Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

f9e8a1fb58...3c.apk

android-9-x86

7

Analysis

  • max time kernel
    3116149s
  • max time network
    12s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    26/11/2022, 23:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f9e8a1fb58c574548a74f9903ded8d9e977d466178af1069b3a17d8c98df173c.apk

  • Size

    2.3MB

  • MD5

    70511a18429c5ece0459e55161b1eca5

  • SHA1

    36841fae61d5317b1d247e38d5a5d0963aee334f

  • SHA256

    f9e8a1fb58c574548a74f9903ded8d9e977d466178af1069b3a17d8c98df173c

  • SHA512

    cb667aceddee1b67eb2609cd5453bdf7ac69eb1a758c3bd2933011c77dc40e08a6335eb3625332579506b45b5ee522681ebd1e7cb8335ef8ac42475770745a58

  • SSDEEP

    49152:eucqpPlW5DOjGjVf+r8TPZSVh/siX7NJBpecupC1P3p808F/Uhm1Q3jx:euj2Dp48rsVLNJqcupC1P3+08FchkQ31

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a
    1⤵
    • Loads dropped Dex/Jar
    PID:4057
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a/files/fa2cb5cd5ad6a2b1ae86795fde28365f.apk --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a/files/oat/x86/fa2cb5cd5ad6a2b1ae86795fde28365f.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4142
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a/realshell/545d4386f69e9dd67a54908c8a55fb49.apk --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/user/0/fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a/realshell/oat/x86/545d4386f69e9dd67a54908c8a55fb49.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a/files/fa2cb5cd5ad6a2b1ae86795fde28365f.apk
    Filesize

    103KB

    MD5

    2f18263755a77185bda2a4d6e5124e28

    SHA1

    8a88e6fa01d72253d365750d135837a5a76bb3fe

    SHA256

    4e647f9e6c151d037e47da48743a68d407584f74b7149722b0afc7b2091579f1

    SHA512

    625023c6d3666b2e4139f3ed344bae0c594a41ed823d8079e8765d845c0f980515868182de5fe43a4a6ff1173043a7842ff57cb344acfbf095bca5357d199fd1

    Download Submit

  • /data/user/0/fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a/files/fa2cb5cd5ad6a2b1ae86795fde28365f.apk
    Filesize

    288KB

    MD5

    8fb02f1427a2daace2abe81120abe016

    SHA1

    624987cb82cdcf3bbc75c9b8a5e79572dd40a3db

    SHA256

    de52e6a821407ff15ed2bf69743c89a6f7f106cb04117a4c838a3dccd7197c33

    SHA512

    e657af4bdec36e6bf25f986b84c123360e4752fa9ec5fbf583fb1505b1d5ef44ef683e28beed795941f2ab11d7d843574bfe7620a3a3a2ecfec41202d74f87b3

    Download Submit

  • /data/user/0/fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a/files/fa2cb5cd5ad6a2b1ae86795fde28365f.apk
    Filesize

    288KB

    MD5

    cc1eeec6a1a5ca42657ca7865dfe11e2

    SHA1

    1e38ebbda377a0376ba9446fde7d0e3883bd40eb

    SHA256

    a5f343acadad8a7969dc8104029cd1138ed65af5dc2bd2f0d09b280883cc0439

    SHA512

    c48a22b354229e69d8f422ddee05f07cec1acad26f8c78de1273db6ab1352c705874cf1bfd9d45455a8a20ef69326174204df406697d1400d2bcc2e62fc449dd

    Download Submit

  • /data/user/0/fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a/realshell/545d4386f69e9dd67a54908c8a55fb49.apk
    Filesize

    1.2MB

    MD5

    c61eaae9a9f92b734cf33b73f56bd100

    SHA1

    c518d7bddfb09c1921ab1d4569b261cca17a5b66

    SHA256

    158df0ec2fe9d76c00f0616c72e8b324740f9e5a74ad6a2c6e6c03902dba3cd7

    SHA512

    86712e752b7847012ad66a64e3e87daaddc4f03eb276f8043142e6d95a721f90ff72635a380dbc0b082cfda7356878a60c1ef9b640e745acca3c7831ae2b8e68

    Download Submit

  • /data/user/0/fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a/realshell/545d4386f69e9dd67a54908c8a55fb49.apk
    Filesize

    1.1MB

    MD5

    c8942b85ffa4a9966485e446c4457f3a

    SHA1

    b38aafaa386ca4f4d25dbc9241f1a6f73e5173f5

    SHA256

    28d8a6d03d15b83846472b5612bba1fc5e25719603f57224963e2c46bc2b773b

    SHA512

    aff62c1532006b7f3319fe263dbbd52255e02ae1f367e3993e5bda4a509e676126c1e2f848c3fe1494ad70d535d73aac4eb42cd7c4ee497e747fdc70ff53d53a

    Download Submit

  • /data/user/0/fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a/realshell/545d4386f69e9dd67a54908c8a55fb49.apk
    Filesize

    1.1MB

    MD5

    7e6756d93146e5d9dfcdcd7e4dd9d003

    SHA1

    86813f35eee20152d063b2d519fbe257f9a0edaf

    SHA256

    91a0325fb73be0489804b942adf411e04f235adb24f50c41d0989c371027a866

    SHA512

    04b907f2cf7c6636c007da368bb325b3a105773d35e82b4ebd0f11ed9c7a36427c7365a3d8680e5c59fe905e8d860e54f356c071aac9cabf20fdfa87de11a4f3

    Download Submit

  • /data/user/0/fo.mmulszvtknsmgp.ysrkgllxzl.b2066.b295d6c022f4a/shared_prefs/APP_START_TIMER_INFO.xml
    Filesize

    117B

    MD5

    13f85a88b958ffa19195ea58cab712c9

    SHA1

    2bd51dc502acee756d19e567242c0f6171773ce4

    SHA256

    e6a145e762213a0ad48effd9b5871bfdcc57376c70f9e5865c9977db400fbf81

    SHA512

    1a845e5463b58e6f95f986b49f824751f18fa64530017262fc78cd01f580917a48a4587e540109a3491046eb259e02ff44fc48dd641ae2fc35dfc862ab97d2db

    Download Submit