Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

75a8f1ec28...9a.apk

android-9-x86

8

75a8f1ec28...9a.apk

android-13-x64

Analysis

  • max time kernel
    2350079s
  • max time network
    160s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20/12/2023, 00:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    75a8f1ec28f58bce471a437ec2bd35276a8cc7599744e0b4db0348c6a0c9139a.apk

  • Size

    26.7MB

  • MD5

    9dd9e3df3a40bca5cae7f0ccb0f716bd

  • SHA1

    5a02a749e07431a95fee0e592ea95678890dd7e4

  • SHA256

    75a8f1ec28f58bce471a437ec2bd35276a8cc7599744e0b4db0348c6a0c9139a

  • SHA512

    4a2d6b256db384edf43512685fdf9dff818b7ce2d96c08f91178cbca8bf0567f18eee117cb9317a36c6eaded3caa005d7ce89b8333b176db9a0b0dcd4fa07f7d

  • SSDEEP

    393216:CULpzFwfhHBpAW/OpZNWL6jaU1910PbEeU1VO6ZNWL6jaU1D3Rp4VLdR82ZChhI+:Voff/Sn4S9aQp33n4SD3Rp4VLI2Z2hI+

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • rubinsurance.app.android
    1⤵
    • Requests cell location
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4248
    • /system/bin/sh -c getprop
      2⤵
        PID:4284
      • getprop
        2⤵
          PID:4284
      • rubinsurance.app.android:mult
        1⤵
        • Uses Crypto APIs (Might try to encrypt user data)
        PID:4326
        • /system/bin/sh -c getprop
          2⤵
            PID:4406
          • getprop
            2⤵
              PID:4406
            • /system/bin/sh -c type su
              2⤵
                PID:4475

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/rubinsurance.app.android/app_crashrecord/1002
              Filesize

              234B

              MD5

              018f8e9120dc037b14afe540ccf6b3ff

              SHA1

              0c6dbea4eb384281c1b5c0bd7fcacfc0d31169ed

              SHA256

              3b35df17087dd7e7bb442f7899b59a993252eeea42a993e0ac9ad4d5ec09031d

              SHA512

              b012d8dbd16495bdf8b176097d6333ceab002791f84957529ed3626819c0496a71a261a5c19a166c1d638fbcbaffc30e568d9dadf4c954c88c3e7486a5a56157

              Download Submit

            • /data/data/rubinsurance.app.android/app_crashrecord/1004
              Filesize

              239B

              MD5

              6537809695562f8b35013583236ee96b

              SHA1

              183e8444f5b399d0893e0846b7b9fe3e9cb59633

              SHA256

              32c4b954b68f4619ac8ed9005ed895312b3be714292fc4c090edb6a44054bb4e

              SHA512

              69257601dffebaf8a1773ac48f4112234425821917cf43a137e888decd7bbc3b43ca9d05b53274645e6a1ae5e890132adbd4d9a5e6c3e6d1d48631c49a07737e

              Download Submit

            • /data/data/rubinsurance.app.android/app_crashrecord/1004
              Filesize

              234B

              MD5

              ba53563a442b948403740ac0da7ad0d6

              SHA1

              a81bcb5c6cf86ac6b115f112e13e284b07b5bd68

              SHA256

              3028fb9c842dbf7981d34757b9cfba3f302c2ec972be24db27b5f54ab84d0031

              SHA512

              9a3946f054de56e512b26fe9bb5f230238c7d2766ee7bc70e98343f972b7ad6bab3007ee94f9bc189834c39bec9654405dd825a2efb04e4e78545ce479e98643

              Download Submit

            • /data/data/rubinsurance.app.android/app_crashrecord/1004
              Filesize

              58B

              MD5

              0d210bfb2a0e1f1b4c082a6a0f79de07

              SHA1

              bb8ed9e364db79d1d9f2fcde3f15091893222faa

              SHA256

              988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

              SHA512

              536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

              Download Submit

            • /data/data/rubinsurance.app.android/cache/InsCache/journal.tmp
              Filesize

              36B

              MD5

              37e8e716e0e2f4a0b05cd9571d95b84d

              SHA1

              f8d068f6931707bddb8cd69f706f2224ad1fea3c

              SHA256

              7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

              SHA512

              e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

              Download Submit

            • /data/data/rubinsurance.app.android/databases/bugly_db_
              Filesize

              4KB

              MD5

              f2b4b0190b9f384ca885f0c8c9b14700

              SHA1

              934ff2646757b5b6e7f20f6a0aa76c7f995d9361

              SHA256

              0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

              SHA512

              ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

              Download Submit

            • /data/data/rubinsurance.app.android/databases/bugly_db_-journal
              Filesize

              512B

              MD5

              13aa62572847900947466ec9831da8bd

              SHA1

              7603ab5ddc04ab0c8417e7d022e7a82781920c12

              SHA256

              f23aa2b6f014425986d8ca740c0357007d773277cd758589c7f61f8376365f94

              SHA512

              89d96f75cb753863423f5287979c6023993160a11ff0dddb08f3efd190c2aad5abccfa18ad7497bde3a00a748a408417ee1aa68c9d434844b968ddf153155942

              Download Submit

            • /data/data/rubinsurance.app.android/databases/bugly_db_-shm
              Filesize

              28KB

              MD5

              cf845a781c107ec1346e849c9dd1b7e8

              SHA1

              b44ccc7f7d519352422e59ee8b0bdbac881768a7

              SHA256

              18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

              SHA512

              4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

              Download Submit

            • /data/data/rubinsurance.app.android/databases/bugly_db_-wal
              Filesize

              76KB

              MD5

              ad16c04e12843e3768d0332b059d2424

              SHA1

              01628336e32265c9732a6317f56668d890728106

              SHA256

              7e8786442191f855379de2144015557074ecc12040bfb04a8dce4371c89f3f52

              SHA512

              319369cf1b0ac2c630d9c61ef7d170fa7ad8fe862f26862a2986d33ba0e83bfbc5a5d25a3619ef4835aaed1d5da9952e8cd1f830c37951a14b0571d7e76a8382

              Download Submit

            • /data/data/rubinsurance.app.android/databases/bugly_db_-wal
              Filesize

              68KB

              MD5

              b8f7ba4b7bdcc68c3943c99473ed8fe0

              SHA1

              765d9df08fc3ac43aa028e4836c239f1a2bdb61e

              SHA256

              aea9ae6e9b11296b9e33a756b312b9d5b94a33625c74a5cb35578cd0901f9664

              SHA512

              d0ddc1411e4fccc262cad4dc032a322f65d2459978c5ac7357a8be6dfc4053f2617ab7913dff90db0c3690e9cb33aefbc6cdee63f6f6875d849142de384444fc

              Download Submit

            • /data/data/rubinsurance.app.android/databases/cc/cc.db
              Filesize

              36KB

              MD5

              ce6135aa1b1fe4f2c2db2a546d2a5558

              SHA1

              79b59582154017aadab783dc266fcb158c252940

              SHA256

              7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

              SHA512

              2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

              Download Submit

            • /data/data/rubinsurance.app.android/databases/cc/cc.db-journal
              Filesize

              512B

              MD5

              18ea8142395dbd5c40a465296b452fde

              SHA1

              3b27eb56db6c5298f49af82b10e4934f596d6337

              SHA256

              6f4109a25c00ff4eacd6c446f653f65bfb1a0b33b5f2e1ccb6bf4a85d7bf6708

              SHA512

              bc1027c45c6f75782c807d3f59fe776ec2e7cfb4b8d9eab3c0f3cb9b696fe35091d6ebc11abf7da5518c9536fede1235b762f91de6106eb4d6da20b069f6c86f

              Download Submit

            • /data/data/rubinsurance.app.android/databases/cc/cc.db-wal
              Filesize

              16KB

              MD5

              173a4196913b84c30036ff83d072b2dd

              SHA1

              af3b9e7d9dac8ee6e469d5b6523caa36c9bd9e43

              SHA256

              f31cc6b6cda10393ab8a304cabe7acaa06876bd6c497b7b059f967ad014575d6

              SHA512

              c1e2f5a85e1b0be045f77a426ae005c555a89ea1a56b121c271278df2b96f71023f6a26ff10e2c6bc9d8ea24cb8bf5d29bbec25e259b66ab0a36ba14a402bdb9

              Download Submit

            • /data/data/rubinsurance.app.android/databases/cc/cc.db-wal
              Filesize

              16KB

              MD5

              294e76d050502f439be433dfc3393008

              SHA1

              f3f8e45776aaf5d8004a80eabad8cecbfc897af4

              SHA256

              50fb068e4fe1ea7097febb1f772cdead2d80daeae25c3fbc8716b0c595d7eb4e

              SHA512

              dcd3deaa763cfc64de9c156f13a229f5e1d081df72c6ca8ca73f9862e38059c4b8c4e3c588dbcf873cb9cbad7d9ba02af43be155557633b9f28692a1fc1a8f73

              Download Submit

            • /data/data/rubinsurance.app.android/files/.imprint
              Filesize

              996B

              MD5

              97a6fe16f87bee6618d3f3d2048db642

              SHA1

              10e12442d403fdfd9cbd50ce9fd11b76b0bc51d0

              SHA256

              ae2be9d3d50dfa4d4387c290605819df278107cf55c69277ddcb44ccfb9cb323

              SHA512

              8c67d9e765cf9248546473d4c598c0b8dcc0663059c70a63bf0c706be20a57e70a0dc6f00bcaf169d31f99d6a8df84ee5fdba67502a997069961a450e26469e1

              Download Submit

            • /data/data/rubinsurance.app.android/files/.umeng/exchangeIdentity.json
              Filesize

              162B

              MD5

              937fda2ff56871c8e6af2172c67f81a3

              SHA1

              cff5fee770881b8722bd10730de21a677f6db6b8

              SHA256

              d549d53a98403c0cccbed396629f5685e3a538f62cc072d52ff9b744c6eee739

              SHA512

              de585be21cf1e64972c17413e99403cdd7eb8ad50d669c089ab2c6a1191369d6bc6200996e3aaed68d6cd5e0987885cdea45492ec09aff4c686745a25ddf5e68

              Download Submit

            • /data/data/rubinsurance.app.android/files/exid.dat
              Filesize

              55B

              MD5

              50ce6ab9a942b42bebb08ded412be9b9

              SHA1

              0b4318785fadfb21007e3b51bd5ff4a378f743d7

              SHA256

              ca5aa3f1e876b7c3b099a2d4791c73a45bddab105e5fd6ac0d96ae1125846d10

              SHA512

              dc9c7a5b697393eaab2fb5f3398826e4b3af60f64b9a1ea8db85a8497b175db5509a390815378dfc3f77385a9634f77709d86fcc02fae2e654508c5e3a870b2d

              Download Submit

            • /data/data/rubinsurance.app.android/files/jpush_stat_cache.json
              Filesize

              146B

              MD5

              97b630c1b24ecb2404c4effbcbec9724

              SHA1

              3e82962bf2a5b71b0e2bb9ff9b55bbce28abbd47

              SHA256

              320b64aacb74811be173fdeb20c11fe3382c436d68df2786fcf05179012e4021

              SHA512

              f6d0051be080ecf9aba1d47609dbad907e05531bd7f64215521c2d63b2f36a67f5a6acbcd65f17b5932e0b9582b761492a770519351c3e1bbc2f9d16035848b4

              Download Submit

            • /data/data/rubinsurance.app.android/files/libcuid.so
              Filesize

              129B

              MD5

              9f7333dec404f2a5d715144f65ef057e

              SHA1

              ce0a24c6686b1748f8634e55d150ce2ec5e50f00

              SHA256

              5e7a3d52de726c66ca5fd42f34fbf87651028d3862bd8718a56915971b3b59a2

              SHA512

              97d73211aa06b17ff2eeb24d95b8ce8d79ba2abac3627f0d058ac46c96d1b03643477d313e8890d1147d765dad63ef070ccb66ffbc7064d301c872f8b3568ebb

              Download Submit

            • /data/data/rubinsurance.app.android/files/umeng_it.cache
              Filesize

              498B

              MD5

              b171bcf242b64b879a96093017612ea3

              SHA1

              9355a929a4d26d78d184028ee8bfda4760efee18

              SHA256

              be838b1edc98f16ea4a4deedd0b3c09f825cb70edb1c1bd7a8a10841dcc7c836

              SHA512

              b837eb151e18f7acaa2ff082d5f1d013f21ee661f49231def59b55b1a11cbb56815a89fd6e9a41493e28699f318621e642d2667db9fe49949d911fb48fad87db

              Download Submit

            • /data/data/rubinsurance.app.android/files/umeng_it.cache
              Filesize

              253B

              MD5

              a6ca3bea9380c71f8e6206258f2f24f8

              SHA1

              b34aeaf0a33ee88733f9f51db8f853fe7dd5cdb7

              SHA256

              0a47bb6bbcaaaefd174d047d69feca9a73ad19cb94353a13f8576fa7e7f8a6dd

              SHA512

              380bf1e0195cbb3b040a8826eb0768d7306534296dc9b0ae86340fee4fa420ca50c136ec88aef62946461257a54ba3f897b41faf2d56b9d09037b20f6e3f1792

              Download Submit

            • /storage/emulated/0/.DataStorage/ContextData.xml
              Filesize

              111B

              MD5

              596cd1848e2c2ff820d0e1f0d1245f9e

              SHA1

              e39003c2083da4c3e378dfcf1436e76902f5a7a0

              SHA256

              79cfbb86e68b31bb822dbb03ffe709f63f1861ef54e903d606090bfb19ba0718

              SHA512

              114543ae6e7c772f5f566b27b08da187abe76690fceb0c8a73e3309e28cb96597de3c32619cbabff27b93c3472795814138662704ac963b731c1fc0663934ec5

              Download Submit

            • /storage/emulated/0/.DataStorage/ContextData.xml
              Filesize

              213B

              MD5

              7ffa39e47374e9807ac07a2f91abd1c6

              SHA1

              2dabc13469413cab7a0e5539d9c3757c12179971

              SHA256

              3d06720176d7ea632a20862250617f0b6b4cda31c9b9bb8db38ee2ccd2ea8be5

              SHA512

              d89415752eb21a3269c13f89b243d55380c2c4d6013535ccdb597b23b6e7840daba23bc56e14ba0fd129fac646ed98ac994cbbdff29ef6847a22be8bc2e99e94

              Download Submit

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
              Filesize

              65B

              MD5

              9781ca003f10f8d0c9c1945b63fdca7f

              SHA1

              4156cf5dc8d71dbab734d25e5e1598b37a5456f4

              SHA256

              3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

              SHA512

              25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

              Download Submit

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
              Filesize

              111B

              MD5

              791ecea2f1eb9f6afd922f08098cdfb4

              SHA1

              ad03412b7778c220a9410e51e02ef408cd6c98ff

              SHA256

              b719baa49858a24255cc92a0ffe3d75358b4ff2ae306096bf125f24e3ee9fdcc

              SHA512

              022bbdbc5f4a7d96cb57d8ded9cc208beb3c5cbdfa10ede8185ac00298ebe9f5af05926b76ee51b201d02ba3f5ea9c977dfb96f4c5d06d32f711344893eb382c

              Download Submit

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
              Filesize

              167B

              MD5

              561026a230d1753c9202356bcee6ec77

              SHA1

              712b48f5de5ced611b57cd63636b5472972d79e7

              SHA256

              ebb1c5254182f3111ed0be23a35d4d95d267d7b2c4ded8829323198c080bf271

              SHA512

              bbc9a2b2f094890b0d2b4b92894a07ac16f2e9c2603607ecff2a5bfb03d5edfa2f85a98ae933576557beff61425388b3b991c77cdfde7ee5b0642f23fca66e96

              Download Submit

            • /storage/emulated/0/backups/.SystemConfig/.cuid
              Filesize

              89B

              MD5

              2c8737df65199580dda990a7e024e1da

              SHA1

              d17d2d71c770f97b349397d1fcfd1808aecdac52

              SHA256

              850e9e08ada4a6d6596ad734e4e2da15d338b8eacb5b286670ec38304db7f50b

              SHA512

              c6ab41a0522385e9580f3142e0a64bcfeb8fb0abf7ab5c880cac4563ae4dfa1419b01519ebe16d765d0a3fd65d8d88e267823f5c64a3afcb60a772fbcda65183

              Download Submit

            • /storage/emulated/0/data/.push_deviceid
              Filesize

              129B

              MD5

              ccfdd3bb08ce9d77bf0925d2edf856ef

              SHA1

              d8e8d71e85e96f2ddff34e6d42f3d0010d068cb6

              SHA256

              2b837af2e52a2b9ea7f45211dc2bb2ac2f2518f433e09d8dbda95cf8822204aa

              SHA512

              d5b07579daae303dedde435f6080430bce7de95c887a0b7267329f0fd9a88703005823f768cd2f577b948b7febdac0daca6d17b633a81c256e81e47f3428e70b

              Download Submit

            • /storage/emulated/0/data/.push_deviceid
              Filesize

              32B

              MD5

              7afe8056537945c6762a6a95e917fc09

              SHA1

              54874b87beb367649210d51090134f89a85a79e8

              SHA256

              9ae24295200efac6efbeb7d3cd570f64588c0e3313d9642711c7d7f5d2680d22

              SHA512

              cf1e4b48ce4d1a312ea8ac387e376c17a52482d56b554aea10d396445ad327779fec11dbb53f1b5d1f3d4a29c522a7462ff99ada50abbf1bd3b406594cda0cab

              Download Submit