Overview

overview

8

Static

static

6

6a63de7d56...18.apk

android-9-x86

7

alipayplugin.apk

android-9-x86

8

autonavi_R..._0.apk

android-9-x86

autonavi_R..._0.apk

android-10-x64

autonavi_R..._0.apk

android-11-x64

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

plugin-deploy.apk

android-9-x86

plugin-deploy.apk

android-10-x64

plugin-deploy.apk

android-11-x64

Analysis

  • max time kernel
    3s
  • max time network
    133s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    23-05-2024 08:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    alipayplugin.apk

  • Size

    353KB

  • MD5

    4d8c1c40475a91b04cd97d6dee1dadb0

  • SHA1

    2c9bd64e889a62d9fc7500e0fccadd2189f27288

  • SHA256

    7950404b6976f44329d1cb021b73b182e2e9e84e2f90e86e54dabe3902784239

  • SHA512

    025c43eb79c5138cc4c44c67328fdc98c51163c97511a9b421580c54d023b1c05c3588a8ea0d6c220f40d9f7d69e86240c8abf6d3fccfcd5782087252a0b14c9

  • SSDEEP

    6144:OIhfOSywkDqx9kvdacnCVRJqPq3JurJ2f3Rp5tPVKt9m8rpvCpCBJpN:OIpywkex9kla7VvLQQhtduNrpvCAvv

Score
8/10
collectiondiscoveryevasion

Malware Config

Signatures

  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

    collectiondiscoveryevasion
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery

Processes

  • com.alipay.android.app
    1⤵
    • Requests cell location
    • Queries information about the current Wi-Fi connection
    • Checks if the internet connection is available
    PID:4296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads