Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

d1234d3c81...e4.apk

android-9-x86

8

Analysis

  • max time kernel
    3217392s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    27/11/2022, 20:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d1234d3c81e76b55e62dfef969aaf6e95337eb4de0d10da9b3d38dcebdde90e4.apk

  • Size

    6.1MB

  • MD5

    d7f2030e14c7a3de8df97586f5174367

  • SHA1

    dfad25fb0ca9fff397b5e558f9432ad890c3090f

  • SHA256

    d1234d3c81e76b55e62dfef969aaf6e95337eb4de0d10da9b3d38dcebdde90e4

  • SHA512

    c2d56518aa64ba6f6ad92a421efcea8785d8555511b38d5c85ac109218113a8c7270c61f03741af35ac30f3745ee1105adf924ecff9cfab386340762c0abba82

  • SSDEEP

    196608:peX0vfH3vJ+i7Nqj/NLySRweuTr+XhHs+rbUsfrkF8HxH69/gVJQAM:peX0vfH3vJ+i74/NLySa/+Xq+rI+rkFb

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Processes

  • com.games.everyfish
    1⤵
    • Requests cell location
    • Loads dropped Dex/Jar
    PID:4128
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/com.skymobi.push/plugins/com.skymobi.pay.sprpush.apk --output-vdex-fd=72 --oat-fd=73 --oat-location=/storage/emulated/0/Android/data/com.skymobi.push/plugins/oat/x86/com.skymobi.pay.sprpush.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4243
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.games.everyfish/files/j/j.jar --output-vdex-fd=65 --oat-fd=66 --oat-location=/data/user/0/com.games.everyfish/files/j/oat/x86/j.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4232

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.games.everyfish/cache/CommandCache/40e5f0270a0e650c837fab6b18a8bd8f
    Filesize

    1KB

    MD5

    1d974a47af333635193109ec7636b822

    SHA1

    39e0b6775999dc4ee62df7110a9921badde48f99

    SHA256

    2dbdce9538b2bea1982bbb000059b75ec558c97f480a7b15a8728c85c43c5010

    SHA512

    53b6db328d285a402be61561edc8f10ea6279012c392804e4f05f1964fd3e389ccab6c60ab4cec54c171f6c883310e669e20230eec7ba920a37f04fdbf34404d

    Download Submit

  • /data/user/0/com.games.everyfish/cache/CommandCache/ea0f180495800641ce3565ab51a9fc47
    Filesize

    776B

    MD5

    87104354b90df13da6ff23daac470557

    SHA1

    16e0bf1fafb24ae5e1638f7739b3d057d182722f

    SHA256

    842a4cbd58cf45f6ad945e64a5e82d8b64e52476956ba0483fb449e323a3b55e

    SHA512

    3e3c900029d5f156e52ca719f6cc9d113bfd5e073783f45485fd17c60d37e900733a641921cf3994f2949b1a76ff88631511d78e0eeeacf3a8bcc674c6b52d5a

    Download Submit

  • /data/user/0/com.games.everyfish/files/.imprint
    Filesize

    848B

    MD5

    f084ed626c2a9ca39d21a01a80f43ac7

    SHA1

    24a83170174dacf68a70c2b8b8f590479a4238ff

    SHA256

    6bd00c70d695686ef90363d47240819fc013302e99e1f45dd72333c85c6d0901

    SHA512

    1ffa67ac68eb7d0bc51be5b5dd84e6335e9746df4b2eccdf0c221c49de32efd0ed9c364200c41f18fd1aeb83c2ef901bce9aa54ef1a950d3a28ed9db4054d0ee

    Download Submit

  • /data/user/0/com.games.everyfish/files/j/j.jar
    Filesize

    7KB

    MD5

    f782522c9ac7136e59e21dab28abeff5

    SHA1

    04f82ab6b8ccbbc0c18f4cfcee8ef88c9d543bb2

    SHA256

    15d1f5e2dcfed1afcc965bd365696c0655fe8d3ee4ac0dba1c3bf294f60bb790

    SHA512

    b5b503e929fd09357bad96e524353a20c9586ad931150088673fb9e4b9a9b1d87dffd6f422e18333511bb65d7c87c576f009ee973bee2a1448ce3f3a6d1fd5a6

    Download Submit

  • /data/user/0/com.games.everyfish/files/j/j.jar
    Filesize

    18KB

    MD5

    448b27db7c42b5de7e71555b53bb2408

    SHA1

    fc9c2c9bfe37114f6bd6531d3a23bcdbfb1a42eb

    SHA256

    801c083d288fa99186110b6a84531fd7c974ef38fba03b6822844ef1911760b6

    SHA512

    ecc134d3a06f1fee56aa207af305c705b75788127aa6c85c5a6a7a3e0e24f1935a652a7cedda1149c7f553612e8232586cb919f287372a6afb5f4a50af2f6894

    Download Submit

  • /data/user/0/com.games.everyfish/files/j/j.jar
    Filesize

    18KB

    MD5

    2cd268a4b8b732c66bb376a3cef4d43e

    SHA1

    75497923662a1a598a5c57121f43be14e098bcf3

    SHA256

    23426a52a49f503032742cd9bed8010e96b837f04cfa6536cd8527d0937005f5

    SHA512

    f780646299fc56be0a75c61d05a8b693479a216b4524e2d6ec95a6d2ddfb4c196be385829fac2b0a0a6c2dca929136c6e9dc39a9bc357288efbd28b18927afab

    Download Submit

  • /data/user/0/com.games.everyfish/files/j/libframalib.so
    Filesize

    1.9MB

    MD5

    12e765cffba0b8a8aaaaf8d512d74f94

    SHA1

    d5a407aff84a0f42543fe7ab2a5becf4367f1c36

    SHA256

    82d465ea044e15e1ab24b597ff17fea8d1e98bba9d34a8bfcca84df588f44daf

    SHA512

    e9ae9413b3d25cdfc7ab40902524704d03b6d33168166abae22d6fc08e4c7181dc23eced2b84d9c6bebccca0eebf6d115bca1e44eefd85dcdeb27506b1cf0d5f

    Download Submit

  • /data/user/0/com.games.everyfish/files/j/libnqshield.so
    Filesize

    49KB

    MD5

    8c6d7798cf7af2a6c652a7b54d38e36f

    SHA1

    2401134366d3c86347c2b9f23e9862716f58a566

    SHA256

    558693fc55164be09c8c514efc9e5e30444fd3c2b3ce37b8e290ccde3a9d12ff

    SHA512

    fd3543079ca0ad216607a87e25ffb1f430bb3a01cabfb5d2b8336b9b6a82ffb099896746242dd7ecabddcd482176888a17f68d306e2057034c764176b025b171

    Download Submit

  • /data/user/0/com.games.everyfish/files/j/libtrec.so
    Filesize

    13KB

    MD5

    0bb0a910c5c592b22daa295f8fdbd443

    SHA1

    12185102d70ddbbe15acbc3aa628184ce70ca524

    SHA256

    bb1b790f37cf68f3443381b74da981479fdde3fefbb49cc9997ea91060afb324

    SHA512

    c360fa2e45f9c045cc262a20f265b55f11b48bfdf1d5608b4be9fc07762eefd33c1ae14cb96bd589141caab3517f9b248f85e8b203bc6223f06055e2eb72788d

    Download Submit

  • /data/user/0/com.games.everyfish/files/j/p.so
    Filesize

    13KB

    MD5

    5d71c0c82a485ae51bb9006d4c315816

    SHA1

    b5666f78dab296b124a30524f43b3238d5237530

    SHA256

    18fb84117ad0bb1618bf2bd0fdcbbc492c56ab10c5e2c72755874f12583c369a

    SHA512

    5730e4a25c52d24fe121a30153ca702976e172de63a1d03903097e0fe5466904f0995e50d752b44fc0018954f4ad4b804f1bc3e49b001ad5c81ccf796af101d3

    Download Submit

  • /data/user/0/com.games.everyfish/files/umeng_it.cache
    Filesize

    211B

    MD5

    c87e52e44c3c47124c427059fe93f9ba

    SHA1

    08893b6e3b4e691b7ffcf4c8d3614a260d456d06

    SHA256

    d5067146557655137d598be697f9982ca2176d38daebfd376970e55ef3500931

    SHA512

    3f2e1f5a26840e44306f5a5455981361d5d64b7f15b790b1ac8abd62746f560179c3da4b6f219ddd0de75932dd87454c338b6ca2d1234d050d947384e0c2fed1

    Download Submit

  • /data/user/0/com.games.everyfish/shared_prefs/AVOSCloud-SDK.xml
    Filesize

    117B

    MD5

    6dc79ab0f87a05bf7567abe519743486

    SHA1

    d29301cc1f46d5d1612626517465ea8071879bb5

    SHA256

    9e0e964eb0a3c34f5b6c0f9aa545953f222332eac6ed841bf7c147c5d1cc7aef

    SHA512

    9d8bb4fcdc1cf5a00118d449ea7e0cd825ba1c5ab9f49195f65defc608764b994e28882938c63ec112e29a8c8d051a21af4bf1fb45e10a04874a5bf37d2f6910

    Download Submit

  • /data/user/0/com.games.everyfish/shared_prefs/AV_CLOUD_API_VERSION_KEY_ZONE.xml
    Filesize

    123B

    MD5

    f3e930fd6f61a69a9720c35e282db1bd

    SHA1

    747d9ec1e652c30d152976da101680a86f18dd33

    SHA256

    e0c70ec0883b85cf892440de5d4dc3b58bb192eea1ac6412e66bcaf78a4f862b

    SHA512

    c0d29beec0648eb2efeb88353b1576dfb40082af781d45b5027ec65630ddfb10c4f0be73d9612d2800418590c41973982b357ba9ae97c8825f36eddbd93b4a28

    Download Submit

  • /data/user/0/com.games.everyfish/shared_prefs/GAME_FISH_PRES_INFO.xml
    Filesize

    896B

    MD5

    dfb85ec85e3ba4d28e5d35108363d3a6

    SHA1

    e7ebd012c874bf254bad97e9e66272b1bf7375ae

    SHA256

    db812639a17f2832cd0203bcc79d3f53dcb4de0779366cb0fe1ebab05b9d6401

    SHA512

    283a0da2cba7a7103275cd5dec70f36107e61f317cbc46a97f59bf91c791d6941998c783d607f040e68ab289b7ccddd7cdaddcd739e5f5e653af2abd1719fc35

    Download Submit

  • /storage/emulated/0/Android/data/com.skymobi.push/plugins/com.skymobi.pay.sprpush.apk
    Filesize

    98KB

    MD5

    3a03192b24e28b0016574e4bb1feb4f4

    SHA1

    6ba26ee5414908ea1f8fa80efef3c88db47e90df

    SHA256

    b5de76754a308ea7ff60de40c2ea2b3dbc2e1565d7613c568ff62e7b11c5cf76

    SHA512

    39a44e2b43e769771aff38c5c1e798dc265e9faded5aaf14c3836045a6d7ee2280a6d83f7589071c53befa97ceeb9877f63c41079a9365ecf2055203781f8b4d

    Download Submit

  • /storage/emulated/0/Android/data/com.skymobi.push/plugins/com.skymobi.pay.sprpush.apk
    Filesize

    98KB

    MD5

    f1f3db1e81a2c9dc79f63913042a40ed

    SHA1

    86832d3f54586153c4fa3d6fcfc0a2984611b8da

    SHA256

    1377c3c99bacaee770e0cbc07d04d39d797b5c2f82758e50db4013f90ea55ed4

    SHA512

    f715a814d97c06c6e2412c0753f52ecdd0b01f7348a91c3bde496bcea7ade98d6c2389c8ebafc89119d6f6794df1c5aba72b000a45a609282d8f9f5e008f2eef

    Download Submit