49ffc07e74bebd892af0606c56057c3f1d8d6b59c080af1024dfc8faa6853875

Analysis

max time kernel
9s
max time network
153s
platform
android_x64
resource
android-x64-arm64-20240506-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240506-enlocale:en-usos:android-11-x64system
submitted
12-05-2024 13:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

com.qihoo.appstore.pay.lite.apk
Size

259KB
MD5

6cf3c462edbb50f818fd6d9a27178aa7
SHA1

f5d33a6264c40e75be04b012e21723df5a72ffc7
SHA256

8aacef229ed4ea66355dd1e4a1b250ef0555f0aace334f5f6fd7c929836b89cb
SHA512

9241af6788aa675143b0e9206c5da426e3214c97451f33c13b83974584f02092a26e21187d3ba6dce94f41a71a5998969dd096e13c266217cd1dc3da24b90771
SSDEEP

6144:D9SCATHxod+pEwgdNWdU+w4FzTGsdRS3TUa35TUv1:hSCA1od23gdN2xzTGsdRZapoN

Score

7^/10

discovery evasion impact

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.qihoo.appstore.pay.lite

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.qihoo.appstore.pay.lite

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.qihoo.appstore.pay.lite

com.qihoo.appstore.pay.lite
1⤵
- Checks memory information
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
PID:4783

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads