Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

7bbb7bf712...f5.apk

android-9-x86

8

7bbb7bf712...f5.apk

android-10-x64

7

Analysis

  • max time kernel
    2721241s
  • max time network
    160s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 19:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7bbb7bf71237b39d718c51551808378d7bd2eef1b5fa556476dc0122c3fc86f5.apk

  • Size

    21.1MB

  • MD5

    5adf86819347d720bc4e32715e93d20c

  • SHA1

    06970c99179e43af88665668d03f00a52c6fc928

  • SHA256

    7bbb7bf71237b39d718c51551808378d7bd2eef1b5fa556476dc0122c3fc86f5

  • SHA512

    7563d72ebcb0ba4226dc23ee53db088ddb011616e288f32d733c3b47129f665233beee1e3ad57f8efc54a49f847da46d5dbfc0da88aaeecce2179885e7675594

  • SSDEEP

    393216:ypESoB+vP07VOLLculZday7dd6rgnp7ctu+oqNhpaGXyv:dhnOLpdWUNctu+owaGXg

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • heyman.iseymon.com
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4258
    • /data/app/heyman.iseymon.com-S2zWqAO9LEXudFCoGcfpzg==/lib/x86//libweexjsb.so 46 47 1 /data/user/0/heyman.iseymon.com/app_crash/crash_dump.log
      2⤵
        PID:4287
    • heyman.iseymon.com:pushservice
      1⤵
      • Requests cell location
      • Uses Crypto APIs (Might try to encrypt user data)
      PID:4418
      • cat /sys/class/net/wlan0/address
        2⤵
          PID:4549
        • mount
          2⤵
            PID:4568

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/heyman.iseymon.com/cache/jsb.version
          Filesize

          1B

          MD5

          c4ca4238a0b923820dcc509a6f75849b

          SHA1

          356a192b7913b04c54574d18c28d46e6395428ab

          SHA256

          6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

          SHA512

          4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

          Download Submit

        • /data/data/heyman.iseymon.com/cache/libweexjsb.so
          Filesize

          6KB

          MD5

          7daa126a59a44091b737186c77697355

          SHA1

          3d0edde6aad106a18b3c5e139bc5b17872544920

          SHA256

          075f5431397263562da0a61835f543ff13c708f4b5c4a4588a93f5ef08254c5a

          SHA512

          1dff58d4598278d53a4f571152142de312c2b1494b0c9f6a908e281845a041bfd4c864726fec0ece1c6d3994f13622ac7310aef479bca71e42a071f8d2307cfe

          Download Submit

        • /data/data/heyman.iseymon.com/databases/pushext.db-journal
          Filesize

          512B

          MD5

          e7ac1aa25fa8e919fa72c43d37add52b

          SHA1

          f902002582262f60e51ebd8cfd07ee62074b729c

          SHA256

          00a1a1342a1cef9d6b835256750ddee35ba4acd280a5eb4a1801883f9fba7d7b

          SHA512

          4677c4dc6071997254ac9be970e1075bcbe385ba20307e8003ea5f41d11b8fbf43f1a33005ef2720f439e993d88622b53aec2804b7a23703315bf8a8993087b3

          Download Submit

        • /data/data/heyman.iseymon.com/databases/pushext.db-wal
          Filesize

          16KB

          MD5

          366183dd89e5204b1c7fe7ed1a323671

          SHA1

          8fb76a1389a297ccbbf65102357d0342d70e4aef

          SHA256

          91c47babac3147fb87c053f5085322fcdd6a577babd4a5ed58fa1d27e12c5907

          SHA512

          b2900f6677bec530ad244d655d5408004f3eff4ad8f3a466bf32d528f1f472b322396aa04b3bde9855bb3c91845252604d5d2ca718f0e65fd973df4f76109738

          Download Submit

        • /data/data/heyman.iseymon.com/databases/pushg.db-wal
          Filesize

          56KB

          MD5

          9aabd1c42ea89b7164bb9790b8c043b7

          SHA1

          654da965c47c6e78b855c4c1f3c59d8eeb3787e7

          SHA256

          80e63fc82c280427e369e7b5a17db355be479a225998dbffa94bbc9122e7e422

          SHA512

          02fd1c8b661a1807d6c489843d1c1b8dc2bf126674897a407c472f2ec18886d5c1ce787bd5abfbd746c17fdd5e35e401e648659fac082654ea5cbaa092fcddf0

          Download Submit

        • /data/data/heyman.iseymon.com/databases/pushsdk.db
          Filesize

          4KB

          MD5

          f2b4b0190b9f384ca885f0c8c9b14700

          SHA1

          934ff2646757b5b6e7f20f6a0aa76c7f995d9361

          SHA256

          0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

          SHA512

          ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

          Download Submit

        • /data/data/heyman.iseymon.com/databases/pushsdk.db-journal
          Filesize

          512B

          MD5

          7c3a73778c36eeabc357e9e672e0bff2

          SHA1

          d9e6990faacbaa6892386c7162df6d86a92a155d

          SHA256

          8ec669d6b5ad669a063a38c6b4064f6c2b51f829cdb39ff2ff947859d5dab8f7

          SHA512

          aaff0b7bdfeed985ddcf5696bc13b9556729b4703e789cd954f66ecee6a4e0686f22b908595bb8b35b8c6f920e4a5bd791ddac1ae8f12016ab655222730111f0

          Download Submit

        • /data/data/heyman.iseymon.com/databases/pushsdk.db-wal
          Filesize

          16KB

          MD5

          2b4748e57a17686d8598ef9946551bf3

          SHA1

          2c39c38d92f7007c02a918d7ce34f0b02ba2b7b2

          SHA256

          0ecf14b80c8c35c212105a76a4c80faf5cd2abf8e126029b6d0c5ac854502d50

          SHA512

          086e30f6559bc144e9c0376c3149e2edd3204df0ef24b694c83eb9d0fb9202fa5d91e250c903efedd920d2977b76d055293b3da2c2562d47c0d5fdba25afc0f7

          Download Submit

        • /data/data/heyman.iseymon.com/files/bf7de6451b20
          Filesize

          75KB

          MD5

          81bd3406297235bb919b33d327d0ced4

          SHA1

          7ea5e4003faa7243e3aa981de0e5d6a7a59d417e

          SHA256

          991514092028b9b9c143c28c5f9fe413c1b1c7061221399363aa2ef6a55a2eb0

          SHA512

          badb69a8bbbdd577e0a54c5911d66dc4fe227a9c34a736cc554d4410df397e0a73b67f4b956b3b270bcab643f86c0640795997695b5377950c6230573f620132

          Download Submit

        • /data/data/heyman.iseymon.com/files/cnc3ejE6/eje3cnc
          Filesize

          39B

          MD5

          7769d4507985f59116153463f09235a2

          SHA1

          b081e84d14300ac7a7947aade9c025fa83bc17fb

          SHA256

          5ba33c69421ad27727832442cb5939d5bc853acecd0d8162d7c10a6b96757dcf

          SHA512

          ce5bb431a31eaba24c0cf467bedb1abee2205b74c4533067058b09ce7e8f9480b8baa01866e3dc89d1800d07da6007f36c1b4fea811e3da164b187903480d29f

          Download Submit

        • /data/data/heyman.iseymon.com/files/init.pid
          Filesize

          3KB

          MD5

          f8222cea0a0f67d066f2323d13036eb3

          SHA1

          362721723e906a8849e5057b8ff732bc2ce81ba1

          SHA256

          f18223a0e33961342df2456d1e93f0eb86536c62794c1139352d22221e76b6b4

          SHA512

          bf8e7809b48b09a33d4c3910807e9ddeea6c87857404274daa0ed09ddaf3a0d2be13a449989e5affb1303e737ee094adbcbe6e3ae138e0d27e366bc162a1f086

          Download Submit

        • /data/data/heyman.iseymon.com/files/init_c1.pid
          Filesize

          14B

          MD5

          5a55a0cfe07b6bd2e9b2a4045a456f2e

          SHA1

          53fdf60211c55607c6a5ef9ba6f7626a997b4c43

          SHA256

          62afb93fad6592e955d38bab1992c849d458f84e3267db1bbd93066ff5ed9edd

          SHA512

          2fdf1886500dcbc260a68af0f0698f24d879a2cb045e61154d85d1ff567e84ded8d26ab28959b084a1ff85eef8843feb084aa13614060c84ab3aacc1b6f0eb28

          Download Submit

        • /data/data/heyman.iseymon.com/lib-main/dso_deps
          Filesize

          288B

          MD5

          7d6b6c86b639b8ea2ce48c0b2ade3480

          SHA1

          7f10876b5e766db8cadacdabf5dd1d1e4509997d

          SHA256

          9ece92d50201d583aa93fc841d71c470e1077ee5e1b1e27ba510ed5b062d1663

          SHA512

          f1eb6e122f7d114a89b5ae37c924a07eefc5deff0e5489193c4259578a6fd3bb6b3e037f95c02f395d2155e960c21e4c8b4c221db0451af87f11d283aac2a68c

          Download Submit

        • /data/data/heyman.iseymon.com/lib-main/dso_manifest
          Filesize

          5B

          MD5

          c06857e9ea338f3f3a24bb78f8fbdf6f

          SHA1

          c5a0a2529d2deb60fec041b4fbd722a2ebe31702

          SHA256

          957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

          SHA512

          29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

          Download Submit

        • /data/data/heyman.iseymon.com/lib-main/dso_state
          Filesize

          1B

          MD5

          55a54008ad1ba589aa210d2629c1df41

          SHA1

          bf8b4530d8d246dd74ac53a13471bba17941dff7

          SHA256

          4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

          SHA512

          7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

          Download Submit

        • /data/data/heyman.iseymon.com/shared_prefs_ext/test_app
          Filesize

          29B

          MD5

          93e94008854ec01722536847eabe7831

          SHA1

          3ceb87b2c4d5bb0a74f1ed93fa1a8bb38a1378c0

          SHA256

          315556092441bef3b35b07d4eee18c3bcf920c8b63e13e7ba47ba86047399367

          SHA512

          6a7bebb5b91d46aba397dfb25e3fb57d4227ccb64740b9923e6f0c7fd73f380c4edcb01455ed6602fca787e26053929160ba88714c9f9fd775eba856723649d3

          Download Submit

        • /storage/emulated/0/.imei.txt
          Filesize

          32B

          MD5

          20df8bbc43b75806af27908198d2aaf2

          SHA1

          3b36f8b4e568893e77f9946b752b4581361bbb77

          SHA256

          735448f43b20ae7c802ac03e438caf4d3f6f1c207c807d653e87323d3e0e3404

          SHA512

          91991dd6e4d0519444cede7704709f5f07a29abc53a2c8a8caa1879c237124c965b35aaf247a8fd982acba4d914a96e61a26274d19f3973cc3cb1420f3fdd382

          Download Submit

        • /storage/emulated/0/Android/data/heyman.iseymon.com/apps/__UNI__36EB4C7/temp/1703528157266
          Filesize

          505KB

          MD5

          d725c0204ac941f2862dcdcf58e7e452

          SHA1

          b96f40b9b0d0711f19262d1d23a2b1977cfb50ae

          SHA256

          e2a6d4446ec01b57cecc02515d9b4a24ec2a811be3b038d46c55d2dbd08a48d2

          SHA512

          e8286f453d2f07561cba48a03d8fd542797863465efa3f2d89acdc274bacc9c1de8231e41bd996aab54a9a603a11ecb8a2f223bd5b800b00cb1e9d6acd4b35a2

          Download Submit

        • /storage/emulated/0/Android/data/heyman.iseymon.com/cache/AdEnable.dat
          Filesize

          83B

          MD5

          8ae79f2b4232cd2a906cebe2d2a55a3e

          SHA1

          6957fb9185d0c09da65aae6cd70a4806c4e058e9

          SHA256

          af48c7f23faa351de816497ddce1dd59bebd34fbac1a52c35fba9fe37705565e

          SHA512

          26e03688539d87e2a05fb0ed98193f8d2bc804961f158927d267737ca962e4559ffe85356648ee2f4e74a7c5eac6feb6e6afbd6e148b937ad5e2081177dbbdeb

          Download Submit

        • /storage/emulated/0/Android/data/heyman.iseymon.com/icons/-1146883555
          Filesize

          3KB

          MD5

          261a2f5598dc84aac9c4f74d362cb6bc

          SHA1

          207ac982fef6b156fee0490b552f00dbc5a31c35

          SHA256

          e5870b73c45753de32fdc22b7028a31bb0357c4b5ca98ea70677d7af6b483c6f

          SHA512

          c5ec5370146cd16f1b7c5d70eaac1e9ddd3e37766849d38cd2bf2b771ba75de8bf0dbb97c8eb2f5d472c4ce1e97aa603939634ce3cbfee479dc35f97616b5472

          Download Submit

        • /storage/emulated/0/Android/data/heyman.iseymon.com/icons/-1224589735
          Filesize

          3KB

          MD5

          ffac3d37dd244404d7e4b7abd2e021a6

          SHA1

          9801dc20d26b9ee33850323be03f21fab23fe5c9

          SHA256

          05002b5e8af7e185d7a01e88f51a96d982003f59678597e302e917c78aaf43ff

          SHA512

          c7845b0bd70453bfa291eb10ab1a60cb23e713746f7257a0c1ef219e30339d8a94b16b6360f57b249c366e419bd57c3604a912978e8b019abee615942a3410f5

          Download Submit

        • /storage/emulated/0/Android/data/heyman.iseymon.com/icons/-545746868
          Filesize

          2KB

          MD5

          3d177b9baa9676e35176fbb089046ab6

          SHA1

          d85b4f17b3af3126a456f5a894056710a7433458

          SHA256

          feee17b37416044496e3e9d8644db60208b714e151ed49a8ced5f35e07733d42

          SHA512

          53f98f894fae1763c61197f8d8eeadd35c780411ba7369d6c3df26e528777da866ea99996d837c77bfde838d5962af83892d04b428ee18b567058a582a08271a

          Download Submit

        • /storage/emulated/0/Android/data/heyman.iseymon.com/icons/1285727607
          Filesize

          2KB

          MD5

          2b8cfe7fb37f23bf6d6ec0322fe95f99

          SHA1

          7e45b425ce7fd85e2e7cfdcb7984503ffa6071f8

          SHA256

          f5be72140121e2b865a9d657759946b2551a87e266f3f2784611668823679d45

          SHA512

          482ca37edf5e0a0365edb69f596ea984bda84bbfc91218ffcc831d2ce721775b80f8dfeba84495f61af9bbc861db200d31b26afc706fd10b3a02bc67d775f695

          Download Submit

        • /storage/emulated/0/Android/data/pushSdk/defaultLog/2023-12-25.log.txt
          Filesize

          974B

          MD5

          3455473807d58747a12992145da8ac5c

          SHA1

          1674b1cf16b85909a425b9aa4e5d7d7360342f6b

          SHA256

          57bde0728b155f57abf9ffc18c093594570cce66f32c1044037978351887aa68

          SHA512

          4703437047ed7d25c465887ebc1284849ea03ad22d460705ef4fa8b8f49e3fa42e50b5344f569d0e2529229e82db3847df3f4c1d7ae2240d2954064e828c7c2a

          Download Submit

        • /storage/emulated/0/libs/app.db
          Filesize

          32B

          MD5

          a9198519c37f9c3c03c681f50f0fd13b

          SHA1

          30811a8000306075534bb435ea59bfb54e96e836

          SHA256

          b27607569cfc13e23d0805ae40514dac8be1c571aabb48cca033994ddee71ba6

          SHA512

          43c7609a6b6b0089970c5582ba8a7ad3af95d7bfbed3130ccd321338a6f9638565c2817f6f7d3454614565bdbb3cb41bfa7c69b76fdef8fbf7548f4db17172aa

          Download Submit

        • /storage/emulated/0/libs/com.igexin.sdk.deviceId.db
          Filesize

          2KB

          MD5

          6cc78f78d6e12d92665b86863ea03ddd

          SHA1

          6d04e5a2313cd0a89da7fc7f4e5e88647fd1fff2

          SHA256

          e46bcd10569235f8f601cfd31d80f45d1e96974625b85aa7a2f6b7d5f65a9bf1

          SHA512

          a33872b6e1eb49e010f71c3295fefe94bf33a80eaa64cfba976057b60a7dafcedc54be11d563c9542b1dd4727320e139f089df67d9afdd070b8622e6857619cd

          Download Submit

        • /storage/emulated/0/libs/heyman.iseymon.com.db
          Filesize

          83B

          MD5

          e24e384665f7770ec08402151c84664c

          SHA1

          005dc6cdba98c6ad061bfa8c52d970deb00d8295

          SHA256

          4f5b9a7cd403ff1808c82cf7dc61fba7e482a6fba42ef43922d8b05512f34f00

          SHA512

          194e9054e7f6f3ced2ba90c1d9dba2099b1dd4685f4c39af0d85eb6b6c25f7d0a81b1e3ab6a67119982f3bf3dcc3c7cff675e91e92e9f53d1961bbccfdd337dd

          Download Submit