Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

UGREEN1.1.8.apk

android-13-x64

7

Resubmissions

12/12/2023, 05:27

231212-f5tkasffam 7

12/12/2023, 05:24

231212-f3vpksghf5 7

Analysis

  • max time kernel
    1552031s
  • max time network
    139s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20231211.1-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20231211.1-enlocale:en-usos:android-13-x64system
  • submitted
    12/12/2023, 05:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UGREEN1.1.8.apk

  • Size

    34.3MB

  • MD5

    2f7a1519274f7004a452efb5e344eba8

  • SHA1

    f39616312234ab0a0c44ff19a7a566be207318e6

  • SHA256

    e6041dfb67e151c558ae98c807d6d632819a400a899c66200480325b235f71e7

  • SHA512

    94e21f3e2357e1a9cde66df3128e4952dd4be347d4aa3d85aaa9d23e22b560928ccfd147e1c9a4d99a7671edcebe15a8300f6d974894db3e418a548a430f178c

  • SSDEEP

    393216:kHeT7z6IbU1W/prZmusL2pGs3oH0M/ByWqq9EjOAoF0yPGc6DMJiQA0RM5T6Zfto:ku7lU18pEusLldyW8OH9PGlMJknqnJni

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.lulian.ydcn
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4245

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lulian.ydcn/.00000000000/39285EFA.dex
    Filesize

    69KB

    MD5

    75a8168e7080b90fc2956592c268371f

    SHA1

    3702da56d31f381525473364f031dc884e37076d

    SHA256

    0b9c032080788add7f5989d0ce145e66a4686ff3a43b0e48dec60bf18bf75701

    SHA512

    33536573c834fffab7236dd96c22cbc3d075ab70b622ff7787381e5c7c262ab62e0252f0d07313c9227ccc8308cd93cd96373e57fa55a066691d5b5cfb55f5d3

    Download Submit

  • /data/data/com.lulian.ydcn/cache/cache/weex/libs/weexjsb/arm64-v8a/libweexjsb.so
    Filesize

    5KB

    MD5

    f053f58cc475222c94d81d61d7600a93

    SHA1

    b7907f8e325b153485da057cf5acaebdade8d80d

    SHA256

    9e17552a8bcb854602821b99d78397588d7b7db523aaeab36dfd0b463a564b8f

    SHA512

    64ebcf206c6558b9f9785e62288c64633053681263f3c983bf89402080b741d7175d324e9c9691b47bfe4c1bf2dd09cbda76e41deff5c9f9e0bb9fa890f6b985

    Download Submit

  • /data/data/com.lulian.ydcn/files/.DC4278477faeb9.txt
    Filesize

    32B

    MD5

    7db83e33754febf1d7535d7344a90144

    SHA1

    8119c950b2b969065f9af5264bbc71ea69aeef1b

    SHA256

    6b29d4af6693f42a3a8866921d317cc9f6867c9aaba4a9c8919355eaae9e28ca

    SHA512

    df3580e849182ceab56dbf1e628248a4052fd650e6637633cee51a1c438abe6a3d22ec06920e686c8a7ff004ecf17d9c559dfdb57b3a8625e3b3ee01f720d6d7

    Download Submit

  • /data/data/com.lulian.ydcn/files/AppEventsLogger.persistedevents
    Filesize

    403B

    MD5

    a9f13a176e01f5f1c40c6ded1da3325a

    SHA1

    2692f1cfb4df882143a0e89edeabccfd32a9e04a

    SHA256

    c4b9acd1382b9521c678021e6f9c7b33e64ff42eb30af52e93dd286ffe0e9a71

    SHA512

    d5d295cb1d17dcf9ce346c06bdda750472a657b7754428e6e28399adde2a339256881496aa591f17acaa904100dfc4ab5594c7e013b620d2ff436562834cce57

    Download Submit

  • /data/data/com.lulian.ydcn/files/cnc3ejE6/eje3cnc
    Filesize

    35B

    MD5

    762298b93820a5cd8b6d8ec469078f7f

    SHA1

    d5b02a2ff3b235cd2b61ceff53a1d88b8984477d

    SHA256

    dc3f98a33c26c2796dc294b354831fd5ca9796295f4cb38479c80b145d4807db

    SHA512

    70f864211ce16679d0538abf9b7071d27c2d22ae458e32409d20065032c762dd186307ef33ede90abd9ac794a4ced8b163404e9799c05f0c515337249684311e

    Download Submit

  • /data/data/com.lulian.ydcn/lib-main/dso_deps
    Filesize

    388B

    MD5

    8b5675eab2c0ffb6a4ff0abbe4388302

    SHA1

    97a451a6154204888e352c157b3db320488bec24

    SHA256

    4adc20a5c26e32d8e8c5d763fa22e06761cba602c5cd7474918c1d8c4641fb4b

    SHA512

    af389fedb9f5a6c0d63b508028e03bfc992de99409623fa8ada9121eba42aa0ce913754ff78369f28e9aea25f63d428b5bf11ff33f1b13a8d1c82a0de254c1ae

    Download Submit

  • /data/data/com.lulian.ydcn/lib-main/dso_manifest
    Filesize

    5B

    MD5

    c06857e9ea338f3f3a24bb78f8fbdf6f

    SHA1

    c5a0a2529d2deb60fec041b4fbd722a2ebe31702

    SHA256

    957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

    SHA512

    29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

    Download Submit

  • /data/data/com.lulian.ydcn/lib-main/dso_state
    Filesize

    1B

    MD5

    93b885adfe0da089cdf634904fd59f71

    SHA1

    5ba93c9db0cff93f52b521d7420e43f6eda2784f

    SHA256

    6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

    SHA512

    b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

    Download Submit

  • /data/data/com.lulian.ydcn/lib-main/dso_state
    Filesize

    1B

    MD5

    55a54008ad1ba589aa210d2629c1df41

    SHA1

    bf8b4530d8d246dd74ac53a13471bba17941dff7

    SHA256

    4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

    SHA512

    7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

    Download Submit

  • /data/user/0/com.lulian.ydcn/[email protected]
    Filesize

    69KB

    MD5

    02f69eb4fe05ebc6c9f736d83e5f7e26

    SHA1

    777d75e14a73f5721fc4ae34f49a9a4b82311373

    SHA256

    13502356b7d3f910107aeff131e9c4a2b892744a125a2d1a2a206b219dc36042

    SHA512

    7c1f5d68d40bf37aef2e59aa9a4f96d1ef642a8db7e53295953b0b5fa3a63cd7546c5cf8ad3fc17f6b84a795a08e13024d8dcb3db828ca3fad634964cba69bcc

    Download Submit