Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

7cb9b252bb...10.apk

android-9-x86

7

7cb9b252bb...10.apk

android-10-x64

7

gdtadv2.apk

android-9-x86

Analysis

  • max time kernel
    2333334s
  • max time network
    136s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20/12/2023, 02:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7cb9b252bb5cb992477ba5755d5be902ce0d601cd6f4ced093e956c511e9a610.apk

  • Size

    3.4MB

  • MD5

    ed52e930604fb654566fbba2ed5ed9f3

  • SHA1

    5a71c7c70d25338b6298eb007f45dfa647d741ec

  • SHA256

    7cb9b252bb5cb992477ba5755d5be902ce0d601cd6f4ced093e956c511e9a610

  • SHA512

    b25d72e9598a987c47d83c30d18be05c1131b54141dd15879a84a05033e742e6c0b9629a4d1aeaaee0d17cb4fc661ade161bf5510838f40a855a3dec439239e4

  • SSDEEP

    49152:MvJZog1euGlJyjB9QkEaUcnj8hgjFmXMOjycys8F6fuRmg8f8R+UV32mvg+DHn:oog1uJI3EW8h8Fm5wsy6nf7o3P9

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.fansapk.rootex
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4207
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.fansapk.rootex/app_e_qq_com_plugin/gdt_plugin.jar --output-vdex-fd=43 --oat-fd=44 --oat-location=/data/user/0/com.fansapk.rootex/app_e_qq_com_plugin/oat/x86/gdt_plugin.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4236

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.fansapk.rootex/app_e_qq_com_plugin/4207.yaqcookie
    Filesize

    8B

    MD5

    243a08fc1a6c89b9cf2a4f83f0eeb536

    SHA1

    da333efce56f05b4f8524ad12ab72c533b67752d

    SHA256

    ec6d72528f18a087e22ee5e2c1ba5a13cb21c6fa32d6a32de161b22246db0387

    SHA512

    8c3a1ab4b6589625dfacb505f4c25a27bf6f363c3d182c13f5595587006fa4c21009a8fcd2f83f1e29dfc7426d33a663c6f7c583a1312a44a5d1f547ef0f24cd

    Download Submit

  • /data/data/com.fansapk.rootex/app_e_qq_com_plugin/dexMethod.82894129.dat
    Filesize

    19KB

    MD5

    3acfe76baabcb969976d077c4e54bd26

    SHA1

    cdcdea070d695c104ff1b2d7892b9919a9de51f0

    SHA256

    f274afb6f7bfd34d5ceba3fd787eada5f07215227b6f774081a4a3d6b05adec4

    SHA512

    569fe1c4c587157c4ece555e9faad45ca9317c7fb9f22eecc213e7dd35fd17fec4c556c26a3d87c8e53c3783d27f5a5cd2f84080469cc999b2859abdfa355c14

    Download Submit

  • /data/data/com.fansapk.rootex/app_e_qq_com_plugin/gdt_plugin.jar
    Filesize

    420KB

    MD5

    f0ee7f7dd1ef4e5cd436ed6e1c609e5a

    SHA1

    7d112abb7896294b075721b0200f0812ed65a418

    SHA256

    0906bca7332f10d1bdc98b04eb5ad9de2af5da0590b5615aa5f66852b78d9369

    SHA512

    5912538f74fcbe24bba5e3eef2804fd160ccd002bf144e30dd910c9d52d6a3e2dc172a3baa1f6d64ed93346a9b1d4760ae17ec6d1c7c8a4de8cb9264b82bf2be

    Download Submit

  • /data/data/com.fansapk.rootex/app_e_qq_com_plugin/gdt_plugin.jar.sig
    Filesize

    180B

    MD5

    f2bbab793b52792b316596ceca701a06

    SHA1

    3d75c7168bd20f6fcc6a1c94ed795d13083237a1

    SHA256

    af3a3f4fb158ba74777c74e5410dd3385487c69197bdd9105339ea62b9c4dc3b

    SHA512

    21c10c125e1d20ec532df3645eb4e83e77a5e11c7e5b2ddff127ac781f77d6cad435ff5827d3fa82f94ab484b07ace876ac8e22eb224f2768fdc56dcea7334df

    Download Submit

  • /data/data/com.fansapk.rootex/app_e_qq_com_plugin/libyaqbasic.82894129.so
    Filesize

    76KB

    MD5

    e8d551b97fc755c3f8f63f29b58529d3

    SHA1

    24a3a44e1747959775ae3de24ced778c2b764f1c

    SHA256

    b806e1ecf60b82ebdbe5984775bcf8abc1dbd0f9d999e67b594a65eb286b43dd

    SHA512

    e41e064f10f682ced199a699754bf32088b365c074ec8eabb04142bde6c0d70b5f6f1c46caff12977d39c586a22196d8abcd99123b02c9e2da65763afe3f30b6

    Download Submit

  • /data/data/com.fansapk.rootex/app_e_qq_com_plugin/libyaqpro.82894129.so
    Filesize

    57KB

    MD5

    0282eea6954ad2fc7f833ef0bb9a0372

    SHA1

    0300c9cd7000831af0ce6ec5e09f268ce629b20f

    SHA256

    90a8f7e58a17e416d42b686e9864ee4a2ec4710a043c22c349dd5e55bf0084ab

    SHA512

    96e30e773d18227ef7cc4332616c2d317b1a79ff1522928aba5956b916c4167c65fec4a8fd4b369d671f55016d0a21ad6ab3692a5bd0d25be2355f88c366fe5a

    Download Submit

  • /data/data/com.fansapk.rootex/app_e_qq_com_plugin/oat/gdt_plugin.jar.cur.prof
    Filesize

    116B

    MD5

    c5853f4e00e0240db48f821cb559afe8

    SHA1

    6da4c1112cd8adc5c6761773bd5031533753ed96

    SHA256

    0fb6d3dbe09820520292ca54aa002b585e99c17572b8d419fb86530885cb0c4e

    SHA512

    ae15e8633462e4db96ee61870e3605c10da198c29f5362ac8d370c6939e671ef97b37901eb953058dc57d4e259c2a6f6d29bc6f7bd7de3ab5852ba617f4d268e

    Download Submit

  • /data/data/com.fansapk.rootex/app_e_qq_com_plugin/update_lc
    Filesize

    4B

    MD5

    dce7c4174ce9323904a934a486c41288

    SHA1

    e117797422d35ce52f036963c7e9603e9955b5c7

    SHA256

    0c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f

    SHA512

    d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143

    Download Submit

  • /data/data/com.fansapk.rootex/app_e_qq_com_plugin/update_lc
    Filesize

    1B

    MD5

    0bcef9c45bd8a48eda1b26eb0c61c869

    SHA1

    4345cb1fa27885a8fbfe7c0c830a592cc76a552b

    SHA256

    bbf3f11cb5b43e700273a78d12de55e4a7eab741ed2abf13787a4d2dc832b8ec

    SHA512

    91972aa34055bca20ddb643b9f817a547e5d4ad49b7ff16a7f828a8d72c4cb4a5679cff4da00f9fb6b2833de7eb3480b3b4a7c7c7b85a39028de55acaf2d8812

    Download Submit

  • /data/data/com.fansapk.rootex/databases/cc/cc.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.fansapk.rootex/databases/cc/cc.db
    Filesize

    36KB

    MD5

    ce6135aa1b1fe4f2c2db2a546d2a5558

    SHA1

    79b59582154017aadab783dc266fcb158c252940

    SHA256

    7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

    SHA512

    2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

    Download Submit

  • /data/data/com.fansapk.rootex/databases/cc/cc.db-journal
    Filesize

    512B

    MD5

    ff78f710529feae22cf5c053e11fec8a

    SHA1

    b21dd12c6ce1a08b463ebc0f756699060bfd015a

    SHA256

    a7fe110a9391469cfd70ca6f5ac2740bc1edf4e021d43244c96d59f7b6dd9ec2

    SHA512

    170a3b5699d3925ae68374858f3317e549ae8094ab70a5ab56220e6c16759912250273530b27d11a5661e2f89b28bc7752e7d8f00e24e5188f80f17c94e91826

    Download Submit

  • /data/data/com.fansapk.rootex/databases/cc/cc.db-wal
    Filesize

    48KB

    MD5

    c248f8a8b1cbfd392534d297beffb11b

    SHA1

    08cf343eb500e893bf7659eca62c960ea6b84b67

    SHA256

    d7569637f9f912211745b3896f77f80855664cac1d8e475a7074d5309e2f3d55

    SHA512

    37fbff54c4cf31f6d0a945c4d794b9eaee3e982517fda1be5c179bd2bab59ad8d5224d04ead4031237fc8aaff3f8aeee494e579e5b40b61bfa25feab83150d23

    Download Submit

  • /data/data/com.fansapk.rootex/databases/cc/cc.db-wal
    Filesize

    16KB

    MD5

    e911d8f3bfab3c21223fbdc47b44bb01

    SHA1

    a25a1cb2accf312ae811a7e02227b39bfaf0d963

    SHA256

    93f8bb19c405cd5dbac8d7b2de787dd9def54e57462d7a45ce58176756a46b08

    SHA512

    131c19bb27b78383063ea920964843973825f634332861f34d18d89ba7da8d45b88df21a4aa17a7dc3f9bab30006bd42af7085360c8cd7a6e2e40879d6b95876

    Download Submit

  • /data/data/com.fansapk.rootex/databases/ua.db
    Filesize

    32KB

    MD5

    18c001d38111c99f3116ecea8fcc8792

    SHA1

    1031f4a0a3adb2eaf1ccc398d8fc17b9bf0da4d3

    SHA256

    405b07c1353410ca714b022f6d1d4c0c4420c0d1c9772eb672335d0f2a938f31

    SHA512

    9566e11f8b14dc117ebd87f791caf157f329e5e099597e35d2f8fcc493f9340cc517f413f10ac68259d5d519eebddb08d3e746c905e203229f4b74b5fba38fd5

    Download Submit

  • /data/data/com.fansapk.rootex/databases/ua.db
    Filesize

    16KB

    MD5

    af300f7e4aead9d251cdec5c1d9736ce

    SHA1

    2b1a36541e72fcb2c3db3677f4234e9833ca105a

    SHA256

    829022c0cf788ddb381fbd07baf6c037ce1b34323cf3485cb8e5861fe7b7973e

    SHA512

    7cdba7c402d76f878285180c5ea8d09215453b1e4578c28588a6fcfa6943b55fcef341fb240e439d37fbff56b9cfa4fa299fde63769d8e53a168f925792f04f1

    Download Submit

  • /data/data/com.fansapk.rootex/databases/ua.db
    Filesize

    32KB

    MD5

    d604a3bf1f8d992cc320ea5b1f7609bd

    SHA1

    247f88df0b55c7d523ea5398637711a0e4a483a4

    SHA256

    329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

    SHA512

    67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

    Download Submit

  • /data/data/com.fansapk.rootex/databases/ua.db-journal
    Filesize

    512B

    MD5

    4056d22154c78a13fd1d878a0f487e10

    SHA1

    982769a6cce51c97ccbc708d64c2824053dcf230

    SHA256

    31e2e8d44a338d20fb0495f8be1bac4c23ffb38ccac1be59b0387ed22130fceb

    SHA512

    559b3bffbb21420cd04a6e2013f373fd4e09d653b2d28e4b67344d12cef77b814a93623a59c7a0c7bd71fca1ddef6d94369c3d447c67e1a77aadd6f4af795039

    Download Submit

  • /data/data/com.fansapk.rootex/databases/ua.db-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.fansapk.rootex/databases/ua.db-wal
    Filesize

    56KB

    MD5

    30dcce78ee4f4e9108d32d79d1db4e11

    SHA1

    ea1efa928ffb4c01a8946a27cc33c2407d45ba12

    SHA256

    f20d1bbd9bd0be72914045ffe11626f8e19bf28365ecd4ff13c95d6aa2c205a6

    SHA512

    1d9cea903ce8a9ce53398e26734637edb45fb179090e38a79634f0f9322ee4c7841a149b309b3e4ea833ddfeb3edc2a3165dc425b4bf91d5b67611e97b1c5436

    Download Submit

  • /data/data/com.fansapk.rootex/databases/ua.db-wal
    Filesize

    8KB

    MD5

    8eb6349145d1f701b00d20d52f0e63ec

    SHA1

    46cd8f27f0e2eef43609ff1d5dd125f78fe2e67c

    SHA256

    0d4b3f303922ad428aa11b1f8d0285227b562e50b257afe331851184f7e7592b

    SHA512

    265ae287b30b7671b26743f2d1fd790b8526bf032b96fc52209bb0409c15f5263983adbfe24dae6a0ad49c77b0e77348253402402f26717a5442e27ddd604be3

    Download Submit

  • /data/data/com.fansapk.rootex/files/.um/um_cache_1703140383432.env
    Filesize

    1KB

    MD5

    9ce51aa9427ec30112e606a6e164fe02

    SHA1

    af67f8e5134be455e1648ae604fc55c6723b2b01

    SHA256

    b6b6f3286b028890bb97e35e60c7ac861db92add23e9276edaf6515f30f3ca23

    SHA512

    e7524d6f017248a1bc09e98909fb67e3846e986008fb6d14aa4b08a299e29c3c20aadb8576e49dc37a82f8834128273404ae4ade96a2e29a8ae47b9bc696b168

    Download Submit

  • /data/data/com.fansapk.rootex/files/.umeng/exchangeIdentity.json
    Filesize

    162B

    MD5

    8ac01f0e583e52a56c85905b4b783fe7

    SHA1

    f82f55bfcf2866f856a2bf2c278ca1277ed47703

    SHA256

    ceedf2f9338988cb3647689efa9504926dad4d5b44a03a3b00f9bf2268de60cc

    SHA512

    e0f3f88ffad8ecd5346f4d9be2f287d9b3dd07775d51379e1918fd86ed7b2bef8c6062d2a6b2e9ded9b273ad66fedea29166e2d45fc464a19630d0e8af4ec471

    Download Submit

  • /data/data/com.fansapk.rootex/files/exid.dat
    Filesize

    53B

    MD5

    b5a7c586ffc5d27bd9e0ec35be133860

    SHA1

    494da944a73b4da3aa54c965d910c5017dc52e52

    SHA256

    7a7c642972bb440f24f67ed83e0f5b86bf87817f796add89e37f3cd9e13a2567

    SHA512

    5702a949c00dce4f2f0ea8cc179e44ac37db64193a6c7778a4c7ff231eb4bf98e545f8388b8fcbb1a295dde75cacd3f44597c1eb50ee1f8e8e361a997f8cb52e

    Download Submit

  • /data/data/com.fansapk.rootex/files/umeng_it.cache
    Filesize

    413B

    MD5

    0cd7e96585eb1850e72fa820611ddedb

    SHA1

    a049e9c40e9cb4438f544093af5c7a4fd91712b3

    SHA256

    34f0869647a230b20090d4a480db54f75f1acf6c905c32c341ca8f0a713f82e6

    SHA512

    d928206a39e358607fe96ecfb50618c4b620b75f9d99c594a8b80494412dc1d29e7ef811f0eeb8d8fdf01fe0e8b5a517e0078df6a0137fcd11d5efeed2f4b41f

    Download Submit

  • /data/user/0/com.fansapk.rootex/app_e_qq_com_plugin/gdt_plugin.jar
    Filesize

    699KB

    MD5

    afda64cf7e3bc8a40d25257f1a605928

    SHA1

    73989fa9e6bc8f7b3d555e8bea45d52ddd35ecb7

    SHA256

    50bf66a2a743e43715f81391d81fce1717c9a996c4722d632fc1bd9d4420edd9

    SHA512

    4d1f146257a73fc5b5eae64afdf41f27e40ef9ae33e30d25ea4fa0dccac18872b8ee53c6368b3ed82e526253a9962ebb23c7b2ac61745332ee42f114e6dc2dee

    Download Submit

  • /data/user/0/com.fansapk.rootex/app_e_qq_com_plugin/gdt_plugin.jar
    Filesize

    699KB

    MD5

    b9a0d3d374f7a4cfc9b108125bb7a89a

    SHA1

    60d1a70cd347d47cc8058bec6783b1629021f93a

    SHA256

    63e945fe1c16cf0d8e9310e31097eedf98f5345d5a6560420d774556c92bfe41

    SHA512

    1406d7af32687fe35b0530b545c883ef7f7ffa27eb44e924eafbfaf92fced08e7c9820458ad591cd4f4979a3a9665db4821b5bd9477f21471239e43b02fcfdfe

    Download Submit