Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

15976de658...4b.apk

android-9-x86

7

15976de658...4b.apk

android-13-x64

Analysis

  • max time kernel
    3036708s
  • max time network
    157s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    24/12/2023, 22:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    15976de658886b81965251b32111004b.apk

  • Size

    16.4MB

  • MD5

    15976de658886b81965251b32111004b

  • SHA1

    5f41872624954f62f13644412c563b38e76e4ee5

  • SHA256

    23381a1223358d7f32f260a6db8d126a1ae6fcd01042c966595c1152e1cc7904

  • SHA512

    dde3074729c262a6c9a3a2c79eba34cad9c92c3e83f45f7c11e39c2167a2d7daf1f18be74f17f7c2752b601bced9aaefd43021e225029a7b3d511cf8d840b6c2

  • SSDEEP

    393216:PlN0DwId4t1kKw0oRQpIdRDeUPN/z0V+F+jGMjC31PE:PlVISt1kuOQp4De6/zjyGMj6NE

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 5 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.hxgbank.school.app
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4254
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.hxgbank.school.app/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.hxgbank.school.app/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4285
    • sh -c ps
      2⤵
        PID:4436
      • ps
        2⤵
          PID:4436

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.hxgbank.school.app/.jiagu/classes.dex
        Filesize

        6.7MB

        MD5

        9694694fea5fb1e093d5479227698bf3

        SHA1

        9a26b435ac4ea9dccf3342038e9649eaab2d628a

        SHA256

        4208d008e20c93938cd9d8e66b722110afe5a45db6f8ffd7cb326f31ad69e515

        SHA512

        cbd98ee3bf825ba555d5ba7cf867c26cd9e6dbabe10415f75230f396dd5aa7ca55292ae91e698c497831ec638bd1763516dcc184857b9577b7f4694080d43331

        Download Submit

      • /data/data/com.hxgbank.school.app/.jiagu/classes.dex!classes2.dex
        Filesize

        1.9MB

        MD5

        be293a9b74c7ff4e32e0ae409ed75cf3

        SHA1

        df016cedd303302226a5f522f882527c60ccf450

        SHA256

        224d8b549496d60698ac4ead760f08797c9d0b735837f4c60bb48a26a1e04d50

        SHA512

        fa57331ca8c9d816811bb6101345a492895b11d14f8aeaa539836222bff5bec237a66656b94134b317f4e24f9ccb638e6b35906feba34eeaeaa196102594e110

        Download Submit

      • /data/data/com.hxgbank.school.app/.jiagu/libjiagu.so
        Filesize

        485KB

        MD5

        015df5724b50b4fbc6dd0caf7ccb817c

        SHA1

        980780e98c9958aec97ab7a0de8d28a4c5fd9429

        SHA256

        183990718a96d742bc6f1bb04c313e04db6dc62d445ecb294a7f15babd3281c6

        SHA512

        fda8f5343cac8102aade5f1aeac7c5b028ea5d8c92e3d12de92e1ffce30bab47a446f215c9cff7dd1e1bb88980ee0d27b5241e856719fcc1f6a5c25e062e9d40

        Download Submit

      • /data/data/com.hxgbank.school.app/.jiagu/tmp.dex
        Filesize

        284B

        MD5

        f1771b68f5f9b168b79ff59ae2daabe4

        SHA1

        0df6a835559f5c99670214a12700e7d8c28e5a42

        SHA256

        9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

        SHA512

        dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

        Download Submit

      • /data/data/com.hxgbank.school.app/databases/RKStorage
        Filesize

        4KB

        MD5

        f2b4b0190b9f384ca885f0c8c9b14700

        SHA1

        934ff2646757b5b6e7f20f6a0aa76c7f995d9361

        SHA256

        0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

        SHA512

        ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        Download Submit

      • /data/data/com.hxgbank.school.app/databases/RKStorage-journal
        Filesize

        512B

        MD5

        4a43f9fa38eb1b6e60eb283a536d668d

        SHA1

        537df161e1300618b88a780051c03db87cb884ae

        SHA256

        e77fdcb1cf240e4704eb11d2931e5304b8bbf28b1b360340d21cb8659a06aa01

        SHA512

        ae4e87359eee92eaf0c8018607fa9e973f737bd62dc847d855f9171c097ff1be66ddcefeeb861a0bcf6e2cf64a5a3320872d2d32b9356c9ab08eb1e41bfba30d

        Download Submit

      • /data/data/com.hxgbank.school.app/databases/cc/cc.db
        Filesize

        36KB

        MD5

        5d7ea1a23af19b4340cc8d90f28297d5

        SHA1

        4cfe95b23a9e98378d69c4290af81b51fbe76aea

        SHA256

        474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

        SHA512

        33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

        Download Submit

      • /data/data/com.hxgbank.school.app/databases/cc/cc.db
        Filesize

        36KB

        MD5

        ce6135aa1b1fe4f2c2db2a546d2a5558

        SHA1

        79b59582154017aadab783dc266fcb158c252940

        SHA256

        7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

        SHA512

        2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

        Download Submit

      • /data/data/com.hxgbank.school.app/databases/cc/cc.db-journal
        Filesize

        512B

        MD5

        44a1437adb5a18090dcd29fc0a2b07f6

        SHA1

        6a463a5582c67af53946327da1c3201a4088bc76

        SHA256

        c88b514640627b30dd5263fbbc30cfe4e1dfb3168ebd33cffe3d775e7540482f

        SHA512

        debb9e4bbcf1c60dccb52a4178b671d65d6a0a06df62180c0b15a29ff356ce2dd38c62037f2e1333f9bb21b20e2d11aa942b917673ba4f6daca3df4421371a78

        Download Submit

      • /data/data/com.hxgbank.school.app/databases/cc/cc.db-wal
        Filesize

        48KB

        MD5

        1f19bec405c9d122c5f1c82f473c479b

        SHA1

        0b3a5960b8ae7b648502ba7202cadcc9d11d9eb0

        SHA256

        a52f3dcec5550dd235d21eeb4d358f05a99ed00b73c52b6574f52c8e6ede1d7f

        SHA512

        bec54f66092733c4449ce8d4311056f850a4f3d39fe341ac50e158cce066d27406c15c0ca3520c1d79eb870f1715ee172bc1227ce6a9c2864a41bf76b59f5a6f

        Download Submit

      • /data/data/com.hxgbank.school.app/databases/ua.db
        Filesize

        32KB

        MD5

        4e3a1b0bf192b55df9256abf57d3976f

        SHA1

        1f99b9db52eea049530b46ab22280fe4957ed323

        SHA256

        1e3093d20c57e79de4a158dc0e2f7caf52c8b87264a3b906bc080f07bd6cef48

        SHA512

        5b08865a6e916d1b76701ebc8574e5143db4104956ffc210584c5accf5e37cacd1227b75672e1153349fa59a4c460472d00a3d3157b00e609be723c35fbccc5c

        Download Submit

      • /data/data/com.hxgbank.school.app/databases/ua.db-journal
        Filesize

        512B

        MD5

        4917b037713428626561a06f0da5777f

        SHA1

        0dd03dea2786be9f760f857b3d255921537c9bfe

        SHA256

        6b58f32e1b6fa29860855ba01cd5d8adf483a692e0b25a49d3a9004dc9af64e3

        SHA512

        1b7e7fc6dd3e52f287e18d003a640abc6e94ac9824a6f344b0a8f4f3c537d8b6e3a83d54dcadc66332a7024e81d7633dabcae93e8c31df2d7fee17c7a90f649e

        Download Submit

      • /data/data/com.hxgbank.school.app/databases/ua.db-shm
        Filesize

        28KB

        MD5

        cf845a781c107ec1346e849c9dd1b7e8

        SHA1

        b44ccc7f7d519352422e59ee8b0bdbac881768a7

        SHA256

        18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

        SHA512

        4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

        Download Submit

      • /data/data/com.hxgbank.school.app/databases/ua.db-wal
        Filesize

        56KB

        MD5

        cc960442d3f5205d6b890e08e160e85d

        SHA1

        619667aa4278d69e8178e34489fb33ecae69fa2a

        SHA256

        efd3547456541a4ae5cbc837c4eec6eac6b2f20a82984ce35a317d5d4a694ecb

        SHA512

        d430d4ded4c42e46477d1732b2218bd8c0b98f64e2c95998b999781ef411c3e8b04bd608396943516c08e140ff09c1bb10a1f5c94ea6886e5c90584a019006b7

        Download Submit

      • /data/data/com.hxgbank.school.app/files/.jglogs/.jg.ac
        Filesize

        40B

        MD5

        40e5e6ece7435885d9fa62886f69c167

        SHA1

        1c8532975e0271b8b5f6e9ba6fad96e390e22ee2

        SHA256

        8e372fe7a98670aabd516169572b6a935d88a8bd3cb9821e5fe6319a860fb9f4

        SHA512

        50a4cbe7082386de5806e77e9b80434304d6d912aac2e05803e1efe11251a3fccdd8d9a988008e9d8bb2ef3592b746d3af07023dd41293dc386c3019039b6220

        Download Submit

      • /data/data/com.hxgbank.school.app/files/.jglogs/.jg.ac
        Filesize

        32B

        MD5

        ba893ea72b7aa91544420eda24d758ff

        SHA1

        8beff2406679425bfe0f0b41bd50fcb6de764ef5

        SHA256

        a2dc5ffe9393861896427f4377d84b1cd797d34c1ead1ccb3c34a4ab5748ccd1

        SHA512

        15b0ceb4e3a7a99a6e6d34f09f2d1d1000004c2d6801500698989ca668aaab0ee3e241847598eaf146c680dbfbed65089cdfb5d19271ffc91ce7a5fd040745f7

        Download Submit

      • /data/data/com.hxgbank.school.app/files/.jglogs/.jg.di
        Filesize

        340B

        MD5

        9f33df038797d24b9ca82f5c40117a42

        SHA1

        57948195240df830a69958a27463bbe7c3f45346

        SHA256

        b3d8a9a0b33bed865d9cbe04086e2802b4eed1ca3301efe322561bcfee2ff569

        SHA512

        1ab7c8f6cbb4eeff346be50671075ee6931daec1fb47b00d0c18797af362565a5e9866ada6f595ab95b110476f5424fa8a31bcfb4b372c3ab8900fb6435e0569

        Download Submit

      • /data/data/com.hxgbank.school.app/files/.jglogs/.jg.di
        Filesize

        340B

        MD5

        26693207ca360080a608a6c6dd43c1b2

        SHA1

        812d27deb8796d0081c507d046753ababb6f9fb1

        SHA256

        0b1af439746c2eaa56fdc23a9b747bcedf06f841e7d6b13621dcb5fe00badc75

        SHA512

        97de79ad9ae7bad45f3fd025322935118ed934bf0b2663759af66bcace64d86aeb7e35f58892aac6faa38fe52c3678c519981554cd306d58caa264fd8ec42f48

        Download Submit

      • /data/data/com.hxgbank.school.app/files/.jglogs/.jg.ic
        Filesize

        32B

        MD5

        a671b2a487ce3673f5547648ef5e8906

        SHA1

        460082724bd55206c8cdbccea1a38e62678d90c3

        SHA256

        9b93db346989890149a35e67fd83d88c3e836a08db42917d6123fdba8bb72fe3

        SHA512

        c20331ebb5d268c2aab968788f5f85bdcd2919c44ec1e83a03ee92edae2835197131431154d139f2a35cb95ec0cc0727ba4e9809f666ad9c4131f6eb301cd332

        Download Submit

      • /data/data/com.hxgbank.school.app/files/.jglogs/.jg.rd
        Filesize

        73B

        MD5

        23cd80889893490681139dd111e97e88

        SHA1

        472dd5a8319054c30b37544dd5553e264d8b100e

        SHA256

        c5090543a5ed9494ff78549864214c5737917df0e84ddb4809dbb7b625d36fad

        SHA512

        f96a31c389308226ff11a2e1170db139020ae415343eda7bda44e90b16e517d24fa289aff09fa6a66ab32e4b818d62a9394ea4f054242c3d25af1c76672201dd

        Download Submit

      • /data/data/com.hxgbank.school.app/files/.jglogs/.jg.ri
        Filesize

        314B

        MD5

        5880b7742a7fa16d460790f65989a13c

        SHA1

        f9fd989b85b974e4959409c9b13e294fbb2f0b87

        SHA256

        7f6006a7d99e2e67924e1868a110b9d08a0872f76bfeb772add195127a964a0e

        SHA512

        caa15456db5fb037812f1ec5b30061592fdf5d8baa4b374bb095d27c2eb42922fe8337ee1020ccafcdc27a5a0da5d03d3961dfca35ae6fd357567d18001f9838

        Download Submit

      • /data/data/com.hxgbank.school.app/files/.jiagu.lock
        Filesize

        27B

        MD5

        f156dc2146fa65740ef1c1a9030486e6

        SHA1

        88e819544be16f314538aec1f48bd3f8e3c91e99

        SHA256

        5e8e0abf7f9e6a443ce92d0457cce40beb18e448c8a067eca433165ed6afe21c

        SHA512

        f21a402258efbdaa5cc4407ef2de2d01e9fc74b20c8bc996a371e30830e8738c902a8a623a29761d04f00f2eb6aaef690ad71fbb1e456ffdff20f9afefd8b9d2

        Download Submit

      • /data/data/com.hxgbank.school.app/files/umeng_it.cache
        Filesize

        413B

        MD5

        59abf6630be72fd15a721522eb247ba6

        SHA1

        aa347543e576a33589dbffadda8e61461f5150fb

        SHA256

        27b341ca49c4244f1c48f4b7acbf34d23c74efd2caa37745520e38035965cdde

        SHA512

        ac3ecae22a0450773613f1bd3427e613ce952f1a98163b755ed0fb360cba4bcfeadd1b902add902be6d43b41d6bb491316d7008c1ee2731bbd1eac618ef1f263

        Download Submit

      • /data/data/com.hxgbank.school.app/lib-main/dso_deps
        Filesize

        152B

        MD5

        c836ef2c960bf4770ba33634a1e99461

        SHA1

        2826b84d845e991ffa131853845f2b941187349f

        SHA256

        c08569f6118002d0e6fe6cec87108efff1e1a731d8d480df6412edba95efc895

        SHA512

        62f0bfeb817a228818a63e0ede94cdcfa651ba64541ce21d3b5eb856e432b9540c781bfc93a10c9a95875ea994db6abca02a24a337bf5540070d4cb374ce82ee

        Download Submit

      • /data/data/com.hxgbank.school.app/lib-main/dso_manifest
        Filesize

        5B

        MD5

        c06857e9ea338f3f3a24bb78f8fbdf6f

        SHA1

        c5a0a2529d2deb60fec041b4fbd722a2ebe31702

        SHA256

        957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027

        SHA512

        29f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1

        Download Submit

      • /data/data/com.hxgbank.school.app/lib-main/dso_state
        Filesize

        1B

        MD5

        93b885adfe0da089cdf634904fd59f71

        SHA1

        5ba93c9db0cff93f52b521d7420e43f6eda2784f

        SHA256

        6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

        SHA512

        b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee

        Download Submit

      • /data/data/com.hxgbank.school.app/lib-main/dso_state
        Filesize

        1B

        MD5

        55a54008ad1ba589aa210d2629c1df41

        SHA1

        bf8b4530d8d246dd74ac53a13471bba17941dff7

        SHA256

        4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

        SHA512

        7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

        Download Submit

      • /storage/emulated/0/360/.deviceId
        Filesize

        48B

        MD5

        1d8d16c4e3b19ebf18988530d9b9a757

        SHA1

        bc94c1cce05cd848a53271ecb9c5311e27ffebf5

        SHA256

        abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

        SHA512

        4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

        Download Submit

      • /storage/emulated/0/360/.iddata
        Filesize

        32B

        MD5

        55aa835bf75db337b753274b15285c9f

        SHA1

        7fc38d23efea11514ead5c1fd36d8379e1e27d87

        SHA256

        0547cb790cb0079da5bbf2e4d605c026aef768f6fef57bd450477bcf5a1cf1d8

        SHA512

        d2deaa683b1637a13a5e3f7ae410a2b39a2eba0534577739b6ab1f570c15976f9210c160583f3375bea120a8c42ebafce959c29632703cc214991dd2fae96886

        Download Submit