d0366cb361200d0b9e761aa0707e000f3d9588e8ed21b94a8dbc4a6c0dd18f50

Analysis

max time kernel
3005560s
max time network
159s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
24-12-2023 04:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d0366cb361200d0b9e761aa0707e000f3d9588e8ed21b94a8dbc4a6c0dd18f50.apk
Size

6.8MB
MD5

271040009d02b0bc93d9d85a7ba2de72
SHA1

aeae3b5819d64421f29fa2d474c8fa6b94b83bef
SHA256

d0366cb361200d0b9e761aa0707e000f3d9588e8ed21b94a8dbc4a6c0dd18f50
SHA512

9f38f596cb3b5ad0a75f3c7ccf30dbfc9801433089bd4f6275da489ecbcad5c1ef77e49fc4c5f3d77ee98e94fa5e4d7465842f364806a76f9a27d3910eb9ad2a
SSDEEP

98304:Gr761NF7mPgOA0bzmrxQuB7MmNnt1d/AYs/I09XfbCFXruTcECHD+/OxN566D6bg:GrsOtM2uxMGwJCFFZ+/jqguP9

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.qihoo.daemon

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.qihoo.appstore
Framework API call	javax.crypto.Cipher.doFinal	com.qihoo.daemon

com.qihoo.appstore
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4265
- /system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88
  2⤵
  PID:4683
- /system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88
  2⤵
  PID:4794
- /system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88
  2⤵
  PID:4827
- /system/bin/ping -i 0.5 -s 56 -w 10 -c 10 221.130.199.88
  2⤵
  PID:4860

com.qihoo.daemon
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4295
- /system/bin/sh
  2⤵
  PID:4428
- cat /proc/version
  2⤵
  PID:4523
- ps
  2⤵
  PID:4557

com.qihoo.appstore:critical
1⤵
PID:4452

app_process32 / com.qihoo.appstore.rootcommand.persistent.CoreDaemon --nice-name=com.qihoo.appstore_CoreDaemon --daemon
1⤵
PID:4496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.qihoo.appstore/databases/_ire-journal

Filesize
512B

MD5
df035e94f37160aad5c773aeef2c543d

SHA1
a2c5f1af61fe69dcd58c0c6f85129b882cf008db

SHA256
afef060c01571428985ee8e3fc630cbc68e7129b596654c75c929370b18e6342

SHA512
b8256267ae85cdc10e8b723e14d960706bfbf7effe24a0e52e039b7d278790d9fc2ddb24b3a8238e1d52a25e1cc91e391daa98798f045513f64a3b7a8a40a605

Download Submit
/data/data/com.qihoo.appstore/databases/_ire-wal

Filesize
20KB

MD5
0b88feb2c878661f485dddf6d2c35b06

SHA1
41ff62949d34896995c4dd820b966c2ad90196c8

SHA256
6b63b35581406da944b473e1f6dcab5b6b7ff8bfa2c9c178d65aa2b786444d63

SHA512
26896445e0c569fc3fbc67ca08dad349960484ace868fd1afeb7acc1625f6f272bee601dd7ac9a956bc60dc889c1fe9d9d860197d5b025472a41431c0f6c06f4

Download Submit
/data/data/com.qihoo.appstore/databases/download5.db-journal

Filesize
512B

MD5
33bbe93cb66489b3cd9a53f4c8de8bce

SHA1
3b8555580bf664d39a3a310d5f0b90bfad818c6a

SHA256
ce6e843bd6e2783a4c18c4be484cefc866fe76ae3701df83c3eb1ce8c9759cea

SHA512
6188c3921f3ac11de912867901481d85d277ad177376b38d96cdf62a9f9811093731f32c62c0d454a20a441d398a753db935a97b1c48845d1e72fa5b1fd7da82

Download Submit
/data/data/com.qihoo.appstore/databases/download5.db-wal

Filesize
16KB

MD5
75b8d24892be7054847fecd240df6b9e

SHA1
cf76d427ff6efd8693a05952349279b3438ee307

SHA256
9be4fa6117b3cbb4c7ad7a65f5c0014b1f5449fec52cec5afd271c679660693b

SHA512
14c9baf5d5db83f3dc07898d3ac7bdd2b0f752d1cfd4077e75e29172f496f8f3db8d7ba38af410665912c5a00f9a6181858fc562be1dfafbf2142ea471e8961f

Download Submit
/data/data/com.qihoo.appstore/databases/filelist.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.qihoo.appstore/databases/filelist.db-journal

Filesize
512B

MD5
fabaa77429aead495eb1e13b7cdb729b

SHA1
ea0462a36290b99004e3ac323c73d5c6c9ed420b

SHA256
e7e8cde89b5c6520f7fe158b4838f63c96104cd6da70bb0fb2e53983a32324d9

SHA512
590018b09ce0f24cd6954f8870221964a2fea875015834b25007fa7fc2ac8f23b127216a25057c45a0de1fe3d9b0b75c7520b1524a540be33daaa05ed8e38632

Download Submit
/data/data/com.qihoo.appstore/databases/filelist.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.qihoo.appstore/databases/filelist.db-wal

Filesize
32KB

MD5
32a2b2db65e59903e8d81f7396debfbc

SHA1
12381504e47cfd4a60699e6bcca60a020efef82e

SHA256
982faa5362b088b560d9c12164fa24c7175589be1f137b4e107660c33e3bb8c4

SHA512
cc1d5c6776b2c19367e62a07580614b5f93f6092e2ecab1b1f5f1a6b14bb0273ec7401cc0b29b7b935e9dd02911bdd4c5b75f193953180c1ffb359323bbc450b

Download Submit
/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

Filesize
12KB

MD5
3fe30614d7e0d11db870b4624f6c50e0

SHA1
053ff0fc621ab40f2afeddb3e7b4a73ee41ec533

SHA256
67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d

SHA512
c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

Download Submit
/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db

Filesize
20KB

MD5
60e4cf217e77c56efd3707b603797c5b

SHA1
816247b4883d3adb30c4db39fda16d2288e27de0

SHA256
8e2b8343f703045fb8596dee1888f65fc66b64d10304a4a49fd4ad1f63bd67ea

SHA512
22a8cd2974663e8caa220177e7bc64aaf35735dc8abc3870a7e47ea86b02d8b06b041000e5505039b3116290aee67e9645ad2d9c26218749f5b5b2e332712af2

Download Submit
/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-journal

Filesize
512B

MD5
9bd7752d61f1cc24984a8d6e5fc14dea

SHA1
d638144c14189171bd2a5b3508c8725e69a7702f

SHA256
772cf2ff7f3d1257f768931ae2d7eb0cc4849535bf8724fece1681398bfdcd15

SHA512
c92f0721ee05c03ab226897dcd05268a0b65311de909fb2d1110506deeb1d70cedcee0873ebf9a43d6acafdd525bdfab70e17e60a480d4a8d958a2247823cf74

Download Submit
/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal

Filesize
16KB

MD5
bc0bdbcd42c25d1bdd2dfa3a2f8e6f0a

SHA1
0aadcfb1c71b9fdbb00f6bd3eac933de81bc389e

SHA256
81a5d28e6f75e8555ba867594338ad6c25c8cc8c79cee78a9d408822e7f841d1

SHA512
2bfab967c17e2bce897ddf211f100f18c4a01fc25067bb3e99bcac56293b5e0aa43cd77d4b236d633450f201073c8582501ae4055d25b1de90afc52066feab80

Download Submit
/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal

Filesize
20KB

MD5
740669678d134c9a4c49c5450d11e5aa

SHA1
f44fae9ab0ddf14026c0f12597b8276eeaa15ab1

SHA256
59bd223a8a017cf459ee99a9e4f9b1fd376219ee29970db240be9fe15c78281a

SHA512
c6695795867995e80904d39b5b74e674eb323800dc02a989b6622d6f05273d3d6d17f58644f1bc990f360a89fd4ab3977e714dfce2cc7371969517cdaf3bb6bb

Download Submit
/data/data/com.qihoo.appstore/databases/ignoreupdate_appinfo.db-wal

Filesize
4KB

MD5
232e3b8127f06bd2cab1065e1253c9f2

SHA1
67ec3d187c0dccfb1033c4effb4c41192e5b4cb4

SHA256
092e5022825341c8f1036d12433cbe7b8a9617275a74c4dc718fcb2815fed1de

SHA512
a2c9b70d50e538dc428e55d0aa9f7f689b14241afe40252399d3e2204efad2415fc6a6054cdc5e431c20618dd1cdd1f417fead0503a4c18fa39e589926b78f82

Download Submit
/data/data/com.qihoo.appstore/databases/new_downloads.db-journal

Filesize
512B

MD5
ec7598acf7e72516e9daee1153c49752

SHA1
c82d548b3a76750681c9479ff2683ae8d596c6d1

SHA256
d01d6444712e3ab1193c3dafe1331fa479c9c1591d15cefcb94cd43278237779

SHA512
3eb4c793bd9e8997ef2887ce06596d4d7d8cdc8646ab529ec62a46b6026b157df77ed0eadf1dceb35e9e71fc06aec0bb71c13c1de20863e33cc9e88d8a3054f3

Download Submit
/data/data/com.qihoo.appstore/databases/new_downloads.db-wal

Filesize
16KB

MD5
91ddf8aec9c0dadaebdb13003450e341

SHA1
5fea1800552a7d75bcdd24b23bf8c09b5cb9d799

SHA256
17e3d12b68e9fbde42b49d496696870c12631e0ec1f005ba9fd198386d5868d2

SHA512
7f7f4803c4f9583a62dceea82b5f92e6cd0f78ee5164aff6a49e1aec73ba3c162c0280f0769f0adf885b310665c471133f0d921eba962dbe610671685da6646a

Download Submit
/data/data/com.qihoo.appstore/files/360/sdk/persistence/backup/Y29tLnFpaG9vLmFwcHN0b3Jl

Filesize
32KB

MD5
383d46fc0a8a9422f75717e4fd26b3ac

SHA1
f27df1cd3914e2af3cb8156293933ebf0ba69213

SHA256
63d7436b900bd0ab833f85e1fc2b7a8cdde9c9a6814e5de949d5aa19bd5392e0

SHA512
d3f4f8cd96338b62262e5846ef011f1c4384591cf723eeff313ed91086bbd9045db1a58080cf7caaf9dd6872feaf74372e38afdc2165081ff4550110365bb563

Download Submit
/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

Filesize
4KB

MD5
9c4915f1b37cadc407dfe6f484c74fd3

SHA1
1af64a3e0979f3666c55f7f31b07ad880cdd7e9f

SHA256
c685f92efaf746c653b6d0c545451a306203f33a13de7519d69a3e7901f792d4

SHA512
0323400bfd6ea36c67637eca0b733f29f9d9bd51b1b2c9547a36f3b3c4c35956a1def347b097178efa7e210f89958c97f12aaae89d2297f625d5cb174e719936

Download Submit
/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

Filesize
536B

MD5
7f3ad9adbe447bdf2854a9af54ac0764

SHA1
a0ea2f12b09bc17b70670352fd5b0c794c4ff91d

SHA256
815e1a30907419118aab4242ed0ce8a665cecd0ba015d930913a18584e508a6d

SHA512
f193ecbb0289a3a9c4d3449d071db5e2f6401aa4f0d1f6fdc99ccfa6ab351996bfa13532d8a6e85cf25ee1442e345b4aa36e575efc75bb1d8b9f6f5d3b7a5b46

Download Submit
/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

Filesize
77KB

MD5
aaf1c3311c036681703208aab211ada9

SHA1
cab20f9569655cfb6bb208774d6828063cd46b77

SHA256
03df573ebf9465515a9d5e0a08bae4d59fa4059294d0b61fb022215ba8ec833f

SHA512
08a513f50e829a734ce72c820cc3294c568089e0fe83b7d97bdc498c0b77a0cba14b1c78d70cfe915d9cb96bb4d6963b0ca1d7377a43163f1feff379b70ade28

Download Submit
/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

Filesize
624B

MD5
31535d647defe1d12e541cd59c596c0c

SHA1
734fa0a54b633c20541cf89cf62b2d7cb9e91902

SHA256
b931c4e48ffa594280644ff9cc0588f4d70ff29ceda5da2b2105f6a2903d4346

SHA512
f38962fba7491368e6899f7f223ae73ce201491c5248b2ea4b7bab53ae09e5a801232131e0f8929a69fe7621c43a0f29b7864e6493e5d67b75c2de45f1e5cb0f

Download Submit
/data/data/com.qihoo.appstore/files/360/sdk/persistence/data/Y29tLnFpaG9vLmFwcHN0b3Jl

Filesize
32KB

MD5
8d9ee40c8b5e77fdaba3f0de99063b44

SHA1
71b015f560f339ffc1ec55058c140ed1ea9e410b

SHA256
a5f10de2a371dc8da7cb2918ee48da86d97e70a356b85de7441b4fec1131454f

SHA512
8f87ed1202646f79561af6f42145aeb9b8bd49cac0a55231fc7c1403f1bc6b194b87ce6f7d27de0a945f3dc2236b0f782ba77fc89443ad8daf4f0bfb07e89c76

Download Submit
/data/data/com.qihoo.appstore/files/360/sdk/persistence/report/Y29tLnFpaG9vLmFwcHN0b3Jl

Filesize
77KB

MD5
65f783b57c09ff57c1c52607e52e80cc

SHA1
b90ace4fdd2ccba9605a93ab46edf70d3d107165

SHA256
8c44b89f0b10824b574cc0fde65052cade4497b7796317b8559e800f795ca3c8

SHA512
44d5aada7a6f110a5fe5dd99672d27b03e8a5d943aa1bdc329814164200351def50c9565c6461a2884dbc6fd58f5fc7d9f1201bad67b97ab733072c0900b4570

Download Submit
/data/data/com.qihoo.appstore/files/sllak/opt/4265/finalcore.jar

Filesize
77KB

MD5
c14c8a2f5d3a7c47eb2ca8c1b6e69adb

SHA1
4e57b3c0f34427aba8a5be40c2e9b627172a89c8

SHA256
7d7ada76ea057847b5c47ed0f16a6d0e52cdbebbbdb08c1a9519acf70a1a4107

SHA512
2be420b849c0fa84d3c594ab6bc85255eb54915e05aac5fd3d711e8dc93f484c5a2add2c662a858d4c2ce316a716c9e930122e9cb1047be7482c495242d766e4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads