a22d19f8f32e03da1446efdac67ccb6262821742d3a43bbee67c4bff92f93f91

Analysis

max time kernel
5s
max time network
159s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
18/01/2024, 22:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

663990198b7a42c6580c698ce373fa73.apk
Size

16.4MB
MD5

663990198b7a42c6580c698ce373fa73
SHA1

cbc3c6f5cb1699471a4b164671af0a55c43925cb
SHA256

a22d19f8f32e03da1446efdac67ccb6262821742d3a43bbee67c4bff92f93f91
SHA512

6d245bdc2cb2ca7fb56b60259cb2c5a66af0b8ab4e7ddfdffd585c0184bf47586d87ff83728e930b283e449ed369ff9fb8790baba3fcf1ab3e40bf2f19b52692
SSDEEP

393216:AiCWly5kh5kVAa54RNhZ1/xSHzbHnWAY4GmPAc1EjVYLu5:3CWlyGhGVAa5eD1/AHXn9imYDYg

Score

7^/10

Malware Config

Signatures

Checks known Qemu files. 3 IoCs

Checks for known Qemu files that exist on Android virtual device images.

ioc	Process
/system/lib/libc_malloc_debug_qemu.so	com.suofeiya.smart
/sys/qemu_trace	com.suofeiya.smart
/system/bin/qemu-props	com.suofeiya.smart

Checks known Qemu pipes. 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

ioc	Process
/dev/qemu_pipe	com.suofeiya.smart
/dev/socket/qemud	com.suofeiya.smart

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.suofeiya.smart

com.suofeiya.smart
1⤵
- Checks known Qemu files.
- Checks known Qemu pipes.
- Uses Crypto APIs (Might try to encrypt user data)
PID:4590

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.suofeiya.smart/app_crashrecord/1004

Filesize
234B

MD5
631e5353155f8778ee5583177e3ae999

SHA1
cd9bcf3c17fac646848dec80a2a793d35163a552

SHA256
21707696d356b2239337cbabb817c01e79e6b8cb9213797d2522c3cdbbf0bdb3

SHA512
ff1212be4b038089c93229c5e9e9a3e81154cc3823755b7662459567acc26d91b802dbac85e53a3764a96a1a33fce63d0c1bec3f4676046ca08413b254ebb412

Download Submit
/data/user/0/com.suofeiya.smart/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/user/0/com.suofeiya.smart/databases/bugly_db_yaq

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.suofeiya.smart/databases/bugly_db_yaq-journal

Filesize
8KB

MD5
c1a5cf7023b54d04904b66df78bb9315

SHA1
b2c3f535281bce3a4d47d13e49b389547b493b00

SHA256
15c9334244731c48d454ac448da2f87b526c193c3d331c4860b5c62cf75326a4

SHA512
31ba57fc171c93cba55b4810223bb24768bc678cb46f0df04909287a305624faa178c8fdc926a46cffe916f61627d10e9c59aa0ce4a5b07a328ca400498290a5

Download Submit
/data/user/0/com.suofeiya.smart/databases/bugly_db_yaq-journal

Filesize
12KB

MD5
1fccdc3b57c1957e1fd8c784a7c05617

SHA1
86c70212c6a013972e847b753eee7e95a166365f

SHA256
6b0f0eb1920487b62a3a31fa37de52ec784541082aee492517a74c487957dd54

SHA512
61d455241213ab144cafd1bb8d62e54589fa2e10b40b178524557f81e93323d331479f658b679ce01c5ee446e96486b2dc87a073eb4c500944f3a1be7f5f55a5

Download Submit
/data/user/0/com.suofeiya.smart/databases/bugly_db_yaq-journal

Filesize
512B

MD5
c2f297b35b2e6c9afb0d75c675ab9eb4

SHA1
cb1e83c148480a7e8c4886adea46ce4d7ed19265

SHA256
179a352445f50fdf6d49a2bf28f97e118a2fdea68b34db9ba1692279804ae44e

SHA512
57151357c1d7c5281170fa6ba02198a816369b087b054fa7459e06a36e822e6391a76cc13eb461a141fcaa174bb18d2b3b369e745e3b24a5297c54ce8dfdf9ff

Download Submit
/data/user/0/com.suofeiya.smart/databases/bugly_db_yaq-journal

Filesize
8KB

MD5
4cb2d4200dce9c46ed7ec4b48a7ec65b

SHA1
3394c66972a664c26284879fa1ac37af7ce79fe5

SHA256
4185adf8674da5614426af7f71aa6249491e0fffc685150f841d08e34c0aee2d

SHA512
d89cee2ded477bfc71a2b06678f0f00c7fdaa56fbf8dd03ec27e8e5d83414acd2b0f5af3c1c3349ce2b45b64675ea6c5b5ba99389dd585fe93fe36548aedd68f

Download Submit
/data/user/0/com.suofeiya.smart/databases/bugly_db_yaq-journal

Filesize
8KB

MD5
4b71be87a311a2f267e5acb98818dc14

SHA1
689ad61f493d7656e19df95ca657f506ce25f268

SHA256
6f729c1184d04f2e3664f3a5af94d4194e3d5cde4ceab5025471bf673b9c1caf

SHA512
e878181926ea6ee103ba678b8090a906a5a25a99f8203b97090a6d02321b6700855e0d35c7daf63cab79f60a99a61675768fdda22bab43897ab77b127cb657d6

Download Submit
/data/user/0/com.suofeiya.smart/files/prodexdir/0OO00l111l1l

Filesize
9.7MB

MD5
80d547445b1807fb509a98d14ad3bbbd

SHA1
49554abe0ae87f96a74c48b765a86c3b6e94726c

SHA256
ae18404b32c6eb4922675030c4496c80ce6862a8368a33b0ded5e6307da4dc6f

SHA512
fdb6f4f7ea748941349ea277b2569d836aa84cbc136b7c9b0efc2eb9e9eef9c497601a31d63cebfc420fef221ab1bf6b167cf4bbc20e96f8f40613a868acf16c

Download Submit
/data/user/0/com.suofeiya.smart/files/prodexdir/o0oooOO0ooOo.dat

Filesize
192B

MD5
f953feb42f6723159a742d0507a16ba8

SHA1
1c6cfebfaad195d353a7ddb0b906f742c1270b59

SHA256
6e1297ba45d48355efcce5d39ac017631fa9b14c5f4447eafcb8fd5261bd7d83

SHA512
1be803604d61ea5e9afce162555fee551393dbb9ea2978a4df7b70fd65b124006c244e041fda62f9ead81b34c4945e18d6438749970aac1918e014292ee6e58f

Download Submit
/data/user/0/com.suofeiya.smart/files/prodexdir/tosversion

Filesize
31B

MD5
b221706822b1e17c15f2870640707ff9

SHA1
f98971850d39f075af234056a762a56fe5fcc4de

SHA256
eddb9de00459604c5eea1dda2c6b1e20a57c8e6aed6479d9859bd3030e5ce8fd

SHA512
a66916c4316f6f1db01d7c14c574b927b354dc84daf8cdc33952af105cdafbff17ce59b7faee28ec1f27b677ce0e2b58027aeac28e48251d829ee0ca9bb4ad28

Download Submit