Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

a1dfd221d8...63.apk

android-9-x86

8

a1dfd221d8...63.apk

android-11-x64

8

Analysis

  • max time kernel
    2896291s
  • max time network
    159s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 23:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a1dfd221d8337c41ce9ca29e2f32c9e766bfb30dc5e676d9333901c11211a663.apk

  • Size

    13.6MB

  • MD5

    a6b95eec72798346cc3bb9e094eb00d8

  • SHA1

    28d54ef98525ca7fa96aaddab1d7c6a502f36b33

  • SHA256

    a1dfd221d8337c41ce9ca29e2f32c9e766bfb30dc5e676d9333901c11211a663

  • SHA512

    a7bea6a7cc043f91a30f3263b131a4beeda8327fd6726809a1a26978ee9aff7ff92c8791bab0fa5b7dc3b15c58a3f06542549b543beca7304d84bed2ade70b65

  • SSDEEP

    393216:Ewf1CMLFFrIMXjTVSqQf3D/T0+bA5cspZ456:pCqX8ulSquzTncM56

Score
8/10
evasion

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Reads information about phone network operator.
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 3 IoCs

Processes

  • com.cyjh.ddyun
    1⤵
    • Requests cell location
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4240
  • com.cyjh.ddyun:download_server
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4265
  • com.cyjh.ddyun:channel
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4685

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.cyjh.ddyun/app_crashrecord/1004
    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

    Download Submit

  • /data/data/com.cyjh.ddyun/app_crashrecord/1004
    Filesize

    512B

    MD5

    4ff9feea07afa1dc503b081c2412bc67

    SHA1

    545d7b874500416cc7e7e705bbdb0881efc4780d

    SHA256

    62dff12a5d06ae611e66a6c54c046f754916d49a5fbcf8245592486e420a895c

    SHA512

    ac38fb0fef05f687c0d060de718034c9566cba35b130d62fa910d518f9eff9fc4060b10a93e0719b6ad2e2f0c9c58a5a5a2f4460b4c6db8f5c1e50861fcb32ce

    Download Submit

  • /data/data/com.cyjh.ddyun/app_crashrecord/1004
    Filesize

    68KB

    MD5

    ee2cec94576bb7a2dd82debcb358b762

    SHA1

    70fba5561db33424581df9bd71926dca2ee825ba

    SHA256

    9a24f02c46971dcc969b60d34cf13c71a5e7bbff5980a9c71f4cbff2732071e1

    SHA512

    766a86e94c55a4b29556fb1065e22cd28cfaf6b7234a30a1ef3ced6ef1c68e8831b3573311a832e0514de2803f423a3cb969d8d0c81a111691f72846dc0567c0

    Download Submit

  • /data/data/com.cyjh.ddyun/app_crashrecord/1004
    Filesize

    28KB

    MD5

    547718627fa5178dbfa81f095aebad28

    SHA1

    e7df27c96880db1c93b7bcb7625eb8e0181a4ac8

    SHA256

    90265da57a63d786e08cd84dd47bb12d1f895b585cfa50bc9b7b269966959e4b

    SHA512

    92935bcb78a97516ebca90dd1cc6a6eb1e8e929ffcbd70e6d037ebf19426e99d9907a29424c967c66cbb3935df159f1e8fc1104d223e727d5e7778fe1e901dfb

    Download Submit

  • /data/data/com.cyjh.ddyun/databases/MessageStore.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.cyjh.ddyun/databases/MessageStore.db-journal
    Filesize

    512B

    MD5

    dfd740d822097ebc9ce786784c276713

    SHA1

    d2ab443c353f6a96be4389f2fb9d92f803088dce

    SHA256

    bb013e7dcecb52ab0ba16be816b1c979ec53d69dca61548c653644c47cfb8c29

    SHA512

    bf53f747a80d10fb8930b0d4ccc5d1d88dc9597e1a130f49369526872a8701490d1671c35fcc6169f4ebd9eb6fef9579a9d1ad04ccc8db26bcc4c03d04de0b6f

    Download Submit

  • /data/data/com.cyjh.ddyun/databases/MessageStore.db-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.cyjh.ddyun/databases/MessageStore.db-wal
    Filesize

    48KB

    MD5

    3b847e60ab422b418368b72ad3b067cf

    SHA1

    b74c723d7607cd3ad8e190a53637153294b28aaf

    SHA256

    b2681db1a400ffd00407d3b80211024bc3b0d7df69110194e742a37c65a31a5c

    SHA512

    07ac5e4f3f52d6ac9809df26e4b20c9d3c4630ea160b89f101cf7a3179814e41c1a96d597a43bae0eb0248243a0970152f87c44191074144deaaa98b2e8379ff

    Download Submit

  • /data/data/com.cyjh.ddyun/databases/MsgLogStore.db-journal
    Filesize

    512B

    MD5

    609ff9fa705956d15052cf124fdded5e

    SHA1

    109cbe0034ac265dd1d8aac2f382e84510b00509

    SHA256

    6f8b061f46355fd5399f7439240a2329670b823c0bac2492e7310be7d83ec699

    SHA512

    0bae9a7edfd9f1b261c03ecb897dc9b54f3d22a2640f46bc2e0cd0c552ddfb054ea0b09dedf8fcd3ac71a6d9e50a3fde041620e193a42a3148fcd85532f263c4

    Download Submit

  • /data/data/com.cyjh.ddyun/databases/MsgLogStore.db-wal
    Filesize

    16KB

    MD5

    efa63f03751ae2b5a2ef352c85381161

    SHA1

    16fe1313ae4902fb632665fa79f4cd302a9f4b19

    SHA256

    897d6fdc49a2feff2e093ed158a69f739184121a50dd03177963e270a7f4dc21

    SHA512

    375d2eb62681c6f9ac0d914cc38f474bee18e75b2a79e2afab893b786ce9485a8525b60922e3846a7ca7f4a6fc7613ce3cc476e84b1d204310c71b583a5bddec

    Download Submit

  • /data/data/com.cyjh.ddyun/databases/accs.db-journal
    Filesize

    512B

    MD5

    7838914262db71e8a365c40d68e36ec2

    SHA1

    cd275bcbf9bb69d152ea151bb04020bf76574649

    SHA256

    75f00c423c4b2b9c586d3c7d657c85b2c1d2be0e960446653637fd9603844e8f

    SHA512

    617ed44f7ce6d0fed6dd0baac07eed0ba188aa4104f57faf1a500b07a3d54c0aa935e04a7b30bf23c627c6914b1e0b2802c312bbb92426fab444cca4325c6578

    Download Submit

  • /data/data/com.cyjh.ddyun/databases/accs.db-wal
    Filesize

    12KB

    MD5

    acd17ffdf7ec7d0c5a8a1a48c5959c15

    SHA1

    a77fcad6bcea003e70db4062494f3964ca45cc39

    SHA256

    85651a89ef9fd8d47ea3e392f5f6e35ad5745abd180b7cbb852c847ec1ab405b

    SHA512

    48eb5fd855b1dcfe1fe0727b6d49b554669609deb4ecca987665d50974dd82cf6de30915c9bdf725d5a4b38b2ebab1a1971e1947ea61f3383f01d47177b70137

    Download Submit

  • /data/data/com.cyjh.ddyun/databases/message_accs_db
    Filesize

    36KB

    MD5

    486e2bac2b3e9e1cb411d2838a4854bd

    SHA1

    81dd0a7537f4af319b830ae834908986be85da8b

    SHA256

    5644a250fa6cef16c2c802b98275656a5fc39dcf89bcc22193742d85c7313f57

    SHA512

    c146789563dae163e373489b3df53f22efebd32b69643992969241eb5ad5eec668de67e7cd2aaf5c3a8af57b0842115d00183825734f57643d3fdb09835fe681

    Download Submit

  • /data/data/com.cyjh.ddyun/databases/message_accs_db-journal
    Filesize

    12KB

    MD5

    e44e2b76f890099bf60bbf64a8a2bb85

    SHA1

    95d45df3c4dd6d9bb04901be992d7436fb68246a

    SHA256

    dcf563bfb4021213349039fde9e7f6dae2792da37f46a761bb6b5f2fed5de3d7

    SHA512

    7a47de461bdc811f36dc9ebb5f7eff87c436e7a0f9acb34e22d29acdfdc1beefcfa2d9d1a991622fbf013a26c529952bfdfec1662f06fb458f2f30cfccde4680

    Download Submit

  • /data/data/com.cyjh.ddyun/databases/message_accs_db-wal
    Filesize

    48KB

    MD5

    ec03174b2f98a608d5008cc0049f1184

    SHA1

    a2a89e018ece697803e97cc9464cfdb3d6094cfe

    SHA256

    98c4c0bb80539e4794f3e034737a0ec05f6bd4aeee8ed0c0568ca7e16aa85367

    SHA512

    b29898a14f48e9d43db8c0ab82c04311c906b9c5e36faf6a10ae480f0b8ced7803f5dff3f0642756f75ea238e193c29f152c68bb2247dba2339b35d8164a2c60

    Download Submit

  • /data/data/com.cyjh.ddyun/files/agoo.pid
    Filesize

    167B

    MD5

    9a81eb1e50ddabb58025eda2f2cacfe4

    SHA1

    7cbcb9b1372aac80fa57c042d37e7ea62d3808cd

    SHA256

    cef9005f864b67e39d5e2e62646b2671f92e511c8c5f85f02889cc2b90c066bf

    SHA512

    1921660f2969bf8446a02c3add33f126977a482f09720c67e7f0add34bf9fc6b09a9e2023460e59f5aca7427dbe4ecf717d20b2fdf79b48295fe7539859ac8b1

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    111B

    MD5

    22eb877b78118e26cd0b6f7f3fabe923

    SHA1

    6fb6479f723a6fab7044287e234b409f2371a1d5

    SHA256

    949d2b8145daa0d143bcf3e9df6c59a29916c24cb2aa434c698e4b39a6e86be1

    SHA512

    86ebeea8ac3092b7daa1e475c59559e61255413ccadc075953b9989c6b0a887028796e2950e4dbd1e1db07812a2c4d83820f1620874c53c45d721472ba4d3b6d

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    512B

    MD5

    9f6f6aeb2b12a7e15229b5f7b7ae84fc

    SHA1

    afe9f4b47e005805fb236339c17a2f6de5c923d2

    SHA256

    e9b7b0a4bdf3027caefe703c521f24b94eb01c1974c706a4e5191f1d09c22721

    SHA512

    d182c0a12c12011ae8cb1600b5418539f9615c9c6f44fa5c566b851127437b63f38a42fe836019142f1b13017542c11be4908f5a46c8156a99fe832d9d653bcb

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    4KB

    MD5

    650049faaea68357c03e2b8d86ab4403

    SHA1

    5104b4744d4b6cb204b70abbce9af55b8f3d28ec

    SHA256

    2723f20a9bda466b8f3bf376fd3a4c48e598228e7c8998c2d98ad22f20b8cedc

    SHA512

    1120e2c25db1b261e677d195f927ba78721f494e36d4dfbc6a144478aaa37494e0a7767aec705bb5724d8d386484646cc1ad2d772ada61228fddcb46f8c805a6

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    111B

    MD5

    9912d3d728fbd14cd03122ee1d152bb5

    SHA1

    b5a6e810f45ab1ced662c66996e7777040ac1ad5

    SHA256

    ec4df912972e7208500f821b1f63acbd9e2b3c01f13f03a8b60df62f2feba4f0

    SHA512

    64e9ed06e8254795e39848fef3381aa68072d2a76c8ccc6a72feb5bb41269489cd3b27cb59abe6d815415e7b95e0b35eb07266b58961ed80ff798ce513623fb1

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    167B

    MD5

    23457349fd3d3e95d1427e3ce7d8d90e

    SHA1

    3c458e2e9c8e99fa85d43b66ae449187f0b46da3

    SHA256

    f09df8a0911aa0371834c6b7009eeec429dbf20638532d13b619238cb783451c

    SHA512

    c41d2b34d25721c66c7ac1dccc0b4d457ec15faf2ed0e1fc76f3b55ddb749c65643509f656553fa7bd2493e8dc4b185fcf1fc7368e21346f6d7f2cbff7645aee

    Download Submit