Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

89c27c5c14...8b.apk

android-9-x86

7

89c27c5c14...8b.apk

android-13-x64

mimo_asset.apk

android-9-x86

1

mimo_asset.apk

android-10-x64

1

mimo_asset.apk

android-11-x64

1

Analysis

  • max time kernel
    2489632s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20/12/2023, 05:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    89c27c5c14b7d9464d41c486d773a51b96cecd9c70ac32d525ffdddf9dd71f8b.apk

  • Size

    29.0MB

  • MD5

    075fc3a3f5ef34e072137695b3ecf6f8

  • SHA1

    1466bff42efb33220817494dab74790564aab00b

  • SHA256

    89c27c5c14b7d9464d41c486d773a51b96cecd9c70ac32d525ffdddf9dd71f8b

  • SHA512

    fbf94345abc0b0aab39b409802259d48ce52cced70a94b8f81e8ffccb97fa7478ea3ea6172009a8d76c923254c38dc49a8d2d6316e24b3fefb896b09fb61bbab

  • SSDEEP

    786432:gRaN2KTFYtSoqbmXLfkI+wrxP2NEpXHVF9ywohixeFw:gRa7T2tSFbmXLfJtFXywcixR

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 6 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.twimler.hoppypops.gtx
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4219
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.twimler.hoppypops.gtx/.jiagu/tmp.dex --output-vdex-fd=43 --oat-fd=44 --oat-location=/data/data/com.twimler.hoppypops.gtx/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4251
    • cat /sys/class/net/wlan0/address
      2⤵
        PID:4283
      • cat /sys/class/net/wlan0/address
        2⤵
          PID:4353
        • sh -c ps -ef
          2⤵
            PID:4375
          • ps -ef
            2⤵
              PID:4375

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/data/com.twimler.hoppypops.gtx/.jiagu/classes.dex
            Filesize

            5.9MB

            MD5

            0d126dc8d79e94e83b93bd4ac547798c

            SHA1

            3a904f5aa44fa64ca5b53385e903e071732f1af7

            SHA256

            9337791f0e64b463a55f39bec6a81316725cbcc2d6f5dd60ab35100277688d51

            SHA512

            5f7fd80e55d33e776de58c592c09cd4f6a949d4d3c1f9c05098e6fe6c05b2803809587e9afdd4d2289dc7a4f558a05107b9447011645fde22ddc0aacd356f449

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/.jiagu/classes.dex!classes2.dex
            Filesize

            2.3MB

            MD5

            13fd7f88de2da9cca278ce85dcdbe112

            SHA1

            ece53bda245019aa53d2e0e9c4ce1bcb197c5d24

            SHA256

            f2e61ed9b2c3045e0d523b4e733c7bfa34810ca54d1ecfe5b55726f2875c7c7e

            SHA512

            6ba5781dcc4a02a540b1e4c14d749e17095a3ec37238e2d93a443591ba50cb66f1e3d1c7a0797acecc727ac2775f9beb4a6b6576060f64af65d45bea7ecadacb

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/.jiagu/libjiagu.so
            Filesize

            475KB

            MD5

            5aea02f4e4c77fbf2e7a27f7ca9cc06b

            SHA1

            522db1748608e9173547b29b7aa82ddc3542c534

            SHA256

            5a1c513b347e2a929769e2be67552c1d591704f08f7b5590282b66cc2c7d7bd2

            SHA512

            5c979a11f5e896829db906f533756efc1cf3c5a7e35ecc9e376a0aae818f2dada013441649feac2e188bd51affbbf35156e32fdc6552e185bddbc547f3850316

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/.jiagu/tmp.dex
            Filesize

            284B

            MD5

            f1771b68f5f9b168b79ff59ae2daabe4

            SHA1

            0df6a835559f5c99670214a12700e7d8c28e5a42

            SHA256

            9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

            SHA512

            dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/app_ebody/res/xmtok/37673/uuloi
            Filesize

            1.4MB

            MD5

            30069d81dcb919c4d2a7ea459655fc78

            SHA1

            470c92224179c7a743bb4aeebfc5892d40a28ac3

            SHA256

            6d762c728abc378690e36a2a58735480ba47034f4f94b746bab3976afc5ef97e

            SHA512

            5b10075506696f808dea068bdc70168cca7178359a8916ccdb118ebabc151c9b17b7ae99a2ce00a5ab73e8516c4bfaf7145de099d887e456fda78a91a5db06dd

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/databases/cc/cc.db
            Filesize

            4KB

            MD5

            f2b4b0190b9f384ca885f0c8c9b14700

            SHA1

            934ff2646757b5b6e7f20f6a0aa76c7f995d9361

            SHA256

            0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

            SHA512

            ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/databases/cc/cc.db-journal
            Filesize

            512B

            MD5

            1601902e22bd961393cc75a78d34ff6f

            SHA1

            0a850b0a96c53bdb942cffa2c541b234c1f1d683

            SHA256

            47f70859baf928be68f0db5ecf8469da53500cdea3267a5d315b8cb8cdf9fc6f

            SHA512

            3291feac51abd28b9393792f470df2cb3cee8aabdbfff87031feaae593eac5d509d60d7a7a59f4b9ff4ed65f495bf48420747fae4ffe715400e4966dc892e727

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/databases/cc/cc.db-shm
            Filesize

            12KB

            MD5

            4072783b8efb99a9e5817067d68f61c6

            SHA1

            7cb41fea50720b48be0c145e1473982b23e9ab77

            SHA256

            f3cc103136423a57975750907ebc1d367e2985ac6338976d4d5a439f50323f4a

            SHA512

            b9b362ac8b88c1eaae1fa87f8498050450d7aa6c7d07698c3aaf8a355b603b6d535e74b47f6da4b4798b04df58b3b6eb1dbc4782fa07756bce10933ed86017d3

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/databases/cc/cc.db-wal
            Filesize

            48KB

            MD5

            0e898ab791db72a0d654e6f505176fcc

            SHA1

            960742ffa556e0655c3c91529e226dfd324b7d03

            SHA256

            6fa5bf87d337a3f4ee6b0c42a04a656a3ccea72eddb963a59541f6ec7f171d60

            SHA512

            914047768b1eae637c4d70b228a9f7c509162d06b76bab320d95b516a576b3330cf054be9eff268c45c13745c30e7586ede327380053f6b50a54ebb56e3c1d17

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/files/.jglogs/.jg.ac
            Filesize

            32B

            MD5

            10c35fd5b2e0b90998673d6fc023fab0

            SHA1

            00fdea19a58e4becefae1c0c8e7551dc4d2bff07

            SHA256

            b229438ee64a38efebb702ecbb86e4a09ed6e1924303d11d1dd00831b5750d46

            SHA512

            4caebd367f393a9f561bb17d75a1f41f3859a241f92938bba68d763f32a9e3c108626e6f93b2245057f4441422752de1069bfbaf26668889fe2d55d883bb4068

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/files/.jglogs/.jg.ic
            Filesize

            32B

            MD5

            b1eab0d3b81425c4c52dd5a7e679bce2

            SHA1

            6cbd86af50f2a0dcedb9305e39e690931dd96f9f

            SHA256

            e65838fe925569819dcb76976f091dc70ec00b10e4ad252c4044f44c06085a7d

            SHA512

            4046a59a5e00503f8ff1e6f385fb5b602cb5aad7b0c71b6107974ef2f106a03d2045c4dbca24659eeb77e9116c3d3d55182ef46a559f3291bbb2e238d3727c7b

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/files/.jglogs/.jg.rd
            Filesize

            73B

            MD5

            7ce6d59bb231052a00a8a6f074b601cc

            SHA1

            7e5ac9ef6273849029ff8a9a3dec03175e6f5b07

            SHA256

            1d96fb025eff2dba529420a4ef2d84a240c7e30970bea89e23d12e661d63cad7

            SHA512

            6cf799dc641e52758abc322a13a1d21109ff197adbe50be60da47a6c76c79b4a3662357a23173db5e593f835daa80e2577d7eb988b5dce34fe22e03c0edbb014

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/files/.jglogs/.jg.ri
            Filesize

            307B

            MD5

            9f94022c569c4178bce1b858eaab8d03

            SHA1

            7ba97276395a82f1d1bd0b219ccc5724e2dcec19

            SHA256

            7a942bdcb8fab4d8ed8746a2e3f18937cf058136eed85311f255f4a0b26e3f95

            SHA512

            92b9389433ea648a7cd8176c60b534b40c068da9ff275a2185733cc0177cf70aace62e6992f804dc9a9018448aecc0266b6a441f3a5e64dd98a3539745bf0001

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/files/.jglogs/.jg.ri
            Filesize

            314B

            MD5

            91753a05b52a98ba22f794b580a843df

            SHA1

            b492528b02713817f7c62a21c73f7787a6cfb5e0

            SHA256

            61c354ee0ac90c7421554a1cd4726174bc5731e4790ee652c9a8f34df9b68ada

            SHA512

            25b362c85c13e7b758b0f30cf5a18c2a13d29e893ecdf4973d62607d7ce5ff45060d63f2a5a95adf514232e0a32b3d3f9a55138b3ed3aa71e8263f11c5ff168b

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/files/.jglogs/.jg.store.report_pid
            Filesize

            32B

            MD5

            6526812c196e474e86afbb3e71a03e17

            SHA1

            e64aeae2c2659170696074f41e698efd748c7070

            SHA256

            549a8d0ea22289a8550ac3a4514548b38146d8d679e97b6ec653717b55c42bd4

            SHA512

            cff8c090ddce7278e54bf34c56e57a798b95cac85d0987cf6d167d6027b429df2875e5148549dc6702fe7aae1cb9fe35cbbba9ad741399f6bd014c7392890a6c

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/files/.jiagu.lock
            Filesize

            27B

            MD5

            8835c708e5ec63aacd2c973456f53735

            SHA1

            be4f51aba5b99eff27f8ed39d12178c6da6aaf79

            SHA256

            b431c91e75c86d55796e06fa69037966a01838a504393bd02af76b17d700cf34

            SHA512

            bfb8b7e17fabc775f13608130d2a594d4dcd7a4b3c083aae806970cf144336eaba52bf7800c0075120fd68c67678f9479f41c2e0cf1534c6911d13b505ce2412

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/files/ebody/as/cheuu
            Filesize

            8B

            MD5

            df940b842a5a3d4f834bc16650d3960a

            SHA1

            a4562ba1b4ba5f6cf0d1998bdb8ebf2cec40fe6c

            SHA256

            be7a476f1bd1d89193606d5449ad1b82d2ffe73a43bf236f0446f62987650668

            SHA512

            0aa5c52f536ff85790512ed87d8ac485dac124c6473942b9138af00f2b1ebe1cfb4757c93c14dbd2b17a0b0adbda99b333c949e837e6ab5e48891a409d416aca

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/files/ebody/res/37673/oat/vva.jar.cur.prof
            Filesize

            361B

            MD5

            891b82c98555367492b05edf76d9308e

            SHA1

            fa123bc88ab10aa998ffbad88ae9b09e5c7258d5

            SHA256

            a6807f1b26e955fad58023d5a3f6434c5b8409184918dedf448dc9aa24841d98

            SHA512

            93a8e6bee428d1bb7fe2a4db02103497a0dc0abf3c1ae8b5b5b0c28390885437b774f59d64f7b1ff81a6f6f15f67e6d3b144bbe5366af898d4ad05c6f1a5ad41

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/files/ebody/seey/tmd
            Filesize

            32B

            MD5

            f22d1c9d8805a03089a14cb8f0a077f0

            SHA1

            fbf44eea9680293a31ffaefdf4a51fe76b661b96

            SHA256

            c799bb41ae4a0e972aa7f51fa42bddcb39740813d1549c792a1bfd1cb159be49

            SHA512

            9c14964bf702554b46136efa6238920b25cdba7f228d72eb66de2efeed0e7f6a785770fc97bbd53819538c23add5ec41ed99933809c30ff8a95311728b044ae3

            Download Submit

          • /data/data/com.twimler.hoppypops.gtx/files/ebody/seey/tv
            Filesize

            5B

            MD5

            1c4ec9002d8f6c1ddae5c151e48cf718

            SHA1

            2425cc273831d722bee4906c14c03fe497b99c08

            SHA256

            f6c857ed9fb74036aad1662f0450a84601f9eaf5f9eb0e6943136fa6ffab21b0

            SHA512

            6371c3db3d1dd610f1d22a8a5c5ba3efb8e4d0fd8df158f0dcc001238072717bb1d385152e4b8f67d7283eaf41d0582f6381e859f83f673e8b4ec48ce59d76ac

            Download Submit

          • /data/user/0/com.twimler.hoppypops.gtx/files/ebody/res/37673/vva.jar
            Filesize

            1.0MB

            MD5

            7eb039aa7728169a015707a82e1b41a4

            SHA1

            adeae37340af1ce383c908cdc4d375b270b30a60

            SHA256

            9e4e34e3db9a85d0e2f937c85255f2c924df7465284c9f8d91f9ab4ed8f2c49c

            SHA512

            c60f5c867ff34eed8186741ed2947e21ea7f3264114347ff64c90d9e04381238f0a3fbae18ef4ddc3c4b390935a21ebcfa311815384615574e9c9f90a825f7ca

            Download Submit

          • /storage/emulated/0/Android/data/com.twimler.hoppypops.gtx/files/Unity/83918266-422c-49ef-8531-9ef542b9e57e/Analytics/ArchivedEvents/170329659800000.9cfec892/e
            Filesize

            42B

            MD5

            8424e869a2bfb6f0c6adef8669952f33

            SHA1

            e49e59ef4355ce9976cd285a73954ed86b6782a6

            SHA256

            65ec8bab43feefe5fde1fd6b35ebe05baa5657d9c0c3f75e2d17d242c39334a1

            SHA512

            4736dd58fa732b3528cc0e5a406036f01292bc359cac8b06e181a674b1e1e5a85b51f3145d774ac8a630e9a135ba85c36c02863a0affbdb32fbca0dd5f910f19

            Download Submit

          • /storage/emulated/0/Android/data/com.twimler.hoppypops.gtx/files/Unity/83918266-422c-49ef-8531-9ef542b9e57e/Analytics/ArchivedEvents/170329659800000.9cfec892/s
            Filesize

            170B

            MD5

            f961d1e99d6c1172b06237a3f2413cdb

            SHA1

            8dbaaab270522a9bb323e898bafb79baf4ec0635

            SHA256

            b46cdc154d0131bf8720ba71a2de76346ba0b06767d8428711ddf55e644d6e96

            SHA512

            c62ea545b151e6a956091effff19eb4e73e162a454534f25ce20b862eae2b57aa263afe4277ca8542a2f1889ffd7eb5ce16f5e05e20d0ce6072d07be6d7946cb

            Download Submit

          • /storage/emulated/0/Android/data/com.twimler.hoppypops.gtx/files/Unity/83918266-422c-49ef-8531-9ef542b9e57e/Analytics/ArchivedEvents/170329659800001.9cfec892/e
            Filesize

            44B

            MD5

            c34311cdb3bbb937ef17c9d3ce2cebe3

            SHA1

            333eaa47bb0b19f8e602e7aa7d923fa572252053

            SHA256

            c9a47aeae47e26dea83ed47b9d8f1eebdd5aaa85daf0382f92ec9e2906874f6f

            SHA512

            981d95df4852fdfeb7eae8744d29861e6ed2f21276f6168340d77bbf6a38f486dd682028f4fc325eb8947c8d2b298c13b3058f90080af86e872147f0cb5a7729

            Download Submit

          • /storage/emulated/0/Android/data/com.twimler.hoppypops.gtx/files/Unity/83918266-422c-49ef-8531-9ef542b9e57e/Analytics/ArchivedEvents/170329659900002.9cfec892/e
            Filesize

            131B

            MD5

            548d1ba5692070e33d818ff22718ebca

            SHA1

            3c4685ce0d99e8acb7f4863c6394b1fcfe4b661c

            SHA256

            9afac81477774f48419e213ad99c2b587f5a8425719ae353985971c12f861086

            SHA512

            6bcd0712c09cc1646bc8c1fa2ae143053630910046f479aab845459ca45f926342a4c4107dc2af5d006c769bd93958f6dbeb452b3860fc623c52bc9687703338

            Download Submit

          • /storage/emulated/0/Android/data/com.twimler.hoppypops.gtx/files/Unity/83918266-422c-49ef-8531-9ef542b9e57e/Analytics/ArchivedEvents/170329659900002.9cfec892/e
            Filesize

            590B

            MD5

            fdce86059f044508138684ed03198ffa

            SHA1

            e4ecb506cd3117d540fb26b4441d0b404a6c242f

            SHA256

            f4be270adaa4a02d64bdd84df0d1ca79fdcd11aca8483ad171e5d20db7b14fe0

            SHA512

            6e41919cc845b6be01002787aae5bb02bd8ccf1d71e92d7aa59f7a8b6fe2fc069ce92aba38092a1c0a3fcdc1c68c54defffadf3b35b3f3f1d34dbb315111048f

            Download Submit

          • /storage/emulated/0/Android/data/com.twimler.hoppypops.gtx/files/Unity/83918266-422c-49ef-8531-9ef542b9e57e/Analytics/values
            Filesize

            50B

            MD5

            6fa042e135ca0cd685d29ddb307ca8ac

            SHA1

            3d3c8540e688f7b8d2ef39f39666f6fde8996e51

            SHA256

            8a3e8cba2787ea6c439ce3f8fb6fee42739da5d0f87f3f5d9e973e1c918de0c6

            SHA512

            9247faec4a80e4e6edccd66cad88d2e3e5f737bb3ac6687679683a38bbfbe939549bf3587d86c7a248610ee10734900c9a616602053c3a7d7e82af49d4c1e8cc

            Download Submit

          • /storage/emulated/0/Android/data/com.twimler.hoppypops.gtx/files/Unity/83918266-422c-49ef-8531-9ef542b9e57e/Analytics/values
            Filesize

            83B

            MD5

            1205a86d91588d612c747f6c8500a0c0

            SHA1

            c75abb64b9c5f2687e374201a4bcbd1f7dc3a1a3

            SHA256

            2defc1f2d6b733118da33c24ccc016f8640db3c7179a513c5a7265c1e70e1766

            SHA512

            fdd028d2b250798b5144fbb30b1445a9d7f1f24edfe071ee99fdb3dba478cd1d4980bfed103d633027f5173dfca1c65a9d19dbdac50f3407d6bb1aac922f5183

            Download Submit

          • /storage/emulated/0/Android/data/com.twimler.hoppypops.gtx/files/Unity/83918266-422c-49ef-8531-9ef542b9e57e/Analytics/values
            Filesize

            115B

            MD5

            cfb6f6ab016eafb85be8e27146cc25da

            SHA1

            ad1307bb6d57769ac262e2064d57f4c72d8700ac

            SHA256

            8b6c44aa2396edb199e93ba59aea76352669c2d1e8adb20678407c340859ddd1

            SHA512

            6072c8e5cae1596b3a049a5ab49ce992733138f98efed3c351c2a3c0eb88ac3753964725efa33b7efddc35ec9eef27dceb158c50a6da6c26cfa2364492d129d2

            Download Submit

          • /storage/emulated/0/Android/data/com.twimler.hoppypops.gtx/files/Unity/83918266-422c-49ef-8531-9ef542b9e57e/Analytics/values
            Filesize

            136B

            MD5

            fffa64984d933d14e96cc5ffb6b797ac

            SHA1

            a673b48a64c77cf350740b1e80fef4eea03d6872

            SHA256

            4e8f743a7425b75b6099fce13577c7891a7c71f8e874577ea8b9070143e3a9c6

            SHA512

            e186128fe87e9410e531f777a8199c38abfc880b051d6ebee696356b74697b66f84d828f7fc191ad951fb4ba091bf1bb3b8de410fb30e172ceb9bdda05c1c497

            Download Submit

          • /storage/emulated/0/Android/data/com.twimler.hoppypops.gtx/files/Unity/83918266-422c-49ef-8531-9ef542b9e57e/Analytics/values
            Filesize

            317B

            MD5

            2cc399eff2cf7f76984c23210058504e

            SHA1

            98710b76509c033061866eb86fa52f502b70afba

            SHA256

            dfbe36594f1951a1e283bc08367ea197b79a41959d42d27e295a2f0ff444dcf9

            SHA512

            0973f21840adccc4a978a5e2cd0f79fb5f86055db8ca6b41916f4130ee106c0af8dd87c06dffc40512d641ec50a8ef63f26ba657dc83f5a8b53db08b29247141

            Download Submit