Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

9cd713b636...cc.apk

android-9-x86

9cd713b636...cc.apk

android-10-x64

9cd713b636...cc.apk

android-11-x64

Ebpay.apk

android-9-x86

8

Ebpay.apk

android-11-x64

8

Analysis

  • max time kernel
    2886320s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 23:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Ebpay.apk

  • Size

    487KB

  • MD5

    42fb9ef509a7d4def22f9b7b92a804f2

  • SHA1

    5116dbb3418361936bd257fa1672ad71845d599d

  • SHA256

    567851a6ca8d2129b2f87b865eece965214fbe6d150240937515f0b25689ca5a

  • SHA512

    ba7ddb963f98d0a3b3608023220ff1d103a78344a4e291621bc72714583f9e7352cf46d4eb3fe9cb2e4b36152cc081076a90f7849b5d57e07187797b819c0397

  • SSDEEP

    12288:LLVCxawRp5bXa2aVXnz0pZxYZ5Yg+0cvC9uvwpahY9:PXnzl5069GWaW9

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.baidu.android.pay
    1⤵
    • Requests cell location
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4469

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.baidu.android.pay/files/__local_last_session.json
    Filesize

    99B

    MD5

    5b69dfa9fa99bde9ede957ce36e407a0

    SHA1

    adfe3b134aa96938350dcbad0e64ffc294e18e39

    SHA256

    a5ede0fe7ae630bfae8a0ee90684ecc5233671e57a0b2c178a5c0fda38e87a28

    SHA512

    17431a849e08a174f9c04241a55355b2708ad9ce5e4be37f8ffe0a9a52b5bcb1258437a52ccaa067c46dbd9311d2f0b6cfcbe473928e5690a775c27d1eedf088

    Download Submit

  • /data/data/com.baidu.android.pay/files/__local_stat_cache.json
    Filesize

    25B

    MD5

    2d805b13f2f28dc3ca9bbcc000f49bb5

    SHA1

    9eac165b4d81258fd3967cde5cc53b53b1dabcb1

    SHA256

    c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

    SHA512

    5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

    Download Submit

  • /storage/emulated/0/baidu/.cuid
    Filesize

    89B

    MD5

    5b6338def20e000e08424dd4febc8726

    SHA1

    610518f7d18176fd7ec173e03a53efb21a705d48

    SHA256

    cea6f44d5f29fbca5d32a4fcd998aca025a0dfd2c9d820d5e2dee30ac59aa441

    SHA512

    8e64910133ebdb4e727683c389c2afe203cf473bba2cb58c0d525796d5c6b619e109265f2ed79f73e693c1c40dbe3d7b30e84e5c02d3e7f740a619af026df08b

    Download Submit