Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

66c581176f...f3.apk

android-9-x86

7

plugin-deploy.apk

android-9-x86

plugin-deploy.apk

android-10-x64

plugin-deploy.apk

android-11-x64

Analysis

  • max time kernel
    2635982s
  • max time network
    150s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 18:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    66c581176fe326238fdf5399b78040ab821498d3df042e0d9d50730494adc7f3.apk

  • Size

    9.6MB

  • MD5

    82d13f57169210b477e0e396cfebb472

  • SHA1

    ea19ba6144069d208d43df551644c880d0a9894b

  • SHA256

    66c581176fe326238fdf5399b78040ab821498d3df042e0d9d50730494adc7f3

  • SHA512

    e9310ca671dddb4b4488a838904752bb0366a4bc853119e48996956114aedccfdf395cd1a0918f21b5134087ebbb2efdedbdedc56bc2d9b4024f75124364f9db

  • SSDEEP

    196608:OkwhQqjVzcZtVLIdegtGURp04iVzcZtVLhBlkmCOkwhQq9GURK7CgY3Kg9d:OkwJJcEiLvcRlkKkwJ03t3+d

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.hunantv.imgo.activity
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4252
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.hunantv.imgo.activity/app_push_lib/plugin-deploy.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/com.hunantv.imgo.activity/app_push_lib/oat/x86/plugin-deploy.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.hunantv.imgo.activity/app_push_lib/plugin-deploy.jar
    Filesize

    213KB

    MD5

    e70723b8f6c4c7c09a6019733022cf53

    SHA1

    e3ca32166c65e4dc73c21347ab22d54a7b5a9a83

    SHA256

    32d35cd80b0302e3fcdd7349b4ff9a7b689ce080435109607ff79a834ff710d5

    SHA512

    461c0499193c5ef5aa4e2e5d358031e7d28c98c8e1e38d22b710271bf3b561c28232bfaadbc2c275357e31b7b0ad6bca798008328ac3cff3701c1c9cca2ddddd

    Download Submit

  • /data/data/com.hunantv.imgo.activity/app_push_lib/plugin-deploy.key
    Filesize

    174B

    MD5

    1ea8459a688352c3573a8e80727c2644

    SHA1

    9b47864e96eed98798a6da2b8860c8f8a68f089e

    SHA256

    be2c0f9e472138a78d35f29013fc43dfeae991806dfebbc5be5c8dc86b8a1093

    SHA512

    99a26c03e760fdac91546a47e18e58851996b7e38e93812a6be23f1eee64370323ac492c4c224bd419d91566356fcb8eca3989ff4f2ce41db3d16301fa9dd75f

    Download Submit

  • /data/data/com.hunantv.imgo.activity/files/MV3Plugin.ini
    Filesize

    20KB

    MD5

    3b5f99d0f68d9cc89cc92cf12e9a7cf5

    SHA1

    1e12722d967f4a2841d5463073d7d25306a11adc

    SHA256

    3f9726961aebc6e2179b39a9797055025878cdd391b53a7f6901eb49660ab938

    SHA512

    1ea3f2a34eb0ed32b1455a6ab3702e51f15a733e5485e2b5519f6cfbb744f95e097202f93a927568d0a8180c5c7424aa5d9f66d55f6689bc435daf65f576c986

    Download Submit

  • /data/user/0/com.hunantv.imgo.activity/app_push_lib/plugin-deploy.jar
    Filesize

    530KB

    MD5

    5597a541eabd3fb792c581587550dc4a

    SHA1

    6500b0ff20c75717e1cb67dcee76b4641a4e8a35

    SHA256

    473b02216f8d2b5ffb26571e51ff322e3ce04ba45418408452bea103576ee8e2

    SHA512

    39b4acd82f67f11140cd1b0b4291e656a4a46ba63064509977f3f1de24a931dce83964f031e16ccab95cf0540ac5f613ca87d7665ce99f1c1ee4a0778e2c19e2

    Download Submit

  • /data/user/0/com.hunantv.imgo.activity/app_push_lib/plugin-deploy.jar
    Filesize

    530KB

    MD5

    bdfa71feb08b80b649fddcd7488b03b4

    SHA1

    bcacf11199fd2c353034a7271b5dbfe2dd4cbddb

    SHA256

    f8bd07a7afce2d102976afaadd33dc70336a0b06682ac8d6fe9544a08d086d1d

    SHA512

    37dc848b995def498d0c832a76ed0ad429db18f26a5e9659c2b77a63bff555560160b6be4d22387eb529b2291bb27ae21718ddadb315bd1aa4c092d6330f049a

    Download Submit