Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

668f399aca...23.apk

android-9-x86

6

668f399aca...23.apk

android-10-x64

6

Analysis

  • max time kernel
    2635284s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 18:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    668f399acaaae3ba99695d26189b9ae0f36a1dad2f113c315cd48fc23bd8b523.apk

  • Size

    29.2MB

  • MD5

    2edcde54179dfbaf697581b082a2ac7b

  • SHA1

    a504e518cbb2e7c64ff11afd7eb074a66dad8a9d

  • SHA256

    668f399acaaae3ba99695d26189b9ae0f36a1dad2f113c315cd48fc23bd8b523

  • SHA512

    619fdf5a23ba190086a2954336383a89d634e8f160485439f295d10543635cf6fb68d757b07fe236785199992dddf79c2c08c04413f654081666c1963208b239

  • SSDEEP

    786432:o+srtmiC4npAosluA3757vU3Xmf18M3qlfV3jrXoERZ62nzS7PkTXGbrf0Pf:gznSnluA375juWfSM34hjkEO2nzobrs3

Score
6/10

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 3 IoCs

Processes

  • xhd.com.ys
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4262
  • xhd.com.ys:pushservice
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4399
  • xhd.com.ys:pushservice
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4688

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/xhd.com.ys/databases/cc/cc.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/xhd.com.ys/databases/cc/cc.db-journal
    Filesize

    512B

    MD5

    a58efe2fb747cfcad1ade688fa73f359

    SHA1

    7f8e971ead2af504f9b466e0c7f844ff96823f8f

    SHA256

    55be3c3fdb54a2c5c67ee63f51562ef648c4dcd2b867509943a0228639d39839

    SHA512

    e24327cbe206b0c4bc998ef887e2639b8ccc854068aaa3aa778ba837213514b022aa4a5f74c74dc87e084e957f98dd06a77ba0723899887db84bb44f35007932

    Download Submit

  • /data/data/xhd.com.ys/databases/cc/cc.db-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/xhd.com.ys/databases/cc/cc.db-wal
    Filesize

    48KB

    MD5

    ef580e0f154e1496b021be33dbf2e22b

    SHA1

    027a22e5875e5a65c141c77e12b4710b4644ce38

    SHA256

    2b324e4eaccfba7410bee24945825e80e9277abed8bad99bc3eab9706f83eea7

    SHA512

    2b46cd273042236a4f2f5a47e0369981327a026507674c268ad954a4c9254f9d75b7486f832e97a4d34392b10c7a6726276a091e046c3fe30f00a4ae7f48062d

    Download Submit

  • /data/data/xhd.com.ys/databases/pushext.db-journal
    Filesize

    36KB

    MD5

    bd0c6ba90f931fb0075d4a5d873a5160

    SHA1

    9a84526c087d3ee4678b003821c5a2820bc724bf

    SHA256

    1e7f357b486295a8584eb3b20901d1babf3eb05578f3c6e794a1f3e08afa0940

    SHA512

    20b8c28cd825b5b019d8527c58775a817cfb1d2b7148c38ee5f1c53631ce696a505d3459b1a08b20e133f87e303fe23768a3a4cf90848edb0b32ec9d6e0f80af

    Download Submit

  • /data/data/xhd.com.ys/databases/pushext.db-shm
    Filesize

    28KB

    MD5

    670d8bc46551c40a1fb9ff8ec4b72092

    SHA1

    82253b089122b4d8c7ae61dbbeabd9d037ddd49c

    SHA256

    ca2684e4da544d08c906c70f147d8dbc91da3a7972d255e6a00e1c99419f78e2

    SHA512

    4977d35230c533e26162cb0e4da38345a23a87ff41510685e755a52152fc78d0b027e8e8942fe10ae28fe332b16bb9a7ba0c0644ec0efd635d579515c3d5df67

    Download Submit

  • /data/data/xhd.com.ys/databases/pushext.db-wal
    Filesize

    48KB

    MD5

    0f8448d247505cd567f408bdf0908439

    SHA1

    e3bf81965ccd31a73b5e9b271d4256f70d18f2ab

    SHA256

    37f6af4e0b17139c003ca2db9d0bfb80cf00db3d8f2d5e42bccb0961d3cf5b59

    SHA512

    e0dc88b3f5afcdb4e58c6c397f6c092fd24eac93381018999e1f37d0520b4cf029703953f2f38ad37ab38a8e9a77045998ea992e73f8e3cd9fcb701b2271da90

    Download Submit

  • /data/data/xhd.com.ys/databases/pushg.db-journal
    Filesize

    512B

    MD5

    f9acacf85ae5eedb08c8a5b93442a927

    SHA1

    149d0cc7b855832ddaa50cb9ce77aa62f0c1eaf6

    SHA256

    e33c542036cc363bf1c30e86e9f580b21fc28379461d6f92fc7d7fc97c797fc9

    SHA512

    cc2eb7265c986da1344c32c5598ab467ea2897efc717272c9b30b3e58814c9c544bce4ab299c5fd2270a626034381e8ab2eb905345dfaabf4444d0545fca0a83

    Download Submit

  • /data/data/xhd.com.ys/databases/pushg.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/xhd.com.ys/databases/pushg.db-shm
    Filesize

    28KB

    MD5

    2638ee0ae814e883919c9b5cdeb5b422

    SHA1

    7108f513c172cdcb8ac0dd4ebffeff2dbcc4463f

    SHA256

    33ea26e2b75dfbb06c3e41a7e425118acb04f7442c79933b29b94c8b83d12d21

    SHA512

    becc56f5d41273ad6e1e8ac204a9610930e645e2dd5bd7ce3daa49646e72eb9c6f1693e7e52ce982da9eea00fe003caf7c753a43f3c50df6a26a8e192d4e98fa

    Download Submit

  • /data/data/xhd.com.ys/databases/pushg.db-wal
    Filesize

    56KB

    MD5

    4df08e1e010bd904408922774f53138a

    SHA1

    1fa1bccd078ab2eea5c6829ff7a2f87dc56ae45e

    SHA256

    cd1d2420abba3d614f158959f2daf6625a244218e0bb3a0856840e3fe73ac7a2

    SHA512

    a6a5aaf644562cf2fc28a112090bff9ee571eeaa7e5716ab210d96769c3cb9b27feb255d638bdec946388a045b6df563de27722804a547b2f55d38232a15ecd2

    Download Submit

  • /data/data/xhd.com.ys/databases/pushg.db-wal
    Filesize

    68KB

    MD5

    6101945581073a870ef89820941550c3

    SHA1

    4d6267d82bf5dbe265a3ca6c484e27ab8ea28675

    SHA256

    12e33338dec9050e88b22bf01d87a5d7007477484a4c1e1c6c1314a0c2939377

    SHA512

    1b2f35262634258474090a2225be94772c0ce04ffd77b750d34416f2591a4ecd8fb246a49c017c6e3ec68670fea6e497d434b3d87ffbd9daf18f3fdf733e6be6

    Download Submit

  • /data/data/xhd.com.ys/databases/pushsdk.db-journal
    Filesize

    512B

    MD5

    66f9487abd8277206445d8116f625708

    SHA1

    910e4302041cfda1c42c8eb7aee329165d553630

    SHA256

    ab124753dc22e64c661e01b65ea5f84ef5849382d48f87d3dbbd385d325d7c80

    SHA512

    a96b066c7fbcf1b9ab0a2fb7ec429ac5b0335b8ffe9529f2977037ce0a018d452636ac09c52ed0c4cbe1c248f320d1652865747327d66c77c06026dc7ffb9771

    Download Submit

  • /data/data/xhd.com.ys/databases/pushsdk.db-wal
    Filesize

    132KB

    MD5

    11009661011ad3d945b4df335c33e4bb

    SHA1

    ca70804f4361eeccd35ac84e6115153c3662de4d

    SHA256

    42ccf049a6ee132fe4af2702cba3ff15683f30ffa4e39e475bcc7b8ee09219b9

    SHA512

    d83dd59b463ebf8f73f80a091707373f8f42e466ed53e80eedaba9df26fb539e07189a1112e81083683bc9003db65adfb22db190fd2faf78584a3cc8ae01c0cf

    Download Submit

  • /data/data/xhd.com.ys/databases/pushsdk.db-wal
    Filesize

    16KB

    MD5

    27a2b0f5cbf1210c805549b995a24fd5

    SHA1

    ede2793263e1f99a50da2c18c99927ee58b38a82

    SHA256

    929bca21e75184a86a889602827c1e4a812a6977b88772e3b2b5a611d8b7a02c

    SHA512

    e871ddf8a7227f9c7f0dc4f70363406041f301719a5389a31720ca68de25822ee9ac2a9e87173304289293678f680722109fdad342e9b0792933cf8dd3fd2335

    Download Submit

  • /data/data/xhd.com.ys/files/.um/um_cache_1703442278285.env
    Filesize

    1KB

    MD5

    8702dc69eb1fbd5cbda2301399fed71c

    SHA1

    080c3c1b8a9c28b7c6f066a8be63982858f489f7

    SHA256

    aab9d08f10a4c8e07a33655a6615f28bb6c9ef28554b1315ae3b4dfd9bcdfafc

    SHA512

    594cbfec2f80b889543c73833d608ad7b060e3e135394d689a47ccfcf453940f1eee3848810981ab261dfff1e0a395f91265615a8006ac95fe4fd9183b02402d

    Download Submit

  • /data/data/xhd.com.ys/files/.umeng/exchangeIdentity.json
    Filesize

    162B

    MD5

    e6d33ae858cf2848b9e70ef38a74f379

    SHA1

    a67db96986e132afcd83c1ddf9a890f341c65d31

    SHA256

    5a7a48d5c2d873cce8ab09f36a0fc182641ed8eb73b6ffeabb0f4bc334ee7c90

    SHA512

    e96221116f5e00a5cb319a678f576cf41bc221fdfa6a45e0d75a1132799bb12369e02c0b9dfabf2aa16e995592f1095117c5cf9e37b0ea1fd7940398107f414c

    Download Submit

  • /data/data/xhd.com.ys/files/cnc3ejE6/eje3cnc
    Filesize

    335B

    MD5

    585839d66722cfd02e40cb740cccb633

    SHA1

    374c19200fee201b26d0153487a281a934615884

    SHA256

    86a9bb4985cca6c9636c4fd071bef4b70ba7b3a5eb51af869a1299dc2b1574a8

    SHA512

    09bbe1bf1455861fd4732f2d1945c84bac34090906ac2fab75d144c22ffcf6bc585c8209e94a2b1919c8402df53966081a1af2993e12261ae4c4ac5568667d88

    Download Submit

  • /data/data/xhd.com.ys/files/init_c1.pid
    Filesize

    32B

    MD5

    9c2d2ade7276d1b532be93c0fbd77414

    SHA1

    fb31934ab7bfc61d07b4899afa6c075f39fab25d

    SHA256

    81f6e76020b11656bd6e9a3fd7727d6f3f0d09a3838b000567a57d6e08e774a7

    SHA512

    40c33ec7a1ef13e4f6f9fe45637990447323f94fc8d062d4555cc7e72b1eb334a38a84d33ce124edb2d096b62730209d4e45d81041e2595a0611465efc48ec86

    Download Submit

  • /data/data/xhd.com.ys/files/libcuid.so
    Filesize

    129B

    MD5

    1511e056282d3effd4fc452d27e66b84

    SHA1

    56ed8faa1467cfed9e1f3a11c3d66f5308ee0028

    SHA256

    58921ceb17593954bc58c115f97946cb7236498e7918834cf79577aae70ff23f

    SHA512

    9ccd3362709d5c8f5fff5bc5e1daaabdaeb28c5efc517e7bc48f5c3eb73062cc32ff8e36e08d333c154bfea2cac71360789b937eb9a14a279e3c0fd3b2b8fc7e

    Download Submit

  • /data/data/xhd.com.ys/files/umeng_it.cache
    Filesize

    498B

    MD5

    81df63292f90ec790c73ec4b6b807b35

    SHA1

    75c86ba9ee0544b8946a46923468f6c9a7d98c53

    SHA256

    101e900ab0efacf3e47d3e28e6ce202ca59557a258841a9a3506b454bb7fb90e

    SHA512

    ab94d3f62707dc90ba5804cfad8f223bf3fa497e5e5ac49bc1ba39125d6910c0970db87e31ea90615180b2c76b248592aaa576d5a9addb4697dadb8fcbce2d3c

    Download Submit

  • /data/data/xhd.com.ys/shared_prefs_ext/test_app
    Filesize

    24B

    MD5

    a784702a2db6326bdcee9dd8bbe28f69

    SHA1

    48556a94ad13ee093e3613e3c9c7ba90f1cd2998

    SHA256

    36a9a26f409975e78e5a4a01559c35cc6299297c8ee9c3269be4bbcf82a256ef

    SHA512

    bc696d01c4d3ac1e33a58d2568f0ec1d81a4d82d7573eac598424172716585bacf311835ab421af53a0200588aee3f4233787b3aed8dbcbdef1f91afd82128e7

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    111B

    MD5

    3d8ae3ecb0b13aca658c324ec7b4d5d7

    SHA1

    2f5e2abc05d81c23fe7858cf1eee6c971fabafee

    SHA256

    ceb8314549ffbc72004c0412af18b66ca31cbb62328b92de1e13d5e8ac37abff

    SHA512

    3cfb08dcc3fac39aa76018be7a32d41f0ef6efd9b0d60c2c38da13ab05b6336f9c1e0362a5ec2aa12d20e5a6c1a4b5f59006cae206253aeb8871ee9f605e11f6

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    111B

    MD5

    29c97c3ae101411131599a6e19a5f6ba

    SHA1

    40fc6625e4cf937887ba6628528692560b44a3a2

    SHA256

    e3f1ee3e76554bd36e16ef6fc3560a385ffa4ab9eb6700729e81903ec356388d

    SHA512

    4714543d7382cdeae20ee74a50101e02ae56c7568627b5b9c12a39913d6074d5edb610661e1137743d30b9e5f13d9427c36acad84e8bc070ead57abfaee1aabf

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    381B

    MD5

    53949224b9b83af49aac05a4fb6b0cc0

    SHA1

    9ef0c5367db5eb766a16746cd6b3e0e21eb6272a

    SHA256

    2e83d156d6c73c12b1c6f10f817c900e4d83fdd7283ac08201c047e9be677650

    SHA512

    2335e18042b7032d5237cbad59a4dc64fdad53e3bc2e7f3040aa49bffc33f00f5b9b209e396972f8ff2ca993c0889653567caf1452a4367adb1a85d4529e8734

    Download Submit

  • /storage/emulated/0/.imei.txt
    Filesize

    32B

    MD5

    f843c6e8e52004053b225c649afc9b5a

    SHA1

    1ee5720d5eeec953d4d89afb874ab619f866e9a5

    SHA256

    31b325f60de76ce2cec28d51dd729ba1847f98e204533f286740249976414c8a

    SHA512

    69b719473df420c9c4a494ca18dca08c7c585fe7041e203d0e69fb4900be6481ff534f499520c0fa28d9e7f88d3d40fe477ac307c32ca2d9d41cbced4c6cb032

    Download Submit

  • /storage/emulated/0/libs/xhd.com.ys.bin
    Filesize

    111B

    MD5

    b90901966eac6acd50204c66ab7dedd0

    SHA1

    b53f50d3052156058dc489f2304e97fa10790205

    SHA256

    f54027160e23da104996c6fb3a8b2847966e66e8b5001d78dd7d310e875dec92

    SHA512

    9e518909b93e629f1b61f986dc8624243810e5a5dd97db336cd72e39d666a55e7e9976f3d794f61588014ba1ecd75b9ad14cdbd003ef24567c072978b4ffaaf0

    Download Submit