General
-
Target
xihongshi4.apk
-
Size
9.3MB
-
Sample
240523-nwtspseh4x
-
MD5
0d1036a2605ad14127890fa666a51cac
-
SHA1
684c83e65da4dabdf7debe867ce6ef4b3bdc107d
-
SHA256
82d96c00836fbd3a1ddb1e556888b6f82efa4d9751cd58cc1220ebbd5faf6a55
-
SHA512
60c987565f7a31cf240955d026c8b0ef18c528c5d104e8c674ad026501220bc62d2e55b75805d3c1945ea76a6b7e72c3ad0fd2fc35ac36c412cfb6460dcb2f9c
-
SSDEEP
196608:aRO2Q2Yxzo3GAQK8MoZvWTfuxjbpKXyowCYqmzYEZXKZvhfMumx4:aRLrUM3GA78lNefuxpEyoPYqmzTXKZVP
Malware Config
Targets
-
-
Target
xihongshi4.apk
-
Size
9.3MB
-
MD5
0d1036a2605ad14127890fa666a51cac
-
SHA1
684c83e65da4dabdf7debe867ce6ef4b3bdc107d
-
SHA256
82d96c00836fbd3a1ddb1e556888b6f82efa4d9751cd58cc1220ebbd5faf6a55
-
SHA512
60c987565f7a31cf240955d026c8b0ef18c528c5d104e8c674ad026501220bc62d2e55b75805d3c1945ea76a6b7e72c3ad0fd2fc35ac36c412cfb6460dcb2f9c
-
SSDEEP
196608:aRO2Q2Yxzo3GAQK8MoZvWTfuxjbpKXyowCYqmzYEZXKZvhfMumx4:aRLrUM3GA78lNefuxpEyoPYqmzTXKZVP
Score8/10-
Checks if the Android device is rooted.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-