4f48d2e78aaa0d0fbfa764cd18a4675ef4bf67c643dd924ac2d4e885415e6047

Analysis

max time kernel
2571604s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 16:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4f48d2e78aaa0d0fbfa764cd18a4675ef4bf67c643dd924ac2d4e885415e6047.apk
Size

19.1MB
MD5

f641101bbaa6fc742bbf1eac23b18bc0
SHA1

e8df6e529d35ff7cdfc2d36ff76f0ae6295bc661
SHA256

4f48d2e78aaa0d0fbfa764cd18a4675ef4bf67c643dd924ac2d4e885415e6047
SHA512

68c4eb51d3ed960dc0e0ae7907992ec329ecf61e97e4500c10aa1af9a18e8138a4d85924f0ec2512d884a83737e7164b1b4d5f77eaa11be2c27bbe1568881dc6
SSDEEP

393216:T4WYHFbPO+rAjgihM44hs8oU63bX68kQqlOTRyQiShbCIU3kEPa2Fh6mwqzGhRe+:pQFb5Gt38TzfTQxgIU0EWhRe+

Score

8^/10

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	sogou.mobile.explorer

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	sogou.mobile.explorer:patch_service
Framework API call	javax.crypto.Cipher.doFinal	sogou.mobile.explorer

sogou.mobile.explorer
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4272

sogou.mobile.explorer:patch_service
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4305

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/sogou.mobile.explorer/.00000000000/2D72A071.dex

Filesize
48KB

MD5
cd31370d3c33859def7e523bf37ad05f

SHA1
7f2d86fea5d3513cbce7563825553ede2ae82358

SHA256
9ee70a2f7ead5fc5f7e804667709e23ea6da7305f1335c056fb0ec5646570fae

SHA512
7b0a502b44094db6217914847e9f21be266db660f28355d41a4f55d764c9cbac5e4e78d9142a46772c11bf1d196c9fc1f15eed7046cecf7a10103bc3dc330955

Download Submit
/data/data/sogou.mobile.explorer/app_sogou_webview/paks/chrome_100_percent.pak

Filesize
36KB

MD5
5138eaf33fb148da510925720a8187ce

SHA1
cb73a49d2228a6a2bd04d40b90d9907c52893084

SHA256
012ee3b24a36ef42cb87260b8e3a5cefce3b5d7182ceb7d7472ace8fbfe5f609

SHA512
d56d4a4e3ac6ccd9df672159e108eacbd6e812473d371513ae1dd7fc55de8622209afebe3a2f50dd827c2fc04d95cc40dfbf9366a1e705b41dbca14d662d315c

Download Submit
/data/data/sogou.mobile.explorer/app_sogou_webview/paks/en-US.pak

Filesize
7KB

MD5
e47a00639e8180469f4a22b19f859ff4

SHA1
c214ae55f79b45cb813adc59e311b89b5fe42550

SHA256
10bc62b02521074a0560c240a5bde52286836808beccc8ed9c1f241bef3b8e41

SHA512
06f27f7dcb2fe2418fdca24709e93c113cbbe244872add673381add9894661420a06c0fed222323e067a2793f6df29516c385008c67bdf4dc726b180e0db7654

Download Submit
/data/data/sogou.mobile.explorer/app_sogou_webview/paks/resources.pak

Filesize
92KB

MD5
5c4c05f247543d6679b38325f051cafc

SHA1
77e6bd50c2b45125b63be1b5e69c1e6365efefc9

SHA256
d70aec776e921286732ca4ddd15f1c71687240434329ebd4cc8b1a028d479784

SHA512
0af9b109859484faab7170d43984bb4d053604ee0315f377cde85aacd5ad75a244ae342573e125a5732318e5f4b40e71af9c42453459905b71722d8b602f9e7e

Download Submit
/data/data/sogou.mobile.explorer/app_sogou_webview/paks/zh-CN.pak

Filesize
7KB

MD5
3219cdee430472dd8c88ae6b176331c1

SHA1
9ca7d789e84267189a0091f39f03ca53dbcf0ba5

SHA256
8db4f5dac0b7d6d5275e37c168e3a0f9236aeda64f9617748054b0936d06492b

SHA512
a751219366df78e3b7c2551749822eeb1095fd51bfa96657bace8f598e7f3ee6d272e5caa749fda6e353113646775a33da70770361cf763fb68f695a7440e97c

Download Submit
/data/data/sogou.mobile.explorer/databases/MessageStore.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/sogou.mobile.explorer/databases/MessageStore.db-journal

Filesize
512B

MD5
67bf04dd9ab368c63970d3b662b31485

SHA1
ce1baf1fe21e04baa4f23b2cad2b1e9aa1889275

SHA256
b68b6487f31012d1032a04307855de038aed920ccebf1dc1e445189474f63679

SHA512
933e17c97731a7348d25b13b7d48e878a22fc84285f444b4984a29b2c7392e999054c439538f709b933e41ea84757a9d1a2da624e282d3487ab5dae875beef68

Download Submit
/data/data/sogou.mobile.explorer/databases/MessageStore.db-wal

Filesize
48KB

MD5
5b902cf9dac1b950e6acf862d7078fe6

SHA1
af464aa13adfea9b6ee69e1c6267b316f28d9d3f

SHA256
2f7e64cc2133ac6c099d8b5287327f09f844c24534b519101909091c18f8b6d0

SHA512
c834629ac2e550e109fdb5f1e2c7423bf039ee757813e4815d60709ac60a85d547593094b266bafda11abd195596e55d9b7da28d5859d22bf0ef045c78657cb9

Download Submit
/data/data/sogou.mobile.explorer/databases/MsgLogStore.db-journal

Filesize
512B

MD5
4c444a102bd9e6e56444487743f2ba59

SHA1
768ca28636981b64580e8e2c5be56758d4f93f93

SHA256
d5d92ee1877ee2e33adb85faf9ea1285bda0c54ae6655ec84e45de6361084497

SHA512
ecaee8f824178d40d4e4aadeb13e52d293dcff169a7d021e47cb6cbc16c7840fccf53ce440accbac0fb906b1a5f14ffa45610c27870bbc9d047ee11d44506901

Download Submit
/data/data/sogou.mobile.explorer/databases/MsgLogStore.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/sogou.mobile.explorer/databases/MsgLogStore.db-wal

Filesize
68KB

MD5
00bfa715bff6020b3f91a5b3c919ef86

SHA1
1612f305381bde1226d581fb118ebe8ebacb454d

SHA256
dc4ca456458ecad6bc1a3577c882faf6bad1137f16c03cf0edffb4a2412462f9

SHA512
1a0832a7db076762870956b8cc630d072505d74985daa30e39f4aa5e1bb76f2c6b1aa145f48f102a498ad4d8a9bf1db1ce49a87cf92e330f7ad097f87da8995e

Download Submit
/data/data/sogou.mobile.explorer/databases/sogou_mobile_athena.db-journal

Filesize
512B

MD5
2d03550a9d6816b528c9fba9ecc39d6d

SHA1
36c1d4a5a3f981a7d6c485bec9ee0c864046e7df

SHA256
8d68b057015df8b11ccf94e37f5d279c95b7200d0fedad361c58fa9916e9661b

SHA512
3afdc0f06ea4ebc61d25a838e68740681d9d46423abb8aa149bc329f866606ecb39e37eeb7a818dcdb719aa34b37c36987d93a0c1723a47cda54bdab28f3aa7c

Download Submit
/data/data/sogou.mobile.explorer/databases/sogou_mobile_athena.db-wal

Filesize
16KB

MD5
d5bfebfb9c3f1e2aa14cd097836a4b51

SHA1
dd550dbdcc4559542516b175fe315981950c9275

SHA256
d4c3c88d2cd3d58759b84ea5d7f9677707273cdbac65b4b582aadadfa92ddba9

SHA512
a67b7564d82f552ea6d8bfaed3ae3f05b37f06e8b84264285e08656a046e303f9a097b6cbc71d4f175730dc9b8c8db296a14bbaa1dedb31a831f41836db79293

Download Submit
/data/data/sogou.mobile.explorer/databases/sogou_mobile_athena.db-wal

Filesize
32KB

MD5
fdd6fa71104065a61db607d2db4ceb8f

SHA1
6ae18c7c13e09bd124d22f699c8c890175e49972

SHA256
b9b501b9f1336344f73e75050b6ef528e93fc09651da1179c6db532514e1cc34

SHA512
6038cffa4a3b4aabf777e5ee6d4fab5e6b76cbc1541e135c7d756f1c55d5f461c3e4e933b74a6465a4bdf14c0912eb1a48b4cfcabc7bfe278c9b30ee00e33ed8

Download Submit
/data/data/sogou.mobile.explorer/databases/sogou_mobile_browser.db-journal

Filesize
512B

MD5
cb914beb9891c784dfdb50ee4bc6a77f

SHA1
1f6a2f25a9c7fdb46bb345e7846f2bdb199fb6ba

SHA256
d5dac8a6f289d5d6bb9d7c325ec4bd50650935fb2791b563bf3e3ae07f58cbfe

SHA512
39ee5d68c38899597300c423799300ed67069b8ec54e85ccbc4d6ffd0231ac8e18b275b6b8394f9cf24ab9222fdd847d13f021b790a9aa3e5adefc5bab677945

Download Submit
/data/data/sogou.mobile.explorer/databases/sogou_mobile_browser.db-wal

Filesize
16KB

MD5
552fc2153ccd69c224f4761e39ff2562

SHA1
feb487928eac809cf12c886837a1149bc8ee7821

SHA256
d6196f9ee8980d2e694bd85e8b4ad24cf192a49e76f635bed9fe85227807b774

SHA512
8f45d953d35c360ba41915614ad6c37186ebdf91790d142f07bb9118ee65531ead5d04ce2444a8f170cf901650d51a4e838233e31dda2f8d3d6dca9febf0c2bb

Download Submit
/data/data/sogou.mobile.explorer/databases/sogou_mobile_browser.db-wal

Filesize
124KB

MD5
f4807f7b821746810e3f7c7cd1f0f261

SHA1
8ed0ba3a2103f72ff026a0a3ccadb709139b591e

SHA256
d8628a709d40539d50f79aa831f7d013280a16121ab2ad992080efef72b7ac24

SHA512
f080c11e8797fa59a06f07219e7e49dafc60c0bb3f1fdeee6c43abd17b743d9862ab08d1c7ba01e45121292618284887d81f59c387450882b0c0beef668d58c4

Download Submit
/data/data/sogou.mobile.explorer/files/sogou_mobile_explorer_preference/sogou_mobile_explorer_mmap_id.crc

Filesize
4KB

MD5
620f0b67a91f7f74151bc5be745b7110

SHA1
1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

SHA256
ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

SHA512
2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

Download Submit
/data/data/sogou.mobile.explorer/files/sogou_mobile_explorer_preference/sogou_mobile_explorer_mmap_id_patch_service

Filesize
48KB

MD5
30903533668fdf8d3243e9c5ba020bb0

SHA1
86831fed4c025eca8794972258e9a2a761a7b0bf

SHA256
036b5648494d4211db3b57e696976ff91582bfd983bf03e19520b2c22c40b8a6

SHA512
8dce3ba5dd7c533332f9eda0f13262623ece2b06e43703545ae4c3b8b6f4763e853a024afa61250ac12f0b55985373814f38f195dfac4e9fce03249c2678c659

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
35742c85f10d6d70d4a95df9e823b407

SHA1
589ceed1b2cc3d1e37a754f3e2810c150806de2f

SHA256
ef4fcff6323554e5c900c75b2817cd4af3d5053f9d4bee2cf651b27b6d1a34ba

SHA512
acaaf9098d43132688a4c0a0760f139810d08ab3212528f169cc5a8ed0f086d857a32dcce9c8554fc5715e18962218e3e6ff0d258898ea31f422105659fcddf5

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
213B

MD5
5254a4225e569a6e6cc07f4acabe729b

SHA1
21362709fdcc4a9f2fbe2509dbf6989882509a14

SHA256
1962c9e0566428d149d9ee43db6cdb7c29ecacddfcb3ff99591145d0396d888d

SHA512
750bb3af8ac29559413070b9d57e41351a518c55bc316f1094e108aba6b43318fa6f1bc24eab27c75fbf7c13855acaec61f74b603110b0e7e2727bd449f681dc

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
b84534dcfb174454ddc1908d29c4c4f5

SHA1
53081e342d82abf78843412f7253380601d16aeb

SHA256
621e552b62d24d44f94964d8fe4c7f4eac688d91cb89a732bbad792e44c09548

SHA512
791b22a7ec029ad30b63f92c07e89b19753ee7a9d114777d33e90f82c291af6bd102d805ba8b5d93a5589393757374e91b870b39b16c750dd4cd0bbee0e218b5

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
54b4f075735517d1c50b903c6d7eaa9a

SHA1
95aa0ea2fbdb3decd88138389666cd6a45809571

SHA256
e8e5e4fde3f2ff7df4c8343f44bb5919b5b11a8cc41ef99df038a869acd0acf9

SHA512
b830d35ca12141435319fa89816c28e9884d8f9962496516a6e0b996c8e534460a6f1f2a211cb5831389dcad108a3235a792b09b6a191082bfe0d9337aeeaebf

Download Submit
/storage/emulated/0/Android/data/sogou.mobile.explorer/cache/okhttp3/journal.tmp

Filesize
32KB

MD5
3350993d3acb259fd776de3dac4cb777

SHA1
190da179c53d28ff37d254d35f3e22119ed6535d

SHA256
f82ecc5bb756e104b5aef2263e8f5c107814e80ff35ec011637bf555e6defe56

SHA512
2dd8398730148f49a23b68ef1757d3c1e030de5e494c96ae25a8acb04b4a64b11c7b280a6c48ef407d49ba74c402c68eeac7823586633c5eb02bfb30395829f2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads