Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

2d585780d0...85.apk

android-9-x86

7

2d585780d0...85.apk

android-13-x64

1

Analysis

  • max time kernel
    2835068s
  • max time network
    139s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 14:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2d585780d0037ed15ae28108bc462836d2a196394009dda9e4c7610f8576d385.apk

  • Size

    20.0MB

  • MD5

    d69bdec8aab07f9e7fbc14ac8e4cabe6

  • SHA1

    b30612f699dcc1289544b99235feb72948d12b07

  • SHA256

    2d585780d0037ed15ae28108bc462836d2a196394009dda9e4c7610f8576d385

  • SHA512

    bfedb3895a84a46ee2c25a23a8623ea791c70575b2f26d3ebf20035c2d840199a0d518bf34752d7446d25654b5dd3c6034c62530cf27ab3b719ba1c292fa28b5

  • SSDEEP

    393216:pay+Cdu9dJO5IcWRjb7vogC+TWpU7QvzQgDfaqWXmkU6ke6mPgyo8I6b7461wTDt:pvyZlRjbTxvTR7UrwXu6ke6mPXI6bEll

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 5 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.itaoke.mihua
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4225
    • /system/bin/sh -c getprop ro.board.platform
      2⤵
        PID:4255
      • sh -c getprop ro.yunos.version
        2⤵
          PID:4275
        • getprop ro.board.platform
          2⤵
            PID:4255
          • getprop ro.yunos.version
            2⤵
              PID:4275
            • /system/bin/sh -c type su
              2⤵
                PID:4307
              • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.itaoke.mihua/mix.dex --output-vdex-fd=49 --oat-fd=52 --oat-location=/data/data/com.itaoke.mihua/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
                2⤵
                • Loads dropped Dex/Jar
                PID:4326

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.itaoke.mihua/app_SGLib/libsgmainso-5.1.81.so.tmp
              Filesize

              591KB

              MD5

              c85e8919765cc22095d1b8e40601e34d

              SHA1

              22d48933b9f30a028cf4c9d993f59c767f9e8e35

              SHA256

              f4ab50b1188cc9913c106f1f661162cb7db90aa288a90fa6bb41c5938b6afa8e

              SHA512

              6715ed9290b868a5733f6c6001e9de1375a381b5f61552fc0adfd825c72977cbd34a347f7fecad8cbc798af7b5ef59f4a23bbe6fedb714e4dda65a1e5921c08e

              Download Submit

            • /data/data/com.itaoke.mihua/app_crashrecord/1004
              Filesize

              224B

              MD5

              1fb1e1bd68f3cd31a1d1c1bb28632974

              SHA1

              869e001b4d3b1562bd4cef48727d2031f95fce78

              SHA256

              e92d06992fb8a6dcb84e9b12e27770cc4679c6df79f64aac6eccf1ac1819db9f

              SHA512

              250ce7826c48652d6517ebfffd000677f7256d3901e27ae3c0f90afd2c93e3ae76966db571f2afab841cea29792938cff069c0d160e41268161d59c84a9b8935

              Download Submit

            • /data/data/com.itaoke.mihua/app_crashrecord/1004
              Filesize

              58B

              MD5

              0d210bfb2a0e1f1b4c082a6a0f79de07

              SHA1

              bb8ed9e364db79d1d9f2fcde3f15091893222faa

              SHA256

              988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

              SHA512

              536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

              Download Submit

            • /data/data/com.itaoke.mihua/databases/bugly_db_-journal
              Filesize

              512B

              MD5

              5139892dc2285198b8dbfd75bc9e5639

              SHA1

              a6509c806b13101be6b7447d2325b37de203f043

              SHA256

              2df4fc80ea226ee15a5a483a98176a74ad458bed280e0353733e93ad55725971

              SHA512

              02c0039b8961e8f49596b4ca61cab7ec560dbf4c02859675caa9cfb0cd42f67fd467aeacfaef7d76da1f0296cb47c72c8f3d31fd53b53f2c786932f94798cff7

              Download Submit

            • /data/data/com.itaoke.mihua/databases/bugly_db_-wal
              Filesize

              68KB

              MD5

              31078c3a655fba69eba4f9dc394424fc

              SHA1

              05bb0dad35216fb2722223a0b371fcb3263d5cf2

              SHA256

              441c0b1206acfc5271a26ee5e77a1694216ef8dcf588f4d3ddc4e5a37f61eb47

              SHA512

              cd6816756044af3ebc31edd942454319c4f98603549d40e632852537ae4cd8eee8fc3098bb5bc0b99de313664c895db8163059347380e90e944753470e022b06

              Download Submit

            • /data/data/com.itaoke.mihua/databases/bugly_db_legu
              Filesize

              4KB

              MD5

              f2b4b0190b9f384ca885f0c8c9b14700

              SHA1

              934ff2646757b5b6e7f20f6a0aa76c7f995d9361

              SHA256

              0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

              SHA512

              ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

              Download Submit

            • /data/data/com.itaoke.mihua/databases/bugly_db_legu-journal
              Filesize

              512B

              MD5

              68af199a8c9bb117e1db11c39ea45d85

              SHA1

              d71a3359d9fa12fa4fd1fd5f607fd6fdf06c841f

              SHA256

              d945008772231fb2034f7956d1ffbefcd3222e30d45f33411b2cf35e5da636c1

              SHA512

              4e23335fcba0dbdfb29c3a3ba5815518fb8284db4f15169aaa107e230ddd86f57767035f3782634e21bc73080f52a7d8422cc69adab8a11416b293769cc043b7

              Download Submit

            • /data/data/com.itaoke.mihua/databases/bugly_db_legu-wal
              Filesize

              16KB

              MD5

              da2b38c3fd12a77f7ec1d97dfcc53772

              SHA1

              10114b2e3a120118830e9426d9858217e6e4c4ec

              SHA256

              8cf120e6f12916750ae0351fa3ad013153f640794fe7560e9cf9963421520daf

              SHA512

              5b4d550120abf110029aef9d1b38324e896f693778225863100de5e1d8482dd562ec776bdb2acf48701af626b924460365f685b1f1410bdc1a3927cd740136b4

              Download Submit

            • /data/data/com.itaoke.mihua/mix.dex
              Filesize

              292B

              MD5

              63f77f99bd2c2b772a479923bde11974

              SHA1

              c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

              SHA256

              4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

              SHA512

              3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

              Download Submit

            • /storage/emulated/0/.DataStorage/ContextData.xml
              Filesize

              111B

              MD5

              a89160664f919970594d114935e7692f

              SHA1

              3cf9ba92db68db90625700a65e191a1f0efd9515

              SHA256

              f1411cdb572c0ba1f64247e53fd12c2b9ebc4102413dacae18781cf9ca5b62fe

              SHA512

              a55bfe6d795d78e0f13726ebc569e6d4af68a5b12bca2338883c322c1e366b0d43b1dd438d809bbaa4b47388dcfa43d90d485e5fc4c1d889eed3152fe29aa64c

              Download Submit

            • /storage/emulated/0/.DataStorage/ContextData.xml
              Filesize

              213B

              MD5

              506193981b9d4c9b7b502a7954f8b01e

              SHA1

              2572595489f782fd6dc18b85a3d31fa0afa008cc

              SHA256

              a0c7aba29cedfa53cb6155c640082505f57183bfd2e237afea2768e1c70a16a6

              SHA512

              fdf3ee176ee1b68ab53f191c669b499d9bd062997dbc88786dc3a993792c142510b40c8880784338fdcf32c403ea65812bb812300d17b4c77ff491363094f0a1

              Download Submit

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
              Filesize

              65B

              MD5

              9781ca003f10f8d0c9c1945b63fdca7f

              SHA1

              4156cf5dc8d71dbab734d25e5e1598b37a5456f4

              SHA256

              3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

              SHA512

              25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

              Download Submit

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
              Filesize

              111B

              MD5

              0d9e356567cf6b94a4023def9efd9fc0

              SHA1

              2223de2d839d7754c0682a80ef860af108ef8d94

              SHA256

              e16c83c732837eb0a8d470bee92a9c561794ec14df36c614ab5914ba6615de24

              SHA512

              64239f367bce975699c4cf4184f3ad60369de4294a8fda9e8d0e5234b989db3356b9dc7fadd4c8129381c562dccee680af9f2f3f3301758baee9137f0f3b9a0b

              Download Submit

            • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
              Filesize

              167B

              MD5

              bd515effacb655a193affad189213fe3

              SHA1

              150882118da944b8878091000db3e483d2fee1f9

              SHA256

              44c12cdfe6dbe51f71e65fe3a670a162e5cc9f4bcad9360a01b4f3b3960c1f97

              SHA512

              620f73290b09c43d7dd5241254818c55d01283914b2c055fab172c48c114747b4edd9f34c5fe6d99350c2dd9e0c88c4b3d240ecaf53599d27a2b26ee3f65da6b

              Download Submit