Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

5477ea6e0c...bd.apk

android-9-x86

1

5477ea6e0c...bd.apk

android-10-x64

8

5477ea6e0c...bd.apk

android-11-x64

8

Analysis

  • max time kernel
    4197070s
  • max time network
    158s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    11/01/2024, 20:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5477ea6e0ce6c98ed7f28ec062c630bd.apk

  • Size

    263KB

  • MD5

    5477ea6e0ce6c98ed7f28ec062c630bd

  • SHA1

    3d3e1f1401e03d65c5d32a82ed700a3e5df1d5c4

  • SHA256

    6964e5b5d985c6c440b063531582112d06eba78a6406af2c98c235d99ba50b25

  • SHA512

    90d7facf891f72bea6c231c3efb75318f05ae87ee29a3f609eb0546d01950725cd6964aea2c618ea0d7c3466ebff01a46341067ca48309134fda45d758d7dde7

  • SSDEEP

    6144:nPNvivXSCeVvnD2IJOsBFaw4IzEsS/ZXBc2Y4MT5fNM:di6tQIwsBFa/IvcR9UM

Score
8/10
stealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.news.ggicl.ddvctosoc
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4913
  • com.news.ggicl.ddvctosoc:RemoteProcess
    1⤵
      PID:4954
    • com.news.ggicl.ddvctosoc:guard
      1⤵
        PID:5430

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.news.ggicl.ddvctosoc/app_tfile/fields.jar
        Filesize

        138KB

        MD5

        cceb8db3b057d24673d49eda229e9892

        SHA1

        b18f6353b2156410249079a3b7b86ef3a530e8ee

        SHA256

        e900cb4c3fe9d8f45196a7457e9645c65b0f3cde820f4161950252cff67a4d97

        SHA512

        4a42cde3165a706e823caa1362001ed8aa647caf22325a4f2554c64fc4ebcd79afe44fe5eab5474221806f26e7aca9d2901026de6e597ef62fe867f123e4bd57

        Download Submit

      • /data/data/com.news.ggicl.ddvctosoc/app_tfile/oat/fields.jar.cur.prof
        Filesize

        369B

        MD5

        6de41202d76cfb91657a014430e7f33d

        SHA1

        1c066a98ee1dae3493881522b42a6978ef72ffee

        SHA256

        51491488aa5999f64c4d74c50676559497e9890b2a3978cdc8f07dc782e945ec

        SHA512

        765ef4f4ca7a832af8677b8cb38b705a5cf809b6d321f7d86bcb03471d5e55d8c9b8dc04dbad9f89b10febd5e87b29d29e1bd36fa91259ba00ea863ad1225236

        Download Submit

      • /data/data/com.news.ggicl.ddvctosoc/databases/tbcom.news.ggicl.ddvctosoc
        Filesize

        12KB

        MD5

        163b0e3f017becbc89b9d7f330b78f09

        SHA1

        1ef9cd8ac8655190468d0ccece0a4738634ab0f9

        SHA256

        cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36

        SHA512

        6a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd

        Download Submit

      • /data/data/com.news.ggicl.ddvctosoc/databases/tbcom.news.ggicl.ddvctosoc-journal
        Filesize

        512B

        MD5

        977d0940991709663fb74dcd899f3457

        SHA1

        983d535936dd89fedf88800ab6db16705a99990b

        SHA256

        b4895f4fe4eeb2d21b057a8c4edfae27b65b1ef8af395ed342f924997a2ccdad

        SHA512

        d7ab31ba81b64c3a048572da5827f3afaf71e24b919bd68964ec96526a9719bf77c34236b80d729348ce7b9a34ea6d70a3090244b3280675a25fc6eb90eac21a

        Download Submit

      • /data/data/com.news.ggicl.ddvctosoc/databases/tbcom.news.ggicl.ddvctosoc-journal
        Filesize

        512B

        MD5

        2fd82aef6ebd1a4910fdbcabfdff4d1d

        SHA1

        6ec078f8bdbe694d37a9c79108f63f4ddc9eb023

        SHA256

        d769a9531c1404759c66a3dfae2d7ab934c5b66503f5b3eef9074fc5e3adf6ab

        SHA512

        9290fb3acf8d2eec8fea03957814734eb81a70ded49580d5db6e7f8d87c4586be84dd892bd296c2c1a9cbd2daf339b864b6ea56f9536bc384b61a798187ad674

        Download Submit

      • /data/user/0/com.news.ggicl.ddvctosoc/app_tfile/fields.jar
        Filesize

        281KB

        MD5

        73b11c4c10150bbd4f29ad012dc11dde

        SHA1

        65c83ad32c29f9811c32eda75d7fcdc92ef42dda

        SHA256

        52132037e9b950a9cb48d6374ee2c6747a6bfe776e13a726395771f1b40ee9da

        SHA512

        3e53b1ee22a00e60896da86d2695195e0965c93d190c4d1c0dba2eb5c611d670ee7693a9f8756858255e2b170cb82a753719dd4d6a827af437309b7a1dcc6f01

        Download Submit

      • /storage/emulated/0/Download/sdsid
        Filesize

        4B

        MD5

        b8c37e33defde51cf91e1e03e51657da

        SHA1

        dd01903921ea24941c26a48f2cec24e0bb0e8cc7

        SHA256

        fe675fe7aaee830b6fed09b64e034f84dcbdaeb429d9cccd4ebb90e15af8dd71

        SHA512

        e3d0e2ef3cab0dab2c12f297e3bc618f6b976aced29b3a301828c6f9f1e1aabbe6dab06e1f899c9c2ae2ca86caa330115218817f4ce36d333733cb2b4c7afde7

        Download Submit