Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

xManager.apk

android-10-x64

7

xManager.apk

android-11-x64

7

xManager.apk

android-9-x86

7

Resubmissions

20/09/2023, 15:26

230920-svpvksha9x 7

19/09/2023, 21:51

230919-1qy7fscb8y 7

Analysis

  • max time kernel
    2943282s
  • max time network
    75s
  • platform
    android_x64
  • resource
    android-x64-20230831-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20230831-enlocale:en-usos:android-10-x64system
  • submitted
    19/09/2023, 21:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    xManager.apk

  • Size

    9.1MB

  • MD5

    15e16125c1cd2e4eda8058dc1b957362

  • SHA1

    4649e99fccb758e34be68ccaed63db1053c8337a

  • SHA256

    05ec45735db9d58d3991941cff56d25ba6ae26dd300b2c1250aca093e68843d1

  • SHA512

    e1cfcde3ef453045aa267cdf2ea48ffc6e80cfd054c9dfc5ed0edddfedae61d8bfb12389e248ae44ee4f6cbd408b97befcae368d8e23a0ea3ad2985e9bac219a

  • SSDEEP

    98304:1g4OD3plY2bl11NHC77QE7j01xkgnk3Jx+V0L0QUllb/JGxBbSg64kA/32d2ZrC6:1cD3p5l1zC7D01xXnaxjLalmBR6yxrOm

Score
7/10
evasionransomware

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Removes a system notification. 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.xc3fff0e.xmanager
    1⤵
    • Loads dropped Dex/Jar
    • Removes a system notification.
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:5092
    • logcat -c
      2⤵
        PID:5173

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.xc3fff0e.xmanager/cache/1613498354782.jar
      Filesize

      9KB

      MD5

      2c84bc0c28d4ac333d267f7a152b4039

      SHA1

      49e67f04004587ae351d5aba4da5f18644746864

      SHA256

      1eea5584eb2332554753b4beec7fe8e972bfb3eeadbe0c05dba33de267f25a00

      SHA512

      44ab6c390cac8b11bf43097293ef73bb620b1466fd671a945639198ea10dea425a0c9443b47752cc0a6689a6f5a7661b35f7a8a350ffcba30a72be60d5f18abd

      Download Submit

    • /data/data/com.xc3fff0e.xmanager/cache/image_manager_disk_cache/journal.tmp
      Filesize

      31B

      MD5

      8c92de9ce46d41a22f3b20f77404cc1d

      SHA1

      8671a6dca00edb72be47363a7071be65cf270373

      SHA256

      68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

      SHA512

      30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

      Download Submit

    • /data/data/com.xc3fff0e.xmanager/cache/oat/1613498354782.jar.cur.prof
      Filesize

      156B

      MD5

      c064af9c3111621a531c9aed816a83db

      SHA1

      d9cf4c8500c328bf40dfd196b1eaec1e4dfab526

      SHA256

      49f018e34ebf079675b1de71e802881bbd9971db7fa941fad1b12dd8abb604a9

      SHA512

      dd0d303d6b7ad280ff22a0fc1626228f7686c39e37e85ec69dec232b00c56088fa855fc4e66b4cc93f411b243462322e4fd6513c666981659ad774be793af89d

      Download Submit

    • /data/user/0/com.xc3fff0e.xmanager/cache/1613498354782.jar
      Filesize

      21KB

      MD5

      86ce3683020b3f28f4110aac9c769ff7

      SHA1

      876e0686440524927639a4797b2f13b12a26ce4a

      SHA256

      be852340e03b169a28811d1ff41582d19638d9fc0540f237ecb960c45bd07071

      SHA512

      04d03a9963ba49adf5d0d26a21b57e85e21416fcc3d479ce7522149d45f5ab630ff78e590e724695fe29850b08b4dccfa5051daf5d4e4afd9384f7183f887ddc

      Download Submit