Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
2207285s -
max time network
134s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system -
submitted
19/12/2023, 15:55
Static task
static1
Behavioral task
behavioral1
Sample
55b815c4fbf2d56d0b1179b5375fe4cf.apk
Resource
android-x86-arm-20231215-en
General
-
Target
55b815c4fbf2d56d0b1179b5375fe4cf.apk
-
Size
7.3MB
-
MD5
55b815c4fbf2d56d0b1179b5375fe4cf
-
SHA1
07a7871921c263f1b1724229ec24e968bffecd70
-
SHA256
fbf03b43724bc39fa1fdd28e15f7ca1556d9c561dcf2cc7dd25a3f13aaab47d5
-
SHA512
90d16a92a91f36104df733ed0204bbc46734130c377dc86982c02efcfc96a8d84a1f67a6b99fac383aaa973e223248b9914f8dbbbc645103c1450cb869244cf6
-
SSDEEP
196608:oSsLa3DUbszu1DYBBzGW3BAWQpR3r679a3SCzo1Eqy5nz8+CGudk:0nIu1U1xBqpl+79YoTGrCGudk
Malware Config
Signatures
-
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.annlover.ch.core/files/__pasys_remote_banner.jar 4321 /system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/user/0/com.annlover.ch.core/files/__pasys_remote_banner.jar --output-vdex-fd=77 --oat-fd=78 --oat-location=/data/user/0/com.annlover.ch.core/files/oat/x86/__pasys_remote_banner.odex --compiler-filter=quicken --class-loader-context=& /data/user/0/com.annlover.ch.core/files/__pasys_remote_banner.jar 4245 com.annlover.ch.core -
Reads information about phone network operator.
Processes
-
com.annlover.ch.core1⤵
- Loads dropped Dex/Jar
PID:4245 -
/system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/user/0/com.annlover.ch.core/files/__pasys_remote_banner.jar --output-vdex-fd=77 --oat-fd=78 --oat-location=/data/user/0/com.annlover.ch.core/files/oat/x86/__pasys_remote_banner.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
PID:4321
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5832714036c1ab40c67522daf9e07a551
SHA182b51401671972ddcf62787f0390b9292cef3ea7
SHA256562f18b12ef54a6bf62e6d8eb2ab9c1142cbeab759bed7b2ce8cec0c7ff1c09a
SHA512f181f46f3ccd338c35398fe3967ef7eaa59c710567f9be33e8d2c23aa838acd7e720ac4a09e8b5b8b7dad95af8ec794cfc70147c6c4d2a208417c5d3ae1797c2
-
Filesize
88KB
MD54f956ba7a5e3f0d5fb2c80d51ba0eaa2
SHA1522b2dbd4e070bca9598daacb41ec1db4b9a2e16
SHA2560df4011599ef907e1d84c2806f9103aa50fa4a1e77f248d5b7d9387799260b50
SHA5123d13cd673c80fb8fda1b527429b6739a9e8924425c3dd633622597a5956cf188405ce70d9435bd54ca69f228fa5c38c39f950706c82f0f9d98e1c43376857b76
-
Filesize
248KB
MD5c31999f04bd8f06eb46463d6377ced9e
SHA1ebf3f0520b2869d35b0a9e51a293f748dbcadd98
SHA256fc9323eb899f392d38dee1e26e29d3e3d41b0f61fae809be9aba1c8be7b9c004
SHA5124fb1a002f4c75b59274921fc9c2c1153019eee4ec6111b473aaf64ef5dd0fff6b26c744ea5583e41205e4d24cb3a8e8e9c58c0dc07bd8736dee8e14940660f91
-
Filesize
120B
MD588319f8a6b1a4680f091f3339e363b7a
SHA179b23299db936e7d1b2d113085104f0dae296f25
SHA2562c21da95f54130d9002f1d85cf87bcaa7c98a7eb94df011eefd662c509068fa2
SHA512ab740797c71bab593f9bedc2db140589aae9f4eaa386a955b0c729684c6c5599ebbed9a08fef0cef2c630443008569cdc4125b06b067f2ca4a8fc2f95f2dd35e
-
Filesize
375KB
MD5fec2de346cfb5ce2347d36e1a3e51680
SHA17fd2106ad90c290e9dfdf8f67a64ce7a094ca4a6
SHA2561a02b6d581357bef05f833d94ecc92c8bbc411956ff7076fe4a703d63b54b004
SHA5127d091a36e9a09bcf15b73361ef72eba4f9eff7e0d881109b757e2843dd18f13e71e48a64dcc2336695b538dfddc0927ea8f4b0b63a30cc55d27eff3f55b06da7