Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

75c5936f57...20.apk

android-9-x86

8

75c5936f57...20.apk

android-10-x64

7

360sdk_1_2008.apk

android-9-x86

1

Analysis

  • max time kernel
    2693745s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 19:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    75c5936f572742ba6dda92976874e54cea41180cc6ae83dbd0c387d558088c20.apk

  • Size

    31.4MB

  • MD5

    de85598b0ee1dd24b2c324837b73d3b2

  • SHA1

    f4168cf78b1ff4cefcc322fd333c3bf8c8946bda

  • SHA256

    75c5936f572742ba6dda92976874e54cea41180cc6ae83dbd0c387d558088c20

  • SHA512

    6c9ad63ebcc9fd770a92aa2aabb4149b6671ff1b85d249348f900a057a279ede900239a3965e026362753c21e23309927a7518e9296802dcc6bf9d89eb11c6a6

  • SSDEEP

    786432:TJh50DpIP8TpYA4+nMPtd341b1swPQQgAuIm:HjupYA4fruuzQgX/

Score
8/10
evasion

Malware Config

Signatures

  • Requests cell location 2 IoCs

    Uses Android APIs to to get current cell information.

  • Loads dropped Dex/Jar 5 IoCs

    Runs executable file dropped to the device during analysis.

  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.ztgame.ld2019.qihu
    1⤵
    • Requests cell location
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4271
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.ztgame.ld2019.qihu/files/sg.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.ztgame.ld2019.qihu/files/oat/x86/sg.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4301
  • com.ztgame.ld2019.qihu:PushClient
    1⤵
      PID:4344

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.ztgame.ld2019.qihu/databases/talkingdata_app.db
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/databases/talkingdata_app.db-journal
      Filesize

      512B

      MD5

      38d94f7607463a4cf1b124883c970884

      SHA1

      05286514a72dd963c1311311781465da668c29aa

      SHA256

      8c1552dcc41762e65d74d85bd280eda310911af1da5efcf62e0462b348ec1e6a

      SHA512

      b76a884e5906d5b22627b65e67d46529ee704e77644f4f1b9bbdbf44e6456831b26d957aafcadab20963087b458837fd12384feb18d7ed8cc68e6e37c815e2f9

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/databases/talkingdata_app.db-wal
      Filesize

      40KB

      MD5

      d6ce9c42b93f89e325ac966f4bd3a0b9

      SHA1

      dc9d6606c7cdf682fa6753186efe7d3047e571aa

      SHA256

      102b507266059cd858e5952617047e10c44817377e621e273848926f23799881

      SHA512

      5655394a7a237ba029e976c9f03b852459092d4524d640dc2e4b8fc4fa3ee75d3b050315e8cc32f8707f5c8ca41c498373a86823bd62f30e7b38a830895131af

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/files/360/sdk/persistence/lock/Y29tLnp0Z2FtZS5sZDIwMTkucWlodQ==.tick.lock
      Filesize

      13B

      MD5

      730c6d6d7f7e7a090c394f44f9f6aa3d

      SHA1

      7164cc155dd12d279201022ac644866b5a2bf77c

      SHA256

      211277c1103240897641d134da7f3a1b29791ba266bdfb96011a45edc36f7db7

      SHA512

      79cfc03650d17868b81357cb4d7af2a57929e85e0dc3a9e012ae5fdc5885c3344429ee9f4b3bece8fd6a4065308278d58ab91c23c53df8135a3632b3d36011d1

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/files/TDtcagent.db
      Filesize

      32KB

      MD5

      a64ed0db240d3914f2690223fd92d8ad

      SHA1

      05611a85274356de18c74747de7f30df7f286ba1

      SHA256

      a0a6b263087fa8fb9d8d85ace11c0391b7cf399da8b4471c62c8b05cab975813

      SHA512

      2ea50db3f02da45df15f983b0edc5ff060468f250293d09bd1bd9cb5ea37cf282a57cb69cbb6638dfbf5a161dcb002438895449364b636fa7849e5cfc883da13

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/files/TDtcagent.db
      Filesize

      20KB

      MD5

      132ab370d12171749bb7efc655c71e54

      SHA1

      5911ddbd9d856a6b1d8495592b609877100ab55d

      SHA256

      883210f305ed6ccd0ae3ea5c0ba7da00d5938e329ec7071be921b239949db6ec

      SHA512

      e50b267ede776d061a0220e3a69c8fb59ad973ba84cef88fb87f26320b5c2d79dc21ede839700861ceffce86198419aec7a8a00707d4d6f85ef4c2eeca038883

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/files/TDtcagent.db
      Filesize

      32KB

      MD5

      bd946b47590142f73228868241e06742

      SHA1

      953ba962fd10196a156f835ab8b806fe3ed5cc62

      SHA256

      86323b1506cc4b803e053485e423ea1df9ba4116cb61717b5716d8877841ef66

      SHA512

      e7b66ed2319a9fb73cd9a6164a4e7049d6513c8b40c793e3073d1fef35dffbb59edcd8e361cb9aaaa2bd83f89f05b398145375359e8ff4b22448c87f4ac66a3d

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/files/TDtcagent.db-journal
      Filesize

      512B

      MD5

      142f03d5ed98b12d610aac2c29c8f1ea

      SHA1

      9c2604a337362a6ae1625cd85c44ba2fcf8ade5d

      SHA256

      c4145725d4f83516c885cdaa81b1659277b96d17fc6fc810d7ef3e86aa67aaa2

      SHA512

      9b672821335574f00f168cca046e254caca886569ec489852c95febbea2a4eae2e6fa74d8172def6063445d6ca578547210a25c3c2a19db50eeb47f9f5fe0916

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/files/TDtcagent.db-wal
      Filesize

      72KB

      MD5

      2ece69d5d93d19f5b5a5f23bd9b8a7de

      SHA1

      07cc4902b1aa9e4ce9a745b16108775d0c768723

      SHA256

      2b7e31ba59663b897d170f1a3ea604cc35df79b8f5f4ae0da2841b8fd4ed75be

      SHA512

      701b6580c728d6ee728f5918cc4096e2125a5f0476450e25ce77a3f202c7014a0460eff78ce4aaa6c0674b19dc66f988b6ad3488e21f90a3517513e51f3779d5

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/files/TDtcagent.db-wal
      Filesize

      8KB

      MD5

      6efabfeb951b374031022dded439a837

      SHA1

      7414542f366e11d48695bfe82010b0a8de0dbe28

      SHA256

      75adee7b031682c7e39ccca4673e8f6a769d1c7d5089765ce604f87bd1838226

      SHA512

      b6b25d085c7cd119ebcfba6576cee5656b990bf887f5a075de1c41df9b6dff3cfb458ae800c4222682a883cf3c25b5cc1d706346b55fb0b2ae405358040243a5

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/files/sg.dex
      Filesize

      471KB

      MD5

      d142e150a005cdc2c2f7deaa697ef090

      SHA1

      ecfc2a77e45d19d0c39d413362617fbc4cc6ab81

      SHA256

      df44c5ac3ecd8b97955ecc37a8141e88f4035aae22bd6891bc0b0fa7e455839d

      SHA512

      0433e1dc16790a64ea858c9a4e997677a552f89c4a2b3f3a9bcacdec9217cdcd909e903d219eff08b559ab04f7bf64642c1cc9087a719b9b37f2d3239b8f69cd

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/files/sg_game.dex
      Filesize

      632KB

      MD5

      7826dc71c2ba02f4fe1cadd90b81ecc1

      SHA1

      24c505dbd7d0791ab2eae273d8d5f6568735168f

      SHA256

      b1400527f8b24eba4d4eab4cb1a86063e95ecdbb3cb268f10b278ff19717c232

      SHA512

      3717200b6ad253982e9255b1c0f35317db8abb4e51d312aab09f1db88698cc4daa0ffd0d5b0832c09afb03de71ccdfe472beb4b20ab1cbe62ebcebd7d5f23419

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/files/talkingdata_app_process_preferences_file
      Filesize

      27B

      MD5

      0fc0905ba2ab9f0b35ff76d2640e0f82

      SHA1

      faf6e67c650c76397ec22e20f0b176e27ceff041

      SHA256

      fde8a8a6ae19c803c58711acd7610517d7157506019716860d1bdc88be556ac0

      SHA512

      8ac10b7b5f534e2eece456480496f9ee28e5ffc85b91db028a865747ff5655300ce8920729a56cfc89af14cac2417d0af888aac52634994231137f2c5c5e56b3

      Download Submit

    • /data/data/com.ztgame.ld2019.qihu/files/talkingdata_app_version_preferences_file
      Filesize

      2B

      MD5

      4e732ced3463d06de0ca9a15b6153677

      SHA1

      887309d048beef83ad3eabf2a79a64a389ab1c9f

      SHA256

      5f9c4ab08cac7457e9111a30e4664920607ea2c115a1433d7be98e97e64244ca

      SHA512

      e053886e1b797bc5a80f932302f0201265a599d82e2502d41941d6e652614ef88fa058e009094d26655f880200df12c2100f690254fd1e5bae75d7441763cd33

      Download Submit

    • /data/user/0/com.ztgame.ld2019.qihu/files/sg.dex
      Filesize

      471KB

      MD5

      149726e3391f9b0a9abe2750f3b7e67c

      SHA1

      fe3075cb62c6f4cdcf327919a692b9e258056f89

      SHA256

      ad5ac3741ae6207a056002ee73402fec29c647d5fca5a2045b80039e5039ee9e

      SHA512

      76b8c2affe6c97e53ff9b0f421774e22fc964fc5348fb6006309f0fd0afb6bd9217b24a24caea2dd67b9dfec65bbcb2d0a45edc862f44c28a9fd09754f280503

      Download Submit

    • /data/user/0/com.ztgame.ld2019.qihu/files/sg_game.dex
      Filesize

      2.3MB

      MD5

      1b6c5c996921bc2419b36a03159ee19d

      SHA1

      3c62064f63738a4f3f8b637934c3ff05c4b84113

      SHA256

      04cdec6b95a520dad2a8a73fbe2196d4853b61180fec029607a3495b0a295306

      SHA512

      7b55959ce94ff7e16ca3afc5fbe6d989820958f3ca197cb616d06696d56682dd6fbf33254c76a6d457cc22a7949f6ed7bec2692ce4b34e8d70d8e37881a7b049

      Download Submit

    • /storage/emulated/0/.tcookieid
      Filesize

      33B

      MD5

      0a8430f9b587f20dd243af76daf75d69

      SHA1

      9326ea5b176d017310058d49f00e4f69c8e97dba

      SHA256

      1cadcb8f2cd3b967a191c2d2f3ba0a876c338464ddcc37e9d44d42abd53a39d2

      SHA512

      7d433ad0bf74c6992f4bf6d8e9f721a1a26fb2492880b418d43daa6c836dbffb7686edccb34ec4f974c75eb9515fad318d5113af3d6d68a3a3729704be54b671

      Download Submit

    • /storage/emulated/0/360/.deviceId
      Filesize

      48B

      MD5

      1d8d16c4e3b19ebf18988530d9b9a757

      SHA1

      bc94c1cce05cd848a53271ecb9c5311e27ffebf5

      SHA256

      abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

      SHA512

      4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

      Download Submit

    • /storage/emulated/0/360/.deviceId
      Filesize

      96B

      MD5

      8d7934610bd5aa4eef17b7fc2297ba9b

      SHA1

      8091c50991dc466fe59b80d8c455f320c014e9ad

      SHA256

      09bc79de7cefa7a4573b6ed59ab49b70f559147e9b9286c0800e822e57e0d28d

      SHA512

      de5027e880abf8789b79494ddd2aadfc3bad000bf68820cac6ac997c6dc3df3a87172cc2d84ab52dcd1943d4849576466dd532d0a8a54d25df46b8f0b1cd6928

      Download Submit

    • /storage/emulated/0/360/.deviceId
      Filesize

      144B

      MD5

      9d2388769456af8bf3cc26afbe5d8888

      SHA1

      9edc2107d3444587c6f1510bea985e283e7cdf3c

      SHA256

      d4385b4f45a988bccf34bc4a558022d977ebf921c59b1446803f786927c88e76

      SHA512

      ddeced49fa01dd9758430d13e49fc10d5c74c4788e96a33d1cb9f8caae26a17a8a351d38bf9d012c2aed172d9f0f798930da53ce3c2399fd4538d38fb3a0877f

      Download Submit

    • /storage/emulated/0/360/.deviceId
      Filesize

      176B

      MD5

      ba0b12daf4299666efcfd11b1f66a106

      SHA1

      0b027f67ceb75282ed30d8c509fa426eb0138b2b

      SHA256

      91fa0f42c6ef49517797a7b7d49098180d6d5883dad535f80880a9816571d3dd

      SHA512

      ffeb677c0b070d3ab3e9def54d8273a9489840374b159d9e9382f59d9639505c50e7ca2e08415d8c96286183606db34093c29ea0d7e8e821d1b42a32f74d47ae

      Download Submit

    • /storage/emulated/0/360/sdk/persistence/data/Y29tLnp0Z2FtZS5sZDIwMTkucWlodQ==
      Filesize

      1KB

      MD5

      5b05bb6e461f259d72d0a23182d3ecbe

      SHA1

      a0473c96279a10b52862d7e870349c3889f9ccbb

      SHA256

      5146289ac1283778130f5bc76e947ad385c559d5dd716628ec567c85e881b358

      SHA512

      5e44a2cafd23fce1fc797c65f19fe6dc9b6b7fc913a5e5893048a66ca0b960ced55ed6d27be2b28be1c387ae30ab07410ce291a1471defb26dd9dd47de30e395

      Download Submit

    • /storage/emulated/0/360/sdk/persistence/data/Y29tLnp0Z2FtZS5sZDIwMTkucWlodQ==
      Filesize

      568B

      MD5

      29276591b9ea8d45b7fc801b5f7ed3d7

      SHA1

      4bf92b642e23f40a5196352f56119256ffbe57a4

      SHA256

      b53291729915e1037233922b71fc5767ca2ab6372aee111feabe77d9849615fc

      SHA512

      73c01b4e1ee78f5a40a278d512ced94b6f1831e2fab8945285c99865c1a7180d0e2ad7da4040db3b6ca4b72f2611725f0f06183fed7e61d33cb8eb2841754e96

      Download Submit

    • /storage/emulated/0/360/sdk/persistence/data/Y29tLnp0Z2FtZS5sZDIwMTkucWlodQ==
      Filesize

      700B

      MD5

      0d6c5c96dd1a06acdf51341c34781dd6

      SHA1

      07197a018345f3db36be32f2937fe05193069e99

      SHA256

      f200e9d75151f1443814201f63b92e192410668834eb296ca2b27a301dd35051

      SHA512

      97b0d1a7d6a47ed2439e20ad9a803fde601bfd10768a872da99dfd6147b2745e3f20a44359cda2ad03546e6fc15f759aa8a2737642993599679ca261adc758fd

      Download Submit