Overview

overview

10

Static

static

6

56232948a5...6b.apk

android-9-x86

10

56232948a5...6b.apk

android-10-x64

10

56232948a5...6b.apk

android-11-x64

10

liveWallpa...in.apk

android-9-x86

8

liveWallpa...in.apk

android-10-x64

8

liveWallpa...in.apk

android-11-x64

8

Analysis

  • max time kernel
    124s
  • max time network
    175s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    28-07-2024 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    liveWallpaperPlugin.apk

  • Size

    162KB

  • MD5

    91d33062e74043bb0bd9d5f66b343f3e

  • SHA1

    aa3fab31cf6d5bc7fb1c012ada2b77ffe242a7c0

  • SHA256

    4c3720917d9920cdec450cc85fe2fe3db39bc48cff4fea270914b475fc79f08a

  • SHA512

    be5eb5cdab9e3348f3228fee40172b351a07d2d39ddd9d085593e3d78c13259be62425b4993a40696542902c452f7213a7b92410baf06192051640607389b80c

  • SSDEEP

    3072:QV8ZyGg6GYtzqWn1Vmkv7YVQi5cRVl/51SGHHkmjVw:w8ZLGYtrv7O09bSGHHkYw

Score
8/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.tencent.qqlive.wallpaper
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:4925

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.tencent.qqlive.wallpaper/app_crashrecord/1004
    Filesize

    235B

    MD5

    932f29b27736717a7083abbb8053bb30

    SHA1

    9db2fca99efe8eb60afdbfcf0576508cd74464db

    SHA256

    7957ca625a6e00c020e9b45495570055e836946641e335237edb942325f62841

    SHA512

    a2d5510532c083b0ef5c8c8732466a70907329a5b9373028c9a89fa6a0e31986d09b375863e78582aaf4a02494aa76b55a38c229928e24a35a4ede29d45b8012

    Download Submit

  • /data/data/com.tencent.qqlive.wallpaper/app_crashrecord/1004
    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

    Download Submit

  • /data/data/com.tencent.qqlive.wallpaper/databases/bugly_db_
    Filesize

    52KB

    MD5

    31972a5ab8ad3812e6c03655bd6268f0

    SHA1

    9d53ae447de8441564c2fdddc1897c0d5972e23b

    SHA256

    6a379cb563814fe62202b2d5c000e22d291e6e69fd281405d367a0537c2f6783

    SHA512

    5ad3e9212ddd95a8399ad86739721e8452a63a3a0b8ba09d60829d7cd59a4100460076136d981f7130190aa96a698c04af0cba77cba6d93a2e581ea23bf27bfc

    Download Submit

  • /data/data/com.tencent.qqlive.wallpaper/databases/bugly_db_-journal
    Filesize

    512B

    MD5

    303aec2dffd33e2007b257cdfcc2e15b

    SHA1

    edca34fac0cfdb3507d325151185bcdb8b013eb8

    SHA256

    82c66e0e1d16a081bbf00d19b54d55fd3c448826f1759eb4849504813f2c5533

    SHA512

    e1ec52520e82d5869637335ca33422e3439955e0324e2841efbd5143949eb5b8242af6b2288ba576b1bf3f0961a25fa8a999b7ed4de33bf6baa3903b9bd11bb0

    Download Submit

  • /data/data/com.tencent.qqlive.wallpaper/databases/bugly_db_-journal
    Filesize

    8KB

    MD5

    95b8c600c810bf04dc83af3c6ddcee9b

    SHA1

    3a55c996c28bf672ac5dc79960e072fd9f51ce74

    SHA256

    868b454ab2c1e0acc2072ae5e920a7d1f2a17fe16742a42e28b37bb629f38777

    SHA512

    c0a22fc3434a04ec6d04f4c5729dcd1635c9a867f0d6c922e7d27e7faced604c444e6219845240539030adffe43b411045f0b17bf1d27bc46b1323269052c225

    Download Submit

  • /data/data/com.tencent.qqlive.wallpaper/databases/bugly_db_-journal
    Filesize

    8KB

    MD5

    c68198fd77ca53b3f176f62d1219bc82

    SHA1

    f11c8bb435875f18902dfe657c616cb9a0ec7435

    SHA256

    7314b99ad05953c766c8289c709b036dd9bcf3b76b45878ee4bb51b2792c3882

    SHA512

    db0818bc1ab284397f9eadea40435453b720aa9a55e0317465c6ca2cbf70e99f561ca624aa550a4e1e69e6ab1cabf50ec43e7b6e1c1b31b5bad4a9c3a9d898fc

    Download Submit

  • /data/data/com.tencent.qqlive.wallpaper/databases/bugly_db_-journal
    Filesize

    8KB

    MD5

    b8c70f5da21261968956ffaf084e5d14

    SHA1

    362bd04b6adc1e26681e8744f8541beb758449c2

    SHA256

    3dca4eff89d6780ab8b6de0eb85716327a5a2a6dc0bde2a9fba7c2a58ca102b9

    SHA512

    fb0495cffce40ab04d2401df89e4ddd611eb416ba65145ad3e3ef66bd1386121327b6ffe2c272fa6049f05e00de582519a3c1d001f28c33658c03ced6293a4aa

    Download Submit

  • /data/data/com.tencent.qqlive.wallpaper/databases/bugly_db_-journal
    Filesize

    8KB

    MD5

    c565341bb6324bff98e134833c7dfcda

    SHA1

    fa9de8c384a24fa1b2e8e1186884790088eed804

    SHA256

    7871800b09740a4bb55756c3ec9119b4e4b8d9e22e3e7fbf0c624036e83c60e3

    SHA512

    225c5989f755192988faa7ac44d49e9305daad8e0a985c0f353b52c1fdf49a4afd69e99b15dd9b0fade63c0bb712fcce9486bca9ec6013bc27e0b22222d42429

    Download Submit