Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

UGREEN1.1.8.apk

android-11-x64

7

Resubmissions

12/12/2023, 05:27

231212-f5tkasffam 7

12/12/2023, 05:24

231212-f3vpksghf5 7

Analysis

  • max time kernel
    1551704s
  • max time network
    88s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231211-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231211-enlocale:en-usos:android-11-x64system
  • submitted
    12/12/2023, 05:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UGREEN1.1.8.apk

  • Size

    34.3MB

  • MD5

    2f7a1519274f7004a452efb5e344eba8

  • SHA1

    f39616312234ab0a0c44ff19a7a566be207318e6

  • SHA256

    e6041dfb67e151c558ae98c807d6d632819a400a899c66200480325b235f71e7

  • SHA512

    94e21f3e2357e1a9cde66df3128e4952dd4be347d4aa3d85aaa9d23e22b560928ccfd147e1c9a4d99a7671edcebe15a8300f6d974894db3e418a548a430f178c

  • SSDEEP

    393216:kHeT7z6IbU1W/prZmusL2pGs3oH0M/ByWqq9EjOAoF0yPGc6DMJiQA0RM5T6Zfto:ku7lU18pEusLldyW8OH9PGlMJknqnJni

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.lulian.ydcn
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4485

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lulian.ydcn/.00000000000/39285EFA.dex
    Filesize

    69KB

    MD5

    75a8168e7080b90fc2956592c268371f

    SHA1

    3702da56d31f381525473364f031dc884e37076d

    SHA256

    0b9c032080788add7f5989d0ce145e66a4686ff3a43b0e48dec60bf18bf75701

    SHA512

    33536573c834fffab7236dd96c22cbc3d075ab70b622ff7787381e5c7c262ab62e0252f0d07313c9227ccc8308cd93cd96373e57fa55a066691d5b5cfb55f5d3

    Download Submit

  • /data/data/com.lulian.ydcn/cache/cache/weex/libs/weexjsb/arm64-v8a/libweexjsb.so
    Filesize

    5KB

    MD5

    f053f58cc475222c94d81d61d7600a93

    SHA1

    b7907f8e325b153485da057cf5acaebdade8d80d

    SHA256

    9e17552a8bcb854602821b99d78397588d7b7db523aaeab36dfd0b463a564b8f

    SHA512

    64ebcf206c6558b9f9785e62288c64633053681263f3c983bf89402080b741d7175d324e9c9691b47bfe4c1bf2dd09cbda76e41deff5c9f9e0bb9fa890f6b985

    Download Submit

  • /data/data/com.lulian.ydcn/files/.DC4278477faeb9.txt
    Filesize

    32B

    MD5

    750282e61765f0419e6b5d35cc7adcd0

    SHA1

    873100ca3dae662aa53eaba06a4de8b5c117233f

    SHA256

    679e9a7b90300d8c7116a8e27e6ecb48fbd450d095969eedbe7c65be1ea777b6

    SHA512

    e6f4233ad150697762d7bdf29192474b6a18caff7e82d77c7ae21e5f38a2e37228188e0b95e2f549b6c4b06b407bc87281ae3e5a3bacda55a5c5bbcc07c49f74

    Download Submit

  • /data/data/com.lulian.ydcn/files/AppEventsLogger.persistedevents
    Filesize

    791B

    MD5

    15e736d3f1e3c27243f4afd34e1f77c0

    SHA1

    1a2ec762f643a53b2a98ddd226233b15ec347bf3

    SHA256

    23efef008f7972df75ca96af275aff1e75a85e063eda706835ef1a38ca6150a8

    SHA512

    24187ab25945ebeabd462c5a771e90f6e867d711eccd2daf08b70fe4fd15fc4dfdac19202ebd8669469bca41df4066c15a70f6e9ca722796b5c0ca993390a834

    Download Submit

  • /data/data/com.lulian.ydcn/lib-main/dso_deps
    Filesize

    388B

    MD5

    d4942d033bbe8879d396a8ca6d908298

    SHA1

    1925a5d6c55b1f31259c9f5c8d9ba9b8176b72ad

    SHA256

    2b56c2a62fb9d76b1a26784925408d40f40de8a519910b075adca78e57556edc

    SHA512

    6e5486ffdf18400f0ec3ce6fb45d655635fee7b8bc674b063dfbd71958bd7ddd926d1be8a07fa905cb837b23027055bc9cb63be1dc3bc1aa03776c38c37a606f

    Download Submit

  • /data/data/com.lulian.ydcn/lib-main/dso_manifest
    Filesize

    5B

    MD5

    c06857e9ea338f3f3a24bb78f8fbdf6f

    SHA1

    c5a0a2529d2deb60fec041b4fbd722a2ebe31702

    SHA256

    957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

    SHA512

    29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

    Download Submit

  • /data/data/com.lulian.ydcn/lib-main/dso_state
    Filesize

    1B

    MD5

    93b885adfe0da089cdf634904fd59f71

    SHA1

    5ba93c9db0cff93f52b521d7420e43f6eda2784f

    SHA256

    6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

    SHA512

    b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

    Download Submit

  • /data/data/com.lulian.ydcn/lib-main/dso_state
    Filesize

    1B

    MD5

    55a54008ad1ba589aa210d2629c1df41

    SHA1

    bf8b4530d8d246dd74ac53a13471bba17941dff7

    SHA256

    4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

    SHA512

    7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

    Download Submit

  • /data/user/0/com.lulian.ydcn/[email protected]
    Filesize

    69KB

    MD5

    02f69eb4fe05ebc6c9f736d83e5f7e26

    SHA1

    777d75e14a73f5721fc4ae34f49a9a4b82311373

    SHA256

    13502356b7d3f910107aeff131e9c4a2b892744a125a2d1a2a206b219dc36042

    SHA512

    7c1f5d68d40bf37aef2e59aa9a4f96d1ef642a8db7e53295953b0b5fa3a63cd7546c5cf8ad3fc17f6b84a795a08e13024d8dcb3db828ca3fad634964cba69bcc

    Download Submit