Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

d524ca3c66...a7.apk

android-9-x86

7

d524ca3c66...a7.apk

android-10-x64

7

Analysis

  • max time kernel
    3163731s
  • max time network
    140s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    27/11/2022, 10:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d524ca3c66c1b9ac8d1caf74f3aeaed2e165d1cb53df1437cedb86616c95d2a7.apk

  • Size

    3.8MB

  • MD5

    92f74331a099ff152ccfdd8d1cf399e8

  • SHA1

    5ac381642e3fd72ced61dcb694c2449857369ddc

  • SHA256

    d524ca3c66c1b9ac8d1caf74f3aeaed2e165d1cb53df1437cedb86616c95d2a7

  • SHA512

    0e20d24700e81f8e6b407d861903f723a871b3359c828bc1b8d30a50abc35189c80c6ac8258b8b7f6bfb2726995f05903528b44ecc9c592ffa306710509fb74a

  • SSDEEP

    98304:SP31e+ADQ82eYk7SsbpOl7aXW3vwtr70xE1vxj4OMgPB1AC4m:uADGeYkWsbpOlWX3+MvSMrAC4m

Score
7/10

Malware Config

Signatures

  • Acquires the wake lock. 1 IoCs
  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Processes

  • com.poxiao.hlddz.standalone
    1⤵
    • Acquires the wake lock.
    • Loads dropped Dex/Jar
    PID:4079
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_v2021.apk --output-vdex-fd=45 --oat-fd=46 --oat-location=/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/oat/x86/com.skymobi.pay.opplugin_v2021.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4139
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.poxiao.hlddz.standalone/files/com.skymobi.appui.sole_v1001.apk --output-vdex-fd=48 --oat-fd=49 --oat-location=/data/user/0/com.poxiao.hlddz.standalone/files/oat/x86/com.skymobi.appui.sole_v1001.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4170

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.poxiao.hlddz.standalone/databases/startup
    Filesize

    24KB

    MD5

    78d363c93f8b698657e7a67586ff5654

    SHA1

    c90f20e7025e00ab88dc9f54dbd12fb437efcd05

    SHA256

    4d66db77d90fc418edcb0592739f3a783a7e98a824d61253e048b88c80fa1542

    SHA512

    897d6ec2dbb4686de2ac08d31b5d4d536aa158a6ad4499ff55ea3d3f851ca0437789f677cc8c57cb9da54424bff51954be08be7068dddc59e88fafaeec22db37

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/databases/startup-journal
    Filesize

    524B

    MD5

    3624d6da31ea33c8958348a98117f9dd

    SHA1

    24ecf0e3670fa80a9a9bffe9442bcead734bf6bf

    SHA256

    3be6f6903f08f98b0c733732630f9e36ae085fa1550e1058a3dd4b8835c6537a

    SHA512

    180608add3d70327a8a1dd29a48353e7b68723d7f3c2da32092d76927558c7ac206d2305b08b1bb66c23811f538e673b042ca0bea3f9b47046b1061077ac0366

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/databases/startup-shm
    Filesize

    8B

    MD5

    7dea362b3fac8e00956a4952a3d4f474

    SHA1

    05fe405753166f125559e7c9ac558654f107c7e9

    SHA256

    af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

    SHA512

    1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/databases/startup-shm
    Filesize

    8B

    MD5

    7dea362b3fac8e00956a4952a3d4f474

    SHA1

    05fe405753166f125559e7c9ac558654f107c7e9

    SHA256

    af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

    SHA512

    1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/databases/startup-shm
    Filesize

    8B

    MD5

    7dea362b3fac8e00956a4952a3d4f474

    SHA1

    05fe405753166f125559e7c9ac558654f107c7e9

    SHA256

    af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

    SHA512

    1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/databases/startup-wal
    Filesize

    32KB

    MD5

    b2e074021b9b1f4abedecc26916a5f21

    SHA1

    21db8135dfe0cd7c7e1d3216ba28450ea19d1627

    SHA256

    755806c9fa900d3de6e4279ae2a6cd7fd50c70cda219fbd58e21a1e09e90158b

    SHA512

    6cb6966b1e1c6ac20147c252cb0e0b4e5c08fcfc0e66785de3212fed30315d4be917bf6285b7e42ac21767edf843f1ce061458a4815a8545f7f184bb4db8d1e1

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/databases/startup-wal
    Filesize

    8KB

    MD5

    a9323fb4b5dbf43776d87ca3a27d182b

    SHA1

    ec83539ad55bf9a099396b429cef45056e578344

    SHA256

    c9179db11389e76161f89c1859f9e75f1b7e4f46e034c55f3c70ff6687366554

    SHA512

    bc2e354c6d274a36bdcaa1054c8d56252c4df3cf7e3b71d1e72bc7e6e5ee412303eff94f3f21bb9caabd6696569e5cc766cb433b38dd5987f6a2675918318c0e

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/files/classes.dex
    Filesize

    1.1MB

    MD5

    f413c2f668b726abadaabcc58c57cad2

    SHA1

    bbf9d30749fe9dbeb4deee35bc310398f6a0a78c

    SHA256

    4491badeefa1e54df2ec1c0275a78df2ffe53680d0cbb2a691ad4be434f77a75

    SHA512

    ddf5b3c9335cf8b8c8751112c10c21c62e233623da22a818b70792216f464d7c0660b1710557c67a95f012e0efff9702113fe58b2b883562520133085c8a4c4d

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/files/com.skymobi.appui.sole_v1001.apk
    Filesize

    18KB

    MD5

    8d5b05c7757bbb09133767b745e13480

    SHA1

    b9a8d59d6e02fb31ce677c2fd2642ba8fa888548

    SHA256

    d5691c59119823ec84bd749b1dc41e601e855476b545b070156efadde7be24d4

    SHA512

    263bc1ef444a23e2c335e5330367f2e31fd29c990c9155b67c83a889460ab5bd7a05ac3518ec58f8eb84134b91229ce419fb33390c1bc28b9d809e136fd5526b

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/files/com.skymobi.appui.sole_v1001.apk
    Filesize

    18KB

    MD5

    f08052afc8f1f029c9329df41c5f7702

    SHA1

    6748174e22bc37eaf86a20156ba86aa3a70e9c74

    SHA256

    efb4af4c23769a47c8931b6eeb2179a864cf9c1f8c4db31f883cb5830cc6f177

    SHA512

    82726f3a5b104fe0b60f823871f93e1525e3e3fd5ed3a301ae66edf95b232c42002c3c387c3251055a62be248785fef32d2f005babc2664ec818d225bbb1ea8f

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/files/libndkutils.so
    Filesize

    13KB

    MD5

    79b814cce6253fc5e4d4386674bfa7f8

    SHA1

    8ef08cfb0154fd400e2535ed24be2cbd8baa05b2

    SHA256

    08f8e79325ce23d7780217ba1dcaccfe3d975dc25bd01d7dd2b6f28afebd3923

    SHA512

    b4aa994cb8a7d437c733aaee2316cbb6cb8b715641447a6ba1f711577d36059e32265704b8efc566af51cfd6cb26898e587816d24e864e7c51f92028ac84084a

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/shared_prefs/APP_START_TIMER_INFO.xml
    Filesize

    117B

    MD5

    35aefe1ec1cb14b28da34e3195db24e9

    SHA1

    fb275095593c9fc774c2bf92518e378e9a8e9ed9

    SHA256

    2dad3025152079966e540fc1bcdd75a91ef486dd12672a5321e67b8e1094a8f0

    SHA512

    745693230b4a4fa60018d46696fe149e7696297c22f757855d8957c0a9d270c83efbb53ab8ea038b178e640463b2b48ca28fc0fbc27044b9b71518eaf3dc0666

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/shared_prefs/AppStore.xml
    Filesize

    142B

    MD5

    e53f1c498689d8cf56351815fd4d47a1

    SHA1

    5b50201c1af08c453dffc26ef2d1935ab15a8b7f

    SHA256

    21255c211b3c19d3bb5262c427f9231245ce0cf857483d3608a74025b771e12e

    SHA512

    65e646a53ff388dc6c7625eb1a92cbea9979e8a398a22ec2e37b5f9b57dcfd2a219d48b07ea07f700ba78f11a9f10224fdec0e0028ee7fb70d93a87db8e739dc

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/shared_prefs/AppStore.xml
    Filesize

    185B

    MD5

    9ed2898846beda1fa25153a7c41a3900

    SHA1

    159b3756b9e3a7313f7802ab73ac59dc9e7c7310

    SHA256

    d6b9600f9918fbc83f7318c61cee54e7e0b6141c848068ad4cf4716f0b14b998

    SHA512

    2c97b1fe8799b5dbc7c91adcdbe6f3d4b32eb780fa179949c0522a0089d3337f22e2abd8c0164bae709bffceb0c31d7f9d3c276228e6d36aadee3ed9b7c1a666

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/shared_prefs/AppStore.xml
    Filesize

    376B

    MD5

    4ea1f73d02bd413e99a5a9a584a56c74

    SHA1

    06577ae9876a42a6823a76d7b23d9b287055ab72

    SHA256

    15c0b94da4d17b2a336d4952e9b850277812b3a49729442b52af992a0e1acb72

    SHA512

    86dc03b2084f9aaca0b357c39a441861b5d86078380ac749d0c217a4401cc616fd87ae20615eb6010c0b2214e6d63d3ee36641d859e229e37788d4f446d649eb

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/shared_prefs/AppStore.xml
    Filesize

    425B

    MD5

    29086a93e26989516ee1efc0d8af5b98

    SHA1

    1e6d2f3b6bac35086cad6c4e7e827c2ba95bf5eb

    SHA256

    a25d3d3928ed331ab96ea575b75c28ff1f029fc68494bf1cb3a0f0a71372096f

    SHA512

    5a1385040ab5da32e55cfcc8d494e837015f8c0c6b37020a053760da4391e68cf83b83f6b9a5f22ffb7f6ecbb15695966d37bd00685074f9047ad0cda828dbc9

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/shared_prefs/GameConfig.xml
    Filesize

    1KB

    MD5

    7b23b37d83ac8ce65c1f82fbc23079e8

    SHA1

    7cf8eebf02fe6a55ae4d8be98cf1abf1c68b6fea

    SHA256

    2bbfeec1626ff8e1a6b564d655a3e31e3ba4e9eb1b3304e4222be9af129c7ec9

    SHA512

    26ad24a01b4e5f6d08bae57ff17018ed2e43187c8bbcbc54bc0e172d07afb365d874b36873e23051ddf509d5102cd51be746a46b484de8b007690ad63b84c047

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/shared_prefs/playerinfo.xml
    Filesize

    242B

    MD5

    b3a646ab6c6d2b83c071f173888af031

    SHA1

    7a64421d23284ea3948df3d7df2610ade4beb60f

    SHA256

    66f449af527c90114e590fa8c5c38babe2ecf940400e408ec368db4878e28f18

    SHA512

    298bca8dce2245046c6b38d1cfc148eabc1c0307eaf0ada4cb6ffc39aa0cf7d6c891cd414ac9894067fad278685cc9368e3002188968c41f12acdf4c45d7bc3f

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/shared_prefs/playerinfo.xml
    Filesize

    290B

    MD5

    ce7bddf3d9bd581b9276bf16eb284843

    SHA1

    957c9d49e9a5940532aa01c340f7b90fc4b3f027

    SHA256

    e80dadcac86c1f797a22cec446b859c04ab70537a617da7b96057bc725a43016

    SHA512

    09a4388152d22f3b010c96d9ee8f67780bdd2eabdd1aca7d75ec157e088ee5d8b753f201522a573780fa56784489907c88f69f834a7baf3cacf4f7716d97babc

    Download Submit

  • /data/user/0/com.poxiao.hlddz.standalone/shared_prefs/umeng_message_state.xml
    Filesize

    119B

    MD5

    964952e3177f9dc329d5482f36020040

    SHA1

    b5528e133be52fc4c5aa40b2b62c7bc8885442d0

    SHA256

    9a1c06d8a43dd0a4cc8ff6de73a505ab3ae01e724c4cbd04f4ea6d5b297c209d

    SHA512

    917212f46559acc0d4eceddac7c8e98485316f5a71d22f4c7036530781d6b98b672397a5f3f1e4bf0afd7903792586973a8d9d14c6b69eb6caf67c2629d1dda1

    Download Submit

  • /storage/emulated/0/.AgooSystemConfig/AgooCommon.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.AgooSystemConfig/AgooCommon.xml
    Filesize

    111B

    MD5

    50c62982c71ba9e2d026d03e0e79daa1

    SHA1

    bde48c17107b3253512d3b1407cd8831c26f4709

    SHA256

    db56771c353998f329798efbd9dc5a7bde86f44513c27cc1eb184afbb170653f

    SHA512

    8bb8b854b4fc1b10e6dfdbc0fe74351a2e285e4b3a097961a9f53d94c6383ce63fb7c435ec3a773b3e0cc93db290ddf1596d20357e65b170a1b9a1d81b992fd9

    Download Submit

  • /storage/emulated/0/.AgooSystemConfig/AgooPackage.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.AgooSystemConfig/AgooPackage.xml
    Filesize

    111B

    MD5

    fc7e3c782b7e36be885b618fe5c879fc

    SHA1

    37f7e9e195f4ca0732adefd458931ac4dab88420

    SHA256

    0bd26ce3ad2053d932367c7c8e936d0ab9fc15fa3cc21a2bc5a192ebe37bdf2b

    SHA512

    7cbd657e76e3e18c8c9b203f8aeb48e2bb3f3a3121494a6fd22decfcd7557ccef5a63e8f238bd95efd1176740cfead107a0fad8d13bb603bec3546df6143121a

    Download Submit

  • /storage/emulated/0/.AgooSystemConfig/AgooPackage.xml
    Filesize

    606B

    MD5

    dbabddbdb477fa4974e0263d92036d81

    SHA1

    1b8f200f1b778397061af00dd46f5bf0a4db478e

    SHA256

    9746757edbe5bd3d579de41c736152a031d9363a8ea716dde633894681b84d1b

    SHA512

    47ce16851bf1cf3bc7288ea784d290d23c2d5a5f05e31ca5f6e4a4ab5712b1539b8a49e4b39d55593f3b58f0a21242ca0d7ff2ffae185bc481867c647aeba1fb

    Download Submit

  • /storage/emulated/0/.AgooSystemConfig/AgooPackage.xml
    Filesize

    111B

    MD5

    fc7e3c782b7e36be885b618fe5c879fc

    SHA1

    37f7e9e195f4ca0732adefd458931ac4dab88420

    SHA256

    0bd26ce3ad2053d932367c7c8e936d0ab9fc15fa3cc21a2bc5a192ebe37bdf2b

    SHA512

    7cbd657e76e3e18c8c9b203f8aeb48e2bb3f3a3121494a6fd22decfcd7557ccef5a63e8f238bd95efd1176740cfead107a0fad8d13bb603bec3546df6143121a

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    111B

    MD5

    340069479aa4b12f363c2f791f72d88b

    SHA1

    21a3363d77cb67d92d3bd77309d13e3492d5d292

    SHA256

    64ce1edea8ed509a2b5d688d933fd4faf6e4ebba4e89fd65ccb932d483652447

    SHA512

    e6f09e49892ae598e6babd5abd34ab309e6819c284c2e8ec23da3db22f92fcb88817538cc3c5f20a5cacd9cff23df4de1019b3fde0cdd0c0474a3afb6c7c6ca7

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    111B

    MD5

    4c76e7210a22d5150f5292cc4f8322d2

    SHA1

    a37579a11dd95b8abc14c2cbfe6674494d355333

    SHA256

    8ece600601218e63e8359500c57e31756b4af6f118dd3fcd0c27a371ba58afa1

    SHA512

    5d3ae2d4875d4d79bb0dee908ac1f753ce10c98ab48bbd1788c4b742c5e21ae8e6bf8be8e5395aa1df4aed8cd16d2fbff95f1b3359d80c900f8fee4229984a2d

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    381B

    MD5

    56b73f248ab5d921a83a5d29ee6e73de

    SHA1

    f1acb0348824738c4727d591b078288350c6f276

    SHA256

    53fd415954fa050559745385e0a7518da523bb2f694acf12306c8f7b2c7e1351

    SHA512

    f1a84e25e38996118440533cae95484f3da25109317e8ca781c87d14ec941ce6b4ec39483ed48052c55538badaf1944e3ed8f6e59bfee2be70deb57b0c2f78a2

    Download Submit

  • /storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_v2021.apk
    Filesize

    386KB

    MD5

    4a1fb248e672d39457f2cf9088c17880

    SHA1

    b500b2528ed6cee5929603b862b14a18655ac06d

    SHA256

    b2831dae43d2dc8daffc919456c244b17f15f5453dca097d665979e7254f8c23

    SHA512

    b434ee9348e7e2717b35c4f64bc71aa58aca634741045b91ec61eea5bdb536ece7449fe8d376f724bb0006cd2bc7976c9695bc3aa47a59a26ab6c6c09096279e

    Download Submit

  • /storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_v2021.apk
    Filesize

    386KB

    MD5

    4a1fb248e672d39457f2cf9088c17880

    SHA1

    b500b2528ed6cee5929603b862b14a18655ac06d

    SHA256

    b2831dae43d2dc8daffc919456c244b17f15f5453dca097d665979e7254f8c23

    SHA512

    b434ee9348e7e2717b35c4f64bc71aa58aca634741045b91ec61eea5bdb536ece7449fe8d376f724bb0006cd2bc7976c9695bc3aa47a59a26ab6c6c09096279e

    Download Submit