Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

8bf154b8d6...e2.apk

android-9-x86

5

8bf154b8d6...e2.apk

android-10-x64

5

8bf154b8d6...e2.apk

android-11-x64

5

Analysis

  • max time kernel
    2482962s
  • max time network
    149s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20/12/2023, 06:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8bf154b8d66aa4829c026622d3f21a28eb26c38de8946e55ef71536b2e58f7e2.apk

  • Size

    2.0MB

  • MD5

    334ea3f88b45edb6e690a0b6d6a92fd4

  • SHA1

    7710365441994655b8c18f671385da92b0566989

  • SHA256

    8bf154b8d66aa4829c026622d3f21a28eb26c38de8946e55ef71536b2e58f7e2

  • SHA512

    0e837f5593e35d6bd1fb1f36858d6abf4bca014ed30b73aecbd9cbdf6dcc979dccd537b9e916abe9788b0a1e5790c5b05ad8e088f377f6a800e66a89c0087000

  • SSDEEP

    49152:gPH505R6WG7it1sGth5wSFTR10GRhVGFFIVp6lMqifE8e5wspnQF:sZVWGW1sihiqziFFSvqiJDb

Score
5/10
evasion

Malware Config

Signatures

  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.yxxinglin.xzid31793
    1⤵
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4245
    • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
      2⤵
        PID:4328
      • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
        2⤵
          PID:4350

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.yxxinglin.xzid31793/databases/ua.db
        Filesize

        24KB

        MD5

        e85a19647e16d826a1d3e79d0a126b51

        SHA1

        8bdf53e2b24e61db42a33c26d9f5010f144419b3

        SHA256

        2b606bb40252e2f408ef0746ad5608aa92c9dab5b94c00736286d259de4352b9

        SHA512

        af1868717cfb6b76a033b3dea1217d9da8709f659323ef58a2c5a5437c7d0a7b21e70410786c74edc130d66274a6a50a70a0b12364d96f72a68538ef117a9e48

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/databases/ua.db-wal
        Filesize

        48KB

        MD5

        7591e3c2637bbdec52a53a0d79822dfb

        SHA1

        58310877c4ba88737c7ea442a8809173208d39c1

        SHA256

        e0ce64586fd00125b946c0345d87de52a1d96cd2bb560b89f3908e08374dcf9d

        SHA512

        82220c4986589a65c237e641bff4f944fc6f9da162fb993b68c198df00b9e078a498844da5147458dc2ffaa6aea13bd2ff923c7cb9505ef72781d4e7b067a21e

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/databases/ua.db-wal
        Filesize

        12KB

        MD5

        f668be060e0317032b1adc9b61bb4333

        SHA1

        c3689e75cc609a2d57ec693078f3f253980ca1af

        SHA256

        48a1b58f2aa346a49be940f0db28cf75d253e4af5db34c4dc7e9938d59d0bd3c

        SHA512

        1b7df6beb9e75bda6faafb878fa3430440305605894e3774fb370603f1a212854af7cc505aa75f9286f99a5b7b4c51adb42fd1bd6ea958e15741e52efdf15b97

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/files/.envelope/a==7.5.0&&1.0.0_1703289956558_envelope.log
        Filesize

        1KB

        MD5

        894249f02966632fd1a7d61cbed23647

        SHA1

        238eedbbf8840500f169f0603e82f21ef9a0c612

        SHA256

        4adba4944acd3effab5ca8be6a7acb1de6d3e2b0cfa50e634097627838c54921

        SHA512

        02d9264ad7774834e99a0c7350063db723f204d194753a4e9e3d4f1ac1bb0fe4d715b17ef74cdb76d561e6be31b5924f978d311b6bee6c033d52ea2781f10d56

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/files/.envelope/i==1.2.0&&1.0.0_1703289952377_envelope.log
        Filesize

        2KB

        MD5

        27dfd255ecfd55e4340816159b63917b

        SHA1

        b1fbf3fd8a86a813ee42a57ea2e9a20127149770

        SHA256

        e2695441f133255ab5576d6cc1f7239e95478b1c167029508eba2927d119b5c2

        SHA512

        75973d7f4c45c6669f5afab9b1ecc534c3db48419acf7e7bff9a05ef256ec3118255d7dbcc81cef696d7c42cbb2f55bcb0149d362ff6f299c30765f371473b85

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/files/.imprint
        Filesize

        412B

        MD5

        4b71b0aa469c179d1f8dd8918216872b

        SHA1

        664a6aa6d22edf73ebea94bf13f1278c9b71fade

        SHA256

        d5e5c656a8ccc2ca7ec89979383481a8faeb22498179349741dd74162af20353

        SHA512

        cda257f2298397247b936870f15fbe3d1b5eb9df3fab482fa54416b37df77bcecf2a8d9c80b2e6e554a18fd152f6ee4c39a7f9532c0b74d9284e0dd34b007570

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/files/.umeng/exchangeIdentity.json
        Filesize

        202B

        MD5

        b58a87a8cbfc96a917a4d76dd98577ee

        SHA1

        19d33cd536d0dfc7d7f36c121963c948cc2a1dba

        SHA256

        bd1f6aa0e698f7e4d1aee7b8354937816795573d66faa945decce79aeb9d14d1

        SHA512

        1047cd7ee30a910f2ad1dfb8d910cab3e5afe08d974411544224d2b158a838c80510b2c9688f3b0bef5aa6853d16fb31a565a525462345c3c9a3ba7da65900e2

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/files/.umeng/exchangeIdentity.json
        Filesize

        162B

        MD5

        608ad9f203c751b55d864c8b416682df

        SHA1

        b2835fd15d53fbdbe9fea28d92a3d45856e44df5

        SHA256

        6455dd3422cf2cbfb1d6aa8e5e4fcd3503e5ee54a8fdf37e8b06db9ac821cb52

        SHA512

        5d8e44dc02c6856cc1a12ad083967f5a0d30ef966def073385024dd4cbf9060d22c6b6ba28448c2f061377eb2f4b8f97f60e9cf9564b95e0bd7c00364154efe4

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/files/exid.dat
        Filesize

        103B

        MD5

        91ba93ea57508a8e2f92d1ab26e519b5

        SHA1

        17556de657f25356aec2809ed0aa5e805e7e125d

        SHA256

        5240f47bfc8e156e8bc6599f668dd5fc8956dc6ae6325dd63f761d99c7e39dca

        SHA512

        f1a0ce6d2df1c2afae7e8ebfd628b8a7cf36e08713ce82b50ecdc2206c506799cf04beeefd9ba85c552b2c5d96c91a6f02a028c0804b459f593f644158ae1bd2

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/files/exid.dat
        Filesize

        62B

        MD5

        a443ac11c8688fbea9d65ec60cdf700d

        SHA1

        c80d4cba44c06465cef1df97d70daf2b7963320b

        SHA256

        e2d0d41296a8d16980b593deb576e0c68303c854f96065ad0f9e9c5eb7a9a524

        SHA512

        d9182ae597ee651ff11f65bc6a0708d998e399453351708e7a1dfc0a33ead662da48e2043a8e7f23848804ce8807dbc5abe8997fdff4ce9b1340062c20a627fc

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzMjg5OTUxMDQy

        Filesize

        1KB

        MD5

        88ce11ea858fbd09b6ba48ff668e493d

        SHA1

        bb898b9e7f99a04ad505d233a363becfbb55cc84

        SHA256

        fc0a0be48f276df6a0612331ab6b534cd7ee4509af8df2e11728f4b712a9e8b5

        SHA512

        a25bb5e9f6e4256764268ea34c283f8e91d5dc01cf4815fe0cbf5f15cebbe15b1dbe9a50cd7b8dae877e55825b4796567bf7e3614d966668156d3617ebd61e72

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzMjg5OTgxODgw

        Filesize

        1KB

        MD5

        6d4e155577ee11dc4f72ab636afe6162

        SHA1

        f79af63a00e97972496a636973d8d68228dedce8

        SHA256

        38f2c1a590318e131fe97f437bb6c70c07ea8df2e16f8753ac306c5b91c3fbc5

        SHA512

        4f2d80427091c4fc4e37df9fe05c555f663e5991a58b866f122490f5d42043cdf1eee4209fe077ed5741e4b78ef9f4455751f2d13851aa4a2e1f3862c324d921

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/files/umeng_it.cache
        Filesize

        348B

        MD5

        15dd87fac1e506a56c1c8c5f100e7dde

        SHA1

        c6a290dfd35bcfe22d700129f65db5995d93b65d

        SHA256

        c95ce61764d3760a6abcfd1a588dfc340085506dadb6b685a09d4227f2cfa779

        SHA512

        ff500726e703f1e102a2dcfa09a0eb4a48500c60ca887dd2e4a5efa37d643d9e889caf061be1dc53eed07768c9f3217d5d23a4a83432311c8376ef8e55c9ead0

        Download Submit

      • /data/data/com.yxxinglin.xzid31793/files/umeng_it.cache
        Filesize

        177B

        MD5

        ec7f005b648c6c5de7181fd2fbd2f5a2

        SHA1

        113e962ab1b856220d5fee28d2b88eb4fa9743e0

        SHA256

        d92136cb3e63c553cd70932b5b744064f5bda3989f8ae6a75c500241429cc039

        SHA512

        b0e88929f2232127b93877f1e3abfffcb45ab79100e4ffb2051b11829c68a6b7b174ae2417c12d32479155c98c82df472d2244294918248bda9f2bbcd814ee9c

        Download Submit