Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

5477ea6e0c...bd.apk

android-9-x86

1

5477ea6e0c...bd.apk

android-10-x64

8

5477ea6e0c...bd.apk

android-11-x64

8

Analysis

  • max time kernel
    4197081s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    11/01/2024, 20:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5477ea6e0ce6c98ed7f28ec062c630bd.apk

  • Size

    263KB

  • MD5

    5477ea6e0ce6c98ed7f28ec062c630bd

  • SHA1

    3d3e1f1401e03d65c5d32a82ed700a3e5df1d5c4

  • SHA256

    6964e5b5d985c6c440b063531582112d06eba78a6406af2c98c235d99ba50b25

  • SHA512

    90d7facf891f72bea6c231c3efb75318f05ae87ee29a3f609eb0546d01950725cd6964aea2c618ea0d7c3466ebff01a46341067ca48309134fda45d758d7dde7

  • SSDEEP

    6144:nPNvivXSCeVvnD2IJOsBFaw4IzEsS/ZXBc2Y4MT5fNM:di6tQIwsBFa/IvcR9UM

Score
8/10
stealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.news.ggicl.ddvctosoc
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4574
  • com.news.ggicl.ddvctosoc:RemoteProcess
    1⤵
      PID:4617
    • com.news.ggicl.ddvctosoc:guard
      1⤵
        PID:4915

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/com.news.ggicl.ddvctosoc/app_tfile/fields.jar
        Filesize

        138KB

        MD5

        cceb8db3b057d24673d49eda229e9892

        SHA1

        b18f6353b2156410249079a3b7b86ef3a530e8ee

        SHA256

        e900cb4c3fe9d8f45196a7457e9645c65b0f3cde820f4161950252cff67a4d97

        SHA512

        4a42cde3165a706e823caa1362001ed8aa647caf22325a4f2554c64fc4ebcd79afe44fe5eab5474221806f26e7aca9d2901026de6e597ef62fe867f123e4bd57

        Download Submit

      • /data/user/0/com.news.ggicl.ddvctosoc/app_tfile/fields.jar
        Filesize

        281KB

        MD5

        73b11c4c10150bbd4f29ad012dc11dde

        SHA1

        65c83ad32c29f9811c32eda75d7fcdc92ef42dda

        SHA256

        52132037e9b950a9cb48d6374ee2c6747a6bfe776e13a726395771f1b40ee9da

        SHA512

        3e53b1ee22a00e60896da86d2695195e0965c93d190c4d1c0dba2eb5c611d670ee7693a9f8756858255e2b170cb82a753719dd4d6a827af437309b7a1dcc6f01

        Download Submit

      • /data/user/0/com.news.ggicl.ddvctosoc/databases/tbcom.news.ggicl.ddvctosoc
        Filesize

        36KB

        MD5

        ebfd4869bb86abd638bc48b891f3e1c8

        SHA1

        a27f262fe7a41ec9976d457416447f8b78c80e03

        SHA256

        5f49bca53de766023101cc1ac8dda79a83c485fce8d9138452b39d1853d2fe0f

        SHA512

        062fd15e0a34619071834f2d81889e6a100c3a707e53621b16d584182a57c690f6a24a73e19fb77678d857fde477935811a963998a73d7ffe971d6ebd9cafb07

        Download Submit

      • /data/user/0/com.news.ggicl.ddvctosoc/databases/tbcom.news.ggicl.ddvctosoc-journal
        Filesize

        512B

        MD5

        3c7549b0841063a7f157b778fc81ab2f

        SHA1

        9dc22d82eddb52f088cbcde1f67e8cac3c61f0ef

        SHA256

        dd305b2a3fa9c757a030c42aea2bd373d5fbf5d2335339075d00bcc7afeffc77

        SHA512

        75ac6d9d92cf09ed7cda1d8be2eb33c346114bed3b4a38fbc7ac65fea8ea1ad600f743660986fab38d7bb4d43f5ce47bcdcbe5a3e2767e42efb388e787deb653

        Download Submit

      • /data/user/0/com.news.ggicl.ddvctosoc/databases/tbcom.news.ggicl.ddvctosoc-journal
        Filesize

        8KB

        MD5

        ae958b2cacc46801d0f9cd11709f9281

        SHA1

        6438b705a00c97d3dffb68750c472cbdf5fa6db7

        SHA256

        2e609f35b5a8407cf2c17b267c1ef20c0e34aaed916521850802f8c033160e7c

        SHA512

        d552c965b12f7009a13e3b1ce4f6211702abf165492e3149701f165080c7c5c447ed71f5b3e1a620e51bbd4c83155ec404ea3a229da0b546d057bf7249518302

        Download Submit

      • /data/user/0/com.news.ggicl.ddvctosoc/databases/tbcom.news.ggicl.ddvctosoc-journal
        Filesize

        8KB

        MD5

        3a9705048a6505e42f5eddd50e446f4c

        SHA1

        e32b3a58df2741d170a95b2f490229e46be8314a

        SHA256

        01d701a3c843d39c8f773bf8bba9bc5bc7b4d87d717e5832bd09aa4e74eea97f

        SHA512

        81543dcf73d74c36653e2ccae0e5a00dce53635371ef4cfe813961180812bf971fcf6c25ce0abff4ae96b89ce89e9a623e389b2b70f81d38727f3141e2e457b1

        Download Submit

      • /storage/emulated/0/Download/sdsid
        Filesize

        4B

        MD5

        b8c37e33defde51cf91e1e03e51657da

        SHA1

        dd01903921ea24941c26a48f2cec24e0bb0e8cc7

        SHA256

        fe675fe7aaee830b6fed09b64e034f84dcbdaeb429d9cccd4ebb90e15af8dd71

        SHA512

        e3d0e2ef3cab0dab2c12f297e3bc618f6b976aced29b3a301828c6f9f1e1aabbe6dab06e1f899c9c2ae2ca86caa330115218817f4ce36d333733cb2b4c7afde7

        Download Submit