8bf223e5ed6e4aa66d58c9a88a368d9cf8577dead4356a284270b360a2a30d81 | Triage

Analysis

max time kernel
7s
max time network
164s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
18/08/2024, 18:52 UTC

Sharing

Report Analysis Logs

General

Target

ZqhySafePay.apk
Size

1.0MB
MD5

fd719d8398cdefa19ea1e6771ac920d5
SHA1

24191e6dc40c95f1ef62c59cb6d64caafa71ef26
SHA256

76af0c879267d03328fee2064dcb2fafdbb007f9fabfbf55f543bfd38dc83f00
SHA512

9b638eaff5be9ef1058971f43fdd0dfe7464b34ee33d89139b39dc6b71bcd73184fdda6276dc16433d7f2effb6ff5204760c2d0f427860c0e5f6e5e5e39b209f
SSDEEP

24576:wZ1BEoimgZusEviyw+Usx3jnKTl0ypAF7ltIfhnPvsiNl3:wnaFZ06yhn3Cr8tWhnPvsiNB

Score

1^/10

Malware Config

Signatures

com.zqhy.safepay
1⤵
PID:4931

Network

DNS

ssl.google-analytics.com

Remote address:

1.1.1.1:53

Request

ssl.google-analytics.com

IN A

Response

ssl.google-analytics.com

IN A

216.58.212.232
DNS

android.apis.google.com

Remote address:

1.1.1.1:53

Request

android.apis.google.com

IN A

Response

android.apis.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

172.217.169.78

216.58.212.232:443

ssl.google-analytics.com

tls

2.1kB
6.2kB
11
10
142.250.180.14:443

tls, https

857 B
40 B
1
1
172.217.169.78:443

android.apis.google.com

tls

4.9kB
9.5kB
19
23
172.217.16.228:443

tls, https

428 B
40 B
2
1
172.217.16.228:443

www.google.com

tls

8.4kB
11.5kB
27
38

224.0.0.251:5353

3.7kB
11
1.1.1.1:53

ssl.google-analytics.com

dns

70 B
86 B
1
1

DNS Request

ssl.google-analytics.com

DNS Response

216.58.212.232
1.1.1.1:53

android.apis.google.com

dns

69 B
109 B
1
1

DNS Request

android.apis.google.com

DNS Response

172.217.169.78

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads