Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

8c53efbad5...53.apk

android-9-x86

7

8c53efbad5...53.apk

android-13-x64

Analysis

  • max time kernel
    2487100s
  • max time network
    137s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20/12/2023, 06:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8c53efbad5f26591cd79541e803193e535c4f14e16a07be45540af3f0dabda53.apk

  • Size

    22.3MB

  • MD5

    3fbf48c6c3539621496e2260f92780f8

  • SHA1

    608e0140153eaa7a62ece52da9f286cfd09216b0

  • SHA256

    8c53efbad5f26591cd79541e803193e535c4f14e16a07be45540af3f0dabda53

  • SHA512

    a0ea05fb24a161179b200c6c1ebbf73409307e03943a59928a0365e9cd3a94e41260e26926eb7d8703a275c805258ebc60d940fd32bae0e75fa218ee57fa5c35

  • SSDEEP

    393216:zfrVgEAuA/gzlHw9WtsGXunzUtwIrjcA+3Vu+z6s8E9aiIz+DcE:OehoYu5zzj9lIEj

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 5 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.dayuanbao.yuanbao
    1⤵
    • Loads dropped Dex/Jar
    PID:4268
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.dayuanbao.yuanbao/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.dayuanbao.yuanbao/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4304

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.dayuanbao.yuanbao/.jiagu/classes.dex
    Filesize

    6.5MB

    MD5

    1cb96e5af005796c5e2f86e3ee0c7587

    SHA1

    2833e934507c09e3a89b6660626b4f6b4189708b

    SHA256

    89d63f22c9a204e00146999fce03b2f03bae0852db502fb23e7fcf5dd0fc3118

    SHA512

    7f094a2f5a22ddf7fc88aa2bb85f2a82421b97bf58463d725e7df961758798146a5050dc9011b60e743feb51f6b2dadf6f18648222fc1e80069e00e94838f609

    Download Submit

  • /data/data/com.dayuanbao.yuanbao/.jiagu/classes.dex!classes2.dex
    Filesize

    4.6MB

    MD5

    5e2fefcf9bb705707aa9db3014d26102

    SHA1

    eb33e9f9eaab97eef9ae930e1479116d4e5c4cd5

    SHA256

    5527d5ba6f6924980a087c6a50747e18c44aaab5a38658fab82fbf2bc128e926

    SHA512

    e9833ff413852ce0ea6b633fde0260c5a187d67fc3f9d048bd709e6af838ae74a052ec61190d405c95cf0497e9aa7a7b391ccb9e95f94fb8f1303bc156979ddb

    Download Submit

  • /data/data/com.dayuanbao.yuanbao/.jiagu/libjiagu.so
    Filesize

    475KB

    MD5

    5aea02f4e4c77fbf2e7a27f7ca9cc06b

    SHA1

    522db1748608e9173547b29b7aa82ddc3542c534

    SHA256

    5a1c513b347e2a929769e2be67552c1d591704f08f7b5590282b66cc2c7d7bd2

    SHA512

    5c979a11f5e896829db906f533756efc1cf3c5a7e35ecc9e376a0aae818f2dada013441649feac2e188bd51affbbf35156e32fdc6552e185bddbc547f3850316

    Download Submit

  • /data/data/com.dayuanbao.yuanbao/.jiagu/tmp.dex
    Filesize

    284B

    MD5

    f1771b68f5f9b168b79ff59ae2daabe4

    SHA1

    0df6a835559f5c99670214a12700e7d8c28e5a42

    SHA256

    9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

    SHA512

    dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

    Download Submit

  • /data/data/com.dayuanbao.yuanbao/files/.jglogs/.jg.ac
    Filesize

    32B

    MD5

    c14365dc92f8b2f0f4fa476c63496e00

    SHA1

    7f4d5409b85761c0af82bbbae458a228b7945531

    SHA256

    a18fa2fbc14738fd53a57f2c8b90dfd6ba4037ae461a3eff182acc7424138a7a

    SHA512

    47fb7c2319b3a7428de52607837700421e99ee47f5942cb485b02d7aa1117c3c262e334b9589cb98470c25c201217e15b568a9f6079f507cffb5cddb1bde408f

    Download Submit

  • /data/data/com.dayuanbao.yuanbao/files/.jglogs/.jg.ic
    Filesize

    32B

    MD5

    2d2e2e2b4a77b2ab1dd54f761e70cfe7

    SHA1

    c7060345a5331a009d15c43782a5d7cc795e7596

    SHA256

    316199d088b350ee0f5c89e3a3a4f045eae381c3148ef0ee4b3b57f54e8701aa

    SHA512

    41cefa235b6574b641b7844d601f4cff323416d07856247d4e959407d0f70d672273e77839e34b39ae4a07fc12f34277f58a267f16f7164cd495b119b3879eb4

    Download Submit

  • /data/data/com.dayuanbao.yuanbao/files/.jglogs/.jg.rd
    Filesize

    73B

    MD5

    a2aa75984d0b7a9086bf47b13e56d70b

    SHA1

    c9b0ab02e807f619f2c59d68c5420d6ca482d951

    SHA256

    add9e1671a0e5a86d3eed49c0b5bac7f82cf1d18c965cbd435f50e677ac253f9

    SHA512

    d4f99e2a9c7e51fd051d55a7c96772b82e221ac8c541f28d1b0721e378f056966211cfa7cbd8f5a73ebeb07a837d17c348e9dd922c30d5f3cbd77faa1c341261

    Download Submit

  • /data/data/com.dayuanbao.yuanbao/files/.jglogs/.jg.ri
    Filesize

    307B

    MD5

    9dd5cad4dc419466a7be21bdc9b0d80b

    SHA1

    5bfaa31893e0537696395f1ceef2c569e08c12f8

    SHA256

    34717822d3faae58607aabbd88dd6e4237106c61500b84a063ee54a602684250

    SHA512

    8422b4e779b5099db102ef634a813f54042878a50500ccb5da4391818423b4c642a16d7f1536494eb484ffb23dbcd302a1ca1f18597399f01c98946d8a39f5d0

    Download Submit

  • /data/data/com.dayuanbao.yuanbao/files/.jglogs/.jg.ri
    Filesize

    314B

    MD5

    ed601151fe3788cea311af357bdf53d0

    SHA1

    34c1a2ea1883c3f9a9b46a8946bc26f799b03ec7

    SHA256

    e2ae92364890adf378f67b0b8e69ee254523b46519cf308535f5f7809b4dcfbd

    SHA512

    641fba1f951ad58ee5c2f76e01b733c78f59c3fa0eabacaf05cd05bcc8b869860490b4af97ba63527b0b637442d1652c9acf3e30ac8be6f452c458fb8fbab4e1

    Download Submit

  • /data/data/com.dayuanbao.yuanbao/files/.jglogs/.jg.store.report_pid
    Filesize

    32B

    MD5

    eaa9253363e75ff43a2666af0b821f9f

    SHA1

    9ac2f1ad103d329be4ba2ee0b67df2d690467409

    SHA256

    512a7676e79e1cadeaf72251b68c7eee8a87d833bc13a1ad2e94ea19e3dccc34

    SHA512

    497c54620f7ed6aa7834163adfdfc3b1ed47fdbb0964bb0dd9eb1d03ad5daade35f8b251d7c71b4b456c9c92ae9ec164981cda29e202a6ee6d820ba4b3fc6d6b

    Download Submit

  • /data/data/com.dayuanbao.yuanbao/files/.jiagu.lock
    Filesize

    27B

    MD5

    5daa4147a0f333906e575615b85dc825

    SHA1

    c7dded2dc53c91fada0767a91fae95583d5106d2

    SHA256

    8f873a38bbb4422be18739796823c768b2b2c599fa207137bbbff28fb728b955

    SHA512

    8cb2fa66cd0168a0ef5b3fb197a72f4cc176af81835970f3e78934816c86238b97f3e86f97f993f62f124b8f342e73e1b8015964d0eebd4d0783c4a1ebba3175

    Download Submit