Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

5815a29e5f...8a.apk

android-9-x86

8

5815a29e5f...8a.apk

android-10-x64

8

5815a29e5f...8a.apk

android-11-x64

8

Analysis

  • max time kernel
    153s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    17/05/2024, 18:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5815a29e5fc062840f4bc9620a8b618a.apk

  • Size

    3.9MB

  • MD5

    5815a29e5fc062840f4bc9620a8b618a

  • SHA1

    8ddf03b7b7e130113b4685ccfa80ba790ba5f847

  • SHA256

    cbbbd1a3eae287286ca6d28628d98c78c971964aa4a725c094a2f6ebf1061edc

  • SHA512

    3a85344642b91462e6248108dd6fed59f0ea1a7ee222e2d720d79febe4828fc826d3b46d319eb11c1029c6a2e8541b4d608cf1f31db8e7c215015ced2317be89

  • SSDEEP

    98304:EikNJQQyLRdnrTPIUL4VfSytWvlNMxNRcXpJ0ADxnIC:jkNS9LPvPDkBelNAcZJPn1

Score
8/10
discoveryevasionpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Checks the presence of a debugger
    evasion

Processes

  • com.coronavirus.info
    1⤵
    • Checks if the Android device is rooted.
    • Checks memory information
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Acquires the wake lock
    • Checks if the internet connection is available
    PID:4317

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.coronavirus.info/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    ac9fe9edd318599908646dc3693a15d5

    SHA1

    1aad91480bf822ce54d07f3ce078989c42d7467e

    SHA256

    a2843f9fdea755d34b8f1ff3477db483bb602f071377ac9d06252425e65204ed

    SHA512

    d65ffbf432b0fb79ddd8d742b5b30cee96f09325e748d9fb0e4762e06320b153059aa05f952a57883a305b4675095e78dd386e4c21be4dd53bcbc3c3a113899c

    Download Submit

  • /data/data/com.coronavirus.info/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    7237409e0640cfab7bdbd429bf821a3b

    SHA1

    4c3da934842f8d4835dfe2a9c275a300e5123309

    SHA256

    5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

    SHA512

    c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

    Download Submit

  • /data/data/com.coronavirus.info/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    cbe174e04ee577a7625e6cf6370be508

    SHA1

    4283dffdbde2e75af4046a22271dbb6b145d9ba3

    SHA256

    04020f4b6fece5cb146397503cf92767968ef8a39a29d766ea7392b7eef31bdd

    SHA512

    004ebca3eb97fc19829b8dc8fe711aafb3d37a36184860a0eb877913e0efb7254d3ee5f4e0386bedc6b243db52597b2d823f830c3399ffa8c1bb31993e6aeb81

    Download Submit

  • /data/data/com.coronavirus.info/databases/google_app_measurement_local.db-journal
    Filesize

    512B

    MD5

    c43765ea0173b2ec5f66be59f959ee5f

    SHA1

    2acf62df1e91018d54019737e4edd438cbb5a4af

    SHA256

    188d6602d564913abc2b0f0700aa59ae524fc0ba9da70f8f2c9f9a4d84cc70ff

    SHA512

    8dfda9c8b3fa501ab3bacea230069e375c3c8d5737c60e9ccb746fd8ee88b9ed6061c9588d9d5b7862594cd1566803025b33fac7f13f52d6e5e2f60d7c9bfe91

    Download Submit

  • /data/data/com.coronavirus.info/databases/google_app_measurement_local.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.coronavirus.info/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    29fcbf0a7a1a2536e0ac27e85a4044b6

    SHA1

    564321bdae12261905a97ea786ffe364f98407c6

    SHA256

    d72e097b5a7dc49eeb095efa296332bb90faee657bb1456d6490d06004611ee6

    SHA512

    68ef3be5d9afc657b130380a04c1811a5f237148f45baf38330d74380ce1ee1df3bdc58f8c8cd74a5d341197b65d18f3b264eb00c43afbdb88407c355ac8a95e

    Download Submit

  • /data/data/com.coronavirus.info/databases/google_app_measurement_local.db-wal
    Filesize

    36KB

    MD5

    5be6c878db1f1d8e13abdf81b14eaddc

    SHA1

    027ee34f6f6b160825dcc015bc2e04298880f6c1

    SHA256

    ff7296080c855809fdfb2c327cc79b996d79d38a5b8e683616900081e9f8273c

    SHA512

    6cee2de9d5a54c7d9ec2d393ab27b38fd0af07b5a6f0e8fdb7dfb9a18aca26a725fa7573ebba745c5408dd5f43b1c35241c2f921d310dac69b9caa3d8a1dc5fb

    Download Submit

  • /data/data/com.coronavirus.info/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    e1f120b2e6de4aba1149b1a15e4c475a

    SHA1

    ae70ae8285ccfa9716a2188239250975b1232d20

    SHA256

    8d7ed2f738fef500b19f98d62abe501556e5cfba413992b5265e2f919f8b8e08

    SHA512

    5cf42ebc3397caa31fe0d5b2ea927c817935d8a1fa4ab58cdbdc5605c4975632bf0cc4a3c1fe090e1a4d0583039c93ac12d8ae53c6949f7fbc38debb80279f75

    Download Submit

  • /data/data/com.coronavirus.info/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6647A797036A-0001-10DD-B4B078045D14BeginSession.cls_temp
    Filesize

    77B

    MD5

    07390fc8364c3cda6c5854357f7b3927

    SHA1

    55828e7c54dd06e000f84392033c65242d389f9c

    SHA256

    e24485d7ac91f4a558ffcc4f988a250f38c3aa621660e4aae796e3d4d327691e

    SHA512

    c6be7cc1923074e55efc76136d23818f0c4a7ba6a7c5dcb44e6eb842e94f4b8f4552c9015ff9a26e103b7ddbd24a25d12c03dbf18ac8cb04b0de5beebbbb9dcd

    Download Submit

  • /data/data/com.coronavirus.info/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6647A797036A-0001-10DD-B4B078045D14BeginSession.json
    Filesize

    132B

    MD5

    cf57c5a17d26c53436c553d1c5b2645c

    SHA1

    fe2fc8ed340711e85d6f17cb6e34a246bb73f8d2

    SHA256

    ee33502ed50ebfa1a84438c2e0b55df355f02df11c692da92209a64475a4ff96

    SHA512

    59a484e561f837d45ccafab254f290473bde82fba87dedbbe46a2bd39943af086e64c2ee16eba3048f5b177c5d03e95456fc8f2e34e72481f862c2818bc81ce9

    Download Submit

  • /data/data/com.coronavirus.info/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6647A797036A-0001-10DD-B4B078045D14SessionApp.cls_temp
    Filesize

    112B

    MD5

    2e8f545e937c73d0e2daa08ba33f9e6f

    SHA1

    706e6bd9eee44c9eff6a3185384caf1158a590b7

    SHA256

    70ad2bfd123d6451cbc3d07c15a7e02e868d1909ded261d6657bc371015fa822

    SHA512

    ca660469a2e5eb9e16f1aa9eef71c33c37e5712f743e37baf277238517e241cfdde8bd0d33151c7fffe84ef3aae76485e5ce1bf70730a155ec3ee745850f7a72

    Download Submit

  • /data/data/com.coronavirus.info/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6647A797036A-0001-10DD-B4B078045D14SessionApp.json
    Filesize

    226B

    MD5

    adc9fce401e6138b6dc2c79954436c4d

    SHA1

    a33f9adfe433459eb22efbddeb142a1443959675

    SHA256

    0fe96ec3141216a15bd1e46cee85ba20bd403172b52f7edac2fdded93dbfed30

    SHA512

    858ecbde75f414d89ee01694fd4b20e561817769b183f722d603862b77e6be9daa5f566c8057af5bf37d07c509d244a399c2be39a75581e211bfcdae5ee87bb0

    Download Submit

  • /data/data/com.coronavirus.info/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6647A797036A-0001-10DD-B4B078045D14SessionDevice.cls_temp
    Filesize

    48B

    MD5

    cf9cb0612d588a1f71b63084cea67316

    SHA1

    3d035bb92fd3f8997160cf8025c40239af74d3ca

    SHA256

    0d37c5a64baf86735501f9044eeb926b3d46548cdcf67c2cd1f773df36624ac9

    SHA512

    70f000233e181e3b7c6fcf07aa04fdb570f970335837f8d1c4680a9f78af9f9e17c73a0a5646770f7a8787e338899edc4a5197b023865a4da894b1aca12bf600

    Download Submit

  • /data/data/com.coronavirus.info/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6647A797036A-0001-10DD-B4B078045D14SessionDevice.json
    Filesize

    202B

    MD5

    75db92d50c80a89e068550028c62acec

    SHA1

    d78ea55f5dc682e4da456d26383249f608fe894f

    SHA256

    1dfc488309883b61beb3462567a9befeaf36bb475a07a7ecef2be60bedb4b5a2

    SHA512

    dbb81daa5fab357f087dc295e7861444f945eb4c3883a09926b47312ce526bc069266a8a24b2a5b4921fb13e797696c5824195f0a79317e279ccf7855ca2ee13

    Download Submit

  • /data/data/com.coronavirus.info/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6647A797036A-0001-10DD-B4B078045D14SessionOS.cls_temp
    Filesize

    14B

    MD5

    9b3d4522944ce6396563812bfdb92fa9

    SHA1

    6d2a6133c8f01938a48ccc77ef86ad8ca335c020

    SHA256

    d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

    SHA512

    091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

    Download Submit

  • /data/data/com.coronavirus.info/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6647A797036A-0001-10DD-B4B078045D14SessionOS.json
    Filesize

    54B

    MD5

    93023624eb8dff5c20050da136aaae0a

    SHA1

    acfd1ffed752c28fb135ba83c0c6345ddf2f6995

    SHA256

    968bcd7c4f1abed89a09cc0e6dadd238a81e8655e64196b39a86be49ceecd39c

    SHA512

    bb25dfa144d3f0e17203936c503c5fedec5f9ca710e177f99e273010ba4a682199d4bda5684151d65f3cb1549f4611b3a645ce39646d3db9a1b2c17d6b160579

    Download Submit

  • /data/data/com.coronavirus.info/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
    Filesize

    398B

    MD5

    d1799c7460ad945717a4fec4a5812f8e

    SHA1

    ef4c20a3d207d5603dbae87321359e0f5d276d87

    SHA256

    23d33ea6a26827c95081095f77745fc80340ccb86b1dbbccce820ad22fe2ced0

    SHA512

    ef3d7aaea84bab7e983590a8500ae1cce04dd3a8d94a13b4c1e69c90af11c8b6f3b5da48a4b882131d967f69f92ca6f7917a90450ace31b8d8de719db5e246e5

    Download Submit

  • /data/data/com.coronavirus.info/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

    Download Submit

  • /data/data/com.coronavirus.info/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_5457b8b9-ce74-4bad-b908-03a82b920398_1715972012601.tap
    Filesize

    319B

    MD5

    cc4030d77d1783a66b3d19e227bee22d

    SHA1

    d497a5191fe746d08e24369186c9b902d1ae4b62

    SHA256

    472db4710362438c4a32338f4ed53247e11a7d8d5cf4fb32594e9728523b94ee

    SHA512

    490a30059a15c5f8ae9c3da0a2818e6da5c1138daf81d50b468bffe87bd42af4d4cd60940f83ca4813d63a3c43399af0697a058f68d38af64ce55794b591889a

    Download Submit

  • /data/data/com.coronavirus.info/no_backup/com.google.InstanceId.properties
    Filesize

    2KB

    MD5

    bd5eaf159e59a0a8cfdede7dca3bd151

    SHA1

    4dcce5025eb086d3c725de145e96444124ec1b61

    SHA256

    1f37de6c24c4f401a63f7e948df417629b6b51f1eef5579d3164e4785f8bec7c

    SHA512

    77e19612f324eb21e3abcbd19fc7084c7271c88d99540a7300e7a87ae15c55446dae81a755b58a410df05f4dd860ecbbf5f7bc589021c130aa5995d94c80dd4e

    Download Submit