Overview

overview

8

Static

static

6

782888fe9b...18.apk

android-9-x86

7

xxzhushou.apk

android-9-x86

8

KingUser.apk

android-9-x86

7

KingUser.apk

android-10-x64

7

KingUser.apk

android-11-x64

8

Analysis

  • max time kernel
    124s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    27/05/2024, 06:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    KingUser.apk

  • Size

    724KB

  • MD5

    026d6c196f1094dc16c77626d9cf1df3

  • SHA1

    088e23bcdd74c40847d710d2dccb8e54dec6ef39

  • SHA256

    d59d74cfc89a9f5c0027aaa43d05f8a80c1fa2057b17dc0c3b6ecafadd8ca4c0

  • SHA512

    618d6a69ab76373e317da972c420168e7a7001c9b0dd195f6f2078343ee2c7ea8139d4e293d7497bf4737e9d9354a5215478fe3ea5089086b5e3ee54e2df6b62

  • SSDEEP

    12288:sHzN6DvaGYBYUcrYYFA6O2Ng3l6O+tRVrFoOz5nQ4TeG9kpGhHbgEFsUC1/jDp:sTtYUcFFADqg3l6RRVywa4SSeGhHluUa

Score
7/10
discoveryimpact

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.kingroot.kinguser
    1⤵
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5199

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.kingroot.kinguser/applib/libNativeRQD.so
    Filesize

    69KB

    MD5

    63c832207eb51ab05a71f2546279ff4e

    SHA1

    008ecb333fbfca079673aba627a12cd9b7eda220

    SHA256

    b3b833f5f3843b49a7291e59e8a92fcc39b87ccebb157a397011b206d4001e74

    SHA512

    3bfe5b50f930f101855d19daae305cf2c026569d48e655816ce80a0d8c3e7aa1eef0d93b7f39866abad21ea11c00b25bc387eea1373099183c2679c556d8612a

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db
    Filesize

    44KB

    MD5

    e1ab7cbed3fb53c12f309deb97988d2e

    SHA1

    bf26f7301643ca198721d10017ea63de94718084

    SHA256

    e4d36cbc27ce2fe1e354ac6a145cdecb096b55e6cc5cb6d1f00eca2a2cf05e0f

    SHA512

    9b162cad2eaa83ad93952b8a8ebedab0a32f014b6c74c357965f073c2cddad90582de7ce012d6fa012aba60bb2abe9f39fc159fce358a68a6422a4557e72acc2

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db
    Filesize

    16KB

    MD5

    bd90f750105274ed8b279ee2c38aef0b

    SHA1

    43a7ff698706975551d3c008d89f05f09437c882

    SHA256

    714b9cd79dfa352fdd1549605115694c80126da4e418e978d362853ff7d83b49

    SHA512

    5d1e37e4755e34ef26ac84ce44a266a0a5b8f7528916c3819bb4ef247b626aaa6597bbf94aadea21de801abaf1a4e8b93f3f9bb3a1e0483c603feb278ac361d7

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db
    Filesize

    16KB

    MD5

    892c01499c1434dc4d51ecccff898d62

    SHA1

    8e0c5542e5f6908881709863789750c0ff7f8fd8

    SHA256

    5e841ca23b7a2f03f034e8961e11d0d82ae5ade3ade3cdbd7cd0081ab8bd896f

    SHA512

    9019a3f640190436ef009659cd9c78f10bd67ce7ac967a432fa9dbee58d25789028c493d0fe7739f4ab043760dbb7a41e78f878e4c44ac136deb2adb888f3e89

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db
    Filesize

    16KB

    MD5

    5aed8e83c5610c5c221050f204fe5b45

    SHA1

    9f112a9a83c5afa14047a7db3a3cccf68518b0b1

    SHA256

    f5edb2be204db16b85a34454a8d3fcf7a719426657ba7fdfe54fc211b2b899d4

    SHA512

    6b605f612c2628c1e3c21cdac7a76b2021ccbf94fae93f3021b47bde5947a9f2643c79348b9e68c292e222200e8c4fc127aac4ee9a35f6403ad9e45bab089ed7

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db
    Filesize

    36KB

    MD5

    fe3b83711672c3ef1773d396061ac7cf

    SHA1

    98a306459772e0f94e3b23d5d98a3b3559bca873

    SHA256

    04709e204221c576aac7f37778da3a57ac418307f7031fbd7b32f48d79f81b12

    SHA512

    45b7987844111cc1ce5956c83aaec303f5f01ca22ed8cd4dcd74adf3b49bdf2c78bd66c1e0a0441cede67fba91451f4b5da0db92c7859909bbf467b865b86caf

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db
    Filesize

    16KB

    MD5

    bf5336b04691db431d38d7528db168df

    SHA1

    3149dd78d10736f39450263a65f400cb06fe26df

    SHA256

    65d03cca9c07de9979c67023dc3b50149bc27d377f0f62afbefc8dcd04265960

    SHA512

    ff7bbe8cd5ab0046e61e2f653be1dd7277b4f86f4d3be710d325782a19507d6d6d635a35e3f4070fad5fd09fb3d15a998b2d73f0f4b31df6b783865333746bd1

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db-journal
    Filesize

    8KB

    MD5

    7dd3b38f166e538ffcd431083b3fd2ca

    SHA1

    50c758128b8986f8d0dee21847390623511e9243

    SHA256

    0ee785745bee9035ebfe92b55b89b8404b1e07afae0fc5c4c901900a80b9971a

    SHA512

    4cdfe7e182ed0cbeb5c1b4e90d4926e127d775d87d7a48a6016797c5ff739bf8c5b9dea10fa9dd313f28a694577c95245a78706606f7b0c6b38908afdef51676

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db-journal
    Filesize

    512B

    MD5

    920f344e9953bfe3b2c8bf7e126401aa

    SHA1

    8dbce3dc7dd25c9bc0606cdd50a6f4921478c1f4

    SHA256

    946b5f377be531b06fc4b1f08ec6fbbd5c06d7c2e61fdbd002f264a5cfc9e0c8

    SHA512

    89f41ad547f68830e69f5274ca13c25760032e9869a9674d13c157d81c98e39ef8271ecc507cb18532168fe286b279ee3f2c5bee26b55cf5ac4fa9eedf0cdcb6

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db-journal
    Filesize

    8KB

    MD5

    f7872a599b9a2cf31004798f2882dd71

    SHA1

    66ae946a0745e117f72b5faff7e4376162e30a92

    SHA256

    1f00096aa7cd104d66dd2f38027cb8c4585618bd2d5a694b8b44efc757cf65e5

    SHA512

    e413c2e8997bf491c05f44bfcf25a5fe8ba5853d92f6e4ba76660a824dddd06ebfbfcdd9d55dad63b8ecb7055682dfc917b26e44552f9fc6b54e8f52de015549

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db-journal
    Filesize

    8KB

    MD5

    aed0ce62c4f03b0e7477875aa9525587

    SHA1

    79e6dc8bd1f65e9dba021d916bd7093ca3e42a74

    SHA256

    fdd162fa2c7cbecd36ae7c7c170cd4923874d491bc8539c1c45d23c3e070e00d

    SHA512

    33f43d10f63e0b2642b634b94ecadadad3bf41bcf413ea449b0cf0e6aaed9c75f0c96df6f216444f16c475209aa7c9cb02f871a171cca9a0dab828adc66f8c75

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db-journal
    Filesize

    8KB

    MD5

    b01c69c877e2ba363f623de2047661c9

    SHA1

    4f37f8b3365a139103596a120aa6f1aec3ed7d55

    SHA256

    f02f856f9e625c481165648c86303ed6d2d8172ae1566beec4d7094d91d68a35

    SHA512

    4ac28b7fb198e3945fa41894c1e7091fe1d9a495764f9fab08f98df9e08218e1e1bef86c570971ae8d64b0da843756e572153922eb9d859ed81e7cf65eb99b3e

    Download Submit

  • /data/data/com.kingroot.kinguser/databases/eup_db-journal
    Filesize

    8KB

    MD5

    a390c8e4c34f7503f305ae12969d9a24

    SHA1

    256c3c300c5c41006babb2900d92a94b4f123280

    SHA256

    85388c0359a5096fc6fa53437be905e6749d8f3589e3ae4a207ff376cf001de6

    SHA512

    b0b2cf09f0d32cb0cf8248ce6af2dec68e779b11ca41b8287393bbd07d48a599291221a5a71403a7c43d36b403239fef9989d2c320de1f9ea93f451099ce9232

    Download Submit