1e602d7937593cdfd0d28038f020874e76ff183b4abf1d8cb9f2650872c7a478

Analysis

max time kernel
7s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
17-05-2024 20:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

com.qihoo.appstore.pay.lite.apk
Size

260KB
MD5

2440eb04289baccc027a4ec684d2a14e
SHA1

4727a55de77c8e779849f6976084c4fa8ace3830
SHA256

fd1fa6bda15e3145f109a643032a43c6d6f0576e2827d15685c934b82e2137b2
SHA512

c09a345d9aaeae7298ca4a0b8533627b4d9d652212b5e76a37a09db3cafa29e3c7163c4e0fbd4f05ba03a781a6f7037609fd77c1bc03cff69cd4dc33a0a37719
SSDEEP

6144:garGZOh0LeG1d3rUjjCXf7FyZwRMWgigaHjUNA2OcMMmIWmKVQlQ:gYADd3rMWinWgi1INyNMcmo

Score

7^/10

discovery evasion impact

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.qihoo.appstore.pay.lite

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.qihoo.appstore.pay.lite

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.qihoo.appstore.pay.lite

com.qihoo.appstore.pay.lite
1⤵
- Checks memory information
- Queries information about the current Wi-Fi connection
- Uses Crypto APIs (Might try to encrypt user data)
PID:4301

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads