Overview

overview

8

Static

static

6

6555c2813e...18.apk

android-9-x86

1

6555c2813e...18.apk

android-10-x64

1

com.qihoo....er.apk

android-9-x86

1

com.qihoo....er.apk

android-10-x64

1

com.qihoo....er.apk

android-11-x64

1

com.qihoo....te.apk

android-9-x86

7

com.qihoo....te.apk

android-13-x64

com.qihoo....sh.apk

android-9-x86

1

com.qihoo....sh.apk

android-10-x64

8

com.qihoo....sh.apk

android-11-x64

8

tcore.apk

android-9-x86

tcore.apk

android-10-x64

tcore.apk

android-11-x64

com.qihoo3...er.apk

android-9-x86

1

com.qihoo3...er.apk

android-10-x64

1

com.qihoo3...er.apk

android-11-x64

1

com.qihoo3...vc.apk

android-9-x86

1

com.qihoo3...vc.apk

android-10-x64

1

com.qihoo3...vc.apk

android-11-x64

1

com.qihoo3...st.apk

android-9-x86

1

com.qihoo3...st.apk

android-10-x64

1

com.qihoo3...st.apk

android-11-x64

1

com.qihoo3...ge.apk

android-9-x86

1

com.qihoo3...ge.apk

android-10-x64

1

com.qihoo3...ge.apk

android-11-x64

1

com.qihoo3...nd.apk

android-9-x86

1

com.qihoo3...nd.apk

android-10-x64

1

com.qihoo3...nd.apk

android-11-x64

1

com.qihoo3...ch.apk

android-9-x86

1

com.qihoo3...ch.apk

android-10-x64

1

com.qihoo3...ch.apk

android-11-x64

1

dmss_v2.apk

android-9-x86

Analysis

  • max time kernel
    6s
  • max time network
    138s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    22-05-2024 00:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    com.qihoo.plugin.splash.apk

  • Size

    466KB

  • MD5

    e698ea93bcff753c3d622f219540ff9d

  • SHA1

    2e85350605b7a6c73e806b76998e4544a88d9664

  • SHA256

    777a5341d270c39738cd32ea4c2ab6af820e443d5a45ee75fe429249f464bc13

  • SHA512

    864fb4af537b61761f631fe30929366b66f43fce51245a26418ca3ab52462401360bfeac5bf584521ac0ab8ab6f56e1c9c303276cd712cfcc2b3105c33b85dd8

  • SSDEEP

    12288:XS5P7PksxhWBhuxi+gq6NMiB4riCjL9dZ+N/sb4IFAkv6b9:qPkOuhv7q6NMNrdTkN/sb/eb9

Score
8/10
bankerdiscoveryevasion

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Reads information about phone network operator. 1 TTPs
    discovery

Processes

  • com.qihoo.plugin.splash
    1⤵
    • Loads dropped Dex/Jar
    PID:4648

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.qihoo.plugin.splash/files/torch/core/3.7/finalcore.jar
    Filesize

    153KB

    MD5

    bc3cb0eef1d19c47cf3f1a2211258aee

    SHA1

    7f10b763a43b6900cd9925b014c1a794994d37dd

    SHA256

    79e1eee2d72cb40e0c931ed08e609891a41b0a2802d6e0b98abd7970238b4eee

    SHA512

    51f66294dbc34d4c618e2b16449c47f73734f1d5a57d2e40927ff5ab808604206fda84af29653cb9b018f30749e54a0a481e796cfc7b016a317ff7e83860df86

    Download Submit
  • /data/user/0/com.qihoo.plugin.splash/files/torch/core/3.7/finalcore.jar
    Filesize

    346KB

    MD5

    7ca872b45694937f04aca732b336950c

    SHA1

    762652d725c00e27a3a9316322fb0049b154cf45

    SHA256

    d482194392c58bab488d65622c27be7a91f673d1c3398e9dcfcfc015f20ce7eb

    SHA512

    260b9bf7a17e0e71cc5e05d447c578c062c80dfe35b27c658bda6c3071a30a1649e2181f287d0f3823d34f99aab604fb8b520da7cd9e1f9ce7b6552d5897fbf9

    Download Submit
  • /data/user/0/com.qihoo.plugin.splash/files/torch/single/core_update
    Filesize

    13B

    MD5

    a9604ae84b206b767ddadfc19ec24ff8

    SHA1

    1955196a29ada05b741f0daf5ecabf5c46ce7799

    SHA256

    26924ac1487b4f256af8f1b8b4a731e044c1848ac4e1eb48a67a678f5208b161

    SHA512

    d5298f995dc6128cbe084eaf1498f8af1aafae4c4afa98aa669755e376bcba8974fcea42e07d8281fed5253815b3b42db8e0d5b970f7c05aa32b9408ac580069

    Download Submit
  • /data/user/0/com.qihoo.plugin.splash/files/torch/single/profile_task
    Filesize

    13B

    MD5

    b5e8754303c71f66618b0fa5acc02682

    SHA1

    c798ddc2eac56ea03772b9a13f38edc5e5a725bf

    SHA256

    475ace6b01a491edcd445ff167a4e9f4f10082c4e10c85e1de53135e722de707

    SHA512

    08cd16bf2e3ac41476504ac0157a94f5fe0ed6702426d3ea08fc98c156d7490a7b1d23fe7692cf2543f061eddeb4246f22c9794e892a4d6af9da0467deab8f86

    Download Submit
  • /data/user/0/com.qihoo.plugin.splash/files/torch/single/waitingDown
    Filesize

    13B

    MD5

    d77b8d1d96a6f6ef9ab2a29c27e624cb

    SHA1

    9de2fe968125f572e70964b110ecaaedd726bd80

    SHA256

    846a14b1226ede6acda93ab6ebcc84bec5daf2e4a0c9507e1132cdb8c3dd0d75

    SHA512

    0630264b7cc63b9814ffee01af22993bd6a19405762607b0f0b32fcce96375ad2e79f46910d90b1b186331350bec1656784f7d71bc753c3b12a4dd274fe7b838

    Download Submit
  • /storage/emulated/0/Android/data/com.qihoo.plugin.splash/files/.sfp/.sfp
    Filesize

    83B

    MD5

    d7abae15f5d3af2b103c0cb8b3fe424a

    SHA1

    1f94ae2f5949c279f3e3d1f0799207ffbc0247f8

    SHA256

    c853d270e37630bbc5da893ca6f21e751cb356a3663c52d5c38db599b82557df

    SHA512

    f7019d0549bdc9bc529024f10d767c72de09aebc538ff28b14e6f6ee3825b1b9cb97e7eff306e3828211a3099b699c9d8a7704f245bcf09478787931357f9574

    Download Submit