Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

54d1c27a9e...1b.apk

android-9-x86

7

1.apk

android-9-x86

1.apk

android-10-x64

1.apk

android-11-x64

21.apk

android-9-x86

21.apk

android-10-x64

21.apk

android-11-x64

9.apk

android-9-x86

9.apk

android-10-x64

9.apk

android-11-x64

Analysis

  • max time kernel
    2606191s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 17:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    54d1c27a9e942d37f580e79e4dc44dfb1ad1d58279a6807a8d567e6f2f38e21b.apk

  • Size

    24.7MB

  • MD5

    59be882a787626c1c8ccf80d9fb79000

  • SHA1

    4cd5b9e7d45a3755fead1bd4565842c10931b438

  • SHA256

    54d1c27a9e942d37f580e79e4dc44dfb1ad1d58279a6807a8d567e6f2f38e21b

  • SHA512

    7d6de98e0d70d5c5c551562093b4971fc158973d258a3e21b9b14d252d42ece4f9c96197c3b4163baa3536e0a0873802c0c8cf1c9d1d865e79a4b3e4d6316400

  • SSDEEP

    786432:FR8xgABZBNsl4D2Fb2krlU9NXFcfKhAisiDFl2:X8OAXZk69N1MKGMFl2

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.baitu.huakui
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4263
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.baitu.huakui/files/beacon/comp/1.jar --output-vdex-fd=61 --oat-fd=62 --oat-location=/data/user/0/com.baitu.huakui/files/beacon/comp/oat/x86/1.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4297

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.baitu.huakui/app_crashrecord/1002
    Filesize

    232B

    MD5

    45fd828d4d5726b5c457c67760e94fc5

    SHA1

    020dd5dd5f2ccddc8bf1d57e152464f43a809380

    SHA256

    9f13f04144c08e5e64c6d9a4f540dfc842d0772bda70a91c8b93f85bf5dec6b0

    SHA512

    bd9c2819db2e94fb194ad7abfd0090464436db6acaf16592b358904656e087aa49f1d2c1448b29ef54fbba28e8a83470e97383e040cb6cfeffe1b0484a781b40

    Download Submit

  • /data/data/com.baitu.huakui/app_crashrecord/1004
    Filesize

    232B

    MD5

    23e65b580d80188091dde81c03d3429f

    SHA1

    b4b12c36e330ffe63674e6f6058d35049fc50174

    SHA256

    6924c03a6df71221bd85a4d861ae669f142b802458e40d6240bdc2392a74eea0

    SHA512

    3cf91ed2028d6f32b8605e3e50a90ae2b211553ed2af90b4bb95d0c1821446235abb4978df89d8007fb38683424670cce38e9f825ae405c240e90ffe295637fe

    Download Submit

  • /data/data/com.baitu.huakui/app_crashrecord/1004
    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

    Download Submit

  • /data/data/com.baitu.huakui/databases/MessageStore.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.baitu.huakui/databases/MessageStore.db-journal
    Filesize

    512B

    MD5

    ed134d19a736e48f0193b801f3e84041

    SHA1

    48bfae5176cb330e91a966e706f3fa25c9b202a0

    SHA256

    0dec8761cf37cb2af23d8b0d5f5f78116f930a5256247ec714f56946f70627f2

    SHA512

    5a0e63b1e348cddbe680b6ab525d4e99bcc7c8aae34ef89d56132fa6757ac659b8c6a57a1c193dd9292b769e4980ad2c14fab4616ecd2fe05f905a5737febc3a

    Download Submit

  • /data/data/com.baitu.huakui/databases/MessageStore.db-wal
    Filesize

    48KB

    MD5

    c537dce5c3ea65e1afee12b7697075c8

    SHA1

    275dd5852f587f17921ed70d4b61b025488e3c37

    SHA256

    74d2799ad8817180e8fabf9250dc3de9e3856ffe3026c7f144a69f8f1c0eef7f

    SHA512

    d8ce0c91b83ff20f8faa1107146c5aabd64d57824316dd369c2e127c6ca04c7ccdbb523f170d55f1ddfc623cb20315c5bea35e4b9dac5ff4502dd26197d38e1c

    Download Submit

  • /data/data/com.baitu.huakui/databases/MsgLogStore.db-journal
    Filesize

    512B

    MD5

    981bd1cbce8a34939e0e452220a62c22

    SHA1

    813d690d65f2d5fb627184360934bb6934022b81

    SHA256

    bd585e5b6fdd26ada9130115a0ace07f66e0e66aa75d1af34d832012b2adf8f4

    SHA512

    3f887c16c47571bf7c4fd7ca1f72f88b0be11f041ebd937f656e86486568d192cbff7a97aed2c180f795e30ac8152daf0f56d0bbac3c37ac2591273a39197812

    Download Submit

  • /data/data/com.baitu.huakui/databases/MsgLogStore.db-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.baitu.huakui/databases/MsgLogStore.db-wal
    Filesize

    68KB

    MD5

    b1024e0818d852f32b15af7c1e806db0

    SHA1

    7e241e38f3bbd95eed651d9ac096c8fd4dd494ab

    SHA256

    efd737249a1c312116ba98000cab49565fa49cd06208c583fcc81758add567b3

    SHA512

    393b93dd04ba14a5bb9f1b289d0987600634ed7395dd360526eb739d290e3af655af2e431c36b5d0a73b0a8688be30742ecbf9ee14bf1b12f8b5693b87c8a1e2

    Download Submit

  • /data/data/com.baitu.huakui/databases/bugly_db_-journal
    Filesize

    512B

    MD5

    21568d44be18fcc253be00605095066c

    SHA1

    3170f6a5b6085d9ef9ed49b6a48eb36602f9c3d3

    SHA256

    aceaa1229db49ea8787be080d214be4fd7f2b9582c977ae41b55dd9cd5127caf

    SHA512

    4e303be71005496ec98a16fa9bc2b867617cdc5d31dddb24139877423bd7232340f8bc8a0213814e41b938964868328cb8778f8560f3501bffad4a5c7e791a4d

    Download Submit

  • /data/data/com.baitu.huakui/databases/bugly_db_-wal
    Filesize

    16KB

    MD5

    64aa91f33d9ff2d1451e1a4e44e83c9f

    SHA1

    2f735fa5e5eaa93c505a63bdd4463ce932706c67

    SHA256

    6810d0b96a730d15fed5f8869fd712bb239fa90518c105fe2212967ff9e5e7f9

    SHA512

    5d674208928c0047c9f2a1e4c69224e5f51af29900197945f395fe1d6d8289c2f9f07d1aa7798518525fd91522a347531b310f3dfae3bd301639a1b314601e9d

    Download Submit

  • /data/data/com.baitu.huakui/files/beacon/comp/1.jar
    Filesize

    70KB

    MD5

    fbc9ad99563091d07cfdfaed823bcf3b

    SHA1

    906f5b3e984ddec5208bd01468901cd0262cc1e9

    SHA256

    d320347a935fb3a98ac3858cb55a9193965cd5f9b04ad97838fb493c612d1010

    SHA512

    ea259833bf55b9174f55b84ab62aa9a586287e0c1375f266668519d8ee273c7fb5c7419cdaaedcf1ea40c758531a65353d5c2a3083858d7c65f553b1f80149c0

    Download Submit

  • /data/data/com.baitu.huakui/files/beacon/comp/21.jar
    Filesize

    2KB

    MD5

    81b45de6a47986d607e660539f02e21f

    SHA1

    d2f1961e00bc48dfcbbf76a3d5648544e5812afb

    SHA256

    43919275b8694ddc0de13559603d2b8fefaf80aaab7a596d0617e324dac130af

    SHA512

    7e99792b4d6e6f0f35b4966a934942a1658c6eb27341905cda65adfc5d8aa496c33229f3bfdfeb7fb8a047e603bcf5463efa34c233800df723b26943f7c28466

    Download Submit

  • /data/data/com.baitu.huakui/files/beacon/comp/9.jar
    Filesize

    5KB

    MD5

    07e7f8974d3ebde93b2d85aca8d96470

    SHA1

    72afb51e234cb6f6b99c50739b2b73d0182d78e9

    SHA256

    15c5291d63d9425aad8a2374804589ae6a0d377af59319715f35e09bd7fd1674

    SHA512

    cab58123d458d3b37880569b5e6b40dfd711a4ce259a17292a02935c885866e440704f8075cc2485108c425b79ff7fd032fd7bae6f09264fa5ec9de204a61a54

    Download Submit

  • /data/data/com.baitu.huakui/lib-main/dso_deps
    Filesize

    280B

    MD5

    5be700542423ef71aa6588005779993c

    SHA1

    fe9d0acde9c57f9230a8a49739b6c3e25e5cc0e5

    SHA256

    abe37df267e653b1aaa108d8473fb7b4fd228fd90a3372fbbfe1fab4d1da2133

    SHA512

    1dad0fbe9370c40787d1c68cb45006dee88eb6361b3913850e7ca9415d6d4f5ab419ec211e679136cad4a59e46a2b07142fa4418cdff4fa974e3b3d69c32d6b3

    Download Submit

  • /data/data/com.baitu.huakui/lib-main/dso_manifest
    Filesize

    5B

    MD5

    c06857e9ea338f3f3a24bb78f8fbdf6f

    SHA1

    c5a0a2529d2deb60fec041b4fbd722a2ebe31702

    SHA256

    957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

    SHA512

    29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

    Download Submit

  • /data/data/com.baitu.huakui/lib-main/dso_state
    Filesize

    1B

    MD5

    93b885adfe0da089cdf634904fd59f71

    SHA1

    5ba93c9db0cff93f52b521d7420e43f6eda2784f

    SHA256

    6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

    SHA512

    b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

    Download Submit

  • /data/data/com.baitu.huakui/lib-main/dso_state
    Filesize

    1B

    MD5

    55a54008ad1ba589aa210d2629c1df41

    SHA1

    bf8b4530d8d246dd74ac53a13471bba17941dff7

    SHA256

    4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

    SHA512

    7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

    Download Submit

  • /data/user/0/com.baitu.huakui/files/beacon/comp/1.jar
    Filesize

    149KB

    MD5

    bc070e04636c3f0de3721556101b062b

    SHA1

    f573b0d0e09da82236dd82da38687c4fce74405a

    SHA256

    876b970e2a2556f34fa8431cd373d64d5c7faaf12a4b9fc35e482b1edf49933e

    SHA512

    d2037ce77671a4ebd64a71cadf20a51f2ab6501cc30f258305192d15f175a2c0c1df9099f0937932774d8a6c1557b484f1b33898cd1e76b8c8fe42264d6faee2

    Download Submit

  • /data/user/0/com.baitu.huakui/files/beacon/comp/1.jar
    Filesize

    149KB

    MD5

    400bed053ad682fd97b6b6c29ca56850

    SHA1

    6510943291adc21449784053910d1c6b3b6ac25c

    SHA256

    2d6b9d05d52ac688020ab87693a919766d3bf297206c73414e265e9fec20bde0

    SHA512

    0aefd2f3364f92c69e9421c0c072c61e5d3eb786cec7ac4bb6229af24374153f73fec537bc61ad16c838f489179c1d217ff40518832f9ffe5d9ce5c62ae31dde

    Download Submit

  • /storage/emulated/0/Android/data/com.baitu.huakui/cache/uil-images/journal.tmp
    Filesize

    31B

    MD5

    8c92de9ce46d41a22f3b20f77404cc1d

    SHA1

    8671a6dca00edb72be47363a7071be65cf270373

    SHA256

    68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

    SHA512

    30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

    Download Submit

  • /storage/emulated/0/Android/data/com.baitu.huakui/files/zegoavlog1.txt
    Filesize

    13KB

    MD5

    e495522f32d4e666c3e80ace8aac6f94

    SHA1

    6c324e625b2a70120f71ae1d62a05ee42ae33077

    SHA256

    5c47391e1234b07a26e22b72d03774f34bca580bf023f33734e1bc32986a6a5b

    SHA512

    095ac2c9fcd8b6912a58d214155b81d63a4c669efac17a5c212c75ab42720800c89b5d06e3379b23de76311e97a1f9ffb83a87dc0f0b354604712ea428a2c6d5

    Download Submit