Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

e637f7c318...91.apk

android-9-x86

4

Analysis

  • max time kernel
    3023714s
  • max time network
    133s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    24/12/2023, 06:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e637f7c318ee189dba0ff0c3eecb5f06a470de838e381da80e14921bd9a60691.apk

  • Size

    6.5MB

  • MD5

    cbf0e25230361716fb027d76d50bb58f

  • SHA1

    221a8b9accad34123e48c03a027b439743f6a72b

  • SHA256

    e637f7c318ee189dba0ff0c3eecb5f06a470de838e381da80e14921bd9a60691

  • SHA512

    0cfa47fae10b9c0b9a2be1f3c4328665f6c6da3164255761eb18728941ecbd35d05b3095b16404fce07960014ca16106bb8eef9650a5f2e6eb627df8919e3b74

  • SSDEEP

    196608:6uISjC6Pjlb795nYm4p2j0Gnu4nNhP0DZaDcP3h/h:6uIKCElbjYehnJt0VJPR/h

Score
4/10

Malware Config

Signatures

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.hytc.pupilplay
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4268
    • /system/bin/sh -c getprop ro.board.platform
      2⤵
        PID:4298
      • getprop ro.board.platform
        2⤵
          PID:4298
        • /system/bin/sh -c type su
          2⤵
            PID:4326
          • /system/bin/sh -c getprop ro.miui.ui.version.name
            2⤵
              PID:4374
            • getprop ro.miui.ui.version.name
              2⤵
                PID:4374
              • /system/bin/sh -c getprop ro.build.version.emui
                2⤵
                  PID:4399
                • getprop ro.build.version.emui
                  2⤵
                    PID:4399
                  • /system/bin/sh -c getprop ro.lenovo.series
                    2⤵
                      PID:4424
                    • getprop ro.lenovo.series
                      2⤵
                        PID:4424
                      • /system/bin/sh -c getprop ro.build.nubia.rom.name
                        2⤵
                          PID:4451
                        • getprop ro.build.nubia.rom.name
                          2⤵
                            PID:4451
                          • /system/bin/sh -c getprop ro.meizu.product.model
                            2⤵
                              PID:4476
                            • getprop ro.meizu.product.model
                              2⤵
                                PID:4476
                              • /system/bin/sh -c getprop ro.build.version.opporom
                                2⤵
                                  PID:4500
                                • getprop ro.build.version.opporom
                                  2⤵
                                    PID:4500
                                  • /system/bin/sh -c getprop ro.vivo.os.build.display.id
                                    2⤵
                                      PID:4529
                                    • getprop ro.vivo.os.build.display.id
                                      2⤵
                                        PID:4529
                                      • /system/bin/sh -c getprop ro.aa.romver
                                        2⤵
                                          PID:4554
                                        • getprop ro.aa.romver
                                          2⤵
                                            PID:4554
                                          • /system/bin/sh -c getprop ro.lewa.version
                                            2⤵
                                              PID:4581
                                            • getprop ro.lewa.version
                                              2⤵
                                                PID:4581
                                              • /system/bin/sh -c getprop ro.gn.gnromvernumber
                                                2⤵
                                                  PID:4606
                                                • getprop ro.gn.gnromvernumber
                                                  2⤵
                                                    PID:4606
                                                  • /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
                                                    2⤵
                                                      PID:4630
                                                    • getprop ro.build.tyd.kbstyle_version
                                                      2⤵
                                                        PID:4630
                                                      • /system/bin/sh -c getprop ro.build.fingerprint
                                                        2⤵
                                                          PID:4655
                                                        • getprop ro.build.fingerprint
                                                          2⤵
                                                            PID:4655
                                                          • /system/bin/sh -c getprop ro.build.rom.id
                                                            2⤵
                                                              PID:4681
                                                            • getprop ro.build.rom.id
                                                              2⤵
                                                                PID:4681

                                                            Network

                                                            MITRE ATT&CK Matrix

                                                            Replay Monitor

                                                            Loading Replay Monitor...

                                                            Downloads

                                                            • /data/data/com.hytc.pupilplay/databases/bugly_db_legu
                                                              Filesize

                                                              4KB

                                                              MD5

                                                              f2b4b0190b9f384ca885f0c8c9b14700

                                                              SHA1

                                                              934ff2646757b5b6e7f20f6a0aa76c7f995d9361

                                                              SHA256

                                                              0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

                                                              SHA512

                                                              ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

                                                              Download Submit

                                                            • /data/data/com.hytc.pupilplay/databases/bugly_db_legu-journal
                                                              Filesize

                                                              512B

                                                              MD5

                                                              1258c591f28feb48af7f2833055c2624

                                                              SHA1

                                                              b875c27c42d6e8b48d8ad8f634d0e3d7c11d126e

                                                              SHA256

                                                              8ece55cc2814ead8d0e76ed55be0e11f07b3f62f276ac0d4a3323ed12be2f986

                                                              SHA512

                                                              cf0c04433e49e42b8e96e4cf0db2a88f8c0cd43b1cf9e1b2d018d5ea8ffe3141758945c07723ac8141f7221a966d1faab4a9184ea0802303a5227677d361c21c

                                                              Download Submit

                                                            • /data/data/com.hytc.pupilplay/databases/bugly_db_legu-wal
                                                              Filesize

                                                              16KB

                                                              MD5

                                                              2b499360a7a06026855a6f8b39173675

                                                              SHA1

                                                              f272296cb1ea36c00f49c437e5fbe7ba189c6c38

                                                              SHA256

                                                              0088e0f7309156d7363f42829f336de92e09d3e4a110102bb5c1f8eb60931fb8

                                                              SHA512

                                                              4ecdaecad8349ee39fa00a81dcb488011ff65820897d2cb2bdbc8960b386c66fb222e486d1e97343a44f0f37fe12782de5c48a99e79dc290913be1906d156104

                                                              Download Submit