Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

b0e4c6b679...6b.apk

android-9-x86

5

b0e4c6b679...6b.apk

android-10-x64

6

b0e4c6b679...6b.apk

android-11-x64

6

Analysis

  • max time kernel
    2731781s
  • max time network
    163s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    24/12/2023, 01:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b0e4c6b679f26579b8309942ee2e1f4dbcb9164e59fc9400cd6a57d4214ab86b.apk

  • Size

    5.0MB

  • MD5

    e5972484ab33f864bcafda495fc553e4

  • SHA1

    155b9abc6cbd32ddc862f6f55ff456cb50a431ed

  • SHA256

    b0e4c6b679f26579b8309942ee2e1f4dbcb9164e59fc9400cd6a57d4214ab86b

  • SHA512

    71b9f9c4f8024d02ac9b3782c7f8825f29e966260023d818cedfa6414837a444c86067961c5a1655fa55c8b3f26589c2daa36780ff126f116d91b75ef36068a1

  • SSDEEP

    98304:a5CjT20ZIQPkmWhvZylINgAkrX4R/xr6YgN2hPZxrFPJuCr8YbIPoVEy/S3x:a5QZIQkmSZCISx2rcNAz9rRIAk

Score
6/10
evasion

Malware Config

Signatures

  • Queries the unique device ID (IMEI, MEID, IMSI)
  • Reads information about phone network operator.
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.txtqbxsyuedu.reader
    1⤵
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:5059
  • com.txtqbxsyuedu.reader:pushservice
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5144

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.txtqbxsyuedu.reader/databases/geofencing.db
    Filesize

    12KB

    MD5

    ea628e04765adaf4238a5dcdff4bbd51

    SHA1

    a801947619ea8c368efe9c006a324dc6339ac60b

    SHA256

    885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

    SHA512

    c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/geofencing.db-journal
    Filesize

    512B

    MD5

    014672ba5f7e613a6a04a1f2344cb4e2

    SHA1

    90c257f4b14a18bc442da6f33571799bbaad5c03

    SHA256

    c047832cf2649f66e5e83b096cbd9c747e346b51953f8260836c6020835883ea

    SHA512

    f70e1f68b3fa30379fe773a85e900d50d13951ffd2bf092cf08133145a4b63e0d33d2a9e05bb70973c28971a9d47545a5765abc05f95edc190730ad930744cbb

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/geofencing.db-journal
    Filesize

    8KB

    MD5

    dc5d9862a6c791571c733fa41ee84248

    SHA1

    5f9b282871d7ab0e2672527bd1bb94feb67d2bd0

    SHA256

    52f00e73a9f51eaa652b0a491b49974c5fac770a8fd086c1d515892aa08b7507

    SHA512

    123a85c43b9f373017a1e9fe14a97793e3d0d5003bd335e899e42dcaf45a25f3284700eb69aede99604473b5a17b46d7dc80188e006b7130f501e9e7cee8ba47

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/geofencing.db-journal
    Filesize

    8KB

    MD5

    10b1ce65a38e9a9f107a0acfbaa90992

    SHA1

    98f75957bc9c43eb94ccf98529e5bbb986174d3c

    SHA256

    fc02fc8fe8c9fa0a31aeb5e336e576a5a248a4339257cd6f6d66d107e37c805a

    SHA512

    2bf3cd076989d7a5ac3b24a29e75a17b25751552976124d654d029d3c10eb9a43d5353f6ff3763ef4bfb57452ac9e796ef53b02d51526574b8158209e4bb7562

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNTM4NzE0Mjg4

    Filesize

    1KB

    MD5

    986f322d1a3283db55476905e3fcbc79

    SHA1

    6805c7fdd9a3871f4087e771ff7eb8fe6201fdae

    SHA256

    e5c5a4c4b448897cce64ddfe10c6acec8539a0b9929e9c938d09732b98b8c23e

    SHA512

    0f5041d68079581c73660673f36dff9e96290d79d1d0d5c54b8ce6e443ee5b4d55e48c3a7e309d17b7720b2832d56b58d8a669b95057a3c36f82531fe94a2d37

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNTM4Nzc5NzY5

    Filesize

    1KB

    MD5

    52674a388d794657ebef895cdc8ef94e

    SHA1

    57104b88fbbf723cd8b8ba0a12161e806f318d96

    SHA256

    ff707bbc138a88d01e02d11ffcf8716902a1e8ef53114208c3a204592bb52476

    SHA512

    80b5dda5bb1426abe7062e64c70429b633dc63e980eb02c1e2af01bd106287fbffe85637caf9715375be73e327acac86eae04a610bbafe8e2488c92d7c4d0fdd

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/files/tiny_data.data
    Filesize

    8KB

    MD5

    017c4ed269574916254f9c76b2044882

    SHA1

    11226cb91f5e048cce73cb90234f4886a5b245d8

    SHA256

    146df1860f8af33b933437c11f2edff0b216da9aa9ab867de9f2f77f42f2cfa0

    SHA512

    c2328e295171d6ab6cf30203398095c3d3556be7562b1539a6f1b92cb6422fab0ad644252fcfeccc0bd1c454afb89ad3f600d1f704d5584193e5ffb270b7d168

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/files/umeng_it.cache
    Filesize

    350B

    MD5

    02d188eaf5f8cc40206c88b06a480d2c

    SHA1

    7479bc4eb05aae56ced45a40a481978921d3819e

    SHA256

    2a2ac36376c85adf692e4afb31926301044feff34eb2f9b9d7752913d5c297cf

    SHA512

    dd23e7663fe5e3136ed46b78b1b5bc20768b257d1236d859c6a0e9206b6f6e22bea94ac4982881ad275966427fc4137af04600358a96366a56c1056a56c3d7fd

    Download Submit

  • /storage/emulated/0/mipush/lcfp
    Filesize

    41B

    MD5

    cd437a5e960c78ceb645aaf082337352

    SHA1

    f1a8b79b2d4eb8d1d82ecd8b56bc4c022c60c1dc

    SHA256

    fc88dbc3d5333b6330fdeb218bc5da48e927dd3a673287751a5fec20db43e66b

    SHA512

    0d5b36075a084c23449c7cb2111d3b7f7b8b8c0d8dcf0ff958f54b5e42bb6f4f0988a165cb4a136fe112b25bc8d032f924094d54a487efe1d6b83d91960d9180

    Download Submit