Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

11c565f4dd...18.apk

 

11c565f4dd...18.apk

android-10-x64

7

gdtadv2.apk

 

Analysis

  • max time kernel
    2872842s
  • max time network
    164s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    23/12/2023, 12:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    11c565f4ddce6d93703096ce4e184b96937c9491647a8879a8f0e9d834e82618.apk

  • Size

    2.7MB

  • MD5

    24a35b7ea9ec6a73c6ef5eb5acb628ba

  • SHA1

    ca3b831da2da163bd9ae88d154001ff24417e88c

  • SHA256

    11c565f4ddce6d93703096ce4e184b96937c9491647a8879a8f0e9d834e82618

  • SHA512

    9244a9a2350e0b1814b27f3491ec4db657aff689d065ccdfb004a8b04bbe0057fe5efa78ee09a4862822e205603291848c18b358dd9e9ef8644d1a840d6783cb

  • SSDEEP

    49152:Ont0r/NY7FTKxu9x0R7gPKLUdW6yzuSDuOiZ0DknTzzvDtHJ4jpvc5plo2E0:bNyTau9+FzI43TViCCxJKpvclC0

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • igudi.com.ergushi
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4983

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/igudi.com.ergushi/app_e_qq_com_plugin/gdt_plugin.jar
    Filesize

    393KB

    MD5

    0d546943943234cbe0a8b132c4d65bca

    SHA1

    11c36b9ad64cd3925c449e9a794a3613abf33c4a

    SHA256

    9597de7943e30d0ed1d6a128b18111585ce0dd36af66502638d57b470fbbb6f3

    SHA512

    096f35cc60239a9412651f9b0607e30ef57c3fa0628904b5a450b08c71534323cc66b8d506c19da8fef9d19dd8f0888b19b7efce66463becfaca5fbef1ddc4b1

    Download Submit

  • /data/data/igudi.com.ergushi/app_e_qq_com_plugin/gdt_plugin.jar.sig
    Filesize

    180B

    MD5

    72a35623a7ec98c621abb05ef1ed45c7

    SHA1

    90d548ed43b4acebfec22fc7e8c86ec6c47ab046

    SHA256

    9bb6aa039d8d357c21d7357782f47bf9871619c77fa8e524a93be24e3051ada9

    SHA512

    f8aa202e2d0008282f224165aa6825204e9516121fbdf607d79c56860485a2d1f2598792b35c98e29e873262170ca772f91ffe5c7ba65b288d3550918a3d3e16

    Download Submit

  • /data/data/igudi.com.ergushi/app_e_qq_com_plugin/update_lc
    Filesize

    4B

    MD5

    dce7c4174ce9323904a934a486c41288

    SHA1

    e117797422d35ce52f036963c7e9603e9955b5c7

    SHA256

    0c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f

    SHA512

    d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143

    Download Submit

  • /data/data/igudi.com.ergushi/databases/cc/cc.db
    Filesize

    28KB

    MD5

    096a7b548e6526ebdac908545f457551

    SHA1

    951e2d617611cb4e24f826c89b904b46bc4d276e

    SHA256

    a7b7de98c2df853f097b4515e03f3ad376896da406ab0c31a04bca206edb657c

    SHA512

    7e86b3db26e0ca113f40c9f39f45773fcc5be4a53336d7d47be10b6f5e328fe50a405cd78d42006227d5269e2d7d6489b35b0223c0aeb0f73e35935e34ae330a

    Download Submit

  • /data/data/igudi.com.ergushi/databases/cc/cc.db
    Filesize

    12KB

    MD5

    ea628e04765adaf4238a5dcdff4bbd51

    SHA1

    a801947619ea8c368efe9c006a324dc6339ac60b

    SHA256

    885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

    SHA512

    c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

    Download Submit

  • /data/data/igudi.com.ergushi/databases/cc/cc.db-journal
    Filesize

    8KB

    MD5

    8625abc74c78318fdda215a112272fd4

    SHA1

    09c906c28da984b5c16a39d4cfb25dd579a7b389

    SHA256

    51aa5911954692809d82df2a0b87a96e8a83682913900cd4d38666e3b8a10a23

    SHA512

    4aedf240f088ce657190452b8560280ef1a053ea066bc5d60781f3958ddcca5a84635da380f67636225adb6d9ab1f0648abeab36994656aa036af7876c081000

    Download Submit

  • /data/data/igudi.com.ergushi/databases/cc/cc.db-journal
    Filesize

    8KB

    MD5

    4ea94e36b2e882e4753243fe9c8e117c

    SHA1

    94566b3488c528d8a915fcf56a792653dbc37be8

    SHA256

    a27ba47e8350f3d619b4c1e9ae341459e5e7daa62920f93bd2f729b34479bde9

    SHA512

    ffb9bffbe4c0a591b68f7d75165fad7c2d54c7fb19406a292d76bb9cb3c604703ee86d7d1b4f739bb83be4061dee777c834058094dd3fe173de4d05c690a2376

    Download Submit

  • /data/data/igudi.com.ergushi/databases/cc/cc.db-journal
    Filesize

    12KB

    MD5

    3d5ef4f96c4bb4e2f73709fd79b2cece

    SHA1

    7373618fcbd258be14ef36aad66329c0c440f89c

    SHA256

    d267f02fbc04398c9de3008150294fa199900678852a031cb03618e8ed4ce63e

    SHA512

    ff176b5608b831eef4399d94d9a5753036bc6e64988ef0381745a0d5a3762d17f2d8c0a3ea561add93a9e116976162895bebea4d80ebca75d04990ed6ac05b4c

    Download Submit

  • /data/data/igudi.com.ergushi/databases/cc/cc.db-journal
    Filesize

    512B

    MD5

    9c1699681d1e112ea0945eb86c15b9ad

    SHA1

    34b5ce16699ac5b800dc143ecc3415ea749891b9

    SHA256

    f01fc99410b1168732a56049c5224a7c365e42bfe5118381587da2bea06a2b4b

    SHA512

    7aa8fb54094798d2d0ec0b5bda400f6229a3153ef9edb5614f7cadc4f62345cd9b2a56557fa73d53a3bd85b685cd3c4a85cfa2abf78388dbfa263dc59ad527cc

    Download Submit

  • /data/data/igudi.com.ergushi/databases/cc/cc.db-journal
    Filesize

    8KB

    MD5

    c0050937d1f140974d2eecb2ad0b9600

    SHA1

    64013a84077ce734c3259ae5b932088398c813d5

    SHA256

    e9e6f76a78408a63d88bebc190c5e3ddda6e456e482fa0f60903a12efce29355

    SHA512

    69a8dfe0c917755ed6f8916fa0215ce354a7a1527aa63f63ee3d4960e41e20634f4c657dbd3c8d30582b5ba6011fdfd1bedc27263440a7b3e6c8fe5f148c750b

    Download Submit

  • /data/data/igudi.com.ergushi/databases/cc/cc.db-journal
    Filesize

    8KB

    MD5

    a1dce532b2c397be18e93a48e8398d7f

    SHA1

    7ae85507ee03feaba17e46a8a93657bf95c88b12

    SHA256

    e449e1c602dfb7f6d970feddf7c3b9f8b4f91b71da714a31bc4852cfc91261e0

    SHA512

    dab226403d8394776d5de05b681fa39500af38c980f3f24273e2ac42262d5e2df444e3dc79173e4078fd4967e3ad766ebead796bcc07da5ca805f6934acec792

    Download Submit

  • /data/data/igudi.com.ergushi/files/.um/um_cache_1703679892038.env
    Filesize

    1KB

    MD5

    7eb2e18d356dbfbdcaddc6c6e0931c0c

    SHA1

    d7e5ea26d1c4e5ceb45d797f0e5a9a281205f702

    SHA256

    9701cb6d8aba960bb893b30cd65ee3b1049d785155fc061ccf8d2d4e4edf4441

    SHA512

    936441ea0f377962fdad8ab3f8890272730945a0059e395c2957ce7adb04edde0065aa5ee447ffa63eacdd7c433df068443ef0848ab7c511b5e77f13b1eb2994

    Download Submit

  • /data/data/igudi.com.ergushi/files/.umeng/exchangeIdentity.json
    Filesize

    162B

    MD5

    b146a4cebe54c98c225260fba2680be2

    SHA1

    d87339c380878704e05e9858f7ca44be50059d7b

    SHA256

    abddbc7e8845c7295a234a6af8c46d9af414024f7cb50c506d79019719d91d45

    SHA512

    23ad9ec042e4d8872481cdf2b5f925f46ce1e9920bfc3e9aecc227f3e0c1f499504e2c7cb63ceececcf6de280f778315934314fb337e64e5b591fff7e7d10363

    Download Submit

  • /data/data/igudi.com.ergushi/files/exid.dat
    Filesize

    52B

    MD5

    49e698a0586491ba1f589434217caff1

    SHA1

    33b7c188bd512213d7052740bcc889fd4280af75

    SHA256

    e1641adafbea44d7769012049cdd1d7ea736f5fa0b1bd54a6077cf133e6f2d5f

    SHA512

    9c76bd649799d7dccb3a5663f32c9ada691f5ca1ecbf4684fbb9909096cf4acb5557fa042c247482832ce6742623e68fbc5bc016406d5d212611ca0737be8385

    Download Submit

  • /data/data/igudi.com.ergushi/files/umeng_it.cache
    Filesize

    435B

    MD5

    85c544f236f94b95cd38ee64bf8677b4

    SHA1

    6fba2ef55c76f2e9df467dfcdfb03723adcdfe62

    SHA256

    f654c80c6c071b907fa9d37f889943fdfaee111d3f26a9c0d165af0979c98d35

    SHA512

    5ea631910ce5d6cbb74221e412dd3883475cb719ad45b1fccd50a118ff9d6241515c9c92f99b31bc1b524a629ba82e6cbadd2233a087e0e14b31f701300c2578

    Download Submit

  • /data/user/0/igudi.com.ergushi/app_e_qq_com_plugin/gdt_plugin.jar
    Filesize

    668KB

    MD5

    a6844e579b8045545bff5734f4d5efb9

    SHA1

    107d7370e50965edcea0dc76a18295725b8753bd

    SHA256

    63f00b1eb4717724421886628e1e1d86256d4d1a4f0384c1aa7e8c9074bd78f6

    SHA512

    adb3dd66588423d90fc4d997d5b30c220527f5a68507c416345672ee8ec230943dac8a5d95f37fff523f2e930691c6f689a5e10ee7e4a2f7c750645cefcbf846

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    111B

    MD5

    97fbf84677256d8a05e9dfa60913b2f3

    SHA1

    c03410f971a8b6dc52a81029d434906a30412860

    SHA256

    59224368ab603faaa1bc9916863c882ffafe1840f53e11b30956eb940b89fe5a

    SHA512

    ba8104817a669f85a359362399ec08e8091d1d2eb1e0adf976ec95a80376f79cec6fefafd9a5bdbf725030299972d5081d93ce86456c9088fd690a9a768e297e

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    111B

    MD5

    2531b3c61593fa0def9c6357a4987af7

    SHA1

    a44fb49b112b053e8e05797192105ff365a415d9

    SHA256

    55f52926a2ae14e26eeef2db17d0f4a601780834aea16f63b44e91b5816ed025

    SHA512

    0ddef72fafb87b5f89d590deec394140d64cd592942b568f5189f9805a8e852df1ded65b981c9130919dc4126bf0de1c9c38d1164c0b2dc1e8f44132a8752c58

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    408B

    MD5

    f689b97bd62618e86b2cde3d00ddb0e7

    SHA1

    0167b9230d67c6ac1170d66e125ca0f710e86afe

    SHA256

    5a3b08213838639b6adc1c853b51f51a73a845007bb64f664199a46e438e3c49

    SHA512

    dd5a5dd21d7779b6c64c75e268d611c3effbfe05f62ce406a16bb5c0e25828ea8aec5cc35062a5ec6ec085ad1e37f651b4b6d72ea36d0aa83500172afeef6789

    Download Submit