Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

8b9adc17ef...da.apk

android-9-x86

7

8b9adc17ef...da.apk

android-10-x64

7

Analysis

  • max time kernel
    2762263s
  • max time network
    153s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 20:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8b9adc17efbb11032625fc0a87871d442a354c261786352feef451a78af26fda.apk

  • Size

    26.2MB

  • MD5

    bf57b56e21cdd18c7be0b03e470b8f38

  • SHA1

    38c422a12b01d24008755a9fe707e16308f990a2

  • SHA256

    8b9adc17efbb11032625fc0a87871d442a354c261786352feef451a78af26fda

  • SHA512

    cd9357cfa3986101b6dbd431a1ea69306be53a46ff5bcc1fac7490f6d881f97a2d598576e5c1a09866b4ef41e8458fe35af5d2d1f21b445cff01599a6502b238

  • SSDEEP

    393216:LMWCVYf5gqyI3ImR/MJXH0vaeoAM7tGHKJutdAeYH7JFD9u3aC2sxXa:LcKhnLR/MXHDe8GKqdAe9xXa

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 6 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.sxx.ltjlhf
    1⤵
    • Loads dropped Dex/Jar
    PID:4255
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.sxx.ltjlhf/.jiagu/tmp.dex --output-vdex-fd=43 --oat-fd=44 --oat-location=/data/data/com.sxx.ltjlhf/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4294
    • getprop ro.build.version.emui
      2⤵
        PID:4331
      • getprop ro.miui.ui.version.name
        2⤵
          PID:4359
        • getprop ro.build.version.opporom
          2⤵
            PID:4378
          • sh -c ps -ef
            2⤵
              PID:4457
            • ps -ef
              2⤵
                PID:4457

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.sxx.ltjlhf/.jiagu/classes.dex
              Filesize

              6.6MB

              MD5

              20e3aaf63f4171d083b90ef8e706f8c8

              SHA1

              cedf2d21e189e77edfb1aa45284e96646dd58516

              SHA256

              ec0be31d64f0f99daf64c0aea9cdd4e99ac009ad1247db194bd9ace370af358b

              SHA512

              b846792227d4f6e1870f8355f8a5f55467ae7f3adca4c5ec038dfe547fa3c60c6f73783593fedea6146875deccf97e239fac8b6038a5339672ba684b374fe407

              Download Submit

            • /data/data/com.sxx.ltjlhf/.jiagu/classes.dex!classes2.dex
              Filesize

              7.0MB

              MD5

              daa89da1d48fa58b5b492ef259e37b29

              SHA1

              aae34f37bc38c237e9ec916482862c6ea59c4377

              SHA256

              cf79820bc66a5a017400619e93ca52408cdde848e8e98972993660f12b5d9271

              SHA512

              cbdbda9e7120237fcb63ebe8122186e1d24e05263d7e23f25e44e6c30281ba546c112a45044cd8d0d6739b37a73d9dbca55a4492d6e8518c2584bf5a49bb002f

              Download Submit

            • /data/data/com.sxx.ltjlhf/.jiagu/classes.dex!classes3.dex
              Filesize

              265KB

              MD5

              0b84b2503f6c1e25c93dda9220c57d28

              SHA1

              c4f1cabd4af9e62b190e3fefcb6e8fa475d0aaa6

              SHA256

              df2bf4239f264e3c2f7dfd9a467ab1e79fc8556570a8ead5579f24257ae45364

              SHA512

              7a52145125537f317bd626c0fb9f8c98e3a537f8da36732619035b229c8cab4e08302293b7fb8eed7fff77f66efebff5036510e3b4f72c383a6ac615466f6a66

              Download Submit

            • /data/data/com.sxx.ltjlhf/.jiagu/libjiagu.so
              Filesize

              495KB

              MD5

              de685970891708f6edfd18f03c6557ba

              SHA1

              ac50f88327652a72df73d43e9260faf169283c34

              SHA256

              b3124a6f192e562313f1e2d24b292852d4eb87cbe95dccd1d94b3a0540c0c11e

              SHA512

              cd56aa34265252c1457e28f442872dfaedc897607b816526de7e76c88ea00c24feb3542c21be7dc587b58df8ccbb1e045d3533741981212eac4d704143bfffe0

              Download Submit

            • /data/data/com.sxx.ltjlhf/.jiagu/tmp.dex
              Filesize

              284B

              MD5

              f1771b68f5f9b168b79ff59ae2daabe4

              SHA1

              0df6a835559f5c99670214a12700e7d8c28e5a42

              SHA256

              9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

              SHA512

              dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

              Download Submit

            • /data/data/com.sxx.ltjlhf/databases/com.sxx.ltjlhf
              Filesize

              4KB

              MD5

              f2b4b0190b9f384ca885f0c8c9b14700

              SHA1

              934ff2646757b5b6e7f20f6a0aa76c7f995d9361

              SHA256

              0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

              SHA512

              ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

              Download Submit

            • /data/data/com.sxx.ltjlhf/databases/com.sxx.ltjlhf-journal
              Filesize

              512B

              MD5

              82e835526af5a190c15eaa14234e76bc

              SHA1

              3836a9257b2ad0029d49261f168d99a19029b8b2

              SHA256

              6cb4687f896d62518e85eae8402db0a80bf07fd2986b86a329e2c9aca2e24e3c

              SHA512

              d3436dbcf3cdaafe802feeafd2c32953af91d06b8dd1d73fc78c03800c62f59375a03d36354345bc6784a2dd86ca2e9e768d55dd90a8d572a2a4c8fdc6e16566

              Download Submit

            • /data/data/com.sxx.ltjlhf/databases/com.sxx.ltjlhf-shm
              Filesize

              28KB

              MD5

              cf845a781c107ec1346e849c9dd1b7e8

              SHA1

              b44ccc7f7d519352422e59ee8b0bdbac881768a7

              SHA256

              18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

              SHA512

              4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

              Download Submit

            • /data/data/com.sxx.ltjlhf/databases/com.sxx.ltjlhf-wal
              Filesize

              60KB

              MD5

              f8957e5ec3f14ea3e2a7e4358664cd26

              SHA1

              04341770bc4820d7297b322950717544d2b856b7

              SHA256

              c29ee51040c466f92d3aba17ba00481fbc926f2f3edf622bf758914aeae3e09e

              SHA512

              6616289dedccfabb66893d9d1c18fc2e5dc443c3cbc00aa8960b8da45f200a4aa5892e4dd566b12231dc31786372870c7b90e777b72b23099d8bfed13dac02c1

              Download Submit