Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

751165b58a...a1.apk

android-9-x86

6

751165b58a...a1.apk

android-13-x64

Analysis

  • max time kernel
    2288774s
  • max time network
    157s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20/12/2023, 00:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    751165b58a4902a03efaa9595cbc370efedfc6c455fa650550640b96b7a265a1.apk

  • Size

    22.5MB

  • MD5

    c2206ed1b232e6859843f85b299ea426

  • SHA1

    81d3542636881af8905145a41345f45b894a70af

  • SHA256

    751165b58a4902a03efaa9595cbc370efedfc6c455fa650550640b96b7a265a1

  • SHA512

    6ad423ff15d73e9ae1fd0468420fe516ce47048d7bf6cd73a79650f651673bc174b1fa559497593cbffdff5a86b09f802a894665648ac10048cfc41bacd2c6dd

  • SSDEEP

    393216:vQXmZVfO1+cVvpPPbUsMjSUylbz5Zmicp+r2tF9YM3c7gf/dgMRGm:vWmZpi+kFQjkp3mpF95sc2MAm

Score
6/10
evasion

Malware Config

Signatures

  • Reads information about phone network operator.
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • com.xgbuy.xg
    1⤵
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4256
    • cat /sys/class/net/wlan0/address
      2⤵
        PID:4314
    • com.xgbuy.xg:pushcore
      1⤵
      • Uses Crypto APIs (Might try to encrypt user data)
      PID:4293

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.xgbuy.xg/app_SGLib/libsgmainso-5.1.81.so.tmp
      Filesize

      591KB

      MD5

      c85e8919765cc22095d1b8e40601e34d

      SHA1

      22d48933b9f30a028cf4c9d993f59c767f9e8e35

      SHA256

      f4ab50b1188cc9913c106f1f661162cb7db90aa288a90fa6bb41c5938b6afa8e

      SHA512

      6715ed9290b868a5733f6c6001e9de1375a381b5f61552fc0adfd825c72977cbd34a347f7fecad8cbc798af7b5ef59f4a23bbe6fedb714e4dda65a1e5921c08e

      Download Submit

    • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-journal
      Filesize

      512B

      MD5

      1ba7043d9659276be66bccdd9001c738

      SHA1

      e5bb7458daaf59e6b83847e803fe6a0a3041dee7

      SHA256

      73f82e1adc1c9cc08a4f55700427cb732158737d903c5d48c27fce0dc7fa6b76

      SHA512

      6735ae0228eca76f808ce780d098ec54b161c8cf87607c1997aca1001b7fbdf552b594afb1e4fb23f25610d0e35744953d40db629f5ffa88121cc3266bcd999b

      Download Submit

    • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-shm
      Filesize

      28KB

      MD5

      762be1de62d73775c8b2c2cf302effdd

      SHA1

      b04f656076712ec311f6ab5c08a0ab029224a990

      SHA256

      95c857dcac017f45b519449766a01a99701789f80bfdb93c17e27c0e9ba38c56

      SHA512

      d582da920af4851299293bb4faba39d4feec74f1742067fafe879f548e26d3ded81fa457e07253dc4135d0bbffd4432abede31faadaa3ae9c695d325fe71a1e1

      Download Submit

    • /data/data/com.xgbuy.xg/databases/ThrowalbeLog.db-wal
      Filesize

      32KB

      MD5

      f3347cec6aa6c987afb897fbc85210ec

      SHA1

      819ff366ba4017413fb47e76ffae160e50a5c9b0

      SHA256

      3a10a13e66c8b803b4e35f976e64efe47202ad82a54f0a8f63d13e1e54a67191

      SHA512

      276b89d57dc01f420c82dc55a6ab899a03d1c7e02835afedc063ebb8564de665a5b76bebc85396f50343f8d80eb906627aae1b1e3ab731b7e604c4caa25ff064

      Download Submit

    • /data/data/com.xgbuy.xg/databases/xinggou
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.xgbuy.xg/databases/xinggou-journal
      Filesize

      512B

      MD5

      32de983f7b9f0f024807d51fb2cad055

      SHA1

      151915e13784535c9f4452e4acc7d86c13119394

      SHA256

      a2b6d5806be0e77f3f5640d685ea50aa5b441affee9c4540b95732b49fecfb48

      SHA512

      f871fbda15c34746e5aea6429ebdc9bf5fdbc79adba48434bde05221f99002616aed8eec7c23091a2df15152058886b321aa1089af60a185e1c0ae9a451699c8

      Download Submit

    • /data/data/com.xgbuy.xg/databases/xinggou-wal
      Filesize

      16KB

      MD5

      0268bfd376b545abd3371382f04acae4

      SHA1

      468d0148a8e7b90836851bff9fae7d9c25dcd759

      SHA256

      3f4baf696153ee11af8f0fbbe1267698dd5ab774fd2c67520932f31e33338c10

      SHA512

      2941afeb90645c2ef4224c91fde22b3e71ae7d0a3d39f7b5045d8d0414b553f27fbb0f811a2199b14aed3b4ef0e66a93f0391f0d0e26c2ec247cf82cb31f8add

      Download Submit

    • /data/data/com.xgbuy.xg/files/jpush_stat_history_pushcore/normal/nowrap/d631a52c-9283-40da-a68e-140f843e62cf
      Filesize

      202B

      MD5

      86916e15419775154f72e3618753e6ff

      SHA1

      3ad54b85983816e6e5f188f3041b8ad1dee60aa8

      SHA256

      2e1fbf7ca30cc7eee0a3cb2f25413b7713d72344d431bccf3e54b57ba1a9617a

      SHA512

      d1c2ad80c73ad37d120bb3994b0f776c9f455df66462e6d3eb75e98d52528d4413783b109e7964b11b85e69e56ed8a5bffee874c7d41e195a467706b131cb310

      Download Submit

    • /storage/emulated/0/.DataStorage/ContextData.xml
      Filesize

      213B

      MD5

      6f36a2f770d7450c257a4de8abf0e527

      SHA1

      08ddf70bad921cbb21feabe6ffaa3bdc7ec46d3b

      SHA256

      1b6d032990dbe04d0819e644b5d7c7631f1ea891252a106077e24ba04a986b9d

      SHA512

      aa4d694d4c62d349d71c41cf055c011c85fede33da0a5f74bfdf341487ebc74671681f1cd6cc65701d702800a804cc89ebf69b01bf0a3ae9fb0f74071b31f937

      Download Submit

    • /storage/emulated/0/.DataStorage/ContextData.xml
      Filesize

      65B

      MD5

      9781ca003f10f8d0c9c1945b63fdca7f

      SHA1

      4156cf5dc8d71dbab734d25e5e1598b37a5456f4

      SHA256

      3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

      SHA512

      25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

      Download Submit

    • /storage/emulated/0/.DataStorage/ContextData.xml
      Filesize

      111B

      MD5

      3d09f10fa625d1e7519c4f8fde07adbf

      SHA1

      d44d68ac21d446323f2a1a7944c428d9fa925a2a

      SHA256

      a2eea7d6765546e9ef3389680ead704e2fde23be665574988261b804bc90abec

      SHA512

      21d377a0368380ae5a447728ca950857925469b4c6f6f92f196694ec6bcb17752822b2891054665f90ec7230cf37953b1bf483de5597210372d533f9de9cce87

      Download Submit

    • /storage/emulated/0/.DataStorage/ContextData.xml
      Filesize

      213B

      MD5

      a4bb189f59dd61aeb582e33c04100f9f

      SHA1

      2cb79fd476914eeaf8b288b6910d4d5b397bee5e

      SHA256

      15e10fee2d3c733ecb29cfbefdcd26c1810d52ff8422c9ce25ec718da4c8ac47

      SHA512

      bb9c4322ac9ac667cb933fcf23b32571384aadaa823649b2ae9cc5716b4d4e494b8bfbf6103124338d395b4520dbae6cb24b62cfe193a890e6311026f0d5e401

      Download Submit

    • /storage/emulated/0/.DataStorage/ContextData.xml
      Filesize

      111B

      MD5

      10a2c51cb2ededdcf3d36ea235fb5518

      SHA1

      9c7de63831ce6dde60777d3de31a4592e5bccb2d

      SHA256

      3f7c8a106bc9ca4e59411a027747f0b85fda5742b383e550876c96eb46411bab

      SHA512

      fdc36c7920bf08fd49405793ad0ed52593c3090861d3abbc68b917adc4cd33ad1f1de3148e45c50a83899845773e9e8ae65e409b4ab3d9afa9faaee2ec6f1317

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      167B

      MD5

      b3a239e8865c86dc363eba1f9264264d

      SHA1

      6333851fa75a2d8d097ace83ce71eb265f022e9f

      SHA256

      95640f9596f29d18ad75cb565dc65827b8d366bb9a1919684a7d199062253512

      SHA512

      a79d367dc7d60c2445bf94af1ee5871b684bddd4960cd545b8c4d047cc01f02f32f821a647870430eca0cf9718b066f1b240746ff4b559cf299a43eef6c9c213

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      65B

      MD5

      3165b6223fd576ea13dfba4637cd1cd6

      SHA1

      06f6af9d4f8d8214a94ef7056192121fa0529f60

      SHA256

      53842f6eb242ccc4a15ddec970713fc7399a6f519a617b9f1c6e27c43bbbaef7

      SHA512

      94218e95771b05c4303f803e69c5a614b4d67da205252ecb4ef2c224676c1c3f8ddbce4b76aa1503abaffff5a185f26f405cc626d69ad3bdb9588c5764162421

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      111B

      MD5

      79e5bf2f4534fe468a505d1d9ce851c6

      SHA1

      d6b99cb66ae3884af507c6e0a688e1daed160c8d

      SHA256

      628717e444694587894c5882528a549cbb0820a2f2127051189efa6248343d8b

      SHA512

      f3bf772cf5ba511beaaafc34845ec843a75994fe1f68ed7fb70192de3e479392204beb7058ebe2ab28948339a7a97dccbfb47a100460a046f57040623e22f450

      Download Submit

    • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
      Filesize

      167B

      MD5

      29d0b391bbbed286f62a29904fd3f8a3

      SHA1

      f6f4db284f91895bbd16b407fc07482648b3f183

      SHA256

      92ba07545af977045374107e2dcd75c8eed7b50bf568f280b74abd16e3567ac3

      SHA512

      a46aceca2b73a2fd61e083fea83668e0db7bc9ed7097ffb1515b5f182f9d3eec4d470fc36d7b2125cd0d520e5ab04699d667752c240531ee662d7b36236a8485

      Download Submit

    • /storage/emulated/0/Mob/.slw
      Filesize

      66B

      MD5

      19402718bfb1c685a726b4e1d846ad98

      SHA1

      02a7e30044a67085f2f1da24e16e4ecfede65b72

      SHA256

      079f790e6a1934a94542559f53a89a824aafd3173d956b6019291955aeeb33d0

      SHA512

      25254318c22cfd301c8bcd479f45797d502b6ab5f14265dadfa3d87b4dd1942a629d3cbc2f0b600cf73b4fe910e3773432f56a0a7b4343e280e20c5a6af0320b

      Download Submit

    • /storage/emulated/0/Mob/comm/.di
      Filesize

      57B

      MD5

      70a42cba408700f9a6c01c7941a8829e

      SHA1

      eab01cc2c0671538795fb0b1146017dc099d0984

      SHA256

      499576707ce2623293166979e59c832be5b8636c64ad39aa63ebcf961910c35f

      SHA512

      8900d4dc8eed0430babbacb72942401bd22ef7fe5430cad90d3ce0c2c53010220d666aa0e2eb1026f3ec81d574c7fa12585b49222a5f15b01637f6ba134fe70c

      Download Submit