Analysis

  • max time kernel
    171s
  • max time network
    151s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    02-06-2024 09:11

General

  • Target

    TencentUnipay.apk

  • Size

    1.1MB

  • MD5

    f0af2f08a02174637d4f394f43265268

  • SHA1

    8d83734e73c3175ded16863f8713b690287baa47

  • SHA256

    17a021e33ca40a2cc0667bf6faef6a85602b7beccfd46123686d00a2ba972da3

  • SHA512

    b96b9026d94565d5c6a0356d11ac0ffed7111fa9192daba46589dbd5de9b23b1ab6369126847d38917c6c4c5f40b9ce44150ee404adeeb665cd8e29ff62ae918

  • SSDEEP

    24576:OxXOwDyKes8X4HtiV2wngT1cI2VjsXPUQWgbSO6/8cP81no5y:OxX7DySCngJOVjsXPUVgbS/dPIl

Malware Config

Signatures

  • Checks CPU information 2 TTPs 3 IoCs

    Checks CPU information which indicate if the system is an emulator.

  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

  • Checks if the internet connection is available 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Processes

  • com.tencent.unipay
    1⤵
    • Checks CPU information
    • Checks memory information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4293
    • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
      2⤵
        PID:4577
      • /system/bin/cat /proc/cpuinfo
        2⤵
        • Checks CPU information
        PID:4597
      • /system/bin/cat /proc/cpuinfo
        2⤵
        • Checks CPU information
        PID:4616

    Network

    MITRE ATT&CK Mobile v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.tencent.unipay/databases/TencentUnipayIPList.db

      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    • /data/data/com.tencent.unipay/databases/TencentUnipayIPList.db-journal

      Filesize

      512B

      MD5

      eab864ea56f5d71443b5dcd515a96e18

      SHA1

      849eab9b2d0b14ce0d4037ee5ae6b1370a88847e

      SHA256

      3d64d11a70f5f8de332d8310bad58996f91b50f7ea8c5779e84f5c7a90b84498

      SHA512

      512802222268cf0a19d56172f6f97f779564e1b2c352cd004853c274039eb0326d7b3c4724e061c6b5f4c62c5778a4b97da867eddfc61243bc8b69907176e8b5

    • /data/data/com.tencent.unipay/databases/TencentUnipayIPList.db-wal

      Filesize

      60KB

      MD5

      562b2b815709cb78501d06ae8cba03f4

      SHA1

      b0f98af80c597e7249f46caa4e1108d6c6a4f2b4

      SHA256

      bab737752bc62a024321eae7a49b6886dac6765eb5b7e6bc8a33679c36ae87e3

      SHA512

      a79ff66cf3ce6a397530b2406b0a413390ea7ce1be93fd56e82976fd4c8c9a80cd8bd971b7cd80dd17e9747b307863ad80b4de7b3730de12af6dfccb44b37038

    • /data/data/com.tencent.unipay/databases/beacon_db

      Filesize

      20KB

      MD5

      acb50d052d8aef43d1c29dff59b49262

      SHA1

      cafbfafaf379e1864a842214f754638015bacdd5

      SHA256

      dea95c2bfa8f1354116def16aa22ee7fc654959501775fa7abc02edefa28ad5a

      SHA512

      cfd96248a56ee72148d5365b0f14f6068f0448a633ae3695e4e294fd7c029aa63febbd2ebe0860a54f7da0276033d6f47246a1de53914a0b2f33a11b3acff3e2

    • /data/data/com.tencent.unipay/databases/beacon_db

      Filesize

      20KB

      MD5

      c4c2b7b5e0838495045ed3e050a8b798

      SHA1

      f1a92ab5623a4e019e12b387f4646538bdd97886

      SHA256

      4349763cd17a0adc477dbb70ca04967c35486b8c06d51929c605a85a08bc2b26

      SHA512

      746b3c1f87194bc4554a069294e2a7c128f776211172cad01c468168d7f48bbf05256931504e359dd1ff5f68ca1b3ceebaa802eaa15bb0124dcad7aaae382905

    • /data/data/com.tencent.unipay/databases/beacon_db

      Filesize

      20KB

      MD5

      51abc14ea778beaaa3ba6c1bbb6d43a3

      SHA1

      80ca4507b993007c5e7bba027b1e7aaba612e75f

      SHA256

      585914f6372b0941c0da6209898c82bfe7cf39a30d713db1a7d6447885464151

      SHA512

      97ac06dd4ce80c02bbed49023cc5d0cd2369f0eab90cd2a805e93e8f02df9b9476b7748f6f106f894f8a549a2f226177f8a99842c79f7a67284abff9eee8e7c4

    • /data/data/com.tencent.unipay/databases/beacon_db

      Filesize

      20KB

      MD5

      9c863c74f3e7eed0a2435abc29d6325a

      SHA1

      e397084981872fc034e30676327913f675b20d67

      SHA256

      96b6d828fa41673df3825937ecf4731344c0ff52c0d42d14b31c6971be10793f

      SHA512

      56b69d97dc113f01fcab19e699ab36df754d8a1434c9214d7e3b2c9be49f741bdccb6060cb654d17407e50b1feb68d375774447f475657b5906ac776b85c4488

    • /data/data/com.tencent.unipay/databases/beacon_db

      Filesize

      20KB

      MD5

      ff94cc3a80b334d2baf3b2be20894c2b

      SHA1

      dbcc43fe5060359b6ab9049ff4d28b1a5c515490

      SHA256

      a1397ba70250b4c87330da8d9dd50433b78963b7f3e8ba6c92d2c8b7081c8d11

      SHA512

      48e50028d797d8f04537b82c10da8e1c5897900484c72b02289a91be0a8f868954e49e30258b03c775624e6cab3fcb9c4e55131dce89fba404cf3a21de1b42c5

    • /data/data/com.tencent.unipay/databases/beacon_db

      Filesize

      40KB

      MD5

      8658b7e4aad90873feab27bb63aef078

      SHA1

      bf67ed6496d4f45aa8971b8d4839d5f2f0f670e4

      SHA256

      d471f54c746accafbfa33ae520d4e382276ebff6aaded608e8951f4741f2342f

      SHA512

      f698c06ea2a578d0a056503b252f16ae5d50be1825409fcf97408aebc82a3e4f513a31b25971387f64ad61679c5970b00f2dde6a610731b6465307bec858e633

    • /data/data/com.tencent.unipay/databases/beacon_db-journal

      Filesize

      512B

      MD5

      31ecdbbc1adcb93bdb15f837c0a5767d

      SHA1

      08644b89aaa0695f847ca9af76840066b258e83d

      SHA256

      2aeb2d4fe92aef205df09491158a202b08e75d25a365d45d25c6acc09a903354

      SHA512

      63ec7ba9515708b508d61d97c53d7953dde2979897815bcf0854e7b74cc96088a61a322472b35587afc41f0655b7fb48dc01e5f290916ee0a9989bcb7f14fe69

    • /data/data/com.tencent.unipay/databases/beacon_db-wal

      Filesize

      16KB

      MD5

      b8edb60cadb35b0666559502789ae59b

      SHA1

      74d9468af949c1806e1ce1395dc3b25277805dd3

      SHA256

      3186ac4d5334efb9300e6e2588c5a77651d77973285becef4a9750f04194a991

      SHA512

      dc6ffc47d277cb0ca5c069ec19d97d3d5168fc133bcd8696d88767a44d9edc239714a08bf119b1eb72b3f7a402002f582cd4ce777b6da3992046a86fcecd11f8

    • /data/data/com.tencent.unipay/databases/beacon_db-wal

      Filesize

      16KB

      MD5

      fe3e91947e6687e759c8c651e960755a

      SHA1

      b2789127618356c4596e6fc8a067d3226d7462e3

      SHA256

      e3af89ecc3143efe74f0c6ba73d96ab43696efc3a7d04fae46b5e42e65e974c7

      SHA512

      2334f867bdf95ee201960becc90c2eaca0219e197385ae75ec5a0cd65c85bd190335b6ba5a6fe35097db490c8f15936501babfb547cdbc2e1160f7971d31f6a4

    • /data/data/com.tencent.unipay/databases/beacon_db-wal

      Filesize

      8KB

      MD5

      6903cee8dcea245bcf0e1f8310297be1

      SHA1

      0908213a5460596b02b293147529d53e26431916

      SHA256

      d302ae6e9f88a6268a8f3d7d28330cd9958185bd97a09c4d5af3c40aa7308599

      SHA512

      ff613f7f6ed1dbe50c958cc8e41aa774b6cac420940faf00b4c843a1401b2530aadeb10d97acf88261f71bfad3079a3f2cd4943ff55c7b5b7cdb553a82929e7b

    • /data/data/com.tencent.unipay/databases/beacon_db-wal

      Filesize

      12KB

      MD5

      4de26d9c8b148b6d0197902a2977229f

      SHA1

      238e167b242163265912df3da4093835410bfc6d

      SHA256

      5daf974e9a6ac1489ecbe905a899ef97bac689733b08d0477d0df5f3c99b518f

      SHA512

      6b08f32fd08929ff297948c1a63adbe9fde11f4734106687bd9a498552b448605c5fc1cfd57c384492a6bd248409a99e07755b9dd4c414fca04989d90f3fe2cb

    • /data/data/com.tencent.unipay/databases/beacon_db-wal

      Filesize

      16KB

      MD5

      a4def9b1902c12ef9bcfc5f8ab21e5e2

      SHA1

      38350126c70bb7fe5c25fdcdd405190ba470ca2c

      SHA256

      08dd463dd2313a8dfab81d713bcfdde96cb5a7564be49284a1e34fa48dd0410a

      SHA512

      d3470524fbbfc29d99a8526c3d54f0257f0c9793e3d829f18fe5d5f59cded17fe17c7163525bff661399c8426e0ad9bd91efdab176a5eabdbaecb6cc4336071c

    • /data/data/com.tencent.unipay/databases/beacon_db-wal

      Filesize

      52KB

      MD5

      77777a1ba1a5dbc31bf694c005333066

      SHA1

      604b42c6d8d699c2243b75c63bf0294dce5cc176

      SHA256

      a6fad47894d33fda42f59ca30d3abb875400d6bd35047824a3d540b14f3d8082

      SHA512

      b69f4a838dd3c6ae44ed19fd64df0a6a8e409968fef1ea7dc87ba58a9a1aa9ddd26d95fc8f485ecef959104b9efe46e432a73dd54116a2d6f52935475ce1bd79

    • /data/data/com.tencent.unipay/databases/eup_db

      Filesize

      44KB

      MD5

      ea25a44c5f7c3d2763b0cec8ea033906

      SHA1

      d4fd1e205f7ea89a879d8ac5bd8b0251da78f8a3

      SHA256

      f0319d89aea03a0cc6295b5a43c784cc4f91954e141c520c2b9e8070f9171837

      SHA512

      8f13640208499d841e6c0007909d2bab4f14e33ba20cc6e6440c429a7245bf352cc3fe9bd0538033668348415fbc20c9807fcee7201dba48e1070f56ab859cdd

    • /data/data/com.tencent.unipay/databases/eup_db

      Filesize

      36KB

      MD5

      bf9f5c88ba964a663a8f9411c1bf8d91

      SHA1

      54d91493df875d2fc171a1c5a6740329c1e56170

      SHA256

      b87380a44715cdbf2fd4452862db8b42d4771d9c848d63e9cce66b1ef9744fa9

      SHA512

      d173ee25712b6b52a67911d5114d611ff58e3a7ef78a4328d68917d2d1d18c703319939060b1694c6ca09091186a3bbf89541ae301974dac8799dec948e02d97

    • /data/data/com.tencent.unipay/databases/eup_db

      Filesize

      16KB

      MD5

      4cfe3d512a26991c29fd6ffcdf32327d

      SHA1

      cf991c652a79785a7e058e16927ad260204e6a36

      SHA256

      366d96e5100bea421a41b634980f46d3dcd71b1cf19dbfa0d739cfed5c48ee2a

      SHA512

      89ac0a77fd147f785f3669ef77c1618c6f7284f863bf9a218303c22666e861805e3a501679d1c170d92aa476d4a4a6a131f087c1153ac85a315f48f040d50874

    • /data/data/com.tencent.unipay/databases/eup_db

      Filesize

      16KB

      MD5

      a8ada0a65e2e1f109fe707664ce4fe43

      SHA1

      1e19dc928054214fee87df4393cdf4aaf0d9e1ec

      SHA256

      4d4937a41caa3e939dee7b06ff6eb71d8c3262abcd51d39681b51112d0ba8fbd

      SHA512

      f617f76d2054ea037e6ab30843094890131eab2ae354df2ed280a588c040f701e5718ae4cde163297ee11f8821f46bd9c218ef4271cf264e58f690aaa5622f4b

    • /data/data/com.tencent.unipay/databases/eup_db

      Filesize

      16KB

      MD5

      51017f531391aeda2a16bb92b5b4dde8

      SHA1

      3775521d64886aa7f2efaf3e1f13314c06c1b8b0

      SHA256

      ddec0c16e67b96e2e33607dd014f23e8dc30493f81fb8d8a9aade716d779f7d6

      SHA512

      1cf63a0b27602c74229a2c365aef20cc194068b3eb27afab4bc7858baca14ae37cd6af12734e64f9c32d6a6afdd1f54832d3101843037fbe55fce609d5b4ae65

    • /data/data/com.tencent.unipay/databases/eup_db

      Filesize

      16KB

      MD5

      5a4240c9761d340f7304f3feb8b76a6f

      SHA1

      7b489c555ed354e7076f4e17be4a2e3b462eea3c

      SHA256

      a83b5c758260c340970776a8d208387fc4533a04bedaf2b667f80ff6fd852c90

      SHA512

      0fa6609d64ac4ad040fafdd040d19e057d3977feb4eeb961df46783a3333950eeabdc67a9513b7d72729b8cd0be4144c6b54f781221a2137591d7c20b5cb8214

    • /data/data/com.tencent.unipay/databases/eup_db-journal

      Filesize

      512B

      MD5

      9a4adf4b58dbee7c7c08e7a07bcef818

      SHA1

      075a8f67571a85a52adc2d4f84b680e70aec4ea4

      SHA256

      9761dfddcd1abef3ef11fbd7f5e24703fa8b7e67adef41d8c728631149295159

      SHA512

      2e240ebbea2313456c32c62a5e6b209747caecda4f63edfcdc680ceb1b77f7a45af59d393495c62e9e16c41f6ecafd77a3ddbec2fc01229ae8d8483f6f51b076

    • /data/data/com.tencent.unipay/databases/eup_db-shm

      Filesize

      32KB

      MD5

      bb7df04e1b0a2570657527a7e108ae23

      SHA1

      5188431849b4613152fd7bdba6a3ff0a4fd6424b

      SHA256

      c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

      SHA512

      768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    • /data/data/com.tencent.unipay/databases/eup_db-wal

      Filesize

      4KB

      MD5

      ffe16c13efe4c1f159100f592f11cac1

      SHA1

      41cac53c93c2bfba522be9c4e5aaefe912c1197c

      SHA256

      7039eac4ef168c04deaccdc39f8f163a7d180753e57b90b1ab0aa2e20b7a89d2

      SHA512

      92dd20d8e598b33cbfbf87f8a6fa9db37ef76fc7c93419c647cf3a68fe506344457bfd13435658e51f857696e0f234732e68feaf128bf3afac0c79592aa05f63

    • /data/data/com.tencent.unipay/databases/eup_db-wal

      Filesize

      4KB

      MD5

      90c5e9ca3fbd23b809f0a098ef2bf2d3

      SHA1

      89f6221f9c2da26c9350cd3febb25a07672ba4c4

      SHA256

      394c54ea5a0a704e9bfaef5bc8f7245d31d8f9107aaf7302b1ff129a9ce05b8c

      SHA512

      a4e363a1315857a081c473309fcfcb8bb1c980e0507e5af2a37c156c860e39693131c2f799bf7329fbc455bfa9840e4d783a31f8efd19eca86acb8c762faa319

    • /data/data/com.tencent.unipay/databases/eup_db-wal

      Filesize

      8KB

      MD5

      8b873d5fc789d58643ad49c0de2cf75f

      SHA1

      9108ef7e85b03c067eab96b92e1b79fc60a53da5

      SHA256

      08295aff595f817334a81cbdbf9ca363d44c319ed68b4d0ec2279242433faf3c

      SHA512

      a1b24e51fd731560dcd0170a4eca6e829fa6e6d032a65cefb24719c229522f0a600e86a92f30205e657b9039c3daa666d0c78853b68032786813739a435d55ba

    • /data/data/com.tencent.unipay/databases/eup_db-wal

      Filesize

      8KB

      MD5

      c74dda304b944af4083848f25c73ddf3

      SHA1

      e138f034ae72825b938604c0e4f12855a07fc6e7

      SHA256

      73342a8cea84f456925e5c0372692827a2e1383daa3793480eb4e0f0cf6dcbbf

      SHA512

      64c4770e652dd66716937b14884c62d7d916b95ffa73f385cbe443a6443f51ba9f35e469cd6d293f5af7943b643b2e459d3cdfe7b91360334b1e060b08682be9

    • /data/data/com.tencent.unipay/databases/eup_db-wal

      Filesize

      8KB

      MD5

      b475c527a1e266fba08b32a9df4e8ce8

      SHA1

      274d75d4a4c10ae430148f6752056cecee270520

      SHA256

      2030f4137471e78a0ef67968ceb08ee279e5570d164ad06322b7d3aafdfd1f5d

      SHA512

      59296d950b9f80166a3d4fb80437b18a8eab6273330ca2016fed4c57ac4ef67fbed95cddd7044c95d476cacb02fbea38af0c18f1d3a1691e42d6d64627291c9d

    • /data/data/com.tencent.unipay/databases/eup_db-wal

      Filesize

      56KB

      MD5

      54bf5e4ce584d76e0ae4a01a3bff78dd

      SHA1

      f673267f9f6c8f3bd8e7d73728d51f2ec4efa819

      SHA256

      ef2bb25b4ff99bdced48a12b307608e454dd48d1829fd540dd1f8c0c71ebd58d

      SHA512

      17c7b905fcd7d89c3ac60600c361f9c182a2c13c3b41ce9611bdb042955a99ba23a4b6302cbfca1cd852997c6511ccf649d5cfc71e91bf91bfb6f5e2bd88d3b8