Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

37bd4c5f74...ea.apk

android-9-x86

8

Analysis

  • max time kernel
    2868129s
  • max time network
    158s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 14:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    37bd4c5f7454e1db3aa3643229e73cd4388a87b46e465f6d39cb5ea43ed1beea.apk

  • Size

    8.8MB

  • MD5

    de9d027f02c728e9fed03b292574e512

  • SHA1

    fa9f8e36f00e2fc96fa178bbf17729da34bb7246

  • SHA256

    37bd4c5f7454e1db3aa3643229e73cd4388a87b46e465f6d39cb5ea43ed1beea

  • SHA512

    83c6ce22085beba3fa4832d72a2816698dbb95bc1a7bdf7f87140590819842e1ec411de2c2b643bd864cd24ae2e2edf53d036b754289df71e1149821616c71a1

  • SSDEEP

    196608:WTogtznaRCpKYMZY+FmlAaPAL3vTiC0R+e:CdzaRCppQoAvTbe

Score
8/10
bankerevasion

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs
    banker
  • Requests cell location 2 IoCs

    Uses Android APIs to to get current cell information.

  • Reads information about phone network operator.
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • com.quexiongapp.quexiong
    1⤵
    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
    • Requests cell location
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4244
  • com.quexiongapp.quexiong:remote
    1⤵
    • Requests cell location
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4285

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.quexiongapp.quexiong/files/libcuid.so
    Filesize

    129B

    MD5

    3cbd01fba8c2219c865dc3c4b033c94a

    SHA1

    8ef31e92ff13bd227e302ae62d50008961f43f0d

    SHA256

    6b8215438bf09fc4276be4646cfa100678d9f008690e5c686b4c3b191efa0132

    SHA512

    0c750e1a34ad6e8fabdeb83d2bfa45cb157efeb60ac57e7487bd64120b8a215a9481d949f8ca5325599cfedf21a718b8c595314bcada4e9a1a0bc2a599478265

    Download Submit

  • /data/data/com.quexiongapp.quexiong/files/lldt/hst.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.quexiongapp.quexiong/files/lldt/hst.db-journal
    Filesize

    512B

    MD5

    c255ee0e85c4dbd7d239626a11c8b704

    SHA1

    55530d9fdef31612dae923fff0332da7a5aaabfb

    SHA256

    92e945332aeb5fa3a91bc4aef093bbfcb4aa267af27b99d87f4d425fa7bc9bf3

    SHA512

    ac9859dc3ae597a8ef96a78df39ac7dde518f29f69c5dbf3e679b306a347f0782a4dba6335ca7202bfe2e470ed00caf0d21f29aa5c9ad26e0d07d47db41af465

    Download Submit

  • /data/data/com.quexiongapp.quexiong/files/lldt/hst.db-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.quexiongapp.quexiong/files/lldt/hst.db-wal
    Filesize

    36KB

    MD5

    0c0a81b7e236e8f1814cc1141001a2bb

    SHA1

    e7e2bf4c9c15ab8c28faf5629ffaebf23c8405f3

    SHA256

    85f17aa18f5d24e8395fecdf72c6ce0be20e204aec0475d5708bb2bb34f675a5

    SHA512

    1836d6adb568532c5a7eb55c539f7d9c5068d77ff742524112cb6010e6cef776c32e7c91519f8dfdfde13eff5619cb61bbf58519b3af0efe6dffcfcc8b721bbd

    Download Submit

  • /storage/emulated/0/backups/.SystemConfig/.cuid
    Filesize

    89B

    MD5

    9bc3484202b733e0d5b8b8fc7fd1f5a6

    SHA1

    8b7bde1752785cac0c155df44d269999a3aad10c

    SHA256

    18b2a5db96c45a269fdec71d2b2bcbf8b1fdf958a32eaa4a1c8a06758c64aea2

    SHA512

    3a8b885a335e8b5ed8ce6d02a86d5d55c9d286647462a37e6c32118514cd9abe1804612b6101d5593946d062f508b1a24c8a44f147236764bd6679c4ac17faf1

    Download Submit

  • /storage/emulated/0/baidu/tempdata/lcvif.dat
    Filesize

    96B

    MD5

    45c84fb674343b83d5096e245237b101

    SHA1

    41a10d3c5f2b751e13f66d8d99a58c0d2c2f193b

    SHA256

    e4a33b695e3c5d0ab4ec1fd48cf7a5849af20e4ee8517f8ee877b64a45893931

    SHA512

    d202b7210317c992efac71fd9da9e9618c1164acdcfa37e454c871449a25c846609c21572ff9955fbdfc038166aaeb14aa0352288afac722ed447c6173a96854

    Download Submit

  • /storage/emulated/0/baidu/tempdata/lcvif.dat
    Filesize

    96B

    MD5

    a59491dac8ecfd0a718239f444e22948

    SHA1

    2986b3bdbc0f0f9449a0c2baee023cd810f451dc

    SHA256

    f53d9368b4a19302da6983d9dc6b73310e85faac3b5d6f5019600fcccc1aa088

    SHA512

    5ad0fbdebe036894575fff6eba97f25d9cf0f5718bba978fd68c643836901037712670018eb2ff1c4fc0a98d2238fb3f7d2019af29fe539757852a0696b48614

    Download Submit

  • /storage/emulated/0/baidu/tempdata/yoh.dat
    Filesize

    24B

    MD5

    a936690571e9104e1922dda4a0ba5bd1

    SHA1

    65f49c57edde2f96be2a1dbdfc3f7351f1e66554

    SHA256

    f0f5049c51879dd7da0ce4a43349b5b34ce053d072a0ca704f62cf22ba4a8412

    SHA512

    3be1c3693963aebdfc04e86b1c820ee0ec3cf0b200e6a4788ef1141f39fd6c2f77f4227247ae4affa66c0a6c027df8466cc0dcec1e67ebfb953e36bee97de394

    Download Submit

  • /storage/emulated/0/baidu/tempdata/yoh.dat
    Filesize

    24B

    MD5

    1681ffc6e046c7af98c9e6c232a3fe0a

    SHA1

    d3399b7262fb56cb9ed053d68db9291c410839c4

    SHA256

    9d908ecfb6b256def8b49a7c504e6c889c4b0e41fe6ce3e01863dd7b61a20aa0

    SHA512

    11bb994b5d2eab48b18667c7d8943e82c9011cb1d974304b8f2b6247a7e6b7f55ca2f7c62893644c3728d17dafd74ae3ba46271cf6287bb9e751c779a26fefc5

    Download Submit

  • /storage/emulated/0/data/.push_deviceid
    Filesize

    32B

    MD5

    666fda537da811d42d836a6b3c1dd74e

    SHA1

    c74af23fb0b988c53017c460d1ec76e1b55a36fc

    SHA256

    6f4d327b2c1033ecf45b24278741e34b789511a6f2d782ce3f71c1efb0008ad2

    SHA512

    3138521fac1fe2cc08697f88172068867193f5a8410a329eddbe5a1690bee88198f8c62121bb9cc646170382eb342b6b38790e2e4cdf40c2c503935d9309f00d

    Download Submit