Overview

overview

8

Static

static

6

6ed53068a0...18.apk

android-9-x86

1

6ed53068a0...18.apk

android-11-x64

1

com.qihoo....te.apk

android-9-x86

7

com.qihoo....te.apk

android-13-x64

com.qihoo....sh.apk

android-9-x86

1

com.qihoo....sh.apk

android-10-x64

7

com.qihoo....sh.apk

android-11-x64

8

tcore.apk

android-9-x86

tcore.apk

android-10-x64

tcore.apk

android-11-x64

com.qihoo3...er.apk

android-9-x86

1

com.qihoo3...er.apk

android-10-x64

1

com.qihoo3...er.apk

android-11-x64

1

com.qihoo3...vc.apk

android-9-x86

1

com.qihoo3...vc.apk

android-10-x64

1

com.qihoo3...vc.apk

android-11-x64

1

com.qihoo3...ge.apk

android-9-x86

1

com.qihoo3...ge.apk

android-10-x64

1

com.qihoo3...ge.apk

android-11-x64

1

com.qihoo3...nd.apk

android-9-x86

1

com.qihoo3...nd.apk

android-10-x64

1

com.qihoo3...nd.apk

android-11-x64

1

com.qihoo3...ch.apk

android-9-x86

1

com.qihoo3...ch.apk

android-10-x64

1

com.qihoo3...ch.apk

android-11-x64

1

dmss_v2.apk

android-9-x86

dmss_v2.apk

android-10-x64

dmss_v2.apk

android-11-x64

Analysis

  • max time kernel
    4s
  • max time network
    133s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    24-05-2024 14:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    com.qihoo.plugin.splash.apk

  • Size

    448KB

  • MD5

    c2113e90fb97212c968fbab23cd8ba5c

  • SHA1

    c7a0854d096f549b93b0e6bf28e36ff7fe27bc43

  • SHA256

    b6682034e1fcfe8f448a2a604c3dc473d842732bfb34b53377d43e418a001a6e

  • SHA512

    0bdc8398dae373d48d84601eacced88b5eeddde469f46ee87d0c6fa16bbc6e1f91db863c1345e2a70152dc38d8c4ce9c01f4981d67daeea1fb3f82a03d25ba02

  • SSDEEP

    12288:MhDEVb5D8huxi+gq6NMiB4rOZXL9dZ+N/st4IFAkvPQL:juhv7q6NMNrOpTkN/st/Lq

Score
8/10
bankerdiscoveryevasion

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Reads information about phone network operator. 1 TTPs
    discovery

Processes

  • com.qihoo.plugin.splash
    1⤵
    • Loads dropped Dex/Jar
    PID:4620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.qihoo.plugin.splash/files/torch/core/3.7/finalcore.jar
    Filesize

    153KB

    MD5

    bc3cb0eef1d19c47cf3f1a2211258aee

    SHA1

    7f10b763a43b6900cd9925b014c1a794994d37dd

    SHA256

    79e1eee2d72cb40e0c931ed08e609891a41b0a2802d6e0b98abd7970238b4eee

    SHA512

    51f66294dbc34d4c618e2b16449c47f73734f1d5a57d2e40927ff5ab808604206fda84af29653cb9b018f30749e54a0a481e796cfc7b016a317ff7e83860df86

    Download Submit
  • /data/user/0/com.qihoo.plugin.splash/files/torch/core/3.7/finalcore.jar
    Filesize

    346KB

    MD5

    7ca872b45694937f04aca732b336950c

    SHA1

    762652d725c00e27a3a9316322fb0049b154cf45

    SHA256

    d482194392c58bab488d65622c27be7a91f673d1c3398e9dcfcfc015f20ce7eb

    SHA512

    260b9bf7a17e0e71cc5e05d447c578c062c80dfe35b27c658bda6c3071a30a1649e2181f287d0f3823d34f99aab604fb8b520da7cd9e1f9ce7b6552d5897fbf9

    Download Submit
  • /data/user/0/com.qihoo.plugin.splash/files/torch/single/core_update
    Filesize

    13B

    MD5

    f770a18ea51eced3a03b4fd8a9847ae9

    SHA1

    87d9972c2f50287a3fa9b9dc251e82281d8c52fb

    SHA256

    352100616fab481415e459b740c473ecd76507dee93160262ef9dfab122dd19f

    SHA512

    c368a1201b4b3baa5a781800544b4e327aaad861f7192c831cb401daff85554caf726ecd0ed9de70a742a9cf1e446ded709a3a842c88ba705550d761b739acd6

    Download Submit
  • /data/user/0/com.qihoo.plugin.splash/files/torch/single/profile_task
    Filesize

    13B

    MD5

    9a96989d870d40b5d00ebba52fd5e076

    SHA1

    b44eae7372da7064ebebba9df7674505249d0e59

    SHA256

    aabf86e66efea208f5cb408b8852f18e8879eb162b7ed33993f97d30623e0c6d

    SHA512

    4e56c00c5787d10d03346554a8257bc123bec0568ef2b5595997489ed69719abb80311b213ea0a623a8bfc8e0b27297a09fbc520ef57eca17aa2de4ec8a8cf1e

    Download Submit
  • /data/user/0/com.qihoo.plugin.splash/files/torch/single/waitingDown
    Filesize

    13B

    MD5

    0a6ff1fbff93da844a20c26a8b5a1a6b

    SHA1

    550c2d6ed4c938356975a59fb9c2114acc33a4f9

    SHA256

    fe276cd993089ccf6f4ffa52ef0a721db64e8aaddfe59c7112f7a48e19d33b0a

    SHA512

    34e1c9fc428213f2a70b813c23a651f74a1f95a9a362794c62c21b4457fecfc5303a3a015c806bbdd52e405a9dddfe67971674a4386d39658b812aea8c16e4bb

    Download Submit
  • /storage/emulated/0/Android/data/com.qihoo.plugin.splash/files/.sfp/.sfp
    Filesize

    83B

    MD5

    05309b34ffb6516cef8779545b3a091d

    SHA1

    29ff5c53b23bf2798698561355e9e861958b038c

    SHA256

    c6c5788d10a97861cd8d024fb8041cd939d7317fe19ee5e2a2ed594fa24b52d7

    SHA512

    37bf711e28876f6acd09fb8313749d3a92d2441d741d93f1b6fe20c75b8cbc3e0fcbdbf85b14c4eb6a51f9083b2ebd1a624f2ea73361a274755b528292ef55f1

    Download Submit