Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

0595d1ee2f...07.apk

android-9-x86

8

Analysis

  • max time kernel
    3123412s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    29/12/2023, 22:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0595d1ee2f738b467a52ea18a71cd207.apk

  • Size

    23.4MB

  • MD5

    0595d1ee2f738b467a52ea18a71cd207

  • SHA1

    277206185e8ffeec560d23737918ee139f513faa

  • SHA256

    25fedc5d92886f879d8d15e90d93e564a1a884460d357bbbf7194896c90dede6

  • SHA512

    c9d2f370232aebc15e713b2396136db670a7a2285765f8b9b5cfcd8b9476aba0f54ebcd9bc90f916b81c9e8a0c18109f49cb54a5b3bff8053e7dc1e784508c8f

  • SSDEEP

    393216:H3F2z/182T7TguAWYTuKAWl0/nhst53d5HZI4/rqrGSoyMATLwjRwRmWM:H3F2z/1BguA/TnAMonhs7HZI4/rqzoye

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • com.droidhen.tinystation2.kyx.m
    1⤵
    • Requests cell location
    • Loads dropped Dex/Jar
    • Acquires the wake lock
    PID:4248
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.droidhen.tinystation2.kyx.m/files/kuaiyouxi/datas/res/1339/dex.jar --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/user/0/com.droidhen.tinystation2.kyx.m/files/kuaiyouxi/datas/res/1339/oat/x86/dex.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4278
    • getprop ro.board.platform
      2⤵
        PID:4338
      • getprop ro.mediatek.platform
        2⤵
          PID:4358

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.droidhen.tinystation2.kyx.m/databases/crash_reports
        Filesize

        4KB

        MD5

        f2b4b0190b9f384ca885f0c8c9b14700

        SHA1

        934ff2646757b5b6e7f20f6a0aa76c7f995d9361

        SHA256

        0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

        SHA512

        ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

        Download Submit

      • /data/data/com.droidhen.tinystation2.kyx.m/databases/crash_reports-journal
        Filesize

        512B

        MD5

        67337f08e9232ec589881eed79651a4c

        SHA1

        753ccaaadecd1ebff1a149fb88b68fa51d6ff927

        SHA256

        bc6aa92854b3531f8c293cfe6db0e5f96ebd5b7e526c50aadf4df0eb83771728

        SHA512

        f98a94f67d30793b247dd6f3aac29e81a0c694e147fb4afa73527fd8065a6397318cbc987925d255aaf056b88cb28a0c64b66d73af352314273bef16af2a695d

        Download Submit

      • /data/data/com.droidhen.tinystation2.kyx.m/databases/crash_reports-shm
        Filesize

        28KB

        MD5

        cf845a781c107ec1346e849c9dd1b7e8

        SHA1

        b44ccc7f7d519352422e59ee8b0bdbac881768a7

        SHA256

        18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

        SHA512

        4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

        Download Submit

      • /data/data/com.droidhen.tinystation2.kyx.m/databases/crash_reports-wal
        Filesize

        36KB

        MD5

        cac5c3522443ac4101d7742604f6cc07

        SHA1

        904a0dc3b89d9ba49a0362b8eb9068a89b729da4

        SHA256

        6903d5c2a52dc116dd7ce393c412b24fb18df4b1f92f6d9941edc613a25b3d2e

        SHA512

        de00787c646be60df3995490c46c6d9912a3caa136653b809ebd150e4e3556be0f1603944d275b597528d6f2083887753ed0498913ea6c5bbf670cea0b0d14d8

        Download Submit

      • /data/data/com.droidhen.tinystation2.kyx.m/files/kuaiyouxi/datas/xiaomi_jm/1339/md5
        Filesize

        32B

        MD5

        d861ec328edb192e10c62912f737c6e7

        SHA1

        a1cbdd4699b1312ded6c5b7281697eba0366e175

        SHA256

        233f2a4175d2b24dc3d2a1a112c020e2a730392a50457c91bf40924095ad4497

        SHA512

        97d4e2c42adb030c9acbd46ffa5281fa2305800b8c6f1ccf3b0806f4967356a159db141dc83772c7ce62d8cab90e0f5cdb2eb8841a7d913f6c04297595647710

        Download Submit

      • /data/data/com.droidhen.tinystation2.kyx.m/files/kuaiyouxi/datas/xiaomi_jm/1339/update
        Filesize

        117KB

        MD5

        f6e322fc274b751b83bcf03ce05c77ff

        SHA1

        9040499f85dde76eef2281981f172f0936a7369e

        SHA256

        a61678b821132e1392e7a8e63a19d0eaf12051137d39172ed12c6949b5e9cef1

        SHA512

        85e00c0efe3136d6521920368f086ec6c022f697f008ef82ea630af4d6b83151c55cd7656524ac1953c377402f6a8859e5d1ad2da8073231c509ce917ef0321c

        Download Submit

      • /data/data/com.droidhen.tinystation2.kyx.m/files/kuaiyouxi/datas/xiaomi_jm/checkupdate
        Filesize

        8B

        MD5

        d150bde9bf48b7cd5cfb75e7fba4d72f

        SHA1

        e69891eae863013065f8e07fd5084c4d5622b680

        SHA256

        37c4ece7f469eb9c11417f748156d3af8ea9564c31cf8d40b3dea93a929da1b0

        SHA512

        a23542fa558c880bb66948d4678264b267acf6fb5cf17bb59042e7fc94799b3ab9137515116c032af894ba7a3c88e7b385368cfe00f7423eb5cbc06306a07a6c

        Download Submit

      • /data/data/com.droidhen.tinystation2.kyx.m/files/kuaiyouxi/datas/xiaomi_jm/version
        Filesize

        10B

        MD5

        5ab63864ba72b69090787ee506b5250e

        SHA1

        975082eb1122eb272a8c0e1bc891672deea30911

        SHA256

        53b858861d020c3a566b74397cbf669ef6cfc650bb4776dcc7765db6d3e3fbc9

        SHA512

        484e474c0a49a1c1ddc883b8994af3b353ae2b532822a18d62e65a4ac3cf0e0b6ac385842bbbd348b353a4d6c9d18aff9ba8d5f792a1a4f095d8c62a8fca1fd9

        Download Submit

      • /data/user/0/com.droidhen.tinystation2.kyx.m/files/kuaiyouxi/datas/res/1339/dex.jar
        Filesize

        4.2MB

        MD5

        5cf134ee418593f5f8fb09133fe82fcf

        SHA1

        8502ca64b1f481d9d2a63aa779433146c9244e8a

        SHA256

        6b2e6b6e71878ad754709b5834a0400682ba344fa67add7d0aa5eb1117238dca

        SHA512

        6587a1ac1046fcacf03feb90a741c1a0ee3424b6e41e8694590990bfa0bfd2d7c547139650684dab9bc887eec8afd7a004c6e49f6e5a38ea39b181d918e53f9a

        Download Submit

      • /data/user/0/com.droidhen.tinystation2.kyx.m/files/kuaiyouxi/datas/res/1339/dex.jar
        Filesize

        4.2MB

        MD5

        5828738374d9db89d7d2f5569ea3645a

        SHA1

        da21f0312b08e2ce6a60b03531320ec13a41c372

        SHA256

        1f9c27bfdd4b1c2e89e15f1f2368c4b2f8be09d7041657f6289a49ca516c453c

        SHA512

        2422306076cc773cae5b1a1619dc9106957348f9b904af9a3045df6f61e9afcb6a6124e9f29cfa9ebbd2b89332f75b3b2b46a2381c2713d0b23c071da119c1fd

        Download Submit

      • /storage/emulated/0/.rwtest
        Filesize

        1B

        MD5

        13c8ffd977013703a701cf8e11deac65

        SHA1

        067d5096f219c64b53bb1c7d5e3754285b565a47

        SHA256

        e7cf46a078fed4fafd0b5e3aff144802b853f8ae459a4f0c14add3314b7cc3a6

        SHA512

        527cff2b6fdfbc0f54fe092b17d6d8c7e22500242635fa56981e85a64da6ce8a12a3a66cf69fd48f588bcba9bad141b8e351a0cdd4925ae57289933eec1fc153

        Download Submit