Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

4b697e5d80...99.apk

android-9-x86

6

Analysis

  • max time kernel
    2557470s
  • max time network
    159s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 16:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4b697e5d804088464ebf32c97578fe40293730bbdc239fccdc2e7a6bf8bdca99.apk

  • Size

    19.7MB

  • MD5

    3d49d97b850c0670383d7a5e220d0eca

  • SHA1

    aa3b9365b2ef7643bc63085af74b072eb0006795

  • SHA256

    4b697e5d804088464ebf32c97578fe40293730bbdc239fccdc2e7a6bf8bdca99

  • SHA512

    5420a92ec59c44c00ba01fe9953babd08f1529320f5035b5170d385b8979678efa68f283fa3f966052376bf57466c7e80de803f59b0ee3e69be6ece86c3f3214

  • SSDEEP

    393216:JLPZvnLR4V89Q3YfbBHbPRR9lSTMIOTAxQHmNBGyX/qOJVT1H:dlnLRa890cNHbPRR98TWTAx+mN/X/hTl

Score
6/10

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.hongfu.hr
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4484
    • cat /sys/class/net/wlan0/address
      2⤵
        PID:4534
      • cat /sys/class/net/wlan0/address
        2⤵
          PID:4620
        • cat /sys/class/net/wlan0/address
          2⤵
            PID:4649

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.hongfu.hr/databases/ThrowalbeLog.db-journal
          Filesize

          512B

          MD5

          c470e26ebe939c4c184e080081c6d92b

          SHA1

          3f2a8d39b696929eaafe108f4f5e39bac39b534e

          SHA256

          bf24ecd0b25573fd9e7a59f7f61fd2ba34fbd9deac5fea0b0ee7f9ebb1dd7ce6

          SHA512

          179056d0e295750533748d0d16411c60c94387b6acea5a044b5d9dee175f1aa557074da034d079abc88447d2dc403e5321744cfbd491812a80001f9e843b45d0

          Download Submit

        • /data/data/com.hongfu.hr/databases/ThrowalbeLog.db-wal
          Filesize

          32KB

          MD5

          12d28700399ee34aecd41ed8b9b83d5b

          SHA1

          9fba6855000a877a55df337c671e734378e1785f

          SHA256

          b5bd087449c333df8b667b5bf8fef173712863a5b4e799bc772d42a01e7d2342

          SHA512

          0932a08d4d0e60bd650d6546d5e4336b92cdfd24885467220c8f3f96cb6b2020656b7bd6e07914af84d4470f0c3589aa0310372d159c4ede783780df711ad905

          Download Submit

        • /data/data/com.hongfu.hr/databases/mydb.db
          Filesize

          4KB

          MD5

          f2b4b0190b9f384ca885f0c8c9b14700

          SHA1

          934ff2646757b5b6e7f20f6a0aa76c7f995d9361

          SHA256

          0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

          SHA512

          ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

          Download Submit

        • /data/data/com.hongfu.hr/databases/mydb.db-journal
          Filesize

          512B

          MD5

          5781e5912a2f3fa56e40a2a591b62411

          SHA1

          9b1c0c6ae106e8ed4d6baa9f73cbfc531d079ce5

          SHA256

          8a72dba98953872b1a6e139f39798e73372b2e8bc88f4f7aca7186a48b4030c2

          SHA512

          fd199d7631192291889260cbe3096f1577ecd5d17613889488b6e18eefa156bfafeb9cbb52f40640e20fba6c9a1aa5a200851056190360981e8d6d7b8682f98a

          Download Submit

        • /data/data/com.hongfu.hr/databases/mydb.db-shm
          Filesize

          28KB

          MD5

          cf845a781c107ec1346e849c9dd1b7e8

          SHA1

          b44ccc7f7d519352422e59ee8b0bdbac881768a7

          SHA256

          18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

          SHA512

          4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

          Download Submit

        • /data/data/com.hongfu.hr/databases/mydb.db-wal
          Filesize

          32KB

          MD5

          72955cf4d538bde8945b20fffda396db

          SHA1

          ef67c45498b8bbb26ef644525bbf3756f2b3bf8a

          SHA256

          28eb9c35e9f1c733d25d9862ddbb0d4baecc74e5623f200c5a26d9e92fbefa56

          SHA512

          e7d1b363c393ee498b35cedd143ad9ecf3f0c3cb1ad144b16cf06aefb4bd0c117ebc00c855e22c4c692487a53fa975f0c74314d9b21531959cac716f1a7bbe9b

          Download Submit

        • /data/data/com.hongfu.hr/files/config.json
          Filesize

          34B

          MD5

          1e8bc430f11e600efad13c97afea0fd9

          SHA1

          814328f757a4680453933fbe3f2e98285364b316

          SHA256

          29e349aeb66b3aed4eea01f1f9ae229bdbe986a65ede809f5586ede89fde905e

          SHA512

          c3e91afaf5a7a17048c1e8aeecaba74719e3b5681e5ea4dd17526c7d90eefacd3fa1875d78e4e11c44e6383930751e66a17e5332f2162af58da5365c013323a4

          Download Submit

        • /data/data/com.hongfu.hr/files/jpush_stat_cache.json
          Filesize

          133B

          MD5

          b73f9d481a5eb5b414d2ab5783e1a066

          SHA1

          0e91c4d88bd555b2245d8ac2a54110ad455a1883

          SHA256

          c0c8d1c9309c41faf17e2bc73480b1e46f6164f3b8eeda8f08782e788d59ae5a

          SHA512

          8a86af41f749200c481f9c4fcd88d68d7f9439f4b1cafb0c2ba08f7bfe64108e802050e9cef5a2fd8147e562303a4a12986540fb0eeb1caad68cd5a840ed5671

          Download Submit

        • /storage/emulated/0/Android/data/com.hongfu.hr/1164161224115523#chat/core_log/easemob.log
          Filesize

          501B

          MD5

          acbdf8ac2ac0e0bc6329b47063f83656

          SHA1

          e64055c28b809859c6efdd46c0ad355441467b32

          SHA256

          287291b3879337de4f178e534afa11cd370bc6300e9e2f60b27dd86cc3caa254

          SHA512

          df024666d9f529c679a29eb8a86ab999f5f632cd86eef01911d105a09d2c1e9f0c7184b829a07be4daacfa97ebcd6ee609e163aec1ee02a116f894ad348f10af

          Download Submit

        • /storage/emulated/0/Mob/comm/dbs/.duid
          Filesize

          496B

          MD5

          cf824cb0ee755e83ecf263ba371d7c3e

          SHA1

          63ccdb3b38a93dc1cde93ec995ac127cc1df6562

          SHA256

          03502b597dda22d926cea16b0e6c9644f552104b012e11333073284f051e4c0a

          SHA512

          b78a76ab944815bbbd2ca4833cb7b9330a6b99fd3183dd87e649b3a5202b1929898bbf9759d58d07ef3f4db952b5537944179c9247b55fba699a8383062ee57e

          Download Submit