Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

37df8015fb...18.apk

android-9-x86

7

37df8015fb...18.apk

android-10-x64

7

37df8015fb...18.apk

android-11-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    android_x64
  • resource
    android-x64-20240506-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
  • submitted
    12/05/2024, 02:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    37df8015fb7b4dc168855558642039aa_JaffaCakes118.apk

  • Size

    2.2MB

  • MD5

    37df8015fb7b4dc168855558642039aa

  • SHA1

    e9822f09f63c1f798fd6c5e2932d7a7ce211cb8f

  • SHA256

    c3227860688cf6aa5b5b97c50ab7d0a124ff84e07b9fdfaa62adde7f8ec58efc

  • SHA512

    984fd475fec3cf43215d5442e3c867868a2d071a479e8c730b3ce7f105fcfe017ae79d8f575b9f8cda46bc56d465ba19aa01ea35a303ed87cf3a612390d0ade0

  • SSDEEP

    49152:CRYqCoStcFF3pJgUxDZomznCwDyqn/68sJzB06G5pnQH:CRwcX3xamzCYn/DsJzBV

Score
7/10
collectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.yxxinglin.xzid694
    1⤵
    • Checks CPU information
    • Checks memory information
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Queries information about the current nearby Wi-Fi networks
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5059

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.yxxinglin.xzid694/databases/ua.db
    Filesize

    24KB

    MD5

    0701d5384801d249ea1900910c1129db

    SHA1

    a083232a4c469b9913b693e65956f724598df8a2

    SHA256

    b1403e187e271498db5238cabea5ac1138bf3620846f4ffc41e4f3ef60f743b5

    SHA512

    ff5d6b670e7394c2e82cc5b0a9057cd8eb25f32502d01cd12505f37ca8275111525d22097e6435d512c3618079cbfc704de85f3aaede3c607d140c642d005253

    Download Submit

  • /data/data/com.yxxinglin.xzid694/databases/ua.db
    Filesize

    36KB

    MD5

    b7036131b84bdf2b66c67fde18d62308

    SHA1

    18b1e5a358d68c846495cab5cfef7c6679659093

    SHA256

    c2c0bc8842203ccf1665dbb5b3333b22ae5a6ae3ef8eafe83e7f43adf32d0295

    SHA512

    256bc83e1a516a58f5d1d024d27dad3c26723df0f96e0deca6baac86d84518000212570b06996a14bcbeadff05fed05125862aba2d4aa08c15a6999563dac067

    Download Submit

  • /data/data/com.yxxinglin.xzid694/databases/ua.db-journal
    Filesize

    8KB

    MD5

    f93a1f3a81dc4fb89aca2bddf3ee877a

    SHA1

    ab1d3f71337fe5650d607ed0756e23560fd4b967

    SHA256

    64c8531034ed1e16eaa9f71d480264631780d43e864b40dec63ab96f0c9acde9

    SHA512

    2299254fd32dc3584ca3c8a932dfb1697ad13c52da7641a61b5305e0fb722381c7933043f4197d7741e5e96c641959512dff10f5588a9f7eb8e0b81c2e1dcb64

    Download Submit

  • /data/data/com.yxxinglin.xzid694/databases/ua.db-journal
    Filesize

    16KB

    MD5

    c3171e376a4ffe3bedfaa3af0acdad8b

    SHA1

    038cf99c08dd5bcca96d2169f17d54223f56104a

    SHA256

    67719c6e31f5d8e8ca785bdeb79b74b52ef2cdc3431d85274e8938fee267764d

    SHA512

    9730f0a2cbbbfcaa635efa661eb503caca6227346f5c6d09dcfe9652c210ab134fc07d9c1b6e1d9216a48585a7bcb5d7cff59fb1a388139e0d42a7252bc3d696

    Download Submit

  • /data/data/com.yxxinglin.xzid694/databases/ua.db-journal
    Filesize

    512B

    MD5

    96a88cd18c2aea669a7bd6b1720d0de7

    SHA1

    2070f6285c8284b27717f7606f116b2e9b20fde0

    SHA256

    24ea75d06089f2a8f5059d9ce4a59d3ba5a84c55c5d44a3e40a3511a6410a55d

    SHA512

    f0113a7d88bfcaf3f0af3023051c2eec159d02dc5b38f3a7fc1be0c05ba42747d66afd36c1062990caa8fc8d97e72e69df189dd9672ffeddf03fbd4b3626bc81

    Download Submit

  • /data/data/com.yxxinglin.xzid694/databases/ua.db-journal
    Filesize

    8KB

    MD5

    a681e0c00f471ffd0039b1f505761b6d

    SHA1

    a929b9207a246dc4eed01b0f1e4fd3bd3b88cc56

    SHA256

    db54ca9aed83eb000521dcb5c804b1bc2bda0405602ccab591f05b27f2145269

    SHA512

    eb4276c5575330bf4caec5d4a0c7af3edaf8b65b0d0dfba88d0544d105f63a58f93699f6b12fcd4f591593497beeea51efea44a98a22d6e23b5f1f35aa77a57a

    Download Submit

  • /data/data/com.yxxinglin.xzid694/files/.envelope/a==7.5.0&&1.0.0_1715482382573_envelope.log
    Filesize

    1KB

    MD5

    e6f21b1aca04a18aff6ed138b16bb349

    SHA1

    7d1e71943bc82b4fb21c59278cbe96d88ab47091

    SHA256

    97e61ba054fc7ddcfae94a8f70f3827912040a9ddc00ffa4ca14e7ab2f63b4f2

    SHA512

    131eb083b9f401528f117e7ac66137e1b1943ca6f4494fefea099bf11ed70bdd062132cc5d2dd80e8e035ed29b3f585486a7a67b2184eb8ebdc72b3dfe636f7d

    Download Submit

  • /data/data/com.yxxinglin.xzid694/files/.envelope/i==1.2.0&&1.0.0_1715482377847_envelope.log
    Filesize

    2KB

    MD5

    a8fc6660499d5cac2c0ae804f1aa9ee5

    SHA1

    c12f59aafb0ace941a795483ce63459a01e455c5

    SHA256

    07d761be7f1a22f5bbf8da6ec1f0fd04af4b7aace87c48554da8347b62b425fe

    SHA512

    c798cdc6917387b07b212973b1069a2407b7346523c1472ec66ae1b742746c564b8c61254263be420ccc6975cc57ef5b5cf7b2e2a4931b61e2be703a9347d3ad

    Download Submit

  • /data/data/com.yxxinglin.xzid694/files/.umeng/exchangeIdentity.json
    Filesize

    162B

    MD5

    8c779fedef1355279a43a95ec0557cbf

    SHA1

    46645b91e9023f04ef04acc2edfa556af2bdab81

    SHA256

    3997175291691ddd38ebf8f7fbe0ea31edaade4e267190db5d7f7201bed1c644

    SHA512

    3227d78e4727908df02adcf866c90e02b82f4485da4037bf6688f59c6adc9e2d1001c416e99814cbd70a584246f1dcdfaa03bf1ffafbfd61cd0bd12f62e3b3c5

    Download Submit

  • /data/data/com.yxxinglin.xzid694/files/exid.dat
    Filesize

    62B

    MD5

    dea092318ca7acce21a65ac85c9d2b11

    SHA1

    fc24ec3a8fbcb48a2e9141ba61da0fda5ef6d398

    SHA256

    425bf26238882f2523d92eaaf10e61134c6ab0f370bd688375765f6a23ecd946

    SHA512

    8649bf0d9a7949d46190edea839c2ce17ca4db1b7babaa22310386cfe92db83b0885815b0a6b8fd01254d1ad58f098a0089e068e1f67123fd38a72f635e45d18

    Download Submit

  • /data/data/com.yxxinglin.xzid694/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE1NDgyMzc3MDY2

    Filesize

    1KB

    MD5

    dc9b1ddab178af53373a9730f4fa1b1c

    SHA1

    c98c71824e08a6c8b1bc110d0b89847fceed14b0

    SHA256

    ee05f1bbbf48a694d478fb02077afd13dc7c86738c6985cd5e0b6cfc4ab9a672

    SHA512

    bff03bc32f50682f4c5d58a19bcd40833a329c646e04fbd5bebc5f1bec4f9832c222fdebcc5385e70da0b471507ea933a45e37d00ae6bf3733f7c3f9d3869258

    Download Submit

  • /data/data/com.yxxinglin.xzid694/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE1NDgyNDA3MzEy

    Filesize

    1KB

    MD5

    b9bd2d903309afc5910ee3b2bcb6a274

    SHA1

    25617e51cce64b55fcd1ef2d8c943e650e891243

    SHA256

    5d92ae433b595528dfbefe10b686a11d444dcbfce82fbe0c9452a71cb0e2f043

    SHA512

    859ac64f5d753613f093f9c53a94c055c809f2c763b201d84a7c4526d118b95f1f775ca03885bef02828ee162e9d4c36692c11e08723ab30443f065318a9a033

    Download Submit

  • /data/data/com.yxxinglin.xzid694/files/umeng_it.cache
    Filesize

    348B

    MD5

    03e931d89fe3f85d8060dbb2553547a9

    SHA1

    5865731ab07a321578df19dacd31b63a56ec1d08

    SHA256

    8b0198ee4f8b81fd64e2c7a7cf10eeb1a23e77cc2a0d50812a78bdad6cae1308

    SHA512

    d532d3155513e33c9eae6f0edb23c64bec454ff8964ff3195ab7b04910cf3f582da7ff7073103ec6a01b6f9f8781a08fa8d0fd4df75aa51a6ff000ffee8700d5

    Download Submit