Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

8a22a10a04...fc.apk

android-9-x86

7

8a22a10a04...fc.apk

android-10-x64

7

8a22a10a04...fc.apk

android-11-x64

7

Analysis

  • max time kernel
    2469511s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20/12/2023, 06:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8a22a10a04cad1175c8100b4c93eaf8af2d9e274434ee5c1219243bcc65cf1fc.apk

  • Size

    3.3MB

  • MD5

    9a952386b4fcf7380232dfbee97674f1

  • SHA1

    d1db16cead43aa626fba18da11487fa81d953ef9

  • SHA256

    8a22a10a04cad1175c8100b4c93eaf8af2d9e274434ee5c1219243bcc65cf1fc

  • SHA512

    d90b5f907ffe84b940822ae78ece62a09bf234f13610b29a4642df33e9fd7f91fd2bc40d774a8d1c653ee82ee427f35464c2ddfc03bff60be4645defc55c2ffd

  • SSDEEP

    98304:HImHA8NjiFrCzGB6VCKB8dscYWDH5MbN5zOEHpxCt8uHRV:omg4jArCzG9dscYYAN5zpwt8uHRV

Score
7/10

Malware Config

Signatures

  • Checks known Qemu files. 3 IoCs

    Checks for known Qemu files that exist on Android virtual device images.

  • Checks known Qemu pipes. 2 IoCs

    Checks for known pipes used by the Android emulator to communicate with the host.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.ylyh.youai.yisou
    1⤵
    • Checks known Qemu files.
    • Checks known Qemu pipes.
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4246
    • /system/bin/sh -c getprop
      2⤵
        PID:4365
      • getprop
        2⤵
          PID:4365

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.ylyh.youai.yisou/app_crashrecord/1004
        Filesize

        229B

        MD5

        ea675bbe21d5a9332b81c4f93a1d75f2

        SHA1

        c20367e63921c829892c523c54e7ff37c7516090

        SHA256

        b585599186afd8769d22be8ceb83b2bef805cf1d3a1ff5431d1082465337bbb5

        SHA512

        ce6deac886c93d073bf0fec77da11f1e1d41f41163c1203d1fdfef1c9017c8993e4d8dd11864c94e433be0d74e200fc55e44401656279842702062c3d0251a5a

        Download Submit

      • /data/data/com.ylyh.youai.yisou/app_crashrecord/1004
        Filesize

        58B

        MD5

        0d210bfb2a0e1f1b4c082a6a0f79de07

        SHA1

        bb8ed9e364db79d1d9f2fcde3f15091893222faa

        SHA256

        988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

        SHA512

        536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

        Download Submit

      • /data/data/com.ylyh.youai.yisou/databases/bugly_db_
        Filesize

        4KB

        MD5

        f2b4b0190b9f384ca885f0c8c9b14700

        SHA1

        934ff2646757b5b6e7f20f6a0aa76c7f995d9361

        SHA256

        0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

        SHA512

        ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        Download Submit

      • /data/data/com.ylyh.youai.yisou/databases/bugly_db_-journal
        Filesize

        512B

        MD5

        38f9dff76aa6af0e632abcfa3bcc4991

        SHA1

        8662e5f67644cb7517967c597682dc0f59565b4c

        SHA256

        3d46bfb8498d160c591a968c0c8d0ebfe23a7d281e2005d1af297c49fcd86af8

        SHA512

        bd5e617e24f1eb3bc9d246157221fbf3db761549ef89908cc09e7f25a095a41b45fe13df93b896c4d0f3f4378d3e6e6a91c3cb715e4bc7691be8e1ec77a7c13b

        Download Submit

      • /data/data/com.ylyh.youai.yisou/databases/bugly_db_-shm
        Filesize

        28KB

        MD5

        cf845a781c107ec1346e849c9dd1b7e8

        SHA1

        b44ccc7f7d519352422e59ee8b0bdbac881768a7

        SHA256

        18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

        SHA512

        4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

        Download Submit

      • /data/data/com.ylyh.youai.yisou/databases/bugly_db_-wal
        Filesize

        72KB

        MD5

        86606e4492298fe54de7dcc887a578ad

        SHA1

        b1bc1899d572d66f95e5f993c4f0fb2e424eda7e

        SHA256

        c161d160ab9f271d0b68f3679e33299365d35748e9d9faff4cba43469ac70d71

        SHA512

        d4fd822f206f3ec3a35394a62384fe9330ed2c21424b60fcad54d9b0d0b880a4e684091d20b1e2c27f974dab528ea56eddd5b7c2baf25a624a830c395c5a3124

        Download Submit

      • /storage/emulated/0/.sys_public_config/INSTALLATION
        Filesize

        51B

        MD5

        63b3413e807c0ca4b6e9c005d6bb0967

        SHA1

        c42c61aa56ae9869c28285be6a64c5cd6538fddd

        SHA256

        bcfc32fe9cbdcad002e91cd04d79d93b51e9c6dbb56617c5990adb4afedf0589

        SHA512

        3c057c4f884414655f97bcbabed3eae286b905dc48753d17ec7a96f0adc6fc3a1fb7c0cd3a7647e0ab6ba78661d42331c0592fd363a6771bc8138188596f7ea4

        Download Submit