Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

a0bb27b3b4...2b.apk

android-9-x86

7

a0bb27b3b4...2b.apk

android-10-x64

7

a0bb27b3b4...2b.apk

android-11-x64

7

73c6c30050...83.apk

android-9-x86

73c6c30050...83.apk

android-10-x64

73c6c30050...83.apk

android-11-x64

8286d8b2bd...3b.apk

android-9-x86

8286d8b2bd...3b.apk

android-10-x64

8286d8b2bd...3b.apk

android-11-x64

970679ae7d...8a.apk

android-9-x86

970679ae7d...8a.apk

android-10-x64

970679ae7d...8a.apk

android-11-x64

d5e3663118...cb.apk

android-9-x86

d5e3663118...cb.apk

android-10-x64

d5e3663118...cb.apk

android-11-x64

Analysis

  • max time kernel
    150s
  • max time network
    157s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    24/02/2024, 02:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a0bb27b3b4bdcd59cbec40916718a82b.apk

  • Size

    2.6MB

  • MD5

    a0bb27b3b4bdcd59cbec40916718a82b

  • SHA1

    092734c5bf464de2b1be33d6631be2f73146c8da

  • SHA256

    ff3575d76dce8546c743408c8d7600f8ef2ba5830064b90db3b7a178d2be1dbe

  • SHA512

    70d3911ed6ddeb1c62eae652b2b3173e0f64ba7e3668fddeb683482bc9364ec0e234b7ed4c8ed7e0c0fee64dc205e6d0a5dfcfa4a7135534ebc1d4b1a48ed5bb

  • SSDEEP

    49152:VYAhAKzFMoyYCLokMeHrbGXE6VgxrkEBRyugMygtyMxrUhGMJt+p29C0DWAl:gyy0CSeHQG3uMygtzUhGMRUW

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped Dex/Jar 10 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

Processes

  • com.zxfh.folvmefx.ilepwej
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4231
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/.push/.app/source.apk --output-vdex-fd=58 --oat-fd=59 --oat-location=/storage/emulated/0/.push/.app/oat/x86/source.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4301
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/.cache/.app/.lib.apk --output-vdex-fd=62 --oat-fd=63 --oat-location=/storage/emulated/0/.cache/.app/oat/x86/.lib.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4381
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/.market/.app/.mini.apk --output-vdex-fd=62 --oat-fd=64 --oat-location=/storage/emulated/0/.market/.app/oat/x86/.mini.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4414
  • com.zxfh.folvmefx.ilepwej:remote
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4277
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/.secur/.app/framework.apk --output-vdex-fd=50 --oat-fd=51 --oat-location=/storage/emulated/0/.secur/.app/oat/x86/framework.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4347

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.zxfh.folvmefx.ilepwej/cache/AnalyzeCache/1126940025
    Filesize

    979B

    MD5

    e0f52d7f875e8aeb971601338d7d175c

    SHA1

    49a4b2b5a3cb2469c2f3849a306ea0fc96471c58

    SHA256

    d71016e2a02f3052d23681d9da0a8a02dabe83e7f52485b9b90a33ed460beacb

    SHA512

    3cc065fa9387fa5dd704b1916f8546635bfbd2cb81c904a5ab65ddb35d6134e5d2e004ab861ef7925cf8b81346012e375ff920f530ee56b838b5c513b00b58f7

    Download Submit

  • /data/data/com.zxfh.folvmefx.ilepwej/cache/AnalyzeCache/1126940025
    Filesize

    642B

    MD5

    47b684a083357ba154bcbbb8c2071dc1

    SHA1

    71e2117e8f6ad8facf0174d3bae67bddf408f250

    SHA256

    befe27d702d28716273c1499a622906ce8a171f2f741d987f0f1939363807166

    SHA512

    97291d12203d530f596f2916b68a61b09969fbf3701287abd65f38a77b8e246d1cd263c88bbbfcbb03c460f1a238ac63de62befe20196365e54f9a50fc7d4865

    Download Submit

  • /data/data/com.zxfh.folvmefx.ilepwej/cache/AnalyzeCache/926934164
    Filesize

    1KB

    MD5

    ce657557d2698f0de32a69ad1523fb6c

    SHA1

    7cdffe7498701e591b7d2143163f3b9f5301167f

    SHA256

    b39a724216d2eb5a525833e358114af671c3a18f9280251a51e470f94e02e4b2

    SHA512

    a9f6c065bac0ef3ee4ff909272dc5b3ebd501cc1cf625278dfbf62b43c427c4e2aad79ca5980fb1a6b6f7809c3ce366ccaca7a875bb334bfc26b3a4a648374e8

    Download Submit

  • /data/data/com.zxfh.folvmefx.ilepwej/cache/AnalyzeCache/926934164
    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

    Download Submit

  • /data/data/com.zxfh.folvmefx.ilepwej/cache/CommandCache/fcb98ec3be77cddf140f259407873b2e
    Filesize

    979B

    MD5

    5c53e5692d18a11d9b262d150bc27177

    SHA1

    cb0cadd255b419f0dfac2ff84eeaf90f87ad9e0a

    SHA256

    ad55187a722b593f9ab450ec22e0ea3c6b898aa46043e3de93ca5d4c665dce31

    SHA512

    1c87b36855ba913a05af7420e7c52d2e9f47f6ba3bcb65c1e52e3d09c8e95d62d76d1801602f985149bd924fd1ab869f9c997795225a43cb2f474994f62c0301

    Download Submit

  • /data/data/com.zxfh.folvmefx.ilepwej/files/installation
    Filesize

    1KB

    MD5

    dcfd6b8f25521a8671c5379cd7578643

    SHA1

    ea5f509786cc8f1bf99fa2f5197c892e0905ddf2

    SHA256

    2b523fc0af082612fef15023dadd7cba3e7e6c97ff62625465afb602ed333863

    SHA512

    b38aaa26cb2a6e6603d47878a57750b4081c2fd3ffba2560fbf6440ed8ae0a03ca95cae6cf371e808c55fd7ad1703797f3f54a0b3c9130d8305e813b5b5d33b5

    Download Submit

  • /data/data/com.zxfh.folvmefx.ilepwej/files/installation
    Filesize

    1KB

    MD5

    96d933acce2edda8eb033f11d683bf1a

    SHA1

    99b1beaa2a587644ef315c846aafe7b568a83894

    SHA256

    23fd440532ed9462fe06d6ddfad351961c62a99569a8a37da525f035b39fedc9

    SHA512

    680324f72a1bae03ab5ab63c67452ff41cd5167a30ea8f56be530d8806da767cc83d5fa7189f178da3fad291e03078b5bfdbe60ea7ef98498a9258fd61bcd48c

    Download Submit

  • /data/data/com.zxfh.folvmefx.ilepwej/files/installation
    Filesize

    1KB

    MD5

    f4d27d2ed8f4ed3360c50bc13f47b886

    SHA1

    553495d0e5baa5c9240ebc0db75138d1db357cb8

    SHA256

    e902813df344479552f8664ccdf3eb47cd5995893808f65dd11fa79bd12e0ba3

    SHA512

    0c43ed909af463bd645ef82f49b5fd28fb88aba920d51c618b39678c96b0fdbede875ea773bb56d42012089e0b7286b1131507a7d7216f6cac3ed28cc82f7d25

    Download Submit

  • /data/data/com.zxfh.folvmefx.ilepwej/files/installation
    Filesize

    1KB

    MD5

    31a66675d8c1a4da1706827042a7191a

    SHA1

    f83f4db2a63ff48a2285a84c214975f0d2ce8657

    SHA256

    3c5cc1bd71921968a1b3ef8c670b319fca5da77359aeb04ee7c31f309ada0cef

    SHA512

    09405afc0247a04e037612f27d12f44133cdffcc5988294035929fa71c2460aba5ae5018c4293d66c67b3a65d2ce94e5b2194a496f4974140c603b6a28c1efec

    Download Submit

  • /data/data/com.zxfh.folvmefx.ilepwej/files/installation
    Filesize

    1KB

    MD5

    1f1f6b8a196c865b57f23648b659042a

    SHA1

    c3ccb03863b87e5461d2a8cf52858442c2159933

    SHA256

    900ba7fd3df320580b72600267b27151153ba6b84d34c70a94cba50803e37c5f

    SHA512

    c8ef46db464cad268f55cd6e9f11aea5176f23a37863595fe46f3dae53a6bf6d3fb060507a83dd8067dedbb70341a47b9bd767a7a360ff5fae74276d6d9876e6

    Download Submit

  • /storage/emulated/0/.cache/.app/.lib.apk
    Filesize

    566KB

    MD5

    b2535c3d7f877e2d4a7ab349b732a98e

    SHA1

    1799d1cb540a9e3787b5d64a0a17f38facf16090

    SHA256

    34e9ada7f133007725944f8f9d7171f242be7633a0d576e8df5d6f1f0e2f8066

    SHA512

    d6f022e5e853d29ac005532627a32b4907d7b4895bfe5973d70f6e87c1ef1fa20d512d707fa2f2544eacca03841a66e779fc94fbc34536306df07c19ad53efad

    Download Submit

  • /storage/emulated/0/.cache/.app/.lib.apk
    Filesize

    97KB

    MD5

    ee1a762a628b2af26f338803ee3b9651

    SHA1

    91f397bd92db787343e3fb55b086346a77a9ec75

    SHA256

    840f9139fa0c2d429205938ab2896ed46f07082f0b739253514af34c45f978ac

    SHA512

    eda2ccfd9435dca4107dc259e6c2c82b72b81b518bdb4b177daa660d928b51c8eb69d668a5f2d9d75ef1d098aa33979900b72e2bc194f8078cc2cb023930ad05

    Download Submit

  • /storage/emulated/0/.cache/.app/.lib.apk
    Filesize

    97KB

    MD5

    e712e854cd4824b463eb1fd05cc497e1

    SHA1

    0b7d050bfc2341f9e6a14a5aab325efc16525875

    SHA256

    376c780d87fd786530fe4a44e01c24e968a6998c2f178da6dfea894772311916

    SHA512

    0cd135614c5a4996d59862441b21ef3b1673047e85576289fc2473156648379cb505f01dc1a4aca12feeb8f784e53c10b26c720f3eefce9869234379e3162713

    Download Submit

  • /storage/emulated/0/.market/.app/.mini.apk
    Filesize

    70KB

    MD5

    1753d734ba9ca4780c1762e9572750f7

    SHA1

    dfb829058c3f050141c85efa206c0602bd9b51ed

    SHA256

    1607f76cc9cc5ba62c15a2d80524eb9702af26cbbe06595b78e64ff06ebb276a

    SHA512

    ba5f4269ba414bee4bfa9d34dec701ef4f8e0417a78b31de7cd2eae1cc260328b22a7e4e094ed796e4360922aeceeb8d7d06e324de3f95d565d01ac2ec747eee

    Download Submit

  • /storage/emulated/0/.market/.app/.mini.apk
    Filesize

    78KB

    MD5

    beace4e06502e68d7a1eba6fdd9e6ada

    SHA1

    9f7ffceb24cb2538f7b18299d9edc02dceeba4ec

    SHA256

    420a71825aecb4aa6b46a049a95730a742eb7c755cd8e4bbd9e25c5ea2b573de

    SHA512

    1f6a77679f687430b67578eb7924d8ee793ddeb7e9101ef94922571df665914b0a7f6d7b7efa162edf51f893dd56879e6d9dd8597ae515863e0502832d059ac9

    Download Submit

  • /storage/emulated/0/.market/.app/.mini.apk
    Filesize

    78KB

    MD5

    fe701b18e66d038a5f8f026bae81dc8e

    SHA1

    0cf005d580fed923c442a7baf6f5022fa5c936fc

    SHA256

    ea7a779fc423f70ed5159bba447af8a7c335faf1b0c1c071c4f015dfab814d04

    SHA512

    0f9eb011b8c99e89b4739c52ae26bc0d9b53ba0a032213e73db62f8121143732cc1ffdf1dc2fecb547e60b3c8ac98b3a72771cbc81e133dc05200b2e0dec8bae

    Download Submit

  • /storage/emulated/0/.push/.app/source.apk
    Filesize

    197KB

    MD5

    bcdda60dc329384687cb98f76118cb27

    SHA1

    ba99b996524c7bc690e86bbb859b535c1555bc57

    SHA256

    39abf9aad0f60d122c02835c9c1377c0e340a98c59651465f5fbffab665de0e2

    SHA512

    0b9ac4ef14021aba05e476771257ff5c6dbad1a210c2376f6143f58c2507b5ceaade91f18725ff5db03d06c47cdcc375d014d358d67193b47599d5d224e2cd62

    Download Submit

  • /storage/emulated/0/.push/.app/source.apk
    Filesize

    91KB

    MD5

    408f20f23112e3865a0addb4a3599f6c

    SHA1

    7f15f77bd0d55d939a5ea9aa1d058edd15b21455

    SHA256

    a41b2ef7a4b2959b6c56d21223d5e13116a3087b2e9d550d9f93e1576b6beb65

    SHA512

    accb0447767e487fdb14ba937580b8cf78e732b553f38a72ff5e4fc4aaf211f24f7a78afcebae0e9388d1068d985b08609e77e7aed62fc670eb914c8cbd9d152

    Download Submit

  • /storage/emulated/0/.push/.app/source.apk
    Filesize

    91KB

    MD5

    90745bc24c7702fb15c78901c44a617c

    SHA1

    00404a163a4577902b5ff43397205f3810da9a81

    SHA256

    b12f74fda48c46cac0d09dd7bc85d8440066d4a384161b7cdd1ab5be741304ef

    SHA512

    c421ba8beb93b0780776686709eb756525a217c11252237627161a298464994c205920633ed3eff8bb46bccfa47850b942792fb92eb8e8ddb7fe6ea1ac5618e9

    Download Submit

  • /storage/emulated/0/.secur/.app/framework.apk
    Filesize

    84KB

    MD5

    323bf238ed72115007fdfa8a5646dbb7

    SHA1

    5bdbe1040f01cc1438d53d70f910e65f7ab233dd

    SHA256

    9144bb31461cddb8888f09c2b641530c9a80da3f7aa9a0c088cac953aa429d46

    SHA512

    906154185f73e2e560e4fba1d20a1fba1347335f3a269479b3ef84a5dfdc0b4feed343f015f7cc89678b46c76d3d30c55ca6dc7929857090c5efb70d3f7d580d

    Download Submit

  • /storage/emulated/0/.secur/.app/framework.apk
    Filesize

    92KB

    MD5

    b0dc2e1bdb24d6e1752bfd4fc5011fcd

    SHA1

    081194c549b902639849ec8122a78ca7885fb574

    SHA256

    4e375fbf555d97e0db749f53c87c0183fcf4ceba07f3acae3a17cd492f41fdff

    SHA512

    e55ec10c9311568bd98d4578bc3bc9efb548dc4ee82332a4d7a19b305e243e06d45ba51092c16bd8b937fa08408716f2571edeb5ac29a70f09d57d4f9d94725a

    Download Submit

  • /storage/emulated/0/.secur/.app/framework.apk
    Filesize

    92KB

    MD5

    9f7e2565b4e7205c6aba3adb542ea389

    SHA1

    898ccde7a4c941046a005c5b6dd3584209bf9922

    SHA256

    31aff9c0470317f333a3dc2a6effe4bef1453ff47b28cbc4c10dd2ec8a29d1fd

    SHA512

    9fdc7e48c96eaff2f4ed629cd04a500d3e5ec9451b332e3d1a96cf8c3a6df2f30965035fc260fc725bf90caaca71935e30662ac9a0394e0c5f7ddd9a10979546

    Download Submit