Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

b0e4c6b679...6b.apk

android-9-x86

5

b0e4c6b679...6b.apk

android-10-x64

6

b0e4c6b679...6b.apk

android-11-x64

6

Analysis

  • max time kernel
    2934948s
  • max time network
    157s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    24/12/2023, 01:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b0e4c6b679f26579b8309942ee2e1f4dbcb9164e59fc9400cd6a57d4214ab86b.apk

  • Size

    5.0MB

  • MD5

    e5972484ab33f864bcafda495fc553e4

  • SHA1

    155b9abc6cbd32ddc862f6f55ff456cb50a431ed

  • SHA256

    b0e4c6b679f26579b8309942ee2e1f4dbcb9164e59fc9400cd6a57d4214ab86b

  • SHA512

    71b9f9c4f8024d02ac9b3782c7f8825f29e966260023d818cedfa6414837a444c86067961c5a1655fa55c8b3f26589c2daa36780ff126f116d91b75ef36068a1

  • SSDEEP

    98304:a5CjT20ZIQPkmWhvZylINgAkrX4R/xr6YgN2hPZxrFPJuCr8YbIPoVEy/S3x:a5QZIQkmSZCISx2rcNAz9rRIAk

Score
5/10
evasion

Malware Config

Signatures

  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • com.txtqbxsyuedu.reader
    1⤵
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4265
    • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
      2⤵
        PID:4427
      • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_min_freq
        2⤵
          PID:4447
      • com.txtqbxsyuedu.reader:pushservice
        1⤵
        • Uses Crypto APIs (Might try to encrypt user data)
        PID:4313

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.txtqbxsyuedu.reader/databases/geofencing.db
        Filesize

        28KB

        MD5

        1deb6b895a2280f63ea2f3783f0a5ebd

        SHA1

        c01eee51a200d2007d3972b551e2515fc8f96d95

        SHA256

        c14b81f1de9ea7414f9ab576df19d63c1d4f22750ab37f0800a7a0ee6a15a70d

        SHA512

        269affd56d83a323141c44f786128a60d501d4e0ede0c4b7d9b5757a2e40851872c801dc1355c62c0607b95b1e42e2bf0b824d0230e1455655d1bb020c6a45e4

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/databases/geofencing.db-journal
        Filesize

        512B

        MD5

        891d479e7850694ace8deec1db7c922d

        SHA1

        62e0c3369f96254e6071703afe0b6280c9c5c975

        SHA256

        18b0296c25270545fe4ba84ac5b89eed72adf966c55e4091986b3e413928eec1

        SHA512

        a49aff1576d31ce4d7997e41ad2e976aa30f3f7647b18ccac0c3fa138f2e903ceba3ac7680ab448861c494a9a7fc0edac8ec35aecbc4d865ed7cdbaecd83e55c

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/databases/geofencing.db-wal
        Filesize

        40KB

        MD5

        703e4bbecf46a1c0204656cb2612d4cd

        SHA1

        4fecb9a57ce73a1c872492d54f6eb693d5b02b97

        SHA256

        e530e83cf5701d6bb6b3381245d11a29df6bdbd57902c7bf4b783097c0bcb8eb

        SHA512

        0db3ee79f8802f446680a77e971c11fd087f0707537225d4486cc86742b31e11ce2ed903a4af75f0096e658f2c2af2c1eb2ee43deada2aafb24fca248c19edb5

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/databases/ua.db
        Filesize

        36KB

        MD5

        0adda9c85a5e4808f5b1b74c0a8591a5

        SHA1

        5048107883ab1e345af9cf2e6849ce46e0e612bf

        SHA256

        1e17860bba2bb4e3e92df3890aa6dddc973d6602c71519a15556d37bb69de2a1

        SHA512

        646061d3d5849772511bd94e36ca2d775a9a672851629d1812942ec0f0f925714eb7d4ebac44889911320cb6710a2f586014f6b1e126739cab653c4f8deef2d1

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/databases/ua.db
        Filesize

        24KB

        MD5

        79f04ac0d1242ca0716d089d742b1504

        SHA1

        8fecdcf69e6ed34f838e3fcdf0b83fb4784ae8d2

        SHA256

        14221cd9ff265ce5d48602f746d6d649a6eeb5f5823909e60c78ff7342be56e8

        SHA512

        432100582126adb988bb5af80a65edc6c343eafab35f8af17e4e98b4c042e5987a746e2f10178b36c78952963f2e2ed6c2056886bef8235fe2f8de5f393d06cd

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-journal
        Filesize

        512B

        MD5

        b088dfd4ef5d4b0f82c217b7baf02b4b

        SHA1

        63a21e7f819ee740b298e309eb9288bc608f6333

        SHA256

        159dce27d28babd1df26df91bb79e2fa267cfc5aecb47fc2bb858efd82185527

        SHA512

        f6cd57757477e9a30cd6921d295b852c9d680c60b3e0e6aedb8011d5a400efa37ea5b422af1b269a59e5ecee787a2b2422de2cf9521589ab9b22d3a635e8e028

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-shm
        Filesize

        28KB

        MD5

        cf845a781c107ec1346e849c9dd1b7e8

        SHA1

        b44ccc7f7d519352422e59ee8b0bdbac881768a7

        SHA256

        18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

        SHA512

        4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-wal
        Filesize

        48KB

        MD5

        c8e8152e692ac665409d10541accfe17

        SHA1

        0aebac33f9a9f8031499f6b567d4c52bbf2acf70

        SHA256

        cdbed9b0e88663389dde61fa29162ff954f0d38e976d23b43c62d680b11f2112

        SHA512

        aa276237b11d5e5adb534df1ee9126c94facc5ef622b2908309aca8d63dbcc7e4ab600c2d487bd6443bb03b0acfa22e9759405d2f4df2d758b3b1e8585083c15

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-wal
        Filesize

        12KB

        MD5

        296c4a729ddd36a81ef5739d0a4a6dfd

        SHA1

        db78b9ae9ae4deb009a03098eec12fbc34739a71

        SHA256

        5782d44ee478e6fb07b7dcfd1f91ae80749c32f50fda91c7cde3bbdb8802eeb1

        SHA512

        1384694f38e36d240018caea3796b986bc080f6ca2208c88b42d4c1de8a96449216c09fdcf600d30c6a92a3af090cc2f4d646482abe6269e606b326b83571a00

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/files/.envelope/i==1.2.0&&1.0_1703741880890_envelope.log
        Filesize

        2KB

        MD5

        87e4f1a0a0e11cbce974a345a0bb4588

        SHA1

        8b9c7abb72dc750f74f55d031fd7fd36bb3f1798

        SHA256

        357f54396142c52f1408235dd4de27966bf5c128010d611ef27b314aedbc8061

        SHA512

        a3f6e25e59dfdf1f0b2ddf7dea4761c92a0c2c21ff90af53258b178e2c9b0a768d643c1cdcfa973ba03b70cd592e4205ebe0f6b692a8523b94e17c224ffed290

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/files/.umeng/exchangeIdentity.json
        Filesize

        162B

        MD5

        70e97ec0cf81e3a903e608ab95829874

        SHA1

        13609908f42a9152dd4bde5f918219ef04244c11

        SHA256

        a7e222fd54672cc6ef775840204229f80521369247d400099475a9f24fd8e8e1

        SHA512

        4199cf3de81cf07afac7f0880ed9e99f1c18919c6c21e1cfee22420e7ea7ec5d32ce89e466068fdd167c721fe098788f38ad7cb299b16a10e7148546305980c9

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/files/exid.dat
        Filesize

        51B

        MD5

        e0b5b7d1928cd222630df3c72dcef609

        SHA1

        f9f59567d7effedcca1424262fa8ba4a5d6bf6ce

        SHA256

        e05fb79fd4453228f12d095d4bb0f92755313fab08c137239906d732fd90c43f

        SHA512

        922e4d5cee388bf4d6edc15a344fbbd6512b383f764c08e94942aec69703543e47865774ebe932a0d18685bb62a60604ade5cd74a40c5da89e413b3771a31303

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNzQxODc4OTU3

        Filesize

        1KB

        MD5

        ab251929ed8c2de0ccd1c42aec0457c7

        SHA1

        34f077297f611755b54184d457434b6f7625c0c0

        SHA256

        285b7d5dfce846d531a700b95ee5990740971d8d9c99fabbb4ce391883dd808b

        SHA512

        73a4bf73d0768f145d58dfde907d514fd0c4b90f26550d20dbb15aae921afb192c69e55f49c41b7857282744ebc221cd81657119850d14d96bd13457370512e7

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNzQxOTM5MTk4

        Filesize

        1KB

        MD5

        4518d271613a62a7f9141ec72688596e

        SHA1

        c2102145f8e659ea6f0e1bb94f8355d8f4e6d7a3

        SHA256

        fcd2c3686a7fac914b202ab35db702f6bb3f97b7b416b4db932e873c861cc727

        SHA512

        3d8b2567c87a8fbebce2f2a0a1f324fa9a4377b9039e9a869edb18ba3b838c36b6e829b4afc2bcb4ba0eb428d084278203cc6349f87f99a8d91bcf94e503c4c9

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/files/tiny_data.data
        Filesize

        196B

        MD5

        621145da98ec00f5b6aee2925e6b681c

        SHA1

        bcf4dbc4f53e0b7b2129eb74857d3f1fc8a16854

        SHA256

        138b3b928d29f61e987475a3d74652b64add40f16ed44d2546590aafd0e27512

        SHA512

        a1c1b1e0803c3db09436e1de252a5280a43ebc9cea9a8e134580c43b8e5420e35809103cb6d2a00be0476005c46ba371d55ee6bea26ab5f16da7379b84f1c621

        Download Submit

      • /data/data/com.txtqbxsyuedu.reader/files/umeng_it.cache
        Filesize

        415B

        MD5

        d429637466b560b086869796fc60db18

        SHA1

        88954d19c3571d97d75362595db1d9e7fc82795d

        SHA256

        c9cf4cbeedc657eee3337cd6773a34f2beb0943451a51e4bfc010466f94c241f

        SHA512

        4c26249e1ce5d1c0610da49922b027ae4980e95d66a08da966447084d206679e49886e9adf08eb7c8563cfe1d2fbe021e6f656fe601363c5107b725e15ba0dd4

        Download Submit

      • /storage/emulated/0/mipush/lcfp
        Filesize

        41B

        MD5

        6f093e59f3f4f4b77ca7f88aadcaa473

        SHA1

        a292877667cf174daad2efd7bd89013f8a0c158e

        SHA256

        badb23c915dcc3e55b1e4308d8bcb1f9ea7b4a2cc6eae3c0352ef0e0116a2e84

        SHA512

        8e8bf23eb88d22452d6964c2b41082f00416c0f578f08af49a04a45665e86549824902debb41a68aadceba10c954466ec2a7d1c95694f85eb7c7f88751db79f9

        Download Submit