Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

4f48ddc006...d5.apk

android-9-x86

7

Analysis

  • max time kernel
    3161555s
  • max time network
    12s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    27/11/2022, 09:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4f48ddc00653d938b266025ef48e0fab78ca1dd99b4839f4a47ca989646a7cd5.apk

  • Size

    2.4MB

  • MD5

    b9a0afa9c4d2f607936e5caa768a5082

  • SHA1

    b7ff42c3a364903c0ad7127b4a38d8140ef862f0

  • SHA256

    4f48ddc00653d938b266025ef48e0fab78ca1dd99b4839f4a47ca989646a7cd5

  • SHA512

    8f0d2777ba49e5cd9a90cb5ebc9a657ec0ad480c7392ebfe603a71e47b8e88e2fba056b88c9901ce5cf0a7b0fcc991f49dc4c77e7de1b6c0097eb5a04e110a2a

  • SSDEEP

    49152:NInOZb4wZ1USbv+ZnsuqBdyt140p90nuJkUhmIVfzS:SOZ7LU8GZsNBdyt14030nuJXhLVfzS

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501
    1⤵
    • Loads dropped Dex/Jar
    PID:4087
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501/files/eb947989e9623814b08e8b48bb6f03ed.apk --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501/files/oat/x86/eb947989e9623814b08e8b48bb6f03ed.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4172
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501/realshell/3720f322cc3603b6b8b695471a5a8104.apk --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/user/0/ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501/realshell/oat/x86/3720f322cc3603b6b8b695471a5a8104.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4222

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501/files/eb947989e9623814b08e8b48bb6f03ed.apk
    Filesize

    104KB

    MD5

    f06df6cc67974d70260b7aaf012e59f7

    SHA1

    1217469488faad98f0e65ddfbe35eaed8af447e2

    SHA256

    d108de705d767d74fba29d892dc2d4d2644ec4d112e4bbedc840faaf18672471

    SHA512

    16e802879a8751e594696b58d91e8a37b6ad7a3f44324f4eeff2abc5a0bc88e97ad61f18ad81d8450122054a15b2e7d3942eb329a0e66474b5e18c87e18956b9

    Download Submit

  • /data/user/0/ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501/files/eb947989e9623814b08e8b48bb6f03ed.apk
    Filesize

    289KB

    MD5

    0354f29fc1864730fb4ae0e04dde76a8

    SHA1

    af4e2501893fd92d178fcf892304d3f4610f4716

    SHA256

    d97a4b8f03228b90973f04e930545aa8d5d4a91dcc85b6aae1f2e68c3dc7980d

    SHA512

    2d73f5e776bc4cb2de6f6ab4abbd99a7b83d2258e930614e0b785ddfd5af5218d684964a8f9359319376df555ede37a66c42228e6731209ba25d8d325e567b72

    Download Submit

  • /data/user/0/ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501/files/eb947989e9623814b08e8b48bb6f03ed.apk
    Filesize

    289KB

    MD5

    62f6d5b44e3c151036bf79308d305dfa

    SHA1

    59b8ede65ed0f74d536b39adc26c97b3089b0eb8

    SHA256

    82a297db8a7a3e3b570baeff8279de520b6360c40296c9fb9d10eef3f7baf9ba

    SHA512

    df397e15b1e23f340d64767f16a9ae3cce597dbb11b17e2bf5f7e6845a8b996b17cb66d563b30b5fa4e8c1e417383e54cb846c17d7be00f3ab73a64bfca75d87

    Download Submit

  • /data/user/0/ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501/realshell/3720f322cc3603b6b8b695471a5a8104.apk
    Filesize

    1.2MB

    MD5

    9e529b45f26f80980ab22a0995fb4923

    SHA1

    84ef871942545d24b103fb5304cda70b0590b85b

    SHA256

    f59d18c202199b9482b0a43c38118721d6a892483a92a4900973004ffb2da317

    SHA512

    035c91b7991a915591e51275028b22c124e7bb441a08f17ee9eb8a3ef625ef741d8e4a2618ee66657e6a98621ddc0758d004a1a17276453b281e73cb7e5c2417

    Download Submit

  • /data/user/0/ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501/realshell/3720f322cc3603b6b8b695471a5a8104.apk
    Filesize

    1.2MB

    MD5

    0287f05a01b6a04a7e8c8114c0bddf66

    SHA1

    ed24d94ee70d6d7937bec9508c43f0ad72c79ead

    SHA256

    406b97c0c2fa5fe6d8d8597226ea21bf7844fef5b96e1cdda5e74fee2bd63c7c

    SHA512

    fc9ab00119256aaa4c5ed84fd1a3e947cc0db042ddb643af1303f1f8a2fd441b5f5982085442f32f749aed3f5b2c9c7de489aabb0560b7c13c95efe3f286607b

    Download Submit

  • /data/user/0/ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501/realshell/3720f322cc3603b6b8b695471a5a8104.apk
    Filesize

    1.2MB

    MD5

    e499cce8b870f7ce06fac01d58592a0f

    SHA1

    e6e403e1b08ebfccb18aca5c1dc650381141490e

    SHA256

    7fd118f340f57fd686abe747910a26eff654263f89c0fdc3b1a0f4dad3058ce5

    SHA512

    50264a8db190bbe5e6d92aa92043077b863b2b03d40b1f6d391520b9f981a54022b172cab500e9668b52aa59c9916c7b7e54f34d556deef0692a31ceac3a76c3

    Download Submit

  • /data/user/0/ma.tavrlegglra.rpmwyhvtbyww.ia854ef875be.dd6501/shared_prefs/APP_START_TIMER_INFO.xml
    Filesize

    117B

    MD5

    2f317f1fba146578d88656c8ddbae169

    SHA1

    a656d8c032fca6326e0129a683fcb0995fe81553

    SHA256

    914191782dcbbd342aff6cee9e6fc7990f4f42c458d12e232d378cb9fc1eb9e6

    SHA512

    e706321fc65aa8261eb0f7dac8b41202b99dc8c18e4373bbb6599202ae9c0bb0833cc8a5b2b4941b5f42f92485044918d03f4dee161ca7f0b8f3f34835e79a05

    Download Submit