a0d59ff2737854a7fe5e94e93a977e4905e1612b38232784d8b3957533a01d3c | Triage

Analysis

max time kernel
8s
max time network
159s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
18-04-2024 07:27

Sharing

Report Analysis Logs

General

Target

floatwindow.apk
Size

403KB
MD5

33d5634204e3b49130834b6627bedfb0
SHA1

141a814af48d0dbfe2654d7a4f5e8bcfb35c1828
SHA256

95ec56f9f1e21ef50cd4f96209513b49f091859b9158257968eea5d4d4a719e3
SHA512

617d5f22363ca512128693d82736d95715d883888d78a3dc2a1a6f94f433ca57f8f0611b7bbae55fd416529d8522f14c03370bd8e6d6d4b0b8c197e20bfff470
SSDEEP

12288:0xrIGIQ3Rm2zOto6fQwQtmVgshppmjziV54ocDJH3z:Mr1b31zOWX1kgGpEXib4nDJj

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device. 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.qihoo360.mobilesafe.floatwindow

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.qihoo360.mobilesafe.floatwindow

com.qihoo360.mobilesafe.floatwindow
1⤵
- Queries information about running processes on the device.
PID:4159

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads