Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

54a2cecbcc...4b.apk

android-9-x86

7

54a2cecbcc...4b.apk

android-11-x64

7

gdtadv2.apk

android-9-x86

Analysis

  • max time kernel
    2572159s
  • max time network
    130s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    23/12/2023, 17:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    54a2cecbcc5f5a4a53093c34662d5c9f2b2e0bd865df56755ec750a6d8de724b.apk

  • Size

    12.9MB

  • MD5

    62732f6db5aa874061dc9977cd62e790

  • SHA1

    6b138f091562c0a07da5e240d3f749ef4b208b4b

  • SHA256

    54a2cecbcc5f5a4a53093c34662d5c9f2b2e0bd865df56755ec750a6d8de724b

  • SHA512

    251f3c31c83ac37c0119e449d5819da023231bb6bea9d9607a1bbdd05664a2e373b7b92213cdf338a5288501b9e45cf98239ebdfcfe5cf8b1c662a49d8ffd272

  • SSDEEP

    196608:SMGPU6IxYZ53u33Ajuh8Zl0DAsMy7WRBSHD9/434QkFyUUzaRRFytWvvKr:/GJZ53uHAqh00D4y7WqHJw3zpzoTy06r

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.lushi.zhuanbao
    1⤵
    • Loads dropped Dex/Jar
    PID:4481

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ac
    Filesize

    32B

    MD5

    b9c64f04129ffc89111b5e5d879dc0d3

    SHA1

    7fd48d28f8720e82108283d95d14b277731825a1

    SHA256

    9261dcf52bcb9f2c8cbeebdb93f6f6d1ccecf1da6a5600d06afd3c78003ad89f

    SHA512

    1c3c28f3939fdfb3a06729c5d9d77f1c7a58b8850abbdbf89ac2eaedebcccbef5db1804ac07ad56224f9e060b2f2eb7e90bf7b450b89bd4bfa939646237ec9e4

    Download Submit

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ic
    Filesize

    32B

    MD5

    c45c23630cfcf468ad03b4e9877aa5f2

    SHA1

    cf30d569f48cdca48b50e4081915ea9fb9afe1a5

    SHA256

    db2142b77a6511c1f110f2e65c5b13e8456309d106e33b99ad7a7e3eb2f9fdc6

    SHA512

    a17cb02f69eb27f0ff3215380b398f8f16c8f3ea9fb787a5004ab6fcd0263fcf819f8e8fb19e8d529fcadc57b190f0191ff1c3ae4da5ed03316c29a5bc63dee2

    Download Submit

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.rd
    Filesize

    32B

    MD5

    1d2ea4b5d937561a94a9a3a39976081a

    SHA1

    6e745905dd297b4ac6b2d423777e84cba406bfa9

    SHA256

    472d7e167a6f26d7223a7ff84053df9b1d083484ba1299223551bccb31ad7537

    SHA512

    109deed33298ff01e28dc7d44c04eca3dfbc94c1a7ed034920c60be4ab543f501485f65e9a963857b3480cb85191ca6714a8c94c5f7a619733f9e1e1e99fb224

    Download Submit

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ri
    Filesize

    307B

    MD5

    8d3a12ec5dc7b2ed504bac9c326784ec

    SHA1

    19824438d7f3d8dbde20fec471f0e6f8f83d8289

    SHA256

    1fc7a670547af15ae3a5233dbb2d7d55ed3c86b1bcb12b20611e7f31863ba073

    SHA512

    61247cdff0039e849f1edb26a7302abe543dc84bf1d63f539ea15e789558eef407bbe6250eca4f05187241a647526cda55c83e7589417ae8029c5c9fd98863c8

    Download Submit

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.ri
    Filesize

    314B

    MD5

    87d3bfc9d85a07e9777a754367786dae

    SHA1

    4c75a58700b42ee0f03420f991ff46efe46223a9

    SHA256

    19aae6e4b2ed767693dc38fe8cd165cf1093f4f7c1f2f4b2dbcf72d8741b0ce9

    SHA512

    849b42a1d842a34a05a96c34ca11111d4a738d6c16bf0139c4f19d940e9f4883bee7d6621bf36335a2a06195bc8f7fbe3bd7a9fcfd6b2abc52210233c60aebca

    Download Submit

  • /data/data/com.lushi.zhuanbao/files/.jglogs/.jg.store.report_pid
    Filesize

    32B

    MD5

    ef5deb235397f07548506e64c37f7677

    SHA1

    00b24a7cb177ba9db01d6636058c72477f0bd7b9

    SHA256

    af7b021d73886155de7f474f254874043c81cbe14983c6340dee71714ac23cba

    SHA512

    76ea307987f6e0c8c9a03bdea8a32c9b93f44f6a8de6891aa6ffb3e3a4590d6ded4ebffdc98c3fae2edca7e1ababd44d5dba5996a19d7e60125fd6c28f673be9

    Download Submit

  • /data/data/com.lushi.zhuanbao/files/.jiagu.lock
    Filesize

    27B

    MD5

    1a68f79fd75a7895f46a0244939f3032

    SHA1

    3c04d9ea314ee52cf58212f5a7b6444de235dd43

    SHA256

    ed1b9285b5b05dee100ca0a669f09ad11be603f1d42ca722cec1d177bbb37e13

    SHA512

    8054638c169cc20a1947b3374542d0cc4fd9df22cbc84d2a8a9e05124519f65e9d61f7c6c0c10f34048fb9e87175ed176e879fc53ea09b576212ab9c94862c38

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/.00000000000/37CF018B.dex
    Filesize

    48KB

    MD5

    75d46252620a12dd7343e91c8ba209bb

    SHA1

    6615b67e21963e5689685f8494f442dcd729d4d1

    SHA256

    c433c8e3f847da2b98ee8b704ea3b7d0f38d6249626dfe26a22bef0c08e5fa71

    SHA512

    9ae5f0ae0a77bc8c9a27a43252ba01d4bbb69a326eb028d2e887d701b202b66a7065765f2f0214d2b0701493634ff33c2104becdb80bf7e8c2657175857b7af8

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/.00000000000/37CF018B.dex
    Filesize

    48KB

    MD5

    4e93a7a07efedcc6e3c741526d2d89a7

    SHA1

    e25833d7a51783c17978a7c5e7953d7cf1df80f5

    SHA256

    26fd97dcb56a0ae4ffee7b9514cb697de101ad39e3b2af2933b1eadf409b740e

    SHA512

    94a5e0b50c0efc69b79fe9b46513537b798a45d00234a7fe1c529e7d5eb153704ec9966a0e0819983f726260579707d7b82e7b31f845fa7602e06c078b98319f

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/.jiagu/classes.dex
    Filesize

    5.9MB

    MD5

    4f32113d809dd75b14e5667c8f45e6d2

    SHA1

    ccd07779536ac42369fedd9867b6171acaacb706

    SHA256

    3b6fb7085882bf08371c6acd9390725f0b536a64a45225d26e6cc54d70ca1cc1

    SHA512

    18fcc76d8b8953b04c00668bfb9d8341076edf3acdc008b92080fbd9942887550d2294a9278606da89c656147f5b5b42d9bd84d058707cbd7acaf02173d41466

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/.jiagu/classes.dex!classes2.dex
    Filesize

    5.8MB

    MD5

    0141652b34bdac808871b61f484a565a

    SHA1

    5bbc8bf7134b6f68f6ce517884dba68922a420d7

    SHA256

    b417af1130ba5bb7e14fa4aa513e6bda377d9b8d236ee662be29047d2f1ae94d

    SHA512

    671a30df30b4349236606fc33427afe3fbcc8cd53b0bb895bc58328f93df3187f2befa9fe9ab2bb2af9d38a7f10e25ec354045e9ac06badbd484084db259b02b

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/.jiagu/libjiagu.so
    Filesize

    558KB

    MD5

    98736de515958ae37ae93a0a0e997098

    SHA1

    72d0f9d43f7c9bdc9f19d13834c0872f5652c0f9

    SHA256

    335091dfc73a9f792cb720389c5d94eb6642764a38d70d4b6b7a8afd34038421

    SHA512

    cc4974ce398bf7f4a20160ad30e4c4b5821ff0d7f2cc9fa0aead73ddc036585266edf429add276b53d6db8dd24a344d709469b9c839451deead6b621e70c92cf

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/databases/bytedance_downloader.db
    Filesize

    12KB

    MD5

    171aedf968e17a2744d2585715606cb9

    SHA1

    bbeddeb3b89fcf809619c35b4a318a80e7d5b029

    SHA256

    d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

    SHA512

    78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/databases/bytedance_downloader.db-journal
    Filesize

    512B

    MD5

    9dd2e60fba963b5d597a88cfc7700d79

    SHA1

    7a83e44e4325a5d9f82357e257730c9df358b5f3

    SHA256

    3aebf366ef8bc1f014126c3e78726a2c5195c7526feaacc856ac75eac481bf38

    SHA512

    6cb03985a009212d9f3bee9756b5cbefb8f9f9bfcaba82053a97b379e44f4c64f821b1afe408568e47b0fb2262a66e68e5d5452973fb5aa8b23d393a57de0d2e

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/databases/bytedance_downloader.db-journal
    Filesize

    8KB

    MD5

    248858152b7d394c2fe0db8600b2d6f6

    SHA1

    9bc27b1eee0bad12114e49e3d82b574602040d7b

    SHA256

    deed646db2d3d4b1a9c8b7e4e96d2169c034f1d881d65922baeae0c8744c2774

    SHA512

    176215cde327c4bec23dcff0d6766d8182db9d7d0d1da080c5f58b34ce535d216a25b6e77396ec2e8c8e67c4fffd83ad0169c0c68fcea36a47fa961eaed9edc1

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/databases/bytedance_downloader.db-journal
    Filesize

    8KB

    MD5

    7cae2e8bcade17d6e723fb054165276e

    SHA1

    257b5e75baee3851f179bd22d1a4756ea7b0b7b2

    SHA256

    6e249b309a57193ff7047a3b466700460032d00fd800ab1623015f892e646335

    SHA512

    083a9c79fad40f0d29b946e9d67ee6ea831f83e3e3a7477b953906b01f9bea0dea710a1d8faa26073e418d2c345cb8756a620edbcad759a3c945dec521fc126a

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/databases/npth_log.db
    Filesize

    20KB

    MD5

    8dc03e147a44099e46adcc75eb340610

    SHA1

    4e087fa92230d55aba4de0ea71719afaa66ec108

    SHA256

    e7a10f4213b91e5144fc5e5d61ea6b81484ec79506ad7f7db35ca992a9634a7e

    SHA512

    d823aac6b0f8ecd90106e1b10b8fc5399798dfc09e63729b88b525a8a43ea301fdbc3977eed3a1fd21723c0e1f4c78585db9f9fb3402787eead6c724087d790f

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/databases/npth_log.db-journal
    Filesize

    512B

    MD5

    dd84c1c72834d71da041b87ca3ccad1e

    SHA1

    e8a123e86fac31c4b972f1357447d689dafb5586

    SHA256

    ea27f4550fb91e8b82aea89a67be90d9bc34bcf5dcd9adc247383e79b10f3b35

    SHA512

    d0969cf801125eb238565c135db125ae2609bf854992df28760b087fee7b83f31fabdbea3694f3875ab00fdfc568169301a69a3ae7ef06a0c1cceac338649162

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/databases/npth_log.db-journal
    Filesize

    8KB

    MD5

    d2ccc479667997ba74bf20931cbe4ce5

    SHA1

    75551f926c10ec69cd6c630e1d591d79175dbf55

    SHA256

    16ce3400ad5f784aba28156e4e5d0ff271f96c3b43ffb5bf3d720a7a5e51684a

    SHA512

    b540214c9d66932df662aa5e4bb9e51b24a6208e99d19f277b129d6f1a6be0be1cd40dd857d0784f822477bcedd0613d91fecac98b9a24310a751df20ab9b06a

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/databases/npth_log.db-journal
    Filesize

    8KB

    MD5

    1c4c511c03ddc7f1d04690b52c8e1af1

    SHA1

    78a439cf8596f9e980a88a460c3d66e92cb28afa

    SHA256

    13fbd32884dd24b2240d51ff88d265bdf850277b35abce8009266f07de7b2e39

    SHA512

    ccf72c0fea208b4f39c8ac81260839a6a6fb256ba086ab9a8d7a8de7282ab468746f24c929f486fced5cfab4d098bb0e0ea4f0bd47c305c3fdf82ad39c2564e4

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/databases/ttopensdk.db
    Filesize

    12KB

    MD5

    f41f531c07d4141546a531ff9caffdcd

    SHA1

    9dcac5aed06972d0ff6bd4cc1f1cdff85b36d3f5

    SHA256

    bb8dee5b5c3779f175abbd142722eb0022b98d374783aa80145b34614a4de646

    SHA512

    e0c8d1a820cb4c098e45776e8b50ea8c83944ef2e3f005cb0acbfc07688974d370f78100ae022f62564fc4c12acfdc43b710c18ca1c30f4f575bc08b9b12d2d4

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/databases/ttopensdk.db-journal
    Filesize

    512B

    MD5

    ed04bf106f5dfac1668d263e65bd1119

    SHA1

    1a1282059ce4433f7ae19b4e269fe56f316a9690

    SHA256

    d25039ee05dd6f4a6035dc2eb3c0b4a2e7c52e48587bbc2d00b66fb0cd8b6726

    SHA512

    53c122769f850c3b261806cb3c3356a4308e5cc01fb9817eb63a2d6f1ebbb29d7995182a51ed6a158522da85c1a6111395c435572f87611d4f9fa107f37d339a

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/databases/ttopensdk.db-journal
    Filesize

    8KB

    MD5

    dd6ecd780857b55e27d10951df87e456

    SHA1

    ad502d75c4deb34e36037f2f945506a3d7620b61

    SHA256

    66553e3075ce62279a6653769c1a66e393ee33d3d2f9992a04404478f973082d

    SHA512

    8fb9f75f4f771a029a4d8627e13d28b15c266e49077499c9361a1564bfa515e78c93bc2ea0e80112898c3b9f5529cd313c760c52fcba5297e39486320884f37d

    Download Submit

  • /storage/emulated/0/com.lushi.zhuanbao/config/5ac714da7be6d534dd74c84a097f98e0
    Filesize

    344B

    MD5

    a376113c0d0b9abff1dab8a18ffcc64f

    SHA1

    8d2ae39484ed87ab9bc1da73a0b301d4ccbb312f

    SHA256

    097d02f9eb6d41e9de17c5afd81b20cb6ce1308243bff6e99bd3668bbfe30e86

    SHA512

    7cad3278f53dc7dfe23408544f655c5ad59bf2c93c0b023ac4348818115b984ba26a8e975792d90ac64da9385fc5af31c8495be3c4738c9018e0766abeb14465

    Download Submit