.apk

android-10-x64

dmss_v2.apk

android-11-x64

heurmod_v2.apk

android-9-x86

Analysis

  • max time kernel
    2815754s
  • max time network
    139s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 13:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    clean.apk

  • Size

    786KB

  • MD5

    203f3524c9d0cf46538f014a1eed793f

  • SHA1

    5b96c37f9cf0aee0e18c4aeaf6f5b4b9e7f8c54b

  • SHA256

    943b9e265668de4831d5f2e5b29b51f301ee05f308cea19dece9a779aaefc879

  • SHA512

    08f23a060dc6dfaf437017efddc55a532fad794acb360c0bc6ebbbfef04d4ad437e86b040567e05cccb5bb55b1a5f323fe6ade071c5155c7f4a616a082e4aa78

  • SSDEEP

    12288:dnEgf+VOf4tRyv+9uxl1WYwMe5NVG7+OO5TlhX3Cq1ID66MGwhGsbYst4:dn+OfOULevQ7AhX33Z/htbYP

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.qihoo360.mobilesafe.clean
    1⤵
    • Loads dropped Dex/Jar
    PID:4251
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.qihoo360.mobilesafe.clean/files/oclt_v2.jar --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.qihoo360.mobilesafe.clean/files/oat/x86/oclt_v2.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4277

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.qihoo360.mobilesafe.clean/files/oclt_v2.jar.temp
    Filesize

    112KB

    MD5

    98e0c119e542f466180d52c14f281304

    SHA1

    f114690b33766ac6f146f3a3412d655b0b062b8e

    SHA256

    fbc43ed872029a93a1b473fa5b894708b39de4a98ec3e13aa559d8a008aeb8af

    SHA512

    fd952c707a0f165de63e0825e52af43d3e90491f549ae41f636aa692026fbdd3cfc25806bf077b2cb1834889e1ec455b1e9285d996f7b292813fcded562815a7

    Download Submit

  • /data/data/com.qihoo360.mobilesafe.clean/files/oclt_v2.jar.timestamp.temp
    Filesize

    10B

    MD5

    a34edcc1693a86e1bd8dbf8b1e00bc01

    SHA1

    858df7d8945996d20a8ad8798cd86a1d3d8ff6b2

    SHA256

    c4a46a944994297bbe223f2266cda62f160d07eb9ffde0c728809ebb8804bf8e

    SHA512

    9c197e3255bd00fc33171c4a62730d6735beb334b6511a28dac07a22cadc45b9aef22853e04d2d6bcb5a34ef5488e6314e36b8cf5dba84954526a379c37724dd

    Download Submit

  • /data/user/0/com.qihoo360.mobilesafe.clean/files/oclt_v2.jar
    Filesize

    237KB

    MD5

    f8dc3fe6e49436b8a41ac630f4d89ef1

    SHA1

    c8aee8161e70116e9d9e9b666c9dd6656f6a7724

    SHA256

    87487ed1c09185d126a281df5a85cb277e67d810f5828fde43315d825f010a0f

    SHA512

    888b3a4962ac979f242c949e26bfbc4e72d7de1a785687359547ea0efaffe4663076dc0d1a9a1f4ce4b9ea81848e9f98984973e75b87fdddef6d926f22b77939

    Download Submit

  • /data/user/0/com.qihoo360.mobilesafe.clean/files/oclt_v2.jar
    Filesize

    237KB

    MD5

    0dca587c7b0c55fbe62cbd7b4b009f30

    SHA1

    7c3fff2e9a84b52521b4cf10dbaa68badc7a61c2

    SHA256

    75091b8a4614ac199618d4356fc1e559798f850996cc37c13d6615dccfc9ad8a

    SHA512

    aab6822f99e23c846cca47389f744735b001b790fd9cae840b6641b0a3df4ae6c9f9ca60ff48dca2956e2c508963d690acfb10db92d3fdd21b2ee787978d2f79

    Download Submit