Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

bfa95d0f92...55.apk

android-9-x86

7

bfa95d0f92...55.apk

android-10-x64

8

amap_resou..._0.apk

android-9-x86

amap_resou..._0.apk

android-10-x64

amap_resou..._0.apk

android-11-x64

Analysis

  • max time kernel
    2971107s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    24/12/2023, 02:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bfa95d0f92a057715f17a91ce949498a05f03022cc15888fcf34f94661be2e55.apk

  • Size

    27.6MB

  • MD5

    083478ca7ec8f00d969e290dd3246851

  • SHA1

    44374967a611d1154671c7e4489453e37f7b16f7

  • SHA256

    bfa95d0f92a057715f17a91ce949498a05f03022cc15888fcf34f94661be2e55

  • SHA512

    f500540aa1a09dd5bcff03f2b83732156cf0fbb515a9234b7486031ca77a5c0678db9ce868d66b0076e12539995ee11c085f104dc687bd78143512cda01f3cf9

  • SSDEEP

    786432:GOammX/jwEqOvLLLPE47G470TF1vxUR+RREdAqbxmrUFHt+M:5ammbwErvLLbyBEzCqbAIL

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 9 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.yyq.annie.jieyun
    1⤵
    • Loads dropped Dex/Jar
    PID:4244
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.yyq.annie.jieyun/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.yyq.annie.jieyun/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4273
  • com.yyq.annie.jieyun:pushcore
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.yyq.annie.jieyun/.jiagu/classes.dex
    Filesize

    6.6MB

    MD5

    0d41555632c3f3eba58c684a0873cf3e

    SHA1

    0373aa56a4051e0da7d6c521775966df7d81d4e3

    SHA256

    0d4bf4adfd8ab7b7be62e755e3b85f0ba67d317deca658b70c1b2bf6cfca4996

    SHA512

    12ee2fe257d5cea75bc0bd33ae35e106df26f47944400a42931b21e759b1d734c24f0c098b0ce2b5c18a198fa42ecf99830b1c2a94111c840881e4c54851f16a

    Download Submit

  • /data/data/com.yyq.annie.jieyun/.jiagu/classes.dex!classes2.dex
    Filesize

    5.6MB

    MD5

    24d60df472253f925873fea742957462

    SHA1

    03a131b409cff89326dabc9eac76c4abe9940349

    SHA256

    aec3f3ec92ffb2aa48b13299d49efc3805b72868161d6f9a9729ee6cefb1ca5f

    SHA512

    122b6891e22b7858741ef70134f7ad21d0fe2936a9b0c19a4844a6f00ad400b4fcae2bc9d24730541a53d52fafcaa2a2d428bbec7daf67ebdb7eed704192d110

    Download Submit

  • /data/data/com.yyq.annie.jieyun/.jiagu/libjiagu.so
    Filesize

    486KB

    MD5

    50750315eef281575611bc425174b939

    SHA1

    acaff02526d7b4c257e00002ed09af364f66a401

    SHA256

    c8d37512f73bef5a1c1b060676cdc6d508a8d8dd36f2438f5d6353c9b8524bef

    SHA512

    60584a993992a68e8d0a53be705e3a9d52fc126df26b9bdcf80d14e659f1d70bceb926e0a99a69fdf40f1c09fd61aa52c2d2c008ee5c3ef59af5922a75161ea9

    Download Submit

  • /data/data/com.yyq.annie.jieyun/.jiagu/tmp.dex
    Filesize

    284B

    MD5

    f1771b68f5f9b168b79ff59ae2daabe4

    SHA1

    0df6a835559f5c99670214a12700e7d8c28e5a42

    SHA256

    9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

    SHA512

    dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

    Download Submit

  • /data/data/com.yyq.annie.jieyun/files/.jglogs/.jg.di
    Filesize

    340B

    MD5

    56bb3c82e293b2edb6979730b4a6fc72

    SHA1

    7b6fc05d767c19331745fc052082a6e2a1547249

    SHA256

    898f451c35a8f0e619817510d8f2145ba838469f4fe25a834155d108a5f88209

    SHA512

    5a5c365088a4baf53e835d8b5d0aaf9cce67456119a8bc3b1bb343e5daca0e7b4b7a86145c552ccf54570aed7156048b9b2d99e2edf448b512adbbf9f1b68c73

    Download Submit

  • /data/data/com.yyq.annie.jieyun/files/.jglogs/.jg.rd
    Filesize

    73B

    MD5

    8ce39229eca2e212b294751cbe0ddfe5

    SHA1

    0be5f2ba1f4b152612514e14b35d68e4eab0357a

    SHA256

    9367f207a13ede5740d29549f0290405d3416b96629a68e4208a4e05d87dbeb0

    SHA512

    fcda2e0da8c2f4c944e9aa70231798112dc7438d29d85d53cf6b5dd370ede6e0d319f983630f3ee058d01c8040b642be5ef6ce620793db62cf6061b0e520a3b6

    Download Submit

  • /data/data/com.yyq.annie.jieyun/files/.jglogs/.jg.ri
    Filesize

    314B

    MD5

    11e33fcb2e4354e0313f940cbf6e5e4b

    SHA1

    1343ba200f3006ad71ba22811f439265978a640a

    SHA256

    ec90db98927d0f51caf54e1af5b31a7d3e3a160163669c361e4fcf7f37ad0164

    SHA512

    49d3712275421e6f67ec064c0f92efaa01d354147bb376d1fe1fa8a814aa93b35139bb7a2c7b5754d563fe2861650f6f3c60edf4c720e797359b112a1ac5b888

    Download Submit

  • /data/data/com.yyq.annie.jieyun/files/.jiagu.lock
    Filesize

    27B

    MD5

    fb1e15f457d37f64a339610b09cf2894

    SHA1

    234027ec5f04fdd0f512d82e2525672844b0a69a

    SHA256

    3c525b3351c82290396103841bdb0653396567945f8d74bc5e440cfaa37c1300

    SHA512

    ded97f63d365f9514e47ee93a6092776751b8f89456b068834237cc634ef8d782cb73929ea8e7a0ce035bb289db90542b016594d50eae853455ad30ffcd76a1a

    Download Submit

  • /storage/emulated/0/360/.deviceId
    Filesize

    48B

    MD5

    1d8d16c4e3b19ebf18988530d9b9a757

    SHA1

    bc94c1cce05cd848a53271ecb9c5311e27ffebf5

    SHA256

    abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7

    SHA512

    4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

    Download Submit

  • /storage/emulated/0/360/.iddata
    Filesize

    32B

    MD5

    e883e8cd7f9e95956f86037361108aa4

    SHA1

    1f1f688202299bab352137bc8e7df20b03edaf6c

    SHA256

    77a224d0bc88b7ca9c59e68120e4cb4bab62f8972631dbc065d34e51a28d5f5b

    SHA512

    ea88f026925122d500d40bf0e52cd18649483c704213c3e148cf7dcb2ea047dc3c7bf68d31d1d941d76f3d55cec41d7979df4f9c0095fa1095378b918f57aeaf

    Download Submit

  • /storage/emulated/0/Android/data/com.yyq.annie.jieyun/files/tbslog/tbslog.txt
    Filesize

    1KB

    MD5

    979ad7bd8d433a669aad5ca02baa2cb2

    SHA1

    d5168823754e568de6fd3f5a25e898b6c93e2563

    SHA256

    62cdac54dfa3ab906e9fe17831422dce25b6646c9e5d4457aad7c4ddbf670b33

    SHA512

    7d1c3dce7ea3b1e4167451c6feda5afbe8fecbc468156828ef96bd53b697528953ab58e9a7536cc8a5168f96ced62b393b901d12ffefda2a8d746160ef447150

    Download Submit