Overview
overview
7Static
static
668da3cc1f6...18.apk
android-9-x86
168da3cc1f6...18.apk
android-13-x64
com.qihoo....te.apk
android-9-x86
7com.qihoo....te.apk
android-13-x64
com.qihoo3...er.apk
android-9-x86
1com.qihoo3...er.apk
android-10-x64
1com.qihoo3...er.apk
android-11-x64
1com.qihoo3...vc.apk
android-9-x86
1com.qihoo3...vc.apk
android-10-x64
1com.qihoo3...vc.apk
android-11-x64
1com.qihoo3...ge.apk
android-9-x86
1com.qihoo3...ge.apk
android-10-x64
1com.qihoo3...ge.apk
android-11-x64
1com.qihoo3...nd.apk
android-9-x86
1com.qihoo3...nd.apk
android-10-x64
1com.qihoo3...nd.apk
android-11-x64
1dmss_v2.apk
android-9-x86
dmss_v2.apk
android-10-x64
dmss_v2.apk
android-11-x64
tcore.apk
android-9-x86
tcore.apk
android-10-x64
tcore.apk
android-11-x64
Analysis
-
max time kernel
9s -
max time network
133s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
22-05-2024 22:28
Static task
static1
Behavioral task
behavioral1
Sample
68da3cc1f654e62206df61efd6de759b_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
68da3cc1f654e62206df61efd6de759b_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral3
Sample
com.qihoo.appstore.pay.lite.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
com.qihoo.appstore.pay.lite.apk
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral5
Sample
com.qihoo360.mobilesafe.appwatcher.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral6
Sample
com.qihoo360.mobilesafe.appwatcher.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral7
Sample
com.qihoo360.mobilesafe.appwatcher.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral8
Sample
com.qihoo360.mobilesafe.chargescreensvc.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral9
Sample
com.qihoo360.mobilesafe.chargescreensvc.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral10
Sample
com.qihoo360.mobilesafe.chargescreensvc.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral11
Sample
com.qihoo360.mobilesafe.homepage.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral12
Sample
com.qihoo360.mobilesafe.homepage.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral13
Sample
com.qihoo360.mobilesafe.homepage.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral14
Sample
com.qihoo360.mobilesafe.recommend.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral15
Sample
com.qihoo360.mobilesafe.recommend.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral16
Sample
com.qihoo360.mobilesafe.recommend.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral17
Sample
dmss_v2.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral18
Sample
dmss_v2.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral19
Sample
dmss_v2.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral20
Sample
tcore.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral21
Sample
tcore.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral22
Sample
tcore.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
com.qihoo.appstore.pay.lite.apk
-
Size
260KB
-
MD5
2440eb04289baccc027a4ec684d2a14e
-
SHA1
4727a55de77c8e779849f6976084c4fa8ace3830
-
SHA256
fd1fa6bda15e3145f109a643032a43c6d6f0576e2827d15685c934b82e2137b2
-
SHA512
c09a345d9aaeae7298ca4a0b8533627b4d9d652212b5e76a37a09db3cafa29e3c7163c4e0fbd4f05ba03a781a6f7037609fd77c1bc03cff69cd4dc33a0a37719
-
SSDEEP
6144:garGZOh0LeG1d3rUjjCXf7FyZwRMWgigaHjUNA2OcMMmIWmKVQlQ:gYADd3rMWinWgi1INyNMcmo
Malware Config
Signatures
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
com.qihoo.appstore.pay.litedescription ioc process File opened for read /proc/meminfo com.qihoo.appstore.pay.lite -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.qihoo.appstore.pay.litedescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.qihoo.appstore.pay.lite -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.qihoo.appstore.pay.litedescription ioc process Framework API call javax.crypto.Cipher.doFinal com.qihoo.appstore.pay.lite