Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

a5bc0ef0de...42.apk

android-9-x86

6

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Analysis

  • max time kernel
    2907372s
  • max time network
    163s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    24/12/2023, 00:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a5bc0ef0deaf930a316f6c385104aa5ba1dadd635df0a56bd436397f1cbfff42.apk

  • Size

    23.7MB

  • MD5

    c8c1af32915154bcbefc21f5e7c3422d

  • SHA1

    e898ac24bf72dcbc697edded0360dcf225100a64

  • SHA256

    a5bc0ef0deaf930a316f6c385104aa5ba1dadd635df0a56bd436397f1cbfff42

  • SHA512

    fea9839d94636306827032c88c7489dfe622cd6f17d5f85be1e02cbae16f502ea90f356825289aed1483f95c0be860f1a4fcf2ac8a60de58703b3e5c7f753ae4

  • SSDEEP

    393216:59TI5WYaSUTzasGVAIhzP57Y2dy33l8M/gFMNKyJFlCEeH+tN+ojH3Rnf4gKCNx1:bCNUzRGVAy2uy33J/gWxJFw+mGXRnf44

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • com.yx
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4259
  • com.yx:push
    1⤵
      PID:4293
      • chmod 700 /data/user/0/com.yx/app_bin/watchdogd
        2⤵
          PID:4325
      • com.yx:remote
        1⤵
        • Acquires the wake lock
        • Uses Crypto APIs (Might try to encrypt user data)
        PID:4642

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.yx/app_bin/watchdogd
        Filesize

        17KB

        MD5

        ad9c3d8b50f03d89385f22e3d4d7a141

        SHA1

        bec7024d0b369416951a79494c0ca9714ee67d7a

        SHA256

        28b304c2e9f96c13ec2877ba71f759522c0ccacf1dfe380be7d62f155c628c94

        SHA512

        0e8c4b9737b27805308678879a823f776d7453a2ef02ada9489647e8d4b39f5111daa27ddf44111c2d0e558390c3fd403518aa821ffc6f39e3a90f3826f1d051

        Download Submit

      • /data/data/com.yx/databases/.ua/ua.db
        Filesize

        24KB

        MD5

        2f0976a8ca1faaa051e7ca086be5ff6b

        SHA1

        4eff8815c5752ab862416cac596144618349c28b

        SHA256

        aac6c8b40f048c15997b5f47601c4cf9de1aed27fbbbaf87c1b1d7283b31ecd7

        SHA512

        26ea7af24f49a197dee3d1bca190f40e2f84e0b8ce30cffa2d2e364f5643f77fcd356d5992130ed231cece496e1302f95758de2e9bc8e149ae7dd21580fa1e6d

        Download Submit

      • /data/data/com.yx/databases/.ua/ua.db
        Filesize

        32KB

        MD5

        d604a3bf1f8d992cc320ea5b1f7609bd

        SHA1

        247f88df0b55c7d523ea5398637711a0e4a483a4

        SHA256

        329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

        SHA512

        67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

        Download Submit

      • /data/data/com.yx/databases/.ua/ua.db-journal
        Filesize

        512B

        MD5

        2e130e8017191ef798ce83c454e2420d

        SHA1

        c93e8f3e515310c28d34e0b4410cbf24c6da9c71

        SHA256

        460639fa7114e2c16d87874354f1ab3bb0ca8bfeb5363275e37a355419047e3b

        SHA512

        b9cbdb4d3ef6cadab635ce47d8bfc9336b0564f92f92e1b211cddebefd0a66672723237ed1fbe6d8de4a38f3d201790368b18def9f994f6133b3a7a65762e0f0

        Download Submit

      • /data/data/com.yx/databases/.ua/ua.db-wal
        Filesize

        52KB

        MD5

        5c17d227c07ba7b94417d05302e912f0

        SHA1

        1634f1c3f9d9763818067aef5948bbbeca579d37

        SHA256

        6fe24ffaef21a177fb746fd246b49103b9e64c42334941f7e816b60204f7a7b0

        SHA512

        27b964e641bd8f53c7bcba2a9e5a76daf78e542b518650c5b0e5fbc03342d45b95b524ba86c62efddfd3439c03cf63ab3d475305e3e3abcf491daab74a021121

        Download Submit

      • /data/data/com.yx/databases/.ua/ua.db-wal
        Filesize

        12KB

        MD5

        3542d55c91b5d890d27c19717a051305

        SHA1

        b4cfaf8281dd33c50b8b6298983a1ef725ae2a08

        SHA256

        3867cb480aa74ed11f95202af688040a302203d16c17fa86124a8e75d810b740

        SHA512

        bb40a279fd99d0950857cc0bc92325e9666374c8321e4f2c4538d98953a76020c51d574a7cc4cbbcf2c0466e2987d5c279768fc8994d7e27110b0fb99b39a864

        Download Submit

      • /data/data/com.yx/databases/.ua/ua.db-wal
        Filesize

        8KB

        MD5

        71ba4d99532e9c4df8398eeaf8ed972d

        SHA1

        0777c07e1a61564724373f7a7844f38ba141e424

        SHA256

        f3eaa37ab5dbb19219178a903e849cf46220d05678748878162be12cee348ba5

        SHA512

        3a2d67f6f804227954f38ce4eff451b5893c4cfaae7be4866a329a5bd0e5c4427242ace7ce01b3ff40905e3f7528c897ef375fd38fac373ff43158d9b73cd1ce

        Download Submit

      • /data/data/com.yx/databases/cc/cc.db
        Filesize

        36KB

        MD5

        ce6135aa1b1fe4f2c2db2a546d2a5558

        SHA1

        79b59582154017aadab783dc266fcb158c252940

        SHA256

        7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

        SHA512

        2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

        Download Submit

      • /data/data/com.yx/databases/cc/cc.db-journal
        Filesize

        512B

        MD5

        605d8f15a89ff837d7f4e892c2c8a3ef

        SHA1

        a2301dc3cb2c276ec60cb1ba624e0826a6983af6

        SHA256

        0bce53551a0949a37b7bf35cc4f5fc24fe165ee9962906e8532e2b4bd10cf5d8

        SHA512

        93e91fd114e7bd5c1b05e8c030d71c91df6049ced2f0da3893d809f00b22174beaacdb9ff82e95384749552f6ef79e552158a6595cfa893e1c84c67e615d0729

        Download Submit

      • /data/data/com.yx/databases/cc/cc.db-wal
        Filesize

        48KB

        MD5

        1621867c355287608e14f5a9aaab79e5

        SHA1

        b6f0fa60ae70cc6a6bba22a3cabda040b8ff1af9

        SHA256

        908e7dcdd374ea9af4439770874b6de476e0c213550c63ee52740cd5a8b81730

        SHA512

        74ef85fcab1ef0d1afbb8dc851966c314f43202c052594ee7f305b374ca79290a4c5d700bfe073cf72cc6135eccf47516a9feac23cf435bac88dc9948606ebc9

        Download Submit

      • /data/data/com.yx/databases/cc/cc.db-wal
        Filesize

        16KB

        MD5

        069f3907b291e0ec6e584e80c2b35862

        SHA1

        1e4c8e7a6cf62356a53f3d68d185ab4b542a978c

        SHA256

        6a5810026d22939240acedab92eeb554e82d15e74e64f77acb59e40ba273bb66

        SHA512

        74030b0af56bd6e68d17792685393b786b3863dd198f8090b3df32b18dbd251b02c2ad4fac692e481bb7b2cea7de38a3f0ffb4907b9885b1a9c653d248fbd3b6

        Download Submit

      • /data/data/com.yx/databases/youxin_db_-journal
        Filesize

        512B

        MD5

        cf3e37dd0dd6349d3922ee37561c3167

        SHA1

        b57e5bddd54d296f248be6638446fbe858201ee7

        SHA256

        072f6853e9b77de51247fb801b54ab4de8088c8371abf0fe4a0a4785b8298d00

        SHA512

        968efbd0df518c4aad76e9696617e5ad6242480a03c95031b62cebfa444e0d986be93f897672faacb1c631baa18270011e72a3eef7064e105a0c0c4e031210ac

        Download Submit

      • /data/data/com.yx/databases/youxin_db_-wal
        Filesize

        16KB

        MD5

        ad75cd9671d247766350696787c57301

        SHA1

        c93a81a0c26c74f1ede2855de529c6b83ca0b418

        SHA256

        b6ab1402a4ddb71af5c8ac401b67d069d33af8272f9cfbd2d0d0d2650c494a94

        SHA512

        9e93f719b77f9ec90f571561b138369ec4728e6f22c9937ffd9822208cf6b4298a6e07407788b40631d680cf6b3bff669fb12d4f701a6df0d91e2a99b875b1b1

        Download Submit

      • /data/data/com.yx/databases/yx_new_messages
        Filesize

        4KB

        MD5

        f2b4b0190b9f384ca885f0c8c9b14700

        SHA1

        934ff2646757b5b6e7f20f6a0aa76c7f995d9361

        SHA256

        0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

        SHA512

        ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        Download Submit

      • /data/data/com.yx/databases/yx_new_messages-journal
        Filesize

        512B

        MD5

        dafa21288e9d2064c3ce921fac8fab6c

        SHA1

        2d308ab0cc4cf98ce65605d9c30a7f09de9edb07

        SHA256

        2592738af43a1a32dd87d14087983a63c8654aa38dac34fad0d2082aad40251f

        SHA512

        94e0dc185a5029e1b1653b8bb9f42c72a60e23552101860aae8955e7a3bf9bdbe8465d9fb6fd7da57f1021e86756835b9b2c06d6288f50ca3b01d8467f66c7db

        Download Submit

      • /data/data/com.yx/databases/yx_new_messages-shm
        Filesize

        28KB

        MD5

        cf845a781c107ec1346e849c9dd1b7e8

        SHA1

        b44ccc7f7d519352422e59ee8b0bdbac881768a7

        SHA256

        18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

        SHA512

        4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

        Download Submit

      • /data/data/com.yx/databases/yx_new_messages-wal
        Filesize

        20KB

        MD5

        6f3d979e77be24a35563f75d769445d1

        SHA1

        b22e2bcc42bcab56cf98d99dd93e163f7cc83964

        SHA256

        c7eebc6cdedff97e8fb5a7277255070bbde72c02a341c1d8028920918aa6e76e

        SHA512

        8f77d9c17d5dc206fbd28ce7aa18dc58322e6081a3f53350c583d92ad4ce88f4a8c0f48f1f2884c0070cc7e924f9aca655d71dcfb518b39d50272fed932855cb

        Download Submit

      • /data/data/com.yx/files/.um/um_cache_1703714407821.env
        Filesize

        1KB

        MD5

        5182fa650a22fb1ced820c62628afcce

        SHA1

        3d6212e88c0fe2bc72a828fda4321793d3c65027

        SHA256

        825538717936ad5bacdd9b26d5276b229ae6dc62fba46aed2e5eb44e8c35fa49

        SHA512

        6f09cec23128c51184061fb158e18a3b331015117e02b22753db9b22d344ddc073ce036623ae9f2589550771dc8c5acb59a427599fcb8c6a367eed9a6d47bbb4

        Download Submit

      • /data/data/com.yx/files/.umeng/exchangeIdentity.json
        Filesize

        162B

        MD5

        cf99a7925e4320981fae9bda7a4b8e61

        SHA1

        10bc43fbe21171e36c01d45c493efdf98e739a37

        SHA256

        b6473555d0409220bbad2d4f473307f388ee62311d60b1bc20650cf4ae5287f1

        SHA512

        cacdc3cec25602617b6b3c7a81d2880a52b975c3d430276c01a72b34aa5a00eb739db4c8a91a926e95e6604d13e56e297b0d72a9d0355df3db236d4038732d31

        Download Submit

      • /data/data/com.yx/files/exid.dat
        Filesize

        54B

        MD5

        b2f7d02e56d0941e624372a585b7270c

        SHA1

        660b0d6a3e207efb1554592c17a952b4ab5cedab

        SHA256

        c08d1d777cec613fcfac3c2ed2bbf543a57c558e97e07eaaa41c2071af92feac

        SHA512

        61e77859da975be0408ea217dcb997407e8d35c2bed1f25b8640feaa6db6c15a018f0617d8b91198cc1adb70cca4c7e6d53630b1b5b8d7c276a5f1baee3407b3

        Download Submit

      • /data/data/com.yx/files/umeng_it.cache
        Filesize

        498B

        MD5

        5c7f08455e18cf9b62f3a13979b9009f

        SHA1

        80189e4310557c49e4d338ddf125e21c2fb71491

        SHA256

        40ade70d306147a607b407ce8c7f969ec59c807cb0ee52408e01ffdf8e5ec728

        SHA512

        7b97cfdd80f6b5b45030a7078fddbd1bc70d023f0512a7090491d40195ce276f8729986e1a91411708d6d14ad5a200e6803bd147621a83742a506331763584f6

        Download Submit

      • /data/data/com.yx/files/weibo_sdk_aid1
        Filesize

        46B

        MD5

        4028c8b91f544d6bd51a266683ff791e

        SHA1

        d8bacd93b5724c8500f66cc46632704115635afd

        SHA256

        7cda4149bb95d3c082f01b19b365228fd339ce4fcfa02969294e13bdae41270b

        SHA512

        a8fdcbe785c7f9eabff76f227db4e8c1d099dc8adc81a41283f8fbf118fd0fbff93be1aaacd3c966888f30f247215125317efa56495f022486f5262cd2cc3831

        Download Submit

      • /storage/emulated/0/.DataStorage/ContextData.xml
        Filesize

        65B

        MD5

        9781ca003f10f8d0c9c1945b63fdca7f

        SHA1

        4156cf5dc8d71dbab734d25e5e1598b37a5456f4

        SHA256

        3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

        SHA512

        25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

        Download Submit

      • /storage/emulated/0/.DataStorage/ContextData.xml
        Filesize

        111B

        MD5

        38048469718622cc72dd0b71892c9245

        SHA1

        22092e104ad60be3bfe35949f9bbcaed1b11faa0

        SHA256

        9d3d8c10ae989f9fdc92ea5c7e01e95044fdbe652605a523db808e1e15f8634f

        SHA512

        52fa669d5c3a7b9ae058ea064dabd852618b35a9d6bac79005fc7212ef191aa6644d5af173a6b73380bc21caee04f6622ae52af8aeee00c640b8ad7114c5246c

        Download Submit

      • /storage/emulated/0/.DataStorage/ContextData.xml
        Filesize

        213B

        MD5

        49bcf7805e946d94f693fa624dd29b61

        SHA1

        5f2a6c5b700afa9f8d4e4ba1ea35c2f0c30c3519

        SHA256

        0d3356f0b349d098f52d1b6655ee192df4ab74994527e0338fef425233b98f0f

        SHA512

        17dc666516610b14b14fd8394a81663e2b7c8cd6f243ac871e88233b82a0ea06c177010037101fc1582b8290477e2274a00aa8cd72c2150a5edbfd0d3e673444

        Download Submit

      • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
        Filesize

        111B

        MD5

        a22565876faf2b68efcb3333e8188d67

        SHA1

        40f558a96edec2206329090d55d986e458d80e08

        SHA256

        fe756f9bbc5075d63b6f8e78ed6e167fb1e02dda31a31759d03ec06d3f7fea68

        SHA512

        704940f77ff44cf4613e257ebffe67fbb24eb727f2717f4f86df117a33cd2c580bf3de172a183272f43b0c6503bf22ce8b95e7911eee7eb252b519aa0cc2754f

        Download Submit

      • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
        Filesize

        167B

        MD5

        088c0e4a20cc54897375e5899c5964ac

        SHA1

        6fdb138313e970b59faf496951f7b9a24ab50660

        SHA256

        411fcb020be0f75856c432a1487e08ef8086142f02d31b425a859636bdbf0894

        SHA512

        4a94286003a51b9e1386404c3b71a27fde26c8e210638001c0a7394fa421a40fcbe2c1b3f9527a64bd19d5c4fa6eaf118200bbded994536b4cbf995dddac0a7b

        Download Submit

      • /storage/emulated/0/Android/data/com.yx/AboutYX/log/CallLog.log
        Filesize

        108B

        MD5

        dda4146a18aadea53ddc5e80ff6b493f

        SHA1

        ac110d4ed0ef25f32d1b89b56e164fadfb024397

        SHA256

        23cc9a85f400cdc7f02f165d1a11ade0377f9866fb0c0db8a4af00cce24c3526

        SHA512

        ecfdae65c6fda7ea42abd1faebecb34aa144e30419dd0042c027979be046976ea86177f3435cd4a5026cec91135afdd36294039b0ec5b9ff3d3b6913585cc480

        Download Submit

      • /storage/emulated/0/Android/data/com.yx/AboutYX/log/TcpRequest.log
        Filesize

        20KB

        MD5

        35a568746ad84f6a8ae5c238ad4362a8

        SHA1

        0c671380f1224d9c1410b502580fed4b96907184

        SHA256

        d2fbd770e145d25f5c24021c5f38454d2a103269cc8ef8cc020a25da3f1c88bb

        SHA512

        e0d5123e05a9114ba12f8259f3621767cbde2d3d1ecf9443ffca2d699d87f7ed16f7d5e251b0f86d0a84ffbfdf560360b89001aa52dd1458a7477bc135430ed8

        Download Submit

      • /storage/emulated/0/Android/data/com.yx/AboutYX/log/UGo/2023-12-27
        Filesize

        1KB

        MD5

        5c44674d9ef97152d0e8fbc22c8aad67

        SHA1

        692aeae00f2f66fb73062b1b53932adae6fed26c

        SHA256

        7e9738c8e423038eae5402d00cdb540dc5a853f7ff858bac581cd6ce80623638

        SHA512

        9a16c1d2520b8c725519f10c4b688325f43cb999db0b58fb978bfdf0df06bc5acba2eafe74b258ce1744dce49edcb1a67b8b242c061404be12a94ce184b66a91

        Download Submit

      • /storage/emulated/0/Android/data/com.yx/AboutYX/log/YxContact.log
        Filesize

        108B

        MD5

        0ba24f3234bea5fcb7730805a489d038

        SHA1

        9c2e7b2036bc1cd11d0c6398351f2ccc1454ebc4

        SHA256

        3c2fe4e61cad55fe9233e3576c35a53c402da5145fa42e8025cb09b1e3b73666

        SHA512

        10769f4d74ea6efd5884bd892edd66551a84686585be911ed072de70fecc024c39ee511794547d96b64ac8e91241876e2566bbc426a794287a06dd8f551c0427

        Download Submit