Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

92055e86eb...1e.apk

android-9-x86

8

92055e86eb...1e.apk

android-10-x64

8

gdtadv2.apk

android-9-x86

Analysis

  • max time kernel
    2656264s
  • max time network
    154s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    23/12/2023, 21:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    92055e86eb75b4292ae66b8873d9a4fc939c41246a6525587ee71e895a01b91e.apk

  • Size

    17.5MB

  • MD5

    d760e9af53e9f0cea09449cb0886d1b8

  • SHA1

    131d41fdde3ca155dc722a02089c96d708805185

  • SHA256

    92055e86eb75b4292ae66b8873d9a4fc939c41246a6525587ee71e895a01b91e

  • SHA512

    e394878d3a7e62995ca492a8c836e1a136dd613a30a1f69c77557821afde41b26a0bccb274213aa4053e5b8e6191279a975ca3d5f4ede291070227f85292bb35

  • SSDEEP

    393216:FTPj9/twR/wW3m2OB1fQmuoTjTHX3YpKTBx6KePT8E:lZlwRJATfDTXop2x+V

Score
8/10
evasion

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Queries the unique device ID (IMEI, MEID, IMSI)
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion

Processes

  • com.xmei.xlock
    1⤵
    • Requests cell location
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:5108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.xmei.xlock/databases/xUtils_http_cookie.db-journal
    Filesize

    512B

    MD5

    2a8cecee599403aecdfc064868c78a8a

    SHA1

    f4e6d6079637ac894569f66e3ec65645524b3b14

    SHA256

    b72d553bab4e930b7bc4e9b86d2c85a8a05fafa40ef6590beb7e2975e92569d0

    SHA512

    cbeb6b968f171bef313283253f7469aaedc8aad8d38d8e7f0fa9b6fb7e5fd4db8e45c5e44f863e72af1ab29ba8b5b5de1118fa9877dfebaba0a8284ff0323e33

    Download Submit

  • /data/data/com.xmei.xlock/databases/xUtils_http_cookie.db-journal
    Filesize

    8KB

    MD5

    ed948f33924ec1104e56695c78cf4600

    SHA1

    5b8b5d5a02264d8f094dfddd939922c95ce737e7

    SHA256

    a64cef3bec9e85408d77d35b8c72cd9a5db79a3232b64740fd2e0cdd0acd3bdc

    SHA512

    bca2c6ac30c77ecf4509ea3349de81e771edb6f06a01ca58ba4e34153f0aefaee71261a5376e006bf2192ab9ca2aa083d403309d9f343029f9b4341eac107041

    Download Submit

  • /data/data/com.xmei.xlock/databases/xUtils_http_cookie.db-journal
    Filesize

    4KB

    MD5

    bb60a5714b378142ccc0ef6217376282

    SHA1

    d69fb282ff27691c6527fe976c0b6407d1c616fa

    SHA256

    0aeae7c650549bfce8fa0e97dc4b18b74d09a3d932c1bb67e5d3252657ebda0a

    SHA512

    5ca38019701b5dcc2e2aa6021dd53042bc1d466b1cba7b1e520450f8e251bab006aba939e33d2c97cc241cb90eadaa7eab4add1aa4127c50b3ebb3c41e1e6078

    Download Submit

  • /data/data/com.xmei.xlock/databases/xUtils_http_cookie.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.xmei.xlock/databases/xUtils_http_cookie.db-wal
    Filesize

    4KB

    MD5

    4f0552a6c31528e8eae5e5ddd11a7b83

    SHA1

    8469468cabc394cb57af2f57c74b94c119ac6db1

    SHA256

    cd24fe50eff6d783448957fa417dd9fce2c33bf94b30745033be5d1df22760d8

    SHA512

    79fa5f7e76c6c3be683a29fa170d984e37758f191abbee571c3e7db9329c46f9490ca6ff15f5ed7a56c8ac960db555cb82d3943c090166be401e1798856ca467

    Download Submit

  • /data/data/com.xmei.xlock/databases/xlock
    Filesize

    12KB

    MD5

    ea628e04765adaf4238a5dcdff4bbd51

    SHA1

    a801947619ea8c368efe9c006a324dc6339ac60b

    SHA256

    885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

    SHA512

    c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

    Download Submit

  • /data/data/com.xmei.xlock/databases/xlock
    Filesize

    4KB

    MD5

    28322998fd5d3911c5c892e19daf9b83

    SHA1

    67ff2566bc9e0377570856d21bfb8f3cf5c9bfc2

    SHA256

    edfa4ae4b326ad2b092ea797a2d596bd23b01ee2c47cea9cb9a451e6001a912f

    SHA512

    80e08b3e20d45aa0986c08ae8a5c3483c067b4aeb1365a29c480226e7251b63ce1e07aa56ec4b214ccac85c36c865b1d1eb328b83eeca1b3fbc2c3610a925c4a

    Download Submit

  • /data/data/com.xmei.xlock/databases/xlock-journal
    Filesize

    512B

    MD5

    a31148954242d2a3d4e7bc351d3dff48

    SHA1

    f179f46bc76ddad78d0909a0c69a4312c3514b03

    SHA256

    34f5811a9d4804a0e055a511138e45956272f0e0568c7424df031b072b37b481

    SHA512

    594d93d8f95f23b2b907003171b541a6ab59a6c935f4353aebb1482eea2496c323ec7559d690794cdd8b217e3174085f0a7840569f72bd3618b38c11cfb53c19

    Download Submit

  • /data/data/com.xmei.xlock/databases/xlock-journal
    Filesize

    8KB

    MD5

    3112cc6229c870f37228e8cd87f66994

    SHA1

    2edc467c83e5b06f93eb2183bec62c2789930001

    SHA256

    247e0cd885c13bad4cb425e2ab80909f9cb1b1196d6291a72b40219ee09ff8d6

    SHA512

    3c23485b44584955a21f5bd2913c2dcb016e1bc17e791b27f02f202ec84708567e1efffee5ee454826c23c4a8896caf4b624e5a7feb4cec260778c028ce9b2d0

    Download Submit

  • /data/data/com.xmei.xlock/databases/xlock-journal
    Filesize

    4KB

    MD5

    f2241f86fa07e3704fcb2463280eafe6

    SHA1

    b830a48c4462b5398e40df24ad69f8eb58a44f80

    SHA256

    e84a399fbba78c8780bae1e098be0c73e90db01591654a8ba67844abca6eda38

    SHA512

    e132d56a01166fdc2cf64dce46ac331df61571b235d278924cb571241f2f15573f6990d3fc4b705055ae7df945527e6d008a74b1f078579719ee3c289086fbb3

    Download Submit

  • /data/data/com.xmei.xlock/databases/xlock-wal
    Filesize

    4KB

    MD5

    b7d0bc142c1623443c8b71bdc88d3dd4

    SHA1

    b48daad246fd3b476a09c2df46f6adb837e78e49

    SHA256

    7aa7faa782fddb98101e3a0a7a9a81b6c77bf80ddd951afa1e294f597851448a

    SHA512

    0c1b1f4ad128e7f6f1e3340784e6ac2cf147383844c3de2286edd79b2a77e712391559565d1805bbb6552bc2731572b47e857c692de13e8762791302e2c3f14d

    Download Submit

  • /data/data/com.xmei.xlock/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNDYzMTY1MTkx

    Filesize

    1KB

    MD5

    f7114be312ca5d65256ebf0699dd7b6a

    SHA1

    49e2bf0b6d257476ccc5fadddbe874346b906e75

    SHA256

    10b0ee20105cacfb70766e3f3cc69db229b049f52ce31a7e03983172bc4d2ef8

    SHA512

    76a29e94e271640f360d793b7cfd10c0343f167ef521ec12e296af591e2874c539a6f86711b7038e841171da012bc0765be072ac228594ac88582c96a283474b

    Download Submit

  • /data/data/com.xmei.xlock/files/umeng_it.cache
    Filesize

    350B

    MD5

    a6714b087305946d5b683ed658f7463a

    SHA1

    c2ceb34103273d8836b13d4e41e926ad68680912

    SHA256

    55b67f408949845b86b4d151f19f9ec3de3a08e6d3476859b7403c75ef25783c

    SHA512

    3e36724a951b97fb2dd8496c127a762b56a492570613381aa7eacddd0a6843e0fd2de64c32a97e161b50a0a2faf8097a53e14241cfea67985acd7da232bdd9ba

    Download Submit