Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

0f235e91ba...e7.apk

android-9-x86

4

0f235e91ba...e7.apk

android-10-x64

7

0f235e91ba...e7.apk

android-11-x64

6

Analysis

  • max time kernel
    3255877s
  • max time network
    164s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    30/12/2023, 04:52 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0f235e91baa51cdb144fab9dd8a0b3e7.apk

  • Size

    1.3MB

  • MD5

    0f235e91baa51cdb144fab9dd8a0b3e7

  • SHA1

    6e9a29ea5b403d314d5d4d8f9883bedbb9b5c879

  • SHA256

    da8fd87400626d7ab22e9164df2ce12f7891ef742e9ad1bf2ea01c1767b9a79d

  • SHA512

    5f589a081d7830352fcffa0e805a9f3d8c2519a79069fcb07818ed75cebd79873162455e6bc213cda2d14bce9ee0ec15fca43ed60500f51f25e4b12670c07d9d

  • SSDEEP

    24576:WbuJSYOiS2Lpv7j4jRblD8hNH3vifxr+tIOLOnm/qDbCQW3CU5o5LyATTP6R:/wYO0l4zkNHaJuCmIbCQW5yBdPa

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.himoney
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5002

Network

  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
    Response
    ssl.google-analytics.com
    IN A
    142.250.187.200
  • flag-us
    DNS
    alog.umeng.com
    Remote address:
    1.1.1.1:53
    Request
    alog.umeng.com
    IN A
    Response
    alog.umeng.com
    IN CNAME
    alog.umeng.com.gds.alibabadns.com
    alog.umeng.com.gds.alibabadns.com
    IN CNAME
    alog-default.umeng.com
    alog-default.umeng.com
    IN A
    223.109.148.179
    alog-default.umeng.com
    IN A
    223.109.148.130
    alog-default.umeng.com
    IN A
    223.109.148.141
    alog-default.umeng.com
    IN A
    223.109.148.178
    alog-default.umeng.com
    IN A
    223.109.148.176
    alog-default.umeng.com
    IN A
    223.109.148.177
  • flag-us
    DNS
    alog.umeng.com
    Remote address:
    1.1.1.1:53
    Request
    alog.umeng.com
    IN A
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    216.58.213.14
  • flag-us
    DNS
    alog.umeng.co
    Remote address:
    1.1.1.1:53
    Request
    alog.umeng.co
    IN A
    Response
  • 142.250.187.200:443
    ssl.google-analytics.com
    tls
    1.3kB
     5.9kB
     8
    9
  • 223.109.148.179:80
    alog.umeng.com
    240 B
     4
  • 172.217.16.238:443
    tls, https
    857 B
     40 B
     1
    1
  • 216.58.213.14:443
    android.apis.google.com
    tls
    6.6kB
     8.0kB
     17
    17
  • 223.109.148.130:80
    alog.umeng.com
    240 B
     4
  • 223.109.148.141:80
    alog.umeng.com
    240 B
     4
  • 223.109.148.178:80
    alog.umeng.com
    240 B
     4
  • 216.58.201.100:443
    tls, https
    430 B
     40 B
     2
    1
  • 216.58.201.100:443
    www.google.com
    tls
    16.8kB
     10.0kB
     32
    34
  • 223.109.148.176:80
    alog.umeng.com
    240 B
     4
  • 223.109.148.177:80
    alog.umeng.com
    240 B
     4
  • 172.217.169.46:443
    520 B
     10
  • 142.250.200.2:443
    520 B
     10
  • 224.0.0.251:5353
    3.7kB
     11
  • 1.1.1.1:53
    ssl.google-analytics.com
    dns
    70 B
     86 B
     1
    1

    DNS Request

    ssl.google-analytics.com

    DNS Response

    142.250.187.200

  • 1.1.1.1:53
    alog.umeng.com
    dns
    120 B
     227 B
     2
    1

    DNS Request

    alog.umeng.com

    DNS Request

    alog.umeng.com

    DNS Response

    223.109.148.179
    223.109.148.130
    223.109.148.141
    223.109.148.178
    223.109.148.176
    223.109.148.177

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    216.58.213.14

  • 1.1.1.1:53
    alog.umeng.co
    dns
    59 B
     132 B
     1
    1

    DNS Request

    alog.umeng.co

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.himoney/files/.um/um_cache_1704062926589.env
    Filesize

    550B

    MD5

    253ce7d6c9611c3686b2db6a8d1c6d4d

    SHA1

    1f33758cb36d1af78bc72888214618b6af92c1e6

    SHA256

    0b92caf4cee36adfcbc9d2835d96f93fd20ef7008b3c9298fc5094bd43780c28

    SHA512

    dec437ab93dc897de841e1c773fe06b0ab68185dde01a18dc96c34c814ad0d5592ac815e819c99acc97e7c7dce3503352d70e36e7b4581db91e0a2e961737236

    Download Submit

  • /data/data/com.himoney/files/umeng_it.cache
    Filesize

    245B

    MD5

    e2b5b7cf4e72fb554294c5850d4070cb

    SHA1

    6858b09fcc55473eb212a0a7571482388af2f1b9

    SHA256

    5c59999ddd896fb68e44711d67212e84d1b22c83b86ee1cd2215e59cb6f103ef

    SHA512

    80e75e55f2c2965dca28ea21786ef5f6d106f281f0749070374a84f57b876fdf4e84d9313e31fc893c90e7f384321d2fd4171cff73e9a07107a746613058e451

    Download Submit

  • /data/data/com.himoney/files/vault.a
    Filesize

    37KB

    MD5

    7c3d296d098814106b25b51ccab44720

    SHA1

    6f995de869edf2e95de9d3f2cd38ec22dc338de1

    SHA256

    9d1e5cb76f3e9f034a9fa80a443efe36469efef4a336130ea6ea2e690481710d

    SHA512

    5ba76887362ac0d9dca967ab998318b609a5587dab29abdb10583794af5c238e2e82e6ab978573a4f544027d6f0dc9eeaaa43528c3a810892f21bfabe24c619a

    Download Submit

  • /data/data/com.himoney/files/vault.a
    Filesize

    37KB

    MD5

    6bf167ef113e4fb8c4f8787e7b21adc0

    SHA1

    8171add62ea189358c05dc8bd5b064a1e0543a6e

    SHA256

    dc7325150a7c2cadca46e0b62fb59a7abc2fef68d2c2e0997a406a5fd0ea6f66

    SHA512

    61a82af5d40343e5ce24a31fe841868afc98908fa30fb3bf529ba64c6cf7f9f3a06943a58b50ff3292a4c6091d0d0e6256bcb5fda01d0256b515d2e32156e222

    Download Submit

  • /data/data/com.himoney/files/vault.a-journal
    Filesize

    3KB

    MD5

    3e6c688ad258557689f67a23ee88b0e0

    SHA1

    0aba88b279dba8ecc76a6830ae507b699eaa79ac

    SHA256

    0d3dec4e8e4313d7ec3543f263610b295ab30a829f5b1a7291d8cbefeed6d1fb

    SHA512

    378541cafa906be41b3bca6c14a70c4037a1a462a20c548dc309aacdf404b6d0d7205c853f49db65a675b9720dbfad906e12b0cf3e8aff85bfe66ac26eaa2978

    Download Submit

  • /data/data/com.himoney/files/vault.a-journal
    Filesize

    2KB

    MD5

    ab8b326c768f7d3ef70567701b269468

    SHA1

    de01b542284abf22b0d8c50ee5db100558d91597

    SHA256

    65ce918d7d219884450211bf329e880fd2c81d3d2d041615f9b765c4d61b4014

    SHA512

    9f338b95b8e1cc29667414ddcfce5c78887ab2816f760dc7880367c7d0952ff84d11a221717d534148530cc644980e9101b61dce995b104137b0fa5d66a51bab

    Download Submit

  • /data/data/com.himoney/files/vault.a-journal
    Filesize

    2KB

    MD5

    ef05d78f8ea3f597248e18ef59b3e8b7

    SHA1

    33c0357c07cc7834ed9e71323056363115d0ce91

    SHA256

    6507f9f158490e7b2a5371094040741a40f2d39097c87af259364fbd90a078c6

    SHA512

    51ca467763bc60c54b9595341e7ac4079cd5f577bbd6091543e0f435941a73d8bde80a5c108b9716faa83a3de29dfb81dd8e884d4b678033535a9b83d6d94861

    Download Submit

  • /product/framework/com.google.android.maps.jar
    Filesize

    315KB

    MD5

    4899aca36d1ed747a447dcac0d101a62

    SHA1

    32e43edc0bf3e036683ea8639472e6cd31ab9929

    SHA256

    67a651acd867e046fb4463b31ea584c1468f7243a9d1e2efd34059e8ee2f130f

    SHA512

    50b23dd279a9efba566c6a6523c7537723c0cd6dd3e4871f1cbdb8d5bc355caa3ddea99452b1c8e5356802f812b3768066a9848b93d715bb8bdfa455b704285f

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.