Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

1e7570e600...33.apk

android-9-x86

8

alipay_msp.apk

android-9-x86

1

alipay_msp.apk

android-11-x64

1

gdtad.apk

android-9-x86

gdtad.apk

android-10-x64

gdtad.apk

android-11-x64

Analysis

  • max time kernel
    3292991s
  • max time network
    141s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    30/12/2023, 22:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1e7570e6009aba9ae361ae09c0b3db33.apk

  • Size

    14.7MB

  • MD5

    1e7570e6009aba9ae361ae09c0b3db33

  • SHA1

    d680023d0f40e98641e757338acbfaf0a785f4b3

  • SHA256

    bf947bceb6e30efdff8960ece2486d1a3f77f271e3e1bfbec255c98af9d9ae42

  • SHA512

    0939eeca3ca257b826d6418bf80d456f27a10d74dc02144e3d217669e376fdd448f19e185344ae1e999373082ea91aa6db55c8011cbde7e9601ac70118cb856f

  • SSDEEP

    196608:Lh5OuWuUPaFYrrgKFqlgraFxW4r5UNh8SUlmLVNJLtwx1YoUcJhCE0KxdIevIFDg:LquWhijCua3e6ZuJsEBAFD1TkQAz

Score
8/10

Malware Config

Signatures

  • Requests cell location 2 IoCs

    Uses Android APIs to to get current cell location.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.xunlei.kankan
    1⤵
    • Requests cell location
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4221
    • /system/bin/cat /proc/cpuinfo
      2⤵
        PID:4397

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.xunlei.kankan/app_data/eventlog
      Filesize

      562B

      MD5

      f9cee186e7a754ecc9a9d6d580f406ac

      SHA1

      c01e922b2244539e4378119bcd1244df5f3711e4

      SHA256

      937fda3faa50b13932746787c41a1f6a5b34951badf82d6e00f3889d41084940

      SHA512

      c09ac5727efb1d70d44dc5a8a4aa580dc5cf9e6a3777b14df4c44fdc20dc1bc4e86117cd81b60d173bcb75c7485dad180a785f4b538b1d85b586845871b4ccf1

      Download Submit

    • /data/data/com.xunlei.kankan/app_data/eventlog
      Filesize

      564B

      MD5

      de589cc95c65e07b4b7cb263bdc3a0d5

      SHA1

      c7dad549904aa960a441e5d1dd404d7c2bece846

      SHA256

      890b07da5fa6904bcf3ab871a53a41db745aa112d722832cb2e4414ff7e1fe2c

      SHA512

      1d04ed192bafaef72ddc6b10b610f54964fb04cfffc4a9e83a8b44ba4d0f4767cf5cfb3b8e5c3e9ef2feb85af6cab6cd8b9d0d51016bfebb411b1c52a84bd994

      Download Submit

    • /data/data/com.xunlei.kankan/cache/inmobi.cache
      Filesize

      2B

      MD5

      99914b932bd37a50b983c5e7c90ae93b

      SHA1

      bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

      SHA256

      44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

      SHA512

      27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

      Download Submit

    • /data/data/com.xunlei.kankan/databases/kankan.db-journal
      Filesize

      512B

      MD5

      dae3aa3330a84b4aff35a2c68570e484

      SHA1

      1e8fc2f7f8f3e2538bf33fc1608a36dbbc9daab7

      SHA256

      9606e3755080a23c69fc7c7859efd9860765ac6bcaf620bf418a0e4cd1d8e86e

      SHA512

      ce6fbb8effc82623a2349a01e03c7f55582aee5df0c6872857026863b48d8a946b7b27efb3aec6840dfe757a8304aa689a9feb9dfc783ebcf5c7128dd88a923d

      Download Submit

    • /data/data/com.xunlei.kankan/databases/kankan.db-wal
      Filesize

      104KB

      MD5

      3b6b34f17e9bb9eb79d0ee373951efa7

      SHA1

      09d2a9511b6b5c925af9569e0d4e21bff6a48e79

      SHA256

      f51cfd9e54f9bb887b70631f92798dfc34ef0320c5ca08f6f601190bfcf4a979

      SHA512

      4cfdbbec715c635a356d84604e1f37b410c1f3b46696de9ad418949a97392afb9b1d6b62a2c943805e3590570b07563255c459fa280164ae794d8e279c639854

      Download Submit

    • /data/data/com.xunlei.kankan/databases/ltvp.db
      Filesize

      48KB

      MD5

      9ac40839fb82f899267a63b0c846b69d

      SHA1

      8831f9f275dcf8a370e63d94b3249b5dbe1441d8

      SHA256

      bf11b09943031794c6c573902647c222c8d449c8d0d590ec907d2e5a481f7abc

      SHA512

      18e5acba40817f13b08d9dc479a7acf0f9c9df72e477bed85b16ba3fa277473614e0b75b68f0ef3b918c1ce736f12076ccebf541a9c4e2ee95d57ddea688f5b2

      Download Submit

    • /data/data/com.xunlei.kankan/databases/ltvp.db-journal
      Filesize

      512B

      MD5

      e89397b9771d3a0e1d8720945a503d3b

      SHA1

      3dcf1c0fedd724ce5161c5c5eb8a587743ed8b37

      SHA256

      08f1e144c17195e7798ff8547bb64682038546f7a95b2a5aae3871a485244717

      SHA512

      2ff91a1ca3653fe9f22c9b507a3b192a0e21b91f2481fc21ebb467ed7ac40293a3006153398b521de2557778d024997376995f0d79a64c8983bb5dc2767c5b9f

      Download Submit

    • /data/data/com.xunlei.kankan/databases/ltvp.db-shm
      Filesize

      28KB

      MD5

      cf845a781c107ec1346e849c9dd1b7e8

      SHA1

      b44ccc7f7d519352422e59ee8b0bdbac881768a7

      SHA256

      18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

      SHA512

      4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

      Download Submit

    • /data/data/com.xunlei.kankan/databases/ltvp.db-wal
      Filesize

      68KB

      MD5

      f4aaae5a1ba9a85919fe7868f0a83a02

      SHA1

      25e2d01e9c81ff9404b73343aef5df697d25de1d

      SHA256

      e0da9fccb1b66a1179955a983b24c80388a6db14effa8777cdbc4843345deffb

      SHA512

      6192059d5deaa6511dcc0af171acc7c4fd13fb3c35929862d1490e55269d45f9338902ad0702bd13fbecb00a9d4bdb5790ea2b23a147486ad9df3efd9c2cf67d

      Download Submit

    • /data/data/com.xunlei.kankan/databases/rep.db
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.xunlei.kankan/databases/rep.db-journal
      Filesize

      512B

      MD5

      b8bd43bff1053260c7cc5a8626d95956

      SHA1

      352cba3ceb61e2c1d7c489ba1a0e56492c02c188

      SHA256

      bdb0e47f3a337ecf65883d62f0f4d2d29a44e1a44f4e2d677cd4ec6a4c63aaf5

      SHA512

      7665d95c3b6c60f824c3d01aef0d0c4f8936f0446254c9a14ba8dcd586739f744cc74e0e2396e3a3a9b0c1dfecea3d522452da227fe45815a5ada2e1bdf9395c

      Download Submit

    • /data/data/com.xunlei.kankan/databases/rep.db-wal
      Filesize

      16KB

      MD5

      422cf1e2a30fd1d3b0815edf6f478054

      SHA1

      cf539e0e15e55f844f827cbf079333f352ae6182

      SHA256

      81beda6a2591e854b2e5d7ca37d014452da373dc8a52a190eb6531a0e1a8f1b5

      SHA512

      a2ca0bf4f380d471eca379d04257e28403a48a2a28bfff9845c0cf02274b4a98460cf76846f50635f5426ff94600d628837d22383f5fd0c192c66418bb47badf

      Download Submit

    • /data/data/com.xunlei.kankan/files/etm/etm.cfg
      Filesize

      30B

      MD5

      38ac4f59d0b214651177430697d42766

      SHA1

      fe387f0f89ba59f1d87fffdb3af9941bcb0aa29d

      SHA256

      0902f9e74855738fc5dd2a9f3555b5a8f31699b73dfcdf1408028ff1ad253728

      SHA512

      75b5dbf7509eebb0e292010dbbb2652ea09b2df75cbae8dc815a2f54bdbc0b06299aa3172be8c2ee75bcf6aca7694ec4a87cd38efac9321adf28a72933bef308

      Download Submit

    • /data/data/com.xunlei.kankan/files/etm/etm.cfg
      Filesize

      57B

      MD5

      ede8a95ea29062f505735ec43df278d3

      SHA1

      5e6dfb423ae3268325114ce73fcd7053619b79d3

      SHA256

      ac392accfa5444a902334f73871205155c7c31557df8961eaa44a7a00465f2de

      SHA512

      792bcab59bf6f437fe5dcd72785ae6bda0a29cf788674316c46c4ad20b843e25bfc464376fe1ccd8bc8f3173e5a1dde180b8c669a6031871fa481689f91018dc

      Download Submit

    • /data/data/com.xunlei.kankan/files/etm/etm.cfg
      Filesize

      86B

      MD5

      363eb6e770981ab1fc919dc92a532e21

      SHA1

      08e2999432a7bf32066016951446a194a16f9707

      SHA256

      fc10fd622511379bd64391801490828479593a83af3601f0fc5277be49cd5524

      SHA512

      5557ac86ad3de434eb0a15747a7260997eee834a196f5b36392f01231c03e476e3a19451f90ac6b1438211b3d2c3c34f72d668cc6be6521aa1848ee8daeda403

      Download Submit

    • /data/data/com.xunlei.kankan/files/etm/etm.cfg
      Filesize

      109B

      MD5

      af66ce894ad4daa3028b7057fba3fbac

      SHA1

      9974f61523fa203747f8cb5fe283f7d14d7e196d

      SHA256

      06a675b39b977b50badbbbcacd914fd67f7e4e5b6a2b9d24bfe087c18f351b6d

      SHA512

      f645a097f3d6e97f1157891d99c7644f4a3de51754c005aa923730256f0184cdb9e5fda75f3cb2759f097f68eb46c2c47c084131ec01cfb871cb84f8d7befab3

      Download Submit

    • /data/data/com.xunlei.kankan/files/etm/etm.cfg
      Filesize

      579B

      MD5

      858b14e1074e7b9c53ab1b1cf38c3973

      SHA1

      2fe532df04f4e6d896d4cc3f01f2e2eb05c24613

      SHA256

      1e7effa9cbe52f048d31aea921251dc4dd32a109afc6bdff7f7878a238c54b0c

      SHA512

      8718bfb99cbb06204b9f5930cbe0e7e55349465f907b0cd3e8872308c349bfb7be5270de046488f61e609b7c5144565e7f0d743825ab82718c1db5fbb4936fa5

      Download Submit

    • /data/data/com.xunlei.kankan/files/etm/etm_disk_cache_file.dat
      Filesize

      1024KB

      MD5

      b6d81b360a5672d80c27430f39153e2c

      SHA1

      3b71f43ff30f4b15b5cd85dd9e95ebc7e84eb5a3

      SHA256

      30e14955ebf1352266dc2ff8067e68104607e750abb9d3b36582b8af909fcb58

      SHA512

      d6292685b380e338e025b3415a90fe8f9d39a46e7bdba8cb78c50a338cefca741f69e4e46411c32de1afdedfb268e579a51f81ff85e56f55b0ee7c33fe8c25c9

      Download Submit

    • /data/data/com.xunlei.kankan/files/etm/etm_task_store.dat
      Filesize

      256KB

      MD5

      808f8b5c7eb6c2ca0490ce6666e8e964

      SHA1

      265aeaaacc20496e48dfd927561b13cd8087538f

      SHA256

      9f8d4b816c9907d5b0fb82d2ae7a7675fa4d1008b1b743ce80cbb4854c266bda

      SHA512

      c89aef5ee8ed7e9e9ea431dde17d746806ca1e6d3990bcb610f909dc40404c1da8aa7af760262cf4d76c95f1188e9e139cd14b0dfed4ce97638bb6e0929384e8

      Download Submit

    • /data/data/com.xunlei.kankan/files/etm/etm_task_store.dat
      Filesize

      12B

      MD5

      8dd6bb7329a71449b0a1b292b5999164

      SHA1

      2c513f149e737ec4063fc1d37aee9beabc4b4bbf

      SHA256

      15ec7bf0b50732b49f8228e07d24365338f9e3ab994b00af08e5a3bffe55fd8b

      SHA512

      666a9a1a7542e895a9f447d1c3e0ffd679bbf6346e0c43f5c7a733c46f5e56c2f65e69dfd4769a9cad2b79b31d282f1ca2aa296ef41bd9833947ada194f46940

      Download Submit

    • /data/data/com.xunlei.kankan/files/jpush_stat_cache_history.json
      Filesize

      158B

      MD5

      546c89c309c5da0037b748804373f155

      SHA1

      8ca60d7f280217799a26c444e790c04bd649d4df

      SHA256

      e98a33e0ab3d6d485ab839378adc0aa43414ccf0fd4f9e5483e3467423f337e1

      SHA512

      45c71d6d2671d55f5de8a7f95df6d4a494de375b429c009a23ffead82b33d12222484b12b695f6822ba77b72a72950951725d29f5c2d407655b6954d52f4c52e

      Download Submit

    • /data/data/com.xunlei.kankan/files/libs_temp/libdownloadengine.so
      Filesize

      882KB

      MD5

      91598ece5d67eb454b783fc66bb8f88c

      SHA1

      090cbe767afff8ae9d03376f4ec8900e619dd7ad

      SHA256

      3409b05b5e4910833a4c1aa3269638ca8cb91d467d4890b6e98c595265a58a49

      SHA512

      d60fe50230a5a15218f4303b725e4572c368a2d93b5428364a9135bb05b7b7c323106b5ce483045e7bb5da1c41f07a53fe47080a86b9f85f2adbd1b6cb3e32a8

      Download Submit

    • /data/data/com.xunlei.kankan/files/libs_temp/libdownloadengine.so.properties
      Filesize

      57B

      MD5

      8add66968597627ff028c0e61a7f32b2

      SHA1

      cc0200cc93dc6f83c0902cc3414d655b93120838

      SHA256

      885b0614ed1a89f124fe059bb103f72e27076ed35c49c6324279fcb69866e32a

      SHA512

      e9094902f03a97f1428ba2b91fd30dac2432c2120af00ba4a95d3f4b9fff98611f3eab5d6604687724cb64e1cf9d1134b301cd7ddcde05bb97fd859311e637ba

      Download Submit

    • /data/data/com.xunlei.kankan/files/mobclick_agent_sealed_com.xunlei.kankan
      Filesize

      580B

      MD5

      fe8d554aaacbdd00a79cde0aeae0e317

      SHA1

      4a76f38b99433e5e11b3c40bc2b568e86693f9bd

      SHA256

      4e133c714f33e84ced75087eb43cf7ecf9049de00e9f29d670429321cd1ad2eb

      SHA512

      4e44f4a6a72826f1242fe45825747c876a3d5c908d34ad8f60fa356978484e11aa529eeb38e7558f43bd8653c5d1aee396381fa347a38c93236d20890986dbd3

      Download Submit

    • /data/data/com.xunlei.kankan/files/umeng_it.cache
      Filesize

      211B

      MD5

      6ed4a83e206a7f6c5746128ccdfada02

      SHA1

      004a2dd01af6527432aeb16296e3e6c679f78583

      SHA256

      e30afc15b46c52fb2a8de6389c896b1f5e0a3c32406f2939b9042abf62607e03

      SHA512

      00dbb64bb07c7de3f39c3805af8fbd22265d4a86eed5fe3e672e566f556c6b6831c3e36cb6e21cdcc5e783a8783bac48cacb3dda444fae716541cc14e4ef0a5d

      Download Submit