Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
64e1587252c...18.apk
android-9-x86
7stasdk_core.apk
android-9-x86
7stasdk_core.apk
android-10-x64
7stasdk_core.apk
android-11-x64
7bdxadsdk.apk
android-9-x86
bdxadsdk.apk
android-10-x64
bdxadsdk.apk
android-11-x64
gdtadv2.apk
android-9-x86
gdtadv2.apk
android-10-x64
gdtadv2.apk
android-11-x64
Analysis
-
max time kernel
179s -
max time network
174s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
17/05/2024, 02:43
Static task
static1
Behavioral task
behavioral1
Sample
4e1587252cb904720fc26af46b201741_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
stasdk_core.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
stasdk_core.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral4
Sample
stasdk_core.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral5
Sample
bdxadsdk.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral6
Sample
bdxadsdk.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral7
Sample
bdxadsdk.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral8
Sample
gdtadv2.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral9
Sample
gdtadv2.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral10
Sample
gdtadv2.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
stasdk_core.apk
-
Size
868KB
-
MD5
548a355e9ab43cc847930638ec1bdee2
-
SHA1
8e8d50b35d5059f91fe65d6829ff5dcad50aaa95
-
SHA256
bfb26b7f54e142193e59a4f7bc9b796c3d745cbe02cbbb670af417cec2d1e044
-
SHA512
6a7f1da871115347a90fe4c0cc6851239e4b96cb128a202c658b914f1036bd7dd7aae17d041b8a025c2645595972957b044eb5aa3d83f9852c8f0ccba4a0f46e
-
SSDEEP
24576:+zNimmnQFNSxDWoDNMWaY3Axlb6d6ZX93:kL+QF4N1aYKAeXB
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.muzhiwan.stacore/app_e_qq_com_plugin/gdt_plugin.jar 4535 com.muzhiwan.stacore -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.muzhiwan.stacore -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.muzhiwan.stacore -
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
description ioc Process Framework service call android.net.wifi.IWifiManager.getScanResults com.muzhiwan.stacore -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.muzhiwan.stacore -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.muzhiwan.stacore
Processes
-
com.muzhiwan.stacore1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4535
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
142KB
MD5f0b930680aa93a62bb77d1916e64a3d7
SHA1fc30b5641b8d32e4efeaf409d07a4d520a95a6da
SHA2568f109682334d43d811c7d56620c5eb30c9bc1a89f3f36b91232aeb142a6f6ba7
SHA5122a503f3aefd5ed8634dbc85cd952d10625e4bc18badc0661c7cfcc3345cfb43ba1e153d9fb264703e4cf0d6c40ac601942e841b9537125072f884c283adb5b99
-
Filesize
336KB
MD5798f10a662a4848ed33d16790c751355
SHA14198fc8cb89d53e338c2bf12122cb4f53183513c
SHA2566f52b12d38067a97b22917660e919d36232b409c1505dee37233cf7bdcc12eea
SHA51270beba592750c2d9ebda28b13378a82b2ff7d0e39d0caff0529d8e3ae7c23eb3b243ecd82bc132b1c12b354e8b171e589bdd846b169e955607e11a87c362957a
-
Filesize
180B
MD5b23a77c1c0b865c67e4fd0ca80eb41d1
SHA1e290e2dde37e0e2f6b1274f0a69ac4ed0d26af37
SHA256142c0b3bab77907907546d3f17089585f1086f7d9711bef8cca9175ea659e26f
SHA512b93447f22e7bc98a663e3c9f7a8a76cc1c462ca6288deca746256154d61ac58cd54cac199e3462a33ccfce1c43f3ff6a93b15dbf7e1fd0421632044b29213707
-
Filesize
4B
MD5dce7c4174ce9323904a934a486c41288
SHA1e117797422d35ce52f036963c7e9603e9955b5c7
SHA2560c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f
SHA512d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143
-
Filesize
1B
MD50bcef9c45bd8a48eda1b26eb0c61c869
SHA14345cb1fa27885a8fbfe7c0c830a592cc76a552b
SHA256bbf3f11cb5b43e700273a78d12de55e4a7eab741ed2abf13787a4d2dc832b8ec
SHA51291972aa34055bca20ddb643b9f817a547e5d4ad49b7ff16a7f828a8d72c4cb4a5679cff4da00f9fb6b2833de7eb3480b3b4a7c7c7b85a39028de55acaf2d8812
-
Filesize
24KB
MD5d9546e7529040098de5b03ef296970a1
SHA17781f0f230dc2bd574bbea97194d0033431d350e
SHA256585184ebd52cf769be667e0b871dd9324197f21e37152fbd5fe1cefa5f523ccf
SHA512acf1935480b8b99c231fff1b1de32b7456094853cdf0d7819c57302100d608ae884bc2d44ad3ef3ff8c2cbf2d4d66ec8d77827e6c9605ebda1f31cfc522b542a
-
Filesize
512B
MD502392bb6879ac47c8beb0070c428f6a8
SHA1d9a5876ae04ede4b073676d9bc2ca2d2e722a381
SHA2562b662b56cd3109b41c416f4a63a50bd8578386f61a5391ef4d203222ee16023e
SHA5123e1b514d36ed1f63a76809dc6bce13a8742c7f681c0ff083b6eaec57141e815b3763ccd391b48706daa1e67b9e9e03d32006d85b097f1d9b7414c1f0aeb53c6f
-
Filesize
8KB
MD5c1bb6214b9641d1cb3206d7423df22db
SHA11c06517846e9943cc9d646915832ef5267ad7be7
SHA256bb6a4af76b3047b3d549360dd8afc2ab0c42467bef0e95c53b05cbb782acccad
SHA5120bd50ae62738e6b36e51fe15cbb6bc9a58067a529a39b9c2ee036a0cd9a5def1a8d1ded4cee4317174a6f737f70e2b3aa20e70bb13f33ba0840c6b0efb39ecd5
-
Filesize
8KB
MD59ca59abba891b63ecd9aede07ef509b9
SHA1b844bf66083c814417923221f3f053accfe0c42e
SHA256a4955fb6f53ce016dddd2414d4ed38a8d34ab435a39430fd847989f10f6bde5b
SHA512849fc136c05eeafaea657e0beb2589c990414929e57376057adfa2a89d12f70574fe9526559f518d00953e41f13511cbcbd830619ca159cfd940b36cfb96637a
-
Filesize
36B
MD5897328fb44e088e5a1641ab942433022
SHA1527dab75a40f1ffad7207caba07d0caa96b54bee
SHA256ede8eee679bf4c1e47911f566a258e58058b353980ec3c67261749122132f423
SHA51256c7dad3c0ba8ace274722517bcbc965b004a641d7fcff1ada9c02545c0be0c975a116b24a531a237248aa682bb27ae0aceaf658dd15bf76e7054c62a77bb70e
-
Filesize
17B
MD50f607264fc6318a92b9e13c65db7cd3c
SHA1c1976429369bfe063ed8b3409db7c7e7d87196d9
SHA256c248c629af1fe0a8c46b95668064c1d2952a9e91d207bc0cc3c5d584c2f7553a
SHA5129dbd40b135b46c7be31b8c7d11c75b0b179af3a6550fca52ec447583aeb50aaaedb4b1e9373cf8826615149549a2efaee04efdc9a282e3a6b387c73099c13fb1