Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

01a2706c06...14.apk

android-9-x86

7

01a2706c06...14.apk

android-11-x64

7

Analysis

  • max time kernel
    3072968s
  • max time network
    159s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    29/12/2023, 19:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    01a2706c06f9add313f831d1617e6214.apk

  • Size

    15.5MB

  • MD5

    01a2706c06f9add313f831d1617e6214

  • SHA1

    ffe45ca85d800e829a516fd89d6d5e0e6e762954

  • SHA256

    ce08551f6acd9446c7dcab7c64fe071e91d9f183f59ff217d5df75ee94d57784

  • SHA512

    9e105c9a584fc3a14026049111364aec48106771a0f328e70982886361663138960102073da16499b608a735dd31e8b1cb2fec1b3a5816abd9ca63823929a693

  • SSDEEP

    393216:V2HG0Kh7xapM1v3XHcBnmUo0h/rn+3j8X:V30KhgK1U1M0h/z+3ji

Score
7/10

Malware Config

Signatures

  • Checks known Qemu files. 1 IoCs

    Checks for known Qemu files that exist on Android virtual device images.

  • Checks known Qemu pipes. 1 IoCs

    Checks for known pipes used by the Android emulator to communicate with the host.

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.taobao.etao
    1⤵
    • Checks known Qemu files.
    • Checks known Qemu pipes.
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4477

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.taobao.etao/app_SGLib/app_1703880008/libsgmain_312768000000.zip
    Filesize

    88KB

    MD5

    ee932b0fb1899a0a559b4cefe71dde20

    SHA1

    f2b52c47ab8a0b150e967520f018b7790fd67c55

    SHA256

    faaf9d9960f3927603b26b11dc228bb6218e5f1744f4154250756865ad6558ef

    SHA512

    e63df4f7a4d1d1ce1533bb03bdc3ff6fed9727678f615b4a9ba6ff9daf69292007aa7e3a79cdb7f71cca1b4b688a73a713fa474167f84f0d235fcdb6d2e8d465

    Download Submit

  • /data/user/0/com.taobao.etao/app_SGLib/app_1703880008/libsgmainso-6.3.35.so.tmp
    Filesize

    763KB

    MD5

    a4176ee7440a7a6032cf9f1726386385

    SHA1

    2f552f180f3747df22301f9ea4eaa1431fc33248

    SHA256

    0633601420f09a67c8818cfbd8445fe8bfaf520e4547495db8eea853708ff9bf

    SHA512

    e359a0c6058957cd15197f01baa99bea9f39773316409fa6590107c6b1f8e7fb72fb237bd529a91161370a3e0832d165a64d96d4d14108df4de623e493e632c8

    Download Submit

  • /data/user/0/com.taobao.etao/app_SGLib/app_1703880008/libsgsecuritybody_312768000000.zip
    Filesize

    11KB

    MD5

    83bbf2765b3d4b357a80e665768df1ae

    SHA1

    2d7d22dba194ac349a5b0cd88aaef4faec71f3f8

    SHA256

    746447adc02065232d442f1abe34c362d0560f7c76c44812fad57dfebdcab84d

    SHA512

    3d137d776c47584fb08d454d4b194bb2f24531d560ea673957d554e71d251e61179e1ba4a229f3d81f58bee95bf8b83fffabd435b08986b921492c56784371f9

    Download Submit

  • /data/user/0/com.taobao.etao/databases/accs.db
    Filesize

    20KB

    MD5

    064201502ce25754236b3b5c12e24c65

    SHA1

    e2c89961dcf8306440bc99f7b058ef4680eacf0d

    SHA256

    b4ef8a71919ac4b6ef9a895a991b527f5c3316fd6204eb815366c9614dc71f00

    SHA512

    3f5af9d3e7fbca1c0a3f9ad5a8d8d8e1d3b3e3c79cfda89b6baef007aeafb4ec5738626fca1f682b73b0305a94a4e2bf17c0bdd4fc7fbacb80ed02c7affa44a1

    Download Submit

  • /data/user/0/com.taobao.etao/databases/accs.db-journal
    Filesize

    512B

    MD5

    274c0b714b31ebecbc5ce292e0aa5c5b

    SHA1

    77637587d75fda178220eff64828952e27c0e6f0

    SHA256

    9627d2478813cd1db487f3cea937bdf13eec6f3fb379f8df19224c164a4abb79

    SHA512

    31f5c381b1078d205308be28e403a4d33a73c75aa6fe3ee7906b73106b05cf9bc55d0467ee8c28de6d1013165a278f17d411a344c38635ed3f07d4d2f2920950

    Download Submit

  • /data/user/0/com.taobao.etao/databases/accs.db-journal
    Filesize

    8KB

    MD5

    e126597eecbfa1bb35f16ab2c987e609

    SHA1

    133258129ce5a72e3e05acf7e0d5d1266ee99b8c

    SHA256

    ddf6a08b37189aed4e607aa31eb3877f87b31f74e7102a1b94ae872e162b98ee

    SHA512

    4d6ae3fc449e105fcd4628c4f31649312683cc16ff464132ddbef999f07ebdb9ca44c008af5c4d535f8e6174e9e3bcfe1ebeec73122e187e1821a60af8831841

    Download Submit

  • /data/user/0/com.taobao.etao/databases/accs.db-journal
    Filesize

    8KB

    MD5

    af5dc3f902cd0c9e25f054a1d054924d

    SHA1

    ce5943877311b98ac41a419d77f992d415951c20

    SHA256

    caf235b27ae3d5b7f2b689269a3c15b5ee121647557a9d0ae5eccdf55184e64e

    SHA512

    6b83e37bb611aa6a33c635d3d322da41e09dfd34f6d2365f884c157bdb265f0e15c22aff813d5358cbfdb3c1fe267a46fd25ecacf1be8c17546acddce202d84e

    Download Submit

  • /data/user/0/com.taobao.etao/files/0a231bd8575dcf72.txt
    Filesize

    40B

    MD5

    211df4f64f3bb1bc9b44093bf237ecd7

    SHA1

    dcf0f5cabbca6246d6be97be186904a9cffaa75b

    SHA256

    ebf8d7524eb7700a91335d667c939892732b0a04cba95e2afbbbaccdb7260bb3

    SHA512

    be2745a2ff7ca1e5860c7438fc34231b86efaf63be7c370ee6ab11ae5dc704c70ec3140e7472d48a49d6d22d761482eb1ddd6748e7c41edc159ed2f5658d0178

    Download Submit

  • /data/user/0/com.taobao.etao/files/0a231bd8575dcf72.txt
    Filesize

    80B

    MD5

    e1d8a8d9e6b2321ffdf293357166eeb2

    SHA1

    c95e0472dcd1f47fa1acce87d771475aa7b43a6a

    SHA256

    56bda8e1c8b1e7d91dee9aa74d95d9abaf05e972544e443d1854688a45103891

    SHA512

    1927734e66ed46c31f415538fea2b5069b7a76804a1280780567bd912aff328cd969dbff90f8fd6b3e3dd2dc92f0dde54412eb89205e29b6a112335f446a2ce7

    Download Submit

  • /data/user/0/com.taobao.etao/files/Q0VSVC5SU0EK.txt117d
    Filesize

    939B

    MD5

    96875d5118b19c2e86597bf421482edd

    SHA1

    97fd606cb999f6a07ba65d8af67e431aace124f6

    SHA256

    ea819ab8e58ebe50238cb6f7a54e3675c2e32a24b8e98a3f7aa49cb4291acbb4

    SHA512

    d1d7bae0bcfbada4c7250a04c6ca3ce2257dac808e6593a589fff25f2d49342de2db1b0a92f9c0a97e1be419fd04054c3632d2385da36d180e98fcf0682f6b7c

    Download Submit

  • /data/user/0/com.taobao.etao/files/SGMANAGER_DATA2.tmp
    Filesize

    52B

    MD5

    562b22f33611b4011e9591ad8bdf3617

    SHA1

    86562771cd23b65a7c2b4a5fcb81849b01944213

    SHA256

    3acb1ede7c3722b58ab5dbfde36528f969722305c96ba17106f9905fc3566b2a

    SHA512

    658c775d1d16d72a647a281d34a9211b1626377eb6d201b57ccb04c88cf10750489f69038fe0ab26ae8c5b73f701b6dc4d7106ed97e002b40ae428a8dbac74ea

    Download Submit

  • /data/user/0/com.taobao.etao/files/SGMANAGER_DATA2.tmp
    Filesize

    124B

    MD5

    906284368395363653aa4103db35894c

    SHA1

    e6925717d2c8e75e296901c17d13867f86b954e3

    SHA256

    607192f3e727d74f22c55909743f9dce824c9f90547db42acb646f591e3659d5

    SHA512

    d9c325b51d0e01464861451b5c588231effe8f0175a8f6826624b9688ba8284423dbe9fa5b4b0909346919d2bb2b949e652fdb1bad1247e5d6433d813fa7283d

    Download Submit

  • /data/user/0/com.taobao.etao/files/SGMANAGER_DATA2.tmp
    Filesize

    204B

    MD5

    05001338533f24fa54b24f972d9e54be

    SHA1

    05e4b83b49568e1fcc1e91ea86f9e76f061df0da

    SHA256

    bf886b9dbf23a354349d02c79fa853c4dff107b87f388a718ed55c5ecc107253

    SHA512

    558597b9b614f17f39fd747d3a2571b9b7a8bb668a93665517f0d10935dab1bb5d0d41c0ba96c09905e568e8698add3d7f7e5abb184031d4dade3f828185179a

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    111B

    MD5

    645102f8773b7aa00d7d9bf9b7e0d13a

    SHA1

    a03a6d018810e829feec2350b08af8799c67534c

    SHA256

    edc74f57022147ef0235c5fa6a0aee7a8f578dae497287e705c1845eddc18f5c

    SHA512

    cc3928fe03be17e2b0202cf04c985fbeeea8d36a97b7f799788ebc251d7b83dab4417c93b520572fcbeacd6fe98526ac25a5039724a5ac69397f8bb8d09ee116

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    213B

    MD5

    8652135956c1e806ebf6c07819518e75

    SHA1

    4e5dbfe8b0b0fea2a537197059759d13b1b74b04

    SHA256

    6b958d78d97ea3640287e4e43e5ed182c55c00a9d2bcc68b431779519b67b41f

    SHA512

    6e73e43d32cbdc8c8824cfbb26db04786a8b340229913cfc354aa26083b11549d5c70e9d95f3775682ec8c41d1b2aeabe85feb53cae60c453371219728045f26

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    111B

    MD5

    e5a8a642c14d9c92cbc373ae017d2ee2

    SHA1

    8baa8fa3b755495dccfdde607588aa4a5e2ce158

    SHA256

    2b41a7aacf9491f33e660449651d639dadcccb34aa0dd416fbf8151354412620

    SHA512

    f2f40b027cdd7cfe9d0a541516ee53f5661da2e80f7265883d201ce045393a3d4b4bcfeae07be12526e281d1d0e36ef26ced3521365ecd97b0d85c33db1186f0

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    167B

    MD5

    ce27b882490711f2a20371493e5d9c8b

    SHA1

    55968896ed89ebd36efea3f38275b85766ef88bd

    SHA256

    574b45bcef89c866895b0bfda8db066846f061ca32259436e5abba8a0bbd885d

    SHA512

    51a892a8f918a4e3e17177e895d1bade60060de8dae5d6bf72b17b24035f29fe9156cfef2227d538c4dd21db44271b9d6defbd871316b548154092dbeec8ac22

    Download Submit