Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

2736cb0803...18.apk

android-9-x86

8

Analysis

  • max time kernel
    149s
  • max time network
    159s
  • platform
    android_x86
  • resource
    android-x86-arm-20240506-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
  • submitted
    08/05/2024, 23:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2736cb080311c7698c9071e5ab39a0b3_JaffaCakes118.apk

  • Size

    23.1MB

  • MD5

    2736cb080311c7698c9071e5ab39a0b3

  • SHA1

    8e2f005bd2e4aba8ce83ee18478fb5434774decf

  • SHA256

    9e7f01b62991dcbd7104b2040e3369b90c8201f09c6c46797f28f0f987ba9785

  • SHA512

    844a99b09db354fe09c6af356329a84d62acd2c0e2db7268c62f5e7eaaad78977a7fe09d86b56b44076a9e7c3958b1b20cb589e317b33983d1581162527a6774

  • SSDEEP

    393216:sKUlzSdsKk41dQ5q1pjFeah4GIYgppoLS/K9HJqKvE9tEXU1unyexEg:pYN+LQ5opjFe44GIYyu9Hs9tEXU1unyY

Score
8/10
bankercollectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

Processes

  • com.niupintuan.youxuan
    1⤵
    • Requests cell location
    • Checks Android system properties for emulator presence.
    • Checks CPU information
    • Checks memory information
    • Queries information about running processes on the device
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4257
    • getprop ro.product.cpu.abi
      2⤵
        PID:4358
    • com.niupintuan.youxuan:remote
      1⤵
      • Queries information about running processes on the device
      • Registers a broadcast receiver at runtime (usually for listening for system events)
      • Checks if the internet connection is available
      • Uses Crypto APIs (Might try to encrypt user data)
      PID:4332

    Network

    MITRE ATT&CK Mobile v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.niupintuan.youxuan/app_tbs/core_private/download_upload
      Filesize

      84B

      MD5

      84ae1e2966f66486f9da87cd7158482e

      SHA1

      50a22c92d59c7286bf64c495d70f7d3688ef7bd1

      SHA256

      f3a0ecd064ef9c3f083ede713052170044b9656f08db36f05e9fc5ea8aaed773

      SHA512

      c15d2411d5d7fd69626b5efbf56e92dece1cf0ad4d6908b1f5c3d19ae9e40c0d829260db9e5c4ee0d2524e4b1446d21aab686ebc3c175f03bf54851bc5394f58

      Download Submit

    • /data/data/com.niupintuan.youxuan/app_tbs/core_private/download_upload
      Filesize

      84B

      MD5

      3d4a018434dcda5c90d5c99a6e5fbc01

      SHA1

      665705fe449ab2afa23011aff80565134523088b

      SHA256

      e42006fd91764b47fea10ecc2b8c117412258194da8b81fba1df58cba7f3e657

      SHA512

      57904f0423374caa89a6c1678848af7117ccc07b7e5d29003bbfcc9b3479b5c6d458d1593650793631ba33c25fdd8345eaed9f0bed4e439a38ae4d55ed148754

      Download Submit

    • /data/data/com.niupintuan.youxuan/app_tbs/core_private/download_upload
      Filesize

      56B

      MD5

      8ba4d264f088bb51d5207dbc42a9c1a0

      SHA1

      e7dcfdcc93b5dbcc7224cf2bc9e2f788799a919b

      SHA256

      8dd837d81775991436ef9715ceeefebf8ed39bbc37e73473ca749500f5267b12

      SHA512

      37dec2c0645efe801684c60803fc5cbdef7ba53cdd2230bc61130a483cdf5d6e18a8109d43abe577e98a553d8e4cc79ad0adde1abdecee4ed387c8af87a0e6d1

      Download Submit

    • /data/data/com.niupintuan.youxuan/app_tbs/core_private/download_upload
      Filesize

      56B

      MD5

      f466cd36ac90044c2133218eddafb540

      SHA1

      6c285da1b082c228ef08e45efe34344ed7c39de2

      SHA256

      36b98b1c72b607abb1a33f694f351168176eae34400486d9df7320a55b07613d

      SHA512

      8f6b5b087c031370d01d715bb1c580e2c5b9e03e41a194d8cb16520ed4df56eb9de42ff384cbfcc8be8d3dad91136e39f1eea932dd9d5346485cfde9afce5259

      Download Submit

    • /data/data/com.niupintuan.youxuan/databases/zuji_v6
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.niupintuan.youxuan/databases/zuji_v6-journal
      Filesize

      512B

      MD5

      398c021cf270cf0513467218903aa0d2

      SHA1

      f8a5e0e3391a06e9b57bced4120bb4e3e7001a3f

      SHA256

      b48ae03d21c5cf0c9b5a8af61e790a54b7be5a180f7f32244a3020fb5301aa42

      SHA512

      5fa38001c730ea89af26dce4cc93aeccbca687ef785b4f5fae2f8d70fb63c1bcdeed7d96504192edc7ab5fa7e2bcc8e8ded3c9d471f4f977e71217eb5de12441

      Download Submit

    • /data/data/com.niupintuan.youxuan/databases/zuji_v6-shm
      Filesize

      32KB

      MD5

      bb7df04e1b0a2570657527a7e108ae23

      SHA1

      5188431849b4613152fd7bdba6a3ff0a4fd6424b

      SHA256

      c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

      SHA512

      768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

      Download Submit

    • /data/data/com.niupintuan.youxuan/databases/zuji_v6-wal
      Filesize

      36KB

      MD5

      5f57bd8e630c2c2ffc0a59eef41742bd

      SHA1

      c98112296d4a4a9451c426e42b1b3cc69dbff96f

      SHA256

      70540956dbdf0a0b6f53f22463afaa2dffe1bc7454f96a36c05826d629b69dbe

      SHA512

      1f2363e2c9df1187a30bfc56d641f9a742bc5d070997ce7743dc633e3da0fc951800f6af214d6549704028537079084ee5a7ccc7d44f511648f44c88a88ae2a5

      Download Submit

    • /data/data/com.niupintuan.youxuan/files/jpush_stat_cache_history.json
      Filesize

      174B

      MD5

      7295bad06b34ea24ca5871344378044b

      SHA1

      36e29660985545590ce804013fc711adef2fc2b9

      SHA256

      7c73305fbb6100b86f46b8a31f07f5e3c36059bd9d91992bcc2d2cd34f128456

      SHA512

      8dcea842c81fecebad418b15c143ee785a44308a743f12d0cfd1ac68c628def78a155e484c71fecff881dce0a2a08649a718ba525ec54cbb28181f5747bcea16

      Download Submit

    • /data/data/com.niupintuan.youxuan/files/jpush_stat_cache_history.json
      Filesize

      217B

      MD5

      b732d107c6ed3f6a7fa1170682d2485d

      SHA1

      3875b7ba5ce62dc899eb95e30bd327f3b878626d

      SHA256

      f7def078f407bb020967bd878fed3402c44a0ead36391dcf257194ad1782e79d

      SHA512

      eb9d7aae374fbc6a8c1a373b38178e564463e24558405abe49f36b84fb6420ff2db13c3a395db4091b63014e46d680b7e86fa8d3b472e280540d8f7b051087b0

      Download Submit

    • /storage/emulated/0/Android/data/com.niupintuan.youxuan/files/tbslog/tbslog.txt
      Filesize

      14KB

      MD5

      c09529d0c39411f24bae4c80baf18892

      SHA1

      7cdc9ccc116a92964dca9249f79abb6b8cb0ddcb

      SHA256

      9616347ca2ea247f3627152d0d2e820a527e4a578e48362bee5390cbce42d623

      SHA512

      20a1d3294a7a221e1ccd3986da8bbd3beefa314f04429897648518c0d9a4cb22d681a13fe0ea961f1279e93f94a0e628b08fc83639b725cea79d3c0610d61d29

      Download Submit

    • /storage/emulated/0/data/.push_deviceid
      Filesize

      32B

      MD5

      3583a8b06d60eb2c5fb380cbc4874066

      SHA1

      fcd8fa44a949bb1244ae4a11d1e37ab06bf24095

      SHA256

      35e8270a5c689ec6c0d2dedd014926e107c6a1a64509b43fc7873dc689d4b895

      SHA512

      97e5ad20771f8f9680be55cb02ae099af899b1a6e832d3ec2a985147b936a9ad7715d3f38aa83c3dd40e3924c80c283a91c3f711588e23e43f458aff43c9c458

      Download Submit