Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

ffe678a905...5d.apk

 

ffe678a905...5d.apk

android-10-x64

8

bdxadsdk.apk

 

bdxadsdk.apk

android-10-x64

bdxadsdk.apk

android-11-x64

gdtadv2.apk

android-9-x86

Analysis

  • max time kernel
    2810771s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    24/12/2023, 08:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffe678a905b47b0a5d25eacd4e57719f98962d4073b923c83ae7b24f6b68f05d.apk

  • Size

    16.4MB

  • MD5

    f3af5a4feacdf8ccf004f78f6b1ab776

  • SHA1

    ff98dc95c6192d7409473a821a99df46a8ab2fd8

  • SHA256

    ffe678a905b47b0a5d25eacd4e57719f98962d4073b923c83ae7b24f6b68f05d

  • SHA512

    091bafc0ffe72d972ee76aa3d735121cf5f622e323d90de4ca3f38dbeef4c222b0fdd353f029d2fc923d083420d350a118c831f9a88097037aa746f6bf316a4d

  • SSDEEP

    393216:kRCGa5y0jeHJ8agMPJL4zoiy2bngXqfZSL1rJVFt7dYcfVS1A:tn5yDHJ8/y8zoxTXqCllScfVSq

Score
8/10
evasion

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Checks Android system properties for emulator presence. 1 IoCs
  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion

Processes

  • com.lushi.zhuanbao
    1⤵
    • Requests cell location
    • Checks Android system properties for emulator presence.
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:4962

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lushi.zhuanbao/.00000000000/39285EFA.dex
    Filesize

    69KB

    MD5

    75a8168e7080b90fc2956592c268371f

    SHA1

    3702da56d31f381525473364f031dc884e37076d

    SHA256

    0b9c032080788add7f5989d0ce145e66a4686ff3a43b0e48dec60bf18bf75701

    SHA512

    33536573c834fffab7236dd96c22cbc3d075ab70b622ff7787381e5c7c262ab62e0252f0d07313c9227ccc8308cd93cd96373e57fa55a066691d5b5cfb55f5d3

    Download Submit

  • /data/data/com.lushi.zhuanbao/.00000000000/39285EFA.dex
    Filesize

    69KB

    MD5

    02f69eb4fe05ebc6c9f736d83e5f7e26

    SHA1

    777d75e14a73f5721fc4ae34f49a9a4b82311373

    SHA256

    13502356b7d3f910107aeff131e9c4a2b892744a125a2d1a2a206b219dc36042

    SHA512

    7c1f5d68d40bf37aef2e59aa9a4f96d1ef642a8db7e53295953b0b5fa3a63cd7546c5cf8ad3fc17f6b84a795a08e13024d8dcb3db828ca3fad634964cba69bcc

    Download Submit

  • /data/data/com.lushi.zhuanbao/databases/downloader.db-journal
    Filesize

    512B

    MD5

    dc1a125db68a732bf6ef6f525aa9b283

    SHA1

    485731fcda7c46212f7a660921f72576a7fe7a45

    SHA256

    f2baac3e9dd8179c3a43db058af09cfcb6da51eb2a6cdeb9a39fc81d4d563f15

    SHA512

    4129e6078f28c69971a58fdfd1ae1195cb78c749b6642fa3a0a119102e8919f6b9930659c3c3710a3dffb9cb773d17eaeb72875993443ad33ae95bc5a6171c2a

    Download Submit

  • /data/data/com.lushi.zhuanbao/databases/downloader.db-journal
    Filesize

    8KB

    MD5

    ab24223e57afb44ec5535a9fc9d20859

    SHA1

    65653007d2f134122a1a149d266083183d072438

    SHA256

    ddb25bb446a61beba68537dd854a4ce7d10ee31ad333ea49f3f13672b0399375

    SHA512

    56aec439ccdb390619638d7742a6ae8d8738e140190b3bd1b03dea6da1d3fdcc54b01e39c0ce8487cc2e30c4c36a42137779b16ec4833b3efc5cdab2fe3f27aa

    Download Submit

  • /data/data/com.lushi.zhuanbao/databases/downloader.db-journal
    Filesize

    8KB

    MD5

    d2490ae5d3047704e705b4542da9d7e3

    SHA1

    fc96177383148090c936974d1f479b4f6c69c8b4

    SHA256

    d9669fd5cb341c06739ec215f4f5d8f4748ef160b8cc7546ebd2b8a1b0391ea8

    SHA512

    2612374e3acdd23ef2f0d0d91e9bcc9e9710ec4f192f4a2fdfe8fc46e7b40c1f4df5f6bea54174b11b05e5b1b6e67552d68e2c63941af2eac66d4cd543a0228c

    Download Submit

  • /data/data/com.lushi.zhuanbao/databases/npth_log.db
    Filesize

    20KB

    MD5

    6aa2221283e2f6a24a1c148e8093c4d4

    SHA1

    d757b8ca71e249c536d7ee6c9abf30a83205f5d7

    SHA256

    6aa4c467e4c4b25f7a3b1844f3b1dd4afeaf625282f1c14ce1d8d818bf8725b1

    SHA512

    f88555a33dac3ec698c8f363e2f9185bd08fcfd407de64625d57a7dfdb4c727a1ecc306565ecc74eabc34c4b84d86ab40b42417f33685521e49c61bc238bf979

    Download Submit

  • /data/data/com.lushi.zhuanbao/databases/npth_log.db-journal
    Filesize

    512B

    MD5

    6918a463946337360fd6f8309614f105

    SHA1

    4e73fd1991860be6d01443f75700e4b39ddc0a0f

    SHA256

    4276d74f242e031e9074d79420df1f59355ae862e984293588fdec70f7735a06

    SHA512

    0ef6bcdbaaef5930b54c5cb44eec9630a23e3c44dadb41cc1cb3315f85e65b3b7939bfde60af1c477345b91e1b0cdcce7feabaca72aceeb7480361d8111debc6

    Download Submit

  • /data/data/com.lushi.zhuanbao/databases/npth_log.db-journal
    Filesize

    8KB

    MD5

    d71c1990972d20964f9d667628fc4e68

    SHA1

    7225a37f35cd824ce1af5c62efc529510025898e

    SHA256

    e86c322828cb5082a958071e1c6e0873886b4937bed71d1d0aef517ff641699c

    SHA512

    a55cd5d55ebf0f64bfc309d0a7b1c4635cf5ca30b11b6d2c449a0ded3a099c42503010666381387bd26f864abbfb9f204e62bb9c0764d79522e138fc6caa01ae

    Download Submit

  • /data/data/com.lushi.zhuanbao/databases/npth_log.db-journal
    Filesize

    8KB

    MD5

    9582324971de85f3ed93dc013f02024c

    SHA1

    afb664b74bc0c515ec0a9d94bb6df433f25de400

    SHA256

    247392a5ab9f6a023fde194d2d40ec9bf3da9d64451879d42c3d8b68c4eeb4f5

    SHA512

    9e53b4bf4dc62938661ce5fc145024a02ccaafefe093118b08a34c78a7e75353afc04d9cfc71a4da65324a1a6e03533bc6bf66f7ad0ab5d40694b959d531e8c3

    Download Submit

  • /data/data/com.lushi.zhuanbao/databases/ttopensdk.db
    Filesize

    12KB

    MD5

    ea628e04765adaf4238a5dcdff4bbd51

    SHA1

    a801947619ea8c368efe9c006a324dc6339ac60b

    SHA256

    885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

    SHA512

    c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

    Download Submit

  • /data/data/com.lushi.zhuanbao/databases/ttopensdk.db-journal
    Filesize

    512B

    MD5

    6f67abc99ae6264fcc1f2f9d0fe42141

    SHA1

    2fc1d03da5bc1ea5f57ca0050de135647e21fba5

    SHA256

    1576aca9bb209ae2cbeef5a0b0ad205da53b70f605cc9060b723386c2102e914

    SHA512

    5fa2cf5b09cdd9f0ff83fbfb0c727c52b4b2d59c1908eaef11525024d097dabede69b430a0db96c1ce674d714131fd12d29da91ef33d33d15cd355324e0f7db5

    Download Submit

  • /data/data/com.lushi.zhuanbao/databases/ttopensdk.db-journal
    Filesize

    8KB

    MD5

    cf65ee27216402fdb716c85fbaccf03f

    SHA1

    94b9403a75d37411da3ed4e448de9ab7695cf6cc

    SHA256

    8a9d639db0a05fee7eb062321c72746b5959af2e30ca07da17802a6252146891

    SHA512

    4bf14ae2c0d6556af34207007b1c22ff98e5d5324b0716ba2ce6cb89c9283cd6560fbf9d2dff0485d890dfe9d8c25ffb5180b1aa3744c8426a5d7afe6b572b5f

    Download Submit

  • /data/data/com.lushi.zhuanbao/databases/ttopensdk.db-journal
    Filesize

    8KB

    MD5

    075bf1500f730b170cc4b8754b9b3b1d

    SHA1

    a4bc5b90b7fc02661167d23e7121965dd423a626

    SHA256

    797dff78d780a7aecafa784df15a6474a58002b8d709eb634829f0d2ff4f5dce

    SHA512

    5fd47eb8b94de731886d5285dd10894a4201511877eea3a32d12fbccbc322d57ca088acc7a34db88d44ec18231bb95e857a5b8ea3771f4a71024267d76bd7163

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/.cache/classes.dex
    Filesize

    9.0MB

    MD5

    a70d22d506d7dbfc2b2bc928fc9bafef

    SHA1

    01dbf9da9cb6fe10074e01aed46b802d2752bafb

    SHA256

    2a1b99582ad6fbe9bf3e03bed0ff185c931e6d72692d82f10801a5b98f5c9b27

    SHA512

    f3356d9f80a33fef5deb691e39f92cf4fbd1df7b367845e3b4240b3e1b9fdc3343d8c3260581d5ee9443967ca29b14535e744767ed7343f12c995d1e0e091971

    Download Submit

  • /data/user/0/com.lushi.zhuanbao/.cache/classes.dex
    Filesize

    7.1MB

    MD5

    4e7b544cc4527db7a01c0e50f67323f8

    SHA1

    726fb91da72cf418b1d127980ca7239c7b298766

    SHA256

    62384a361c611522c914d0d106833a043d0437a47ae235fbad4baae8f0b78a13

    SHA512

    49139cf9ed130f0a994ea9736aa9a3efeb909398bf2e42602a00188637f79342efba43b545f25537e8b5eb43227abcb3632d0215d39b947ff0aba2d8d18b650a

    Download Submit

  • /storage/emulated/0/Android/data/com.snssdk.api.embed/cache/clientudid.dat
    Filesize

    36B

    MD5

    4cc7cb73d28c9c05298b7435e9c6b047

    SHA1

    bef478e09a755b7ce98954f3eacff82daada71c2

    SHA256

    42c71c769811d714013a1f681556e43172adc8b28dfd4a19ba5457ae85acce09

    SHA512

    047aae86796a1376aa28cf44f5e84d55e7c8f0388fe850d70183cf7c037930917bad0166383e51347e016646ad888bd28cfd3a52328edf8b43292f3e543d5951

    Download Submit