Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

870f31099c...16.apk

android-9-x86

7

870f31099c...16.apk

android-13-x64

Analysis

  • max time kernel
    2473607s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20/12/2023, 05:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    870f31099c7224947a625cc5a4b31954b2f777b501c8776998975982ea660c16.apk

  • Size

    4.3MB

  • MD5

    7ab2e7ad1cf138d1f02e0d6128943711

  • SHA1

    6706439477bc46187718eb91bda833a1aae64a43

  • SHA256

    870f31099c7224947a625cc5a4b31954b2f777b501c8776998975982ea660c16

  • SHA512

    6d48f092a1e9eddaeb4fff49bb1a2f380bd44ee5cc542e76353786942c6d40af8cdd22a7286e878820ec6845701b24b829d64ae944401507432fbc6f56f5de96

  • SSDEEP

    98304:i0KnMkpwqfCcmo9rfQxEMMV8L3/Bbc19/1Q+MhMV8L3/Bbc19/5K+MIBq85tuwDP:RIxh9rfQlL3p29/aZL3p29/kv85owj

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.example.minjian
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4246
    • /system/bin/sh -c getprop ro.board.platform
      2⤵
        PID:4276
      • sh -c getprop ro.yunos.version
        2⤵
          PID:4297
        • getprop ro.board.platform
          2⤵
            PID:4276
          • getprop ro.yunos.version
            2⤵
              PID:4297
            • /system/bin/sh -c type su
              2⤵
                PID:4328
              • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.example.minjian/mix.dex --output-vdex-fd=49 --oat-fd=52 --oat-location=/data/data/com.example.minjian/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
                2⤵
                • Loads dropped Dex/Jar
                PID:4347
              • logcat -d -v threadtime
                2⤵
                  PID:4481
                • /system/bin/sh -c getprop ro.miui.ui.version.name
                  2⤵
                    PID:4511
                  • getprop ro.miui.ui.version.name
                    2⤵
                      PID:4511
                    • /system/bin/sh -c getprop ro.build.version.emui
                      2⤵
                        PID:4555
                      • getprop ro.build.version.emui
                        2⤵
                          PID:4555

                      Network

                      MITRE ATT&CK Matrix

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads

                      • /data/data/com.example.minjian/databases/bugly_db_legu
                        Filesize

                        4KB

                        MD5

                        f2b4b0190b9f384ca885f0c8c9b14700

                        SHA1

                        934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                        SHA256

                        0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                        SHA512

                        ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                        Download Submit

                      • /data/data/com.example.minjian/databases/bugly_db_legu-journal
                        Filesize

                        512B

                        MD5

                        1099466f5b08c0edd5a658169fa59ef2

                        SHA1

                        82f764f80fd576f911fa32c7d8f1cf30d84b63c5

                        SHA256

                        2dda33a037da0dbfa6aa9d0cbdab9ca91978faba80902456a5224e7cde41f6e6

                        SHA512

                        a9b1efd778f4dc74991ec7b7e21defcf5804356ea490e05fd15537cd8bf12729c271e9e419b7d34651d682d04f49da11e3f3bdbdabefa95581b0dd0fc2fd6d68

                        Download Submit

                      • /data/data/com.example.minjian/databases/bugly_db_legu-shm
                        Filesize

                        28KB

                        MD5

                        cf845a781c107ec1346e849c9dd1b7e8

                        SHA1

                        b44ccc7f7d519352422e59ee8b0bdbac881768a7

                        SHA256

                        18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

                        SHA512

                        4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

                        Download Submit

                      • /data/data/com.example.minjian/databases/bugly_db_legu-wal
                        Filesize

                        84KB

                        MD5

                        8a4a6a51215cf7aad90cfc57eb98bfb7

                        SHA1

                        d5155ff85a9365528fd82d1932b8a3147bf7fdbe

                        SHA256

                        0a2b75cb2e43052a55ae70336ea811f675d9b0f962645bec0a4d5d6569a9c083

                        SHA512

                        eff05ed585e8c568b4cf9eb3db9b832cdbb62d9041bca7dd8d6c3f4c53f1617c5cdb07b2deb2709189ac01b557a9d67e90b50f4bb54e0bcd50c848470d94711e

                        Download Submit

                      • /data/data/com.example.minjian/files/cnc3ejE6/eje3cnc
                        Filesize

                        335B

                        MD5

                        585839d66722cfd02e40cb740cccb633

                        SHA1

                        374c19200fee201b26d0153487a281a934615884

                        SHA256

                        86a9bb4985cca6c9636c4fd071bef4b70ba7b3a5eb51af869a1299dc2b1574a8

                        SHA512

                        09bbe1bf1455861fd4732f2d1945c84bac34090906ac2fab75d144c22ffcf6bc585c8209e94a2b1919c8402df53966081a1af2993e12261ae4c4ac5568667d88

                        Download Submit

                      • /data/data/com.example.minjian/mix.dex
                        Filesize

                        292B

                        MD5

                        63f77f99bd2c2b772a479923bde11974

                        SHA1

                        c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

                        SHA256

                        4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

                        SHA512

                        3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

                        Download Submit

                      • /storage/emulated/0/.imei.txt
                        Filesize

                        32B

                        MD5

                        a5d2f7cea71cca05e22862d41ec95ccf

                        SHA1

                        b6b2fca6964c2efc733988d2a397227425b7126d

                        SHA256

                        27e8fba88dd43020db4f7545da1c2819931554e8ede30337fef06290cd66464f

                        SHA512

                        d3616f94fc0237667fede256a3d3f2aef59274e024117f7d3aa964d3a8055f2a92fd69927d52dccd247b503a9475324cf4366ed6663725195169db30f6f3859d

                        Download Submit