Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

b0e4c6b679...6b.apk

android-9-x86

5

b0e4c6b679...6b.apk

android-10-x64

6

b0e4c6b679...6b.apk

android-11-x64

6

Analysis

  • max time kernel
    2731813s
  • max time network
    170s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    24/12/2023, 01:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b0e4c6b679f26579b8309942ee2e1f4dbcb9164e59fc9400cd6a57d4214ab86b.apk

  • Size

    5.0MB

  • MD5

    e5972484ab33f864bcafda495fc553e4

  • SHA1

    155b9abc6cbd32ddc862f6f55ff456cb50a431ed

  • SHA256

    b0e4c6b679f26579b8309942ee2e1f4dbcb9164e59fc9400cd6a57d4214ab86b

  • SHA512

    71b9f9c4f8024d02ac9b3782c7f8825f29e966260023d818cedfa6414837a444c86067961c5a1655fa55c8b3f26589c2daa36780ff126f116d91b75ef36068a1

  • SSDEEP

    98304:a5CjT20ZIQPkmWhvZylINgAkrX4R/xr6YgN2hPZxrFPJuCr8YbIPoVEy/S3x:a5QZIQkmSZCISx2rcNAz9rRIAk

Score
6/10
evasion

Malware Config

Signatures

  • Queries the unique device ID (IMEI, MEID, IMSI)
  • Reads information about phone network operator.
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • com.txtqbxsyuedu.reader
    1⤵
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4522
  • com.txtqbxsyuedu.reader:pushservice
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.txtqbxsyuedu.reader/databases/ua.db
    Filesize

    36KB

    MD5

    4a8120c91e3143b2db43971dbc77cf8d

    SHA1

    37c5700d35059c4e0a718ced73b3d73ba5d2b277

    SHA256

    1fa1b6e6bd75bcef64d35785e2fd6f2e73dcdf92dce73c8b2a8fed49746d53bb

    SHA512

    465cd282927e30a0a894a75ad261feddde5a31869c8cea6b548362afce08fbb7cff7a784bd1d62c3e4c95916ce30e758d3919dd4cdc13176f29d68c2620c185c

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/ua.db
    Filesize

    24KB

    MD5

    876a91e9daf943ef736539f1b0ba6d2b

    SHA1

    07e1799236ca105204effb948b17ce8e5369fb96

    SHA256

    2abd3e30344d2e4be44dd896f697052a05c6e8d1955b628e226c09e6cc4d543d

    SHA512

    d3f3dcfa64c15014f1b48d9c23cfee064a8b0987a8d120324dc0f3647e936a759425ead9b9fa2ba3a877c5950ab4cfda87c8f39c68369987bccfc76de48e16c6

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/ua.db
    Filesize

    16KB

    MD5

    1086c90d522c1dd564a4a973366d7a71

    SHA1

    6f7a487838226c628c1f63772d1cd45827b2bab7

    SHA256

    984c92580c706983a19b5f46e811823532a05d0e5f132e8d3fe9e8ae28bc2b61

    SHA512

    3040ebf8a030164fdbdad05553b108c5bb59234e33585fa7a1c55a82fdc8054e97376c2e4501800e5a09a43497050314a932ee10954e7f5eb8ddf0e66684abf4

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/ua.db
    Filesize

    16KB

    MD5

    d162b4a0cc1b82ed3364f67891798c80

    SHA1

    d36b0f8b105b8d980d2dd7a78543131ac723ff8d

    SHA256

    407947ef5cffee1c46750d1aacdce9963a991a534a471abcac55c040e7317d73

    SHA512

    b0b69d4613c8fa958b9a68c4b83466893470d36122d2729aa50c9b1591b44158bc6fc57cd21df9f42dc8bae61af8a0602be44a7ff1e62c9f3bf2c77608c63f0c

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-journal
    Filesize

    512B

    MD5

    c60fa4bf60e595e0abd5680bf43c3b7a

    SHA1

    39711ae802408b9da76ecfc4b012d710eb650fd8

    SHA256

    3ca8bd2eee0135f24d4e559789b53ce9072340895c494fd5f180ec49fb6c862c

    SHA512

    aad212249518fa43a2ba078bd6feb3ab1fb6186d15d8097e2984701e6f584ef3a06107ede39879ab75a3ad52279889c8373d08f471a512a007e3cfa4cf412ee5

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-journal
    Filesize

    8KB

    MD5

    3eddb28cc974ce2950523a85213e64ef

    SHA1

    c4cc104c7624088e6346e6661b53dfed13326b21

    SHA256

    3b919675a1cb7ef932149a84a000674c46043275797c8d6d9cc346a2e2442fc7

    SHA512

    30270eaf7337ecec2bb85dbd4f463c7fa86c35fd7e6af8bb64e364b28a0740feac87b85743e10df30111255bd9c4e0ac31e5e04ea25edde38623c37e318c6fc0

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-journal
    Filesize

    8KB

    MD5

    518103eb714da9f363f57b90d55fadc2

    SHA1

    0aa13e1adedde9d5cd921022f53e235f992490b8

    SHA256

    c0ff33a0bfaaaa009000ffa36b170bf2fb8eebee9b6cd33d2fff1ecf91776ebb

    SHA512

    0c8d883b1a58365285e43456a47e5a35302143bec81e10b8f1fd02e6814e2bde5f9a5c3550498dd2d9077e22235c727a047a1c637910f8d4b8cc7aeb8bdb004a

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-journal
    Filesize

    16KB

    MD5

    4365d834d3f5af324ea64a64cff88597

    SHA1

    99a610e368a164cb83391f7dd8da894fc0e27f8c

    SHA256

    e35f0ef88fac1dcb81ea0bf4dcfab71ef461e6b2b23fc47b0371d78d7f505a72

    SHA512

    d0435cf9114acc6ede15f6582115d76179a143583f0c08d53d9b1e9a1daeb5488c6073467aad03b85950b9ffd8df9ed9cf9ac8e2ecf063e97bcdbd869807b03f

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-journal
    Filesize

    8KB

    MD5

    ce6d59a7021556cd7040eecc9ce10213

    SHA1

    834e2bafbb871d3782140748d655ab48c18b529f

    SHA256

    600abe2b246096b54a6a9efdf42c09e43510007fc5672499dd3a6676b4254288

    SHA512

    b7efe5591bcac591d9afc50a7b5dfbf59871630869313db8a1939a8641e77726569b222b19fed29ef36b48f164d5ff209c378452af8098c25128f981f7a16115

    Download Submit

  • /data/data/com.txtqbxsyuedu.reader/databases/ua.db-journal
    Filesize

    8KB

    MD5

    d328cc537ae73e162a37b97537749963

    SHA1

    36085e957bc8aac06ff1e81ea75e8a6bf4831e44

    SHA256

    c2e594b4d0e3428b61f24ee3fc866176e260668b5230ac90f00a30fef5a9c2e7

    SHA512

    dc02239ab83d0f4d9cd1964694c74d25c6b9a4f31fa61e4a6a92e48d105c0455d7924ad51c6cf9feff961c4799097a4d1a36bd6c90e9c1148bf87a5d54770bf9

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/cache/http2/127354e4fde6aa89c1578f00b5ade081.0.tmp
    Filesize

    301B

    MD5

    37db318e20be4a6260882190a143a422

    SHA1

    f0f96d93e08b4d309f39d80d44c372b65606ebcf

    SHA256

    1173604fe70a4e2de8c4e560e72b03eca6e6bbd2035ed77c8f1a1db084338a08

    SHA512

    a16d197ae0a454e2a35bf47f847a14540327b27cff880a56e6a768d67f0d89a6118925e195b5ae6880867e54b0583e37caf2acfa309e489470846320452727b0

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/cache/http2/127354e4fde6aa89c1578f00b5ade081.1.tmp
    Filesize

    56B

    MD5

    476f8ae4005cdda702b4585043e1c6d6

    SHA1

    f835a75f2f34f33af8cb59462553fa16de490f7e

    SHA256

    fd231cbb4b837617a7917eacd39f5446911706ff05e2710fcaff731114e56140

    SHA512

    1dcabb2540f9420fea8cac7c0a3c9d529eccae0307c70127c23611329c42c04d90eeebf4db71edb66e3349adbd6042184f1ea8d18cd0a67e8cd9fe05a5514497

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/cache/http2/83c8aa573bc9640d09161bb6a8cc9718.0.tmp
    Filesize

    978B

    MD5

    1a0af0bbf0580b95bd17733d9f189754

    SHA1

    b300eac94109fc500c6c0704a80e52b5c727103f

    SHA256

    22761a582c0c98d58c746654b7470d7a2abab6911f6aab37c8c00550c4c8ee56

    SHA512

    5d4427aa2b1019d26c26513c3c837009ea22f3a525c511b63a33ff321cc6c32f7fce69963ccfc89ae673dd89ac8c354f1ad3025a50ffa2a87771e80acbf59245

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/cache/http2/83c8aa573bc9640d09161bb6a8cc9718.1.tmp
    Filesize

    3KB

    MD5

    e8a900a9d58d9c40cc9c73152484e05c

    SHA1

    b01e38072fc61eb73a27df7a572493e18faa6468

    SHA256

    a17800f1c0cb357fc2842664f2e47497199b3b779128bb116b67e7befae935e7

    SHA512

    2010d9e53416cfe2b02ac68f6bac46d3b9a9e4f8b80743db3b3537e2ae32c6c247d98810f023e37a3229b4ee006cf847bcf2b72148a4db54b1c6342174039b9a

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/cache/http2/journal
    Filesize

    8KB

    MD5

    bfcb29b720242e6c37e2bc54527c41dd

    SHA1

    2be25810863ecf32f6ce608075ef25b55d921c9f

    SHA256

    34ac117734d3ae0708c6605473f91226378136dea29648d8fa86bf77617d7243

    SHA512

    e58c0a89db075071991c5dc11187bd623b035139274521902a6b1601abf00f00676221d5e957bfcc70ef0448412557cc6813b5d2ac3c6046bd3d4bceebc6bc47

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/cache/http2/journal.tmp
    Filesize

    36B

    MD5

    37e8e716e0e2f4a0b05cd9571d95b84d

    SHA1

    f8d068f6931707bddb8cd69f706f2224ad1fea3c

    SHA256

    7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

    SHA512

    e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/databases/geofencing.db
    Filesize

    12KB

    MD5

    171aedf968e17a2744d2585715606cb9

    SHA1

    bbeddeb3b89fcf809619c35b4a318a80e7d5b029

    SHA256

    d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

    SHA512

    78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/databases/geofencing.db-journal
    Filesize

    512B

    MD5

    031ebcb09a196f06102942378e854df0

    SHA1

    1e5ebec5dd7363d3fc9735711f5a2f52bc460386

    SHA256

    3a9f93027006fe3da1b8495df74c133449b75d6b4d251baf4e75905f1886943b

    SHA512

    8a945f4fbd23a430ca945c3f6754e4e0e4470e66a41a168a870939dfe75b0b7347ac880cb302add40dad48f53fc07bb78896afc604c0e8baafc070d7d9baab86

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/databases/geofencing.db-journal
    Filesize

    8KB

    MD5

    cb55eb59788940eb5bc3a1ef079a2bb8

    SHA1

    3a4495583d80adc37830cd22db9893f711658bba

    SHA256

    545b2ea0fd0705096402abdda2d5b4983b2e8951e7522aee9f393fc2524da2f4

    SHA512

    5688e2476bebcbc063ad3e5ffb879e5ed9c8c8d7aa02469bc8dbaf23838395f49be0dfc95035b9f2c0b79d3854661dd63d55f318b7f18c160a8b2a595f2abe3f

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/databases/geofencing.db-journal
    Filesize

    8KB

    MD5

    3c78aafec4995491321b5e2948af1a79

    SHA1

    bdf88991f7bd6beb2b62ba0cf750be7cb6a75cdb

    SHA256

    afdb04bb05a5246561a7e40f353428792531f240c65dcd4da25340a494c3f867

    SHA512

    aa86d2521ea00779522bc993a7e681117e2c3291235bc98c8d4033a43858cada86427163d8106eb7a29628e4e2dbc1977e1c35bf665528f8a02bf5f5e6ef24bd

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/databases/kdqb.db
    Filesize

    96KB

    MD5

    7a1ad7d18b048a7f1e9cb09714a7022c

    SHA1

    63a58826f2d975e88b47c8327ab9427799a4d497

    SHA256

    126774073ffe4d8aa387df24aabf11c3d25ed933fc4cd1b8c4f078afbf18c974

    SHA512

    8891790e2ee37c779546c1ae4785b46d51d7be0f2f10ef01eb4cfa0437d479c949910a43d481ea0a6308d3ee19134e8f56215c8383a0ffe27797bea1ca9e8c16

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/databases/kdqb.db-journal
    Filesize

    512B

    MD5

    722074cd6a4dfd2a1b908e639e8fa1fa

    SHA1

    3f0fd6ae5a25ae21d74365530dd17ef4d8107437

    SHA256

    84dae51e6e5e5660f51fd0014ac1b55899664ff1c636ff0ad673e04769409def

    SHA512

    70e3cb11f717f9a6b5699abaada983969ae303f60280f3940c58a96f2a41a568d989d3f9fe5b406a7b4989ad6aeb10aca2b40755eab101af5aade12602a71d47

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/databases/kdqb.db-journal
    Filesize

    8KB

    MD5

    bb6eb1a009f65a9ecbd4eea3a6ca15f0

    SHA1

    236e5bbfe278e2e87539b4265f0610eeecdebaa3

    SHA256

    35715d282d4286a2e5333aa88f7c6605cdecc02621004203988045b1c94604d1

    SHA512

    5f593a67162289b7324137e036c959e0c3888079a87c6dbeae3f617e24338c2f1220f77d85d64a290df74ff41951c00fe2f9e308d12cf1775569b1673f5ca228

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/databases/kdqb.db-journal
    Filesize

    8KB

    MD5

    91846eaa6a3364b009b631899af8206c

    SHA1

    941225b23091d0a3b6ca2435e32504ba2c55802c

    SHA256

    b4db516b59c66e9ea07c59df0d515298d35098153fe82e7289a195990fbe2004

    SHA512

    1de3b6b8315d1d5612bf78a5ca6abed00ffa52d22898306477aad0b34c04845baaa9192ae9a35dc7dc95501faf17b0d6b18379461585aa9d249330c6fa02afca

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/files/.envelope/a==7.5.3&&1.0_1703538716970_envelope.log
    Filesize

    1KB

    MD5

    c58f928b5cc18fcdcc51ca2077539d9b

    SHA1

    f60b4e5b6ffee534eff3e3ae296f8c460ab9afee

    SHA256

    932099d792c7c253eb3eaebbd1264ebe686ba3a66552d0955b12f69095a3bba2

    SHA512

    7186a7218d38b7933fa39b112b76b9fe9fdf5f35448947bef8fc2a16d14a79fbf141ea22a191bae0172b262be6f2e259abb3048624ab9532693fb3e16532d5d5

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/files/.envelope/i==1.2.0&&1.0_1703538715246_envelope.log
    Filesize

    2KB

    MD5

    4ba2a8a2a856ca5b8b00873182f1f9d1

    SHA1

    0eaf8afab328f06559cde1c9b0f4acf2a6195895

    SHA256

    7b5ec9f7edd817baca8db12166640523a1172830168692d812c5bbff9f99152f

    SHA512

    a364d096e2fd155959f784023b702681917d53d4ab66378ef0f938e41b4ff9c22c34e39fcb1693d8151d800d39b523fd4553b6c77729908c78ffb28a8301eb8c

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/files/.umeng/exchangeIdentity.json
    Filesize

    162B

    MD5

    9110699cb18acc34879005f2d6479c95

    SHA1

    9f1754d4bfaa8e548574e88b41c1693768cf9b50

    SHA256

    61804cbcfa902b2164ffd28c35c1312ff9771809fe7a9ad2cc7db64910934dae

    SHA512

    56908cf1eaa50e9719d2a595bb9b0e4c6609861c216113d7215c70467d7f579ba8c8cfe4524955e42889b1e80ace9ce0b7be64d0cf921a2ba8a57dac0a0a7ba6

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/files/exid.dat
    Filesize

    51B

    MD5

    e0b5b7d1928cd222630df3c72dcef609

    SHA1

    f9f59567d7effedcca1424262fa8ba4a5d6bf6ce

    SHA256

    e05fb79fd4453228f12d095d4bb0f92755313fab08c137239906d732fd90c43f

    SHA512

    922e4d5cee388bf4d6edc15a344fbbd6512b383f764c08e94942aec69703543e47865774ebe932a0d18685bb62a60604ade5cd74a40c5da89e413b3771a31303

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNTM4NzE0NDc4

    Filesize

    1KB

    MD5

    cc53b9f891cf1a543b6fecf11458e7b8

    SHA1

    f92c2aba9be79bf6746503c03379e276c5cb5e83

    SHA256

    0e5602474dad42d7d2faf8cb5316429216d2aa07186e7071b0bc4db5c5fcd608

    SHA512

    d8d80d59fe3fbcc19d53646cc4d43fcabc96848277cdc3dca39e0c13b0de0d0ccbc3443b059cee3a64085e1a37be55eaf28b668c12c0e8a785a55ed8cd6ea422

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzAzNTM4Nzc1NDUw

    Filesize

    1KB

    MD5

    dfb905b5b9667a39ef0ec9f92335802f

    SHA1

    5e3b95b5196c100aaf243053e9a0d9298e80b0bf

    SHA256

    95846e87025099b7d23de4c5c9b8e27e5540bcbef370f1973eb6badb15b7c227

    SHA512

    7eea6d33b895c797ea1bcda31602bc252e84359cb13c1cddcc5a06f2aea067529ab8531309ca0a5951673b14ef208206e3356aa4e04c5c6b2dcea8dcde79b4f7

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/files/tiny_data.data
    Filesize

    8KB

    MD5

    1a946504077559fedca9e9169a3533f4

    SHA1

    eaae75e52320f6613e12aae09333d244c8c3828c

    SHA256

    fd8f8fa24a099ee5fc0999737bcac971d17969695e1a64fad1eaf99011c0b3b2

    SHA512

    d9c01024f9e715effd67237904bc846db36fd2f2d85a2a23016b5a0847280b77cbac79b4c5dc537b388522ce5bd56bc0a6cd10cdcd87459a3542d6c83de7bd85

    Download Submit

  • /data/user/0/com.txtqbxsyuedu.reader/files/umeng_it.cache
    Filesize

    350B

    MD5

    f3bcd187debbbbdc8813727c86a8f96c

    SHA1

    67de5857d95b53acad9623d35f0b6e0d55be96d8

    SHA256

    5401339392d80ca0c1413c17a5dc72ce12bbc966419bff1fc15ba4d8dfd913d4

    SHA512

    accdb2af9aac73c51508369436c72255b9b498c6540c00edd114fd1a3c46224aeb9b51d6933c561722c0cf8c1ba891643770a82817d12d68ceccbb018f975ad6

    Download Submit

  • /storage/emulated/0/mipush/lcfp
    Filesize

    41B

    MD5

    7508b92302535064d9567244298e6af5

    SHA1

    aaac1f937d9ab6bdafecd6bc195d6401ac812481

    SHA256

    d9b713e27a7fde4deecd419abfdd95bee6a0659a793296e483c417b7952ff924

    SHA512

    bbe28d74439a025cc544d70b70ed135f647bf5a141a7e6e2776cccf1c749198c5c0ea5cc38563599ea0c7417105b5b951d26c6339367248636d37e14acac9cb0

    Download Submit