Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

ad3e95eb5a...e9.apk

android-9-x86

1

ad3e95eb5a...e9.apk

android-10-x64

7

ad3e95eb5a...e9.apk

android-11-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    134s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240221-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
  • submitted
    25/03/2024, 13:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ad3e95eb5ad4d5aa5652bb1573f84e94ed8d4a731b24bb7a73e47c3ea9ea8ae9.apk

  • Size

    1.7MB

  • MD5

    5d5338ab6bb53f29e972555b2c57e6b3

  • SHA1

    f1cd94fe564700dd6d927df1ee598568a05243c7

  • SHA256

    ad3e95eb5ad4d5aa5652bb1573f84e94ed8d4a731b24bb7a73e47c3ea9ea8ae9

  • SHA512

    f665374089478d0e69ea51dadfd04e012a5634c63e9b5db0006f6386733e928102b73466fbb594d7268aaa42144cc8b6baa56cc9ec4a2f9d007c83f03f17c932

  • SSDEEP

    24576:26GxiEknj8PEMR9ai0s/QKzCFJGZGDYExtJDWEghVOGOc3HtsSCKcEjv:HlwP1aXc3z/GkEXJiEgjFp3nCbEjv

Score
7/10
discoveryevasionpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator. 1 TTPs
    discovery

Processes

  • com.draw.nearme.gamecenter
    1⤵
    • Loads dropped Dex/Jar
    • Makes use of the framework's foreground persistence service
    • Acquires the wake lock
    PID:4689

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.draw.nearme.gamecenter/files/77a011a8.dex
    Filesize

    774KB

    MD5

    c740c34a430ff73749aae0027daa8570

    SHA1

    e11b42764ca9a5a1f2d10f05cf3fb152d48dbb66

    SHA256

    f9560b8379762e2767d5d4b1b867b53f558abbb6dc3cafc5e917e7676a4dcdeb

    SHA512

    368b438fa885a89f1c75ff35cb750315684b9387cefbba10d40e11854fb3cb475b7d5e3eff3ebe6fd26faf6fec03657193c3d811a6de9fe9c3db054360684b9a

    Download Submit

  • /data/user/0/com.draw.nearme.gamecenter/files/77a011a8.dex
    Filesize

    2.7MB

    MD5

    52b4dc68e0bac0d1ee10f0d87fc694b8

    SHA1

    0a5203f48454c51d34229697663c2e6f313db96c

    SHA256

    8b49dfc5f58a91fba8e32707bf584290a9107ddfd6fd52eeb6af38cee95bfd3b

    SHA512

    205bc2139cb337884e124fefad002c94ae4c192cc255d8693f263e5325bd8378a9dc89f18d7b27025798d14e492ce89dcdd3537844380145e3f40d6f264dd06e

    Download Submit

  • /data/user/0/com.draw.nearme.gamecenter/files/PersistedInstallation8394555622702987947tmp
    Filesize

    573B

    MD5

    d439d38ed9b2412dfe814221e55533ac

    SHA1

    99a7481a7b46e7e6e8ae42ae02ffdf4b404f874b

    SHA256

    3e7829c8ca049d9f4f3b74465de19c34258cfc69b49d8f985ffd8664246ed0f4

    SHA512

    1cd897e3b76efe541711aad300aa9520a795bcc8e83824e38f26b55aedfd525f8fd8e3a2feac91a6d20d00a37bf5d6aec4f1330d8956fd0d8be168d1c82882dd

    Download Submit

  • /data/user/0/com.draw.nearme.gamecenter/files/bFCNU
    Filesize

    230B

    MD5

    c7fa63fcc0e4ea971edfe898f3b15b70

    SHA1

    152e8cafb1af8372c20f6aa0e6eb5e1691a57689

    SHA256

    8833fb69e875a97eb9bd478a0a01fe6eb50d5838192cf5822950de5f28b95ee8

    SHA512

    44d3bb52464a5f3584d21b6993c0d7e2140468ec9c7cb78a25e33b7ab7066eb0f4751e233f1e260ca8d209d26c458f6820703ad1fabd14d15f5faf24cb8f9c96

    Download Submit