Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

b7ff30b398...JC.apk

android-10-x64

7

b7ff30b398...JC.apk

android-11-x64

7

b7ff30b398...JC.apk

android-9-x86

7

Resubmissions

28/08/2023, 11:16

230828-ndgqesae24 7

30/07/2023, 14:02

230730-rb96qsad7z 7

Analysis

  • max time kernel
    1004449s
  • max time network
    161s
  • platform
    android_x64
  • resource
    android-x64-20230824-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20230824-enlocale:en-usos:android-10-x64system
  • submitted
    28/08/2023, 11:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b7ff30b39826db33a85fc677819a958cc93_JC.apk

  • Size

    3.0MB

  • MD5

    0932738ed4bbf0a5ed48919087a0b5d5

  • SHA1

    f81cf7f542e133e3b34f8584ad6ba5ac64a9c118

  • SHA256

    b7ff30b39826db33a85fc677819a958cc9307ce2c54dde77c3e1239f39e6ec36

  • SHA512

    2daf58fc35294ec94ba891d0f9bf82cf328c6f7320133de88def60280c6815f7b3efa307ab23319e0f63c8551a6d5f6c3413f34f4494a817afb33b0d73ed7aac

  • SSDEEP

    49152:A/9qwKIvMtJkW4nuTk4F9ZXVJrx79zpLglaNHFIQf7sjmCj1dIjr+Sjp9nmQqS95:O91cJkZV4Frlpx9zpMAIQDsjmobS+SjL

Score
7/10
evasion

Malware Config

Signatures

  • Acquires the wake lock. 1 IoCs
  • Reads information about phone network operator.
  • Removes a system notification. 1 IoCs
    evasion
  • Checks the presence of a debugger.
    evasion

Processes

  • com.winston.blue
    1⤵
    • Acquires the wake lock.
    • Removes a system notification.
    PID:5182

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.winston.blue/cache/~test.test
    Filesize

    4B

    MD5

    098f6bcd4621d373cade4e832627b4f6

    SHA1

    a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

    SHA256

    9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

    SHA512

    ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    327319062ef226498d3267973bfe907d

    SHA1

    0607e63af5cd0064016423ae60dde1bbe89957ac

    SHA256

    c9ea8a47705eb4f8a9ab93b89a1deb1576e25f22a796e6a3a473df26ed79e352

    SHA512

    34dc3f38bc6dfea0c5b077f4b6fe9ab743b1e3d4fa147080004ca1db8e2315b7f4beddfb4eeb5203352e4e0d0898ebcb4dc03459030e2cf499186fe346cc0814

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    f98fab7d67b538d36006e81e8294124f

    SHA1

    03b09e163fbd98fa8bfb76800933c56f1a754c6a

    SHA256

    a1c7c3feb31e022775288d531d8c4a32f7252e9e13fbd050a7ca3975671d4af2

    SHA512

    3023d8fca3d7d056464c33ca6c0eee84b1b2d61bae74d056aa298a4f47bc24f2133e295a1c3f09cc1bdc3d3dde8f3aebdc439ff2cfcf8119abc021a0ded5a12d

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    224589fd9ffd49c38152d70707f87d70

    SHA1

    ad51d9ca89553102be797f70844724830086bee1

    SHA256

    6bc34d5a3fd2c032ec95e7d47f81bc186dc0d033ee8268164f6aad314bf1e410

    SHA512

    46a4058f8542da3ee3ab499214df82b14bbf418fa924f88dacd2acef5662db81ccc844260fe6cf7005f928f45918743b5ed3489c2472f6190f981a2ed611bc0a

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    a9f6b446280715effb6f654cfe4e009a

    SHA1

    92727b503f4fe3896a7abfa92d515c51330e96c3

    SHA256

    4150604e61fc97253a56306ef0573b791b16e4f72ad7ee2188b99fea73bc6509

    SHA512

    a230386bfe5f36b5298ca06bf317ddac8ee05acc20e075817264e7663b1f2ac41e53a857b398ac573d33aa12b59964e500ce7b57d2e027a7263a71f94dc45f9b

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    adf6082723784327d7d1b34adf974e7d

    SHA1

    b1502f70eb881a1dfe41139cb719fefb877ee37c

    SHA256

    252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

    SHA512

    762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    eb52a90bb70b76e946b62f50b6f7fb85

    SHA1

    42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

    SHA256

    48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

    SHA512

    b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    d318d06803c253fbe436c3c0112c0bdc

    SHA1

    af9b6fdabd647ba62b9c4e339e28c7806554975e

    SHA256

    97ddd944fcb95c7a170b0c5ecaeacebf69629d08df73e0e7c547a756be4bbb28

    SHA512

    66f3ce48c4e9676443e03264bf05f4a16328e4a4a5a5e0cc8796469d23c3875062e9564d1fc0c5c56381325b718ceed7563a0f33699a05c3e672552a1ee0e3c1

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    64159562969f47a441e86d1b5e5942cc

    SHA1

    eb606dab4a8536971e60b1acafb73ef33a5f1d92

    SHA256

    ccbbbffabf064f2e0550c311b7d456feebb83fa033d3cb50d93553843af0e956

    SHA512

    6c35cb2c084ec4a108c855dd40adf5de0910c119b619d4504f7e8f9d81ef3f0173d8b952b0eedd826240cffc7ed61c26732bc2b2c0a37cd9dcead4e8bd9dec60

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db-journal
    Filesize

    512B

    MD5

    04f8dd7b52b84a62b59d5bb69f71aaa0

    SHA1

    c3131c1c20a3f7eb4a41e017c714663790dc63db

    SHA256

    ae6dd7d169602426e7d898b10270c66ab575678f7707d265ebf9f220942cb158

    SHA512

    ddc4d4fb0166d4b094e85560caebb20222d452c668229fd0b4ad1c7513a1e597cc00ce3593f3fc8c3ba7b432b9b2fb1d2e916f2dfbf8ddaeb74e47f10f4b64c7

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    c3eb73a6255c3e57e71bdc9853b6520c

    SHA1

    786f4092de4f67e5f6f703514effb5eb32c6f62c

    SHA256

    a7394206cc7dac900dc5bd99c40d6c9d975af8022e34ff56411653d9377e7ee7

    SHA512

    3b8ca72b0a1e21ec55fce3cf25119c2927fe277999bd28ce8fe107ac26a6c54db3b1bd5841c80a6c6ad76eaa38e7f7eddaafd14726c37e8ce7cb9e604b1df496

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db-journal
    Filesize

    4KB

    MD5

    aeddcefc3df47717b3ddbec8eaf56354

    SHA1

    e6b3482f8f6d59868de8c38b016ae2312e5953b7

    SHA256

    27d932f13cddc80d82196744ed5ab99be6f877bfa0214d8391b0fb7852f34fcc

    SHA512

    b866362e0f08246d553c079eda0e3862aa51797a430f6e1e4f813de934b216816bdd0b4ff13af6a6cf2c0a4d774718b53aec2e81075c9e82e2536d3c0b993223

    Download Submit

  • /data/data/com.winston.blue/databases/google_app_measurement_local.db-journal
    Filesize

    8KB

    MD5

    157c7c4c82ff328dea8454bf2ea45871

    SHA1

    9af89890c9462e245933411d07d8dbbbbe84a365

    SHA256

    11a30b7f2d4da446db072e353f23f82846847ff96ee3b0f7b626f7a9ad38abb7

    SHA512

    af6b583b86c0dde3a7540f7deb11d1d61eb27ed938a08a493bcba8e2677370728f10c8ec5c234c825235ac59f845c4140c05fbe15a1e0433a2e918b5f18bb20e

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/64EC822702EB-0001-143E-5137C5902488BeginSession.cls_temp
    Filesize

    77B

    MD5

    3fe600461a8ccd9ed65511781411ba77

    SHA1

    aa6386e0aab856b42ca5c63f9a6a0d49821eb057

    SHA256

    46e52930bea8005a571483ac2d905f162567cca287dcfcfb957f9463886dc53b

    SHA512

    53ed117ec933a1a9592c7db5f8b27e0c91032783a2495808ee3c93f74aecd7eb7331b8986ada2d09e91d6f3331fdd92b870eb46bd84b8fce6d90c3a518c4f4c1

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/64EC822702EB-0001-143E-5137C5902488BeginSession.json
    Filesize

    132B

    MD5

    9c90ccbad6f663e6c94ad700e711e889

    SHA1

    24eba38d5ae33f3fb7ce98aecb88a65f3e602e07

    SHA256

    3e5ae917dc0005e60eaf038d15c01a6b4fd9df84853ce15dce47bb27711ceccf

    SHA512

    15156e39a041da5f36f22a1288dd7f68a655cf7f6b0a024243c0ffa042b80ee5c1699487da369be84811c4475e64a88f32c94391b0d64bf8024b3cbebe81cea9

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/64EC822702EB-0001-143E-5137C5902488SessionApp.cls_temp
    Filesize

    105B

    MD5

    3aa40ab9c9da0fa9ca6e7f10924e1a99

    SHA1

    0130517e2b36d3c73a48bb24a16460efa2df00a0

    SHA256

    c286825bf187338acbd584a9750ced70aa34cf6915ad9bb8aa034b29623471a7

    SHA512

    eda1854eaf63f8f71c7068326ff99aa119a862dbbd7f521e9d8901d1d652c98e36a4e0722a2481ed9eb6a8fb0e4da4fc896ee1568ee9f4bb5b0c3276f18eaae2

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/64EC822702EB-0001-143E-5137C5902488SessionApp.json
    Filesize

    219B

    MD5

    ae8cd62aa1325c941c7b5fdd54743d13

    SHA1

    a1cb85983d5f56271815f051822d701efe4192e4

    SHA256

    945c9985f7510a1c402617c73702f58c6205fbce0c1b46776b63dd7d522bf600

    SHA512

    0d76f179c9fe5cf9fef5117b10f379ff8580b46c284d82d971cf400912bf0ad2a571413fdb58fbf2faac5eb60b12d8cfb9eae10b5e8b57ee5b202bdd86ccfdf0

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/64EC822702EB-0001-143E-5137C5902488SessionDevice.cls_temp
    Filesize

    48B

    MD5

    2390c1f21db00b20c07107e3ec7275fe

    SHA1

    e663a646460acc071aebee942cc1776c23d77655

    SHA256

    d348072a01496839cfcde3a18866423aee74aefd613fa3bf1ff4a203ef46a699

    SHA512

    43ff60754eb60795ca1c318f44dcfe49194add26cc3d92c2eac7bef538fd65b6290f2e5953b8f1693b9425ebbcdd022ab16a18280146ee0b0c2eefe27bc0bd63

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/64EC822702EB-0001-143E-5137C5902488SessionDevice.json
    Filesize

    202B

    MD5

    afa07370d07ed0a8ac9554ee7001bb72

    SHA1

    d1e9de22fda1295087525ff3a377f7d7dd410ac7

    SHA256

    8d4b99fc4968c9cdff4626ff6c1467cdb427f7a597b153f03b4bfb62dde6c07d

    SHA512

    a7a974b1c4ca3d7ca92e1449dc9718d5ea2af7f8e4c605d25c731fb4bbe891fdf340835e2a4e3a363558744e5ee30aec22542f377eb5bffc0097c70d24f241d1

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/64EC822702EB-0001-143E-5137C5902488SessionOS.cls_temp
    Filesize

    15B

    MD5

    2566d27ce8c28d8961f082c375d7535e

    SHA1

    92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf

    SHA256

    5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a

    SHA512

    1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/64EC822702EB-0001-143E-5137C5902488SessionOS.json
    Filesize

    55B

    MD5

    5caea4b68c57072f7f52a5a41720566c

    SHA1

    4d9712f1702c7238949da43f7d8ae6efb233a666

    SHA256

    3223857b618b924c2b0fbc7bfb373a1aacf300a7b5ab585e18fffcf19039f363

    SHA512

    fe1455d21c521aeae3292bdcc386f6d2005dc253930c03e44dbcb972f96b849670d2aba039ea59e1a5ebc0350e6315151d17bcda55c161a62987d4bb01e91f9f

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
    Filesize

    395B

    MD5

    134395d4baeb7c7552714243d4fa62d4

    SHA1

    0e6d68bd047fa18a96f0e8b9fc77fc1379d281d9

    SHA256

    b2f9098d5780a4c8b6ad8c3a130a38b05cfa0cf2f3a3b046ef74e6404d66fe6d

    SHA512

    c463898e476d2c377b94096ce3209118d712497ceda17cece301a43b8c9a153146b636c11f3c33869c169f42a62aa860bf02bf0df200735929ff5a50660663da

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
    Filesize

    781B

    MD5

    6f70ff9157510d051d317e4ef79d62bd

    SHA1

    d1e6e0601ddbb5c45cbf3b3720ab8f9d800263e4

    SHA256

    c9b7db966af1d779f83add9740fe7c340bccf0578d8b60c2ced030076e344d36

    SHA512

    67491951fb57944ef772d2ea57d2ee3ab18bb268f6843bf7a56ed91b64c9a372ba22a77a65c4b130b51e69f3cc3eb8648977999d7530ac66cc63e2f228621f0a

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

    Download Submit

  • /data/data/com.winston.blue/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_5b557222-914a-414d-85b2-55e07bd2f3a1_1693221417850.tap
    Filesize

    328B

    MD5

    08fb5dba179d9e3a12206ae07b3960a2

    SHA1

    f35aaa8a77f38948a0d537491f071aa5b06c2920

    SHA256

    e6d073117167eaaaf7118f5383ca691ef6eed787203c8cb9c74a83ea9434cab2

    SHA512

    b13553ce39a7f6c85c7890d06c7d7fb3c35b235ca69b142b8c6d829ba59c8d3dd418901847d7280f25f304d0e0e2862685474353c39cdaf9f4aa2be0cd4ca350

    Download Submit

  • /data/data/com.winston.blue/files/PersistedInstallation2045038059118912388tmp
    Filesize

    90B

    MD5

    4495376aac2680da068ef39cece6174b

    SHA1

    60d6f2888205c442f69442ef3624810681b7b654

    SHA256

    9a8823c35e78d7706c6367455e3f9a2d8471f349afeb4c5c721649c1c215b3b5

    SHA512

    dd3bcb138fcaa54c83d1ae0adcdf47673864d398e0f853daace265d9dd58613d5796f1c54e970f229d7a4a09c183c5c0e0b77310b0f35104b2ad47f8c907a0d1

    Download Submit

  • /data/data/com.winston.blue/files/PersistedInstallation5588238076473676536tmp
    Filesize

    569B

    MD5

    fce653a0c18a1d7daf7f9ce83cc8ebb1

    SHA1

    cc77ea518dccf34f1cd53d47ae7709a29323d389

    SHA256

    89ec50f2d68efa2fa79e6be49ba4e510742fb24eacc0f30634dd84618cf4a834

    SHA512

    ef3d4603f31e751825567f94fad3c19cbead5587bd7f6049ae40869bff6d91f1b15dba2655c54dc83b4ee8742147bce88479f403f62e31b7567ae97b7340311c

    Download Submit