General
-
Target
29508f794e3d0b8bd9872fa80a455a58
-
Size
17.7MB
-
Sample
231231-frc1dshhcn
-
MD5
29508f794e3d0b8bd9872fa80a455a58
-
SHA1
96d616483c26aa3dca30019eb69daee9e54e8497
-
SHA256
2ec7f97048d5cf04d5907efe01949f846e8586423e752ceadc8645beefe857b6
-
SHA512
6def5e3826d357ef105f0dff5594242fbf8acb30e30ca7c63cb952005f755109d728ee5f83b0161b184ed673aaffe93fc416642c848e13807eb0bb6078e47f94
-
SSDEEP
393216:P02BzNGXZEjK40Paz2RtZZGUZgua4qQijl2fCec:P3Bz2EjKbaoZNza4IjgK3
Malware Config
Targets
-
-
Target
29508f794e3d0b8bd9872fa80a455a58
-
Size
17.7MB
-
MD5
29508f794e3d0b8bd9872fa80a455a58
-
SHA1
96d616483c26aa3dca30019eb69daee9e54e8497
-
SHA256
2ec7f97048d5cf04d5907efe01949f846e8586423e752ceadc8645beefe857b6
-
SHA512
6def5e3826d357ef105f0dff5594242fbf8acb30e30ca7c63cb952005f755109d728ee5f83b0161b184ed673aaffe93fc416642c848e13807eb0bb6078e47f94
-
SSDEEP
393216:P02BzNGXZEjK40Paz2RtZZGUZgua4qQijl2fCec:P3Bz2EjKbaoZNza4IjgK3
Score8/10-
Requests cell location
Uses Android APIs to to get current cell location.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
com.qihoo.appstore.notification.controller.jar
-
Size
364KB
-
MD5
bb7254262af96d5201a52c45e9988edf
-
SHA1
f07df0415fa7cacfec2d834cf24477224e700786
-
SHA256
ecf9647c288fa18e7201f82bd8ce2916124de37425634e7ac4dd577dcc7d6ccb
-
SHA512
553bb24703ac74ad0ae33c9c2f9b22c434d642fb73591cae3a4fef2ecb2862d3b52570dceb59142c802de50fe69cdfccc73832dd1de167dc32155f86420bde39
-
SSDEEP
6144:1Kj0uAkVOb2dJmrdDAy4oaPQOSepXDLDxdtpqgmhi50Fns8d+HReXtRpi/muKqNj:1WbDq2urdMyCzdFdu/hCUnFdQReXtO/5
Score1/10 -
-
-
Target
com.qihoo.appstore.pay.lite.jar
-
Size
260KB
-
MD5
2440eb04289baccc027a4ec684d2a14e
-
SHA1
4727a55de77c8e779849f6976084c4fa8ace3830
-
SHA256
fd1fa6bda15e3145f109a643032a43c6d6f0576e2827d15685c934b82e2137b2
-
SHA512
c09a345d9aaeae7298ca4a0b8533627b4d9d652212b5e76a37a09db3cafa29e3c7163c4e0fbd4f05ba03a781a6f7037609fd77c1bc03cff69cd4dc33a0a37719
-
SSDEEP
6144:garGZOh0LeG1d3rUjjCXf7FyZwRMWgigaHjUNA2OcMMmIWmKVQlQ:gYADd3rMWinWgi1INyNMcmo
Score4/10 -
-
-
Target
com.qihoo.appstore.plugin.manager.jar
-
Size
49KB
-
MD5
55ec7703aa0aeac650c39f58736eea94
-
SHA1
ee16651359378b97418170f7d27bf81ca37afaad
-
SHA256
a481349cc97f2967c238c64b997ad89955532b99b502eb15bd2e27386afb9da1
-
SHA512
686153b527ef61577484b5e6d2250f09c6480d4926e54f834e0d875095f8f7034a1a7905260eaa494e0b24be44899bd42c853b8bfd254fdf0d251869be4d073f
-
SSDEEP
1536:/xEfQLE9Y/ETLxYxHut+A5I7c8Es6ig67l6lQlyvKA2:/xkQ42uxYxHXg67l6lI3A2
Score1/10 -
-
-
Target
com.qihoo.plugin.splash.jar
-
Size
673KB
-
MD5
58e72bf86507804df72a09a8bdbc75f1
-
SHA1
cf33060e1d41ac71606c9c4044bd34a14f89737f
-
SHA256
114fdd13b63fe7081e8e349af6d63aa839cbe31f6a5771705feb89779d31a9dc
-
SHA512
c1359a53bf9ceb76a4b1ee77f35a79240b46d59891b1d045ccbb940af2acae0b497e27b524d7c912e75a29a6ded906d4a91f787a750453f88b311cf526e0fb0a
-
SSDEEP
12288:vZzd/SjKfVSSxg3LPVfhuxi+gq6NMiB4rhz6WSq7Dfuyg5l1L9dZ+N/sf4IFAkvI:vZBS0k7PVfhv7q6NMNrhz64zg5bTkN/V
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Reads information about phone network operator.
-
-
-
Target
tcore.jar
-
Size
153KB
-
MD5
bc3cb0eef1d19c47cf3f1a2211258aee
-
SHA1
7f10b763a43b6900cd9925b014c1a794994d37dd
-
SHA256
79e1eee2d72cb40e0c931ed08e609891a41b0a2802d6e0b98abd7970238b4eee
-
SHA512
51f66294dbc34d4c618e2b16449c47f73734f1d5a57d2e40927ff5ab808604206fda84af29653cb9b018f30749e54a0a481e796cfc7b016a317ff7e83860df86
-
SSDEEP
3072:GYRLLNEK/MG/+UL3TMPAi7GGawe/JchKfbNewyfVF4BTP7rLqchL:GYLLNEkMG/+g27GGze/JSi5IuHLBL
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.appwatcher.jar
-
Size
807KB
-
MD5
6a5fbe404dad791aa9498af09a2a72ee
-
SHA1
c51eac35e7c0b539c32e9f641ca4e04349a120ba
-
SHA256
f9d28889ec417873946b34ae5d786e1e383aa20c3c9355b03545b39b54533c0a
-
SHA512
cf31f36a89c434c87d6964754bae4026d181f3cc6b8ef7d6447a18f77d341695c9b720cdfe88e4a27cedfe6153e03b6d3260a9ffcab23fd2af07ce2a0d844352
-
SSDEEP
24576:YBhlSQxkrU3LFpA8GWgkeNkDwlO4YsWvvmOnJ:YVJHMWgLNpQ9HmOJ
Score1/10 -
-
-
Target
zsrooter.jar
-
Size
330KB
-
MD5
20d47bb1d32b6220a41499835a20d6ad
-
SHA1
8bc7eb3cf09d4d82b70c9b19d7ab150c648e222e
-
SHA256
33569edd1f2fb70fee7042d91f81f7ce116edbfadcf001af09f86ddadf20ce13
-
SHA512
a529e026ee8e5ff8ce1431b4fd90ae6e2e68aaf2b60a5bde3526bb9b284d8ec3218e21df06820d781913322f8214943b94f84cb94ebf254bba628ecc344adcf3
-
SSDEEP
6144:utz9THWZhX/HJ6ZG+zd4z15sf4E08peAks4BHsgh0wCg6qXkt6sEMNQ6nj+:89rWZhvHAZ7zQ12f49seA63h0wEqXk/k
Score1/10 -
-
-
Target
core.dex
-
Size
226KB
-
MD5
8331d7d6b119347e1191e6cd88c9d2ae
-
SHA1
a8071d6c850cee92def6f34a4fb80c80d3c34399
-
SHA256
08484e56156b4b5eff0abcc02de6e72c80f0631037287b383ab7f3fe3c3baa3e
-
SHA512
d96f6b77d5d4849f46de5ebf775ae061e95d88e0ae86cb5b0e66c5b29f9722dc4afb3f2bc4fcdd2de427d83193b5af71877bad9de645fc6153080f50eabca838
-
SSDEEP
6144:O9THWZhV/HJ6XG+zVkz15ofIEE6pGAke4DHsK:O9rWZhVHAX7zI1OfIv2GAqV
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.authguider.jar
-
Size
260KB
-
MD5
a0c1c455a106c45aca4290d23f46376f
-
SHA1
483c7ea0e747940c8128b7f13c8a0fa0c12f7ccf
-
SHA256
8f63e30d4db766edb793f9d04a6c54c59ebb2ae48ca2212d0039d0662ea7ef4e
-
SHA512
816ccfc7b2dfb6b1982476d45df5e5e860d8b5e62d8f9a83958ff6d471d416c661dd0cd3ce83918a6ff3d41293e233fb2f234a2e3554227cc374f2eb5ec42316
-
SSDEEP
6144:w5vaTg0WCxHKaPfyZv82B5fpe9aFejw+VLCvcOonAQqpmtQ:wFai+HSW+SaFsLwkA9j
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.chargescreensvc.jar
-
Size
156KB
-
MD5
e831bb8b261d2dcf4b4feac5dede13ad
-
SHA1
689fdd2e795bffda0ad14ca08383d66d3049c54f
-
SHA256
b782d1d1e31908b22dbdab77f8f78e82fe396a92c0f90eb2009b303ad067628a
-
SHA512
2bfbc9b62b73fa5cc8f06fd359b7d3f35c1c01aee98a14235da3c682b3aac0c9004b44787ac51421effb4e5580d5d6c6bb6cb5354b97915fa25dd6fdb252c112
-
SSDEEP
3072:VpBeMzkc7P8GFAWSg21zWrMXukQlYog6kXrcqZWAgu1N9Ph0WCl7IM5rs:VyMbTLaFg6zWrMXDKYog6kX9eudh8IMu
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.downloadlist.jar
-
Size
1.3MB
-
MD5
452a60cd0e96fcf184e1ab7b67860929
-
SHA1
b3609614b8b59890eeaec42539598a2a96c96691
-
SHA256
a0a112814e79d9ac4fcad167978ae4391bd7d3ce4876f1a569a377be95ad0a81
-
SHA512
2f0c61e77b964bb5311fffb237a9c79ee793ed5d6c72f1d0c6a6c205d378ef439ef9693e98173c80e0508682619a35913f48d099a2a5f8369e982474fe206f97
-
SSDEEP
24576:aoydNZmky9rK/wFMKCxh1SfSFVzfv5TggkMkfZvMAaCUZV:Py/k1rK/wF/UUKVzn1ggkVvM9CiV
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.homepage.jar
-
Size
2.9MB
-
MD5
4454f994f6ece6dc11a2609216d195c9
-
SHA1
a69cb4ba177574b3709363eda45404994b4cab8e
-
SHA256
1512c228b98a5bf1ceebbe8c9dd12fa4458fb67f3a4e1216d320f4a06d6a8314
-
SHA512
18f4cd00d13b2cea502ca7595ce34154fcc16944d72e30271509c419aa28de61110049d09852d9742f8ea5d7cead777a0758200ddcae15e4379c3715c9739c03
-
SSDEEP
49152:OqJCw8CDB5JP4Y4ArncSOpVR0Yef0Vi7KPpxQBKb5obXobubJqr73lj5u8y:pCiN5mScSOTR0ZFKRxQBKVOikqnvur
Score8/10-
Requests cell location
Uses Android APIs to to get current cell location.
-