Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

prog.apk

android-9-x86

8

prog.apk

android-11-x64

8

Analysis

  • max time kernel
    1084521s
  • max time network
    155s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220823-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
  • submitted
    04/11/2022, 03:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    prog.apk

  • Size

    20.6MB

  • MD5

    028705f60306649e4c70ce2c7068cc2d

  • SHA1

    462e73885baa5963ae579627c99fd21eae335f95

  • SHA256

    f36123a88a929683a1046674be36a9d680385b833d8fab03804f8001dd64598c

  • SHA512

    fbd4e5f5baeaa5ef95bb1042e19fa428d99c305a75d9211cb495caf6503631d9bdadf8618d2557a7a6851023c2a4bf922d3e65be28fbe3270eaae949bde261fc

  • SSDEEP

    393216:ztz8FO7TnsJA35z7A79L+oAn1mbgafiubciZPbxT9i/zVN2I+TXmdwKpPbNiRSK/:Zz8FaTsJA35z7c5K1mbBffc4Pbi/zVNg

Score
8/10
banker

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
    banker
  • Acquires the wake lock. 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Queries the unique device ID (IMEI, MEID, IMSI).
  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell information.

  • Requests dangerous framework permissions 4 IoCs
  • Reads information about phone network operator.

Processes

  • emlvdv.nhrao
    1⤵
    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
    • Acquires the wake lock.
    • Loads dropped Dex/Jar
    • Requests cell location
    PID:4253
    • su
      2⤵
        PID:4352

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/emlvdv.nhrao/[email protected]
      Filesize

      1.1MB

      MD5

      ad5ae33d62fa2ad03600f3f967c3c700

      SHA1

      a870d474111f7b75ce8296bd0e9b99b88e5043d5

      SHA256

      9da1b581c166901960789c59e4256666e3b57ebe7d813ac4cdf4ab43fd9d7d2a

      SHA512

      7ca1f0afccd88cbe2c46c1900b6014e08837ca57cce9ad0d42760a04c5766a22ba7c571ac7f3e046b26c2809af0b272c3d545480f7550179d6074c83f139a554

      Download Submit

    • /data/user/0/emlvdv.nhrao/[email protected]
      Filesize

      2.6MB

      MD5

      ef0e1bc53b78b33ee35e310d6148765b

      SHA1

      8f2e6b2a3227e59c01006d19fcb22f06e725aa0f

      SHA256

      d032fc837297a412b5abb204bf7b72aa0cf1e41bc42901e2e4d0aec53133a8e0

      SHA512

      b9f24b56e6f544e62780bef942810663fe0659721e142cf042905836e3e2bba6ef8061279a78b2d2bf032e9ce8da19d05f6e3326d489c59b4e1940981c25a87e

      Download Submit

    • /data/user/0/emlvdv.nhrao/databases/SettingsDB
      Filesize

      920KB

      MD5

      c40b870e7e989a65fd7379378ec45423

      SHA1

      b583882e4e6ea29935d35d91785c04646a0c756b

      SHA256

      5604665bdc058b9bd60fdec722d85b314b35a1d642e8f81df063a1a69773fa17

      SHA512

      45929243a657049e96bd747c17680563187795f58b9777e3ec3debb5c4498911360249d84aba810f33966007afd6dc4f391bf4b360b9c428a60570e0ecda9ce2

      Download Submit

    • /data/user/0/emlvdv.nhrao/databases/SettingsDB-journal
      Filesize

      1KB

      MD5

      0c4721b2d15435eae84738c107215d6f

      SHA1

      c1c218e271fb9f3bb1772468b6bb9839ca99ed3e

      SHA256

      7aa69df8fff43bbb60406029cb94632416ee4620e2947d043b767876f7792079

      SHA512

      f328a0a023f58be798f96abb3447500a44cfa137f8b36a94eae32d545b980bae79bebdca8ce7cdd0468512c10e325ae723d9a7f23d711682ff5305ef3314c7f2

      Download Submit

    • /storage/emulated/0/.am/dm/md/main.md
      Filesize

      2.6MB

      MD5

      9fb7815ac86d5b87d8a6ab09ac10daa5

      SHA1

      f7b3ad5cd01cbed5601f94c1e9545806df2d0515

      SHA256

      2db5bb059f4370221650cdf3185f15092ba9f8e54390ef4f221ea0e163f3f27b

      SHA512

      8faa561ca51866ba45fbe4272a839d32bfb7b1d22c66c81a3d7a5d16ba011603d3daf9646a843d08d66dd8ca7e6fa5f93ace720798bac1c0688348a76947c1cf

      Download Submit

    • /storage/emulated/0/.am/dm/md/main_tools.md
      Filesize

      1.1MB

      MD5

      1fe00742fa33e342b615aed5f9aca8e8

      SHA1

      ff0fa37046a3550ed7c29c1434224eae620d7bbd

      SHA256

      a4eeb9a0d5b4244debe042bb9208748c36855659ce53b89092e6f1d7a86ed137

      SHA512

      dacb5feb55dac2fbb1cab6d1bcae6205e04fc70123f2dd3adda1ecc75fd29a5967bf2a982cd255ddcded4d6ca890b1a5e70f3c1d91432cba3b7e0acc65c12467

      Download Submit

    • /storage/emulated/0/.am/log_.txt
      Filesize

      45KB

      MD5

      0532d69c140f2cace75167f00522a8bb

      SHA1

      3ec078fe9965e4a283d5454f1e4bf24c2e1a038f

      SHA256

      8b23067b97f03a0148371cc0bdb67d7836b168070db646b3b9d10bbdf0674d07

      SHA512

      67af2c376cf40792af9a21887d51d1722194b92f2956645efbc62ae6bc5af78fe5ef6be4601870d305bac6701954c91aaa4f408279953854a4020a827a8d6a11

      Download Submit

    • /storage/emulated/0/.am/log_.txt.zip
      Filesize

      5KB

      MD5

      de887a197affe60dfb52ddb55604b47d

      SHA1

      f88c74362f5129eb17567f1d3a74c3d7ba7dff64

      SHA256

      209004abb372f5a8cbb0879551d04d6ec530df82da326b0ba294c2ed3b7c8d82

      SHA512

      ac71cf1794cb5c2fa14e30097ec75e7dd2da9968f76fdd8074e3e16f7e0e6b986ee01486e3ad9450fb34fa7a9c0f77b8819a8bd77d8e3b129dd57b05a5e36439

      Download Submit

    • /storage/emulated/0/.am/log_1667531691209.txt.zip
      Filesize

      216B

      MD5

      f9d5c47ce3306a2628749c2357e879c7

      SHA1

      1ed7682c1a874ac373444756bbf3573e511c9359

      SHA256

      ad5fc67e5e2da1df9e092bd0eea33b635a68d7c0b7c40b9b859f027f68c92dae

      SHA512

      06f7c2d962a0ae18b8cc782c7f9ddb93e37a7df42ccea950150ed0b25a1eec8db53802748d9682f8a6269be6f29f24bf20b8f3546471b095d3abfad00976eb0c

      Download Submit

    • /storage/emulated/0/.am/mch.apk
      Filesize

      126KB

      MD5

      9259a4e28d55bb8373986fea7ca01d33

      SHA1

      08045ae80e4016f719a3a930777a8a2c336e0cfa

      SHA256

      ed971c307e880b648ce9f816827430f5aa7ad7b105ed04ca879c71765f73c137

      SHA512

      2818d7fd376865ba1e383e847ba8547cb0ef0c1d7911913062f1a736bf5fc42c03f513e9da8e7731a2714a9c979653c2e6873bf2569e97be49e6cb825f8d21e8

      Download Submit

    • /storage/emulated/0/Android/data/emlvdv.nhrao/files/Download/mch.apk
      Filesize

      63KB

      MD5

      8accd9a542a0274ae4cff9d007d5b375

      SHA1

      9d743ef6332b815b42fa136e1f7379961f31b995

      SHA256

      e06ec0f874cdbbf85e1c762f0559a514948d5a71636e020c58f53d750e93a855

      SHA512

      0c10dd9ba0b062df3b71514edcbbf16f65f265874230188fe80a63eafee416cefcaa847646386125141f4d20c50c035073b6c83a5afdceb708753f697e358b7b

      Download Submit