Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    3s
  • max time network
    143s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    03/06/2024, 12:13 UTC

General

  • Target

    FHT.apk

  • Size

    146KB

  • MD5

    49c6108814c8f85656626162a6410666

  • SHA1

    0f876f5417bf44b15274457be51767afcd723940

  • SHA256

    3a91425f70a404ae70e1e7b3edc725296fd6a35c4d99499042b2a5199484f974

  • SHA512

    58cc4836399355e955f90c79e036a6ad4a1da419bbf4d2ddac7e8f9a595e92c137c8d787321dffb56cee2c2d3e6f694acd913604cd8bb10cf4ff506dc92485bf

  • SSDEEP

    1536:LjNu9N5EqXELsvkHvSn2wv6EjgJPQEbTdogvrJcxrPDRSDQPx+VIx:3EhLysvkHfLE8PQ6ogvNcxLDRSDQZ+O

Malware Config

Signatures

Processes

  • org.chromium.webapk.aad130ee8c100c93a_v2
    1⤵
    • Removes its main activity from the application launcher
    PID:4212

Network

  • flag-us
    DNS
    digitalassetlinks.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    digitalassetlinks.googleapis.com
    IN A
    Response
    digitalassetlinks.googleapis.com
    IN A
    142.250.187.234
    digitalassetlinks.googleapis.com
    IN A
    142.250.187.202
    digitalassetlinks.googleapis.com
    IN A
    172.217.16.234
    digitalassetlinks.googleapis.com
    IN A
    142.250.200.10
    digitalassetlinks.googleapis.com
    IN A
    142.250.200.42
    digitalassetlinks.googleapis.com
    IN A
    216.58.201.106
    digitalassetlinks.googleapis.com
    IN A
    216.58.204.74
    digitalassetlinks.googleapis.com
    IN A
    172.217.169.10
    digitalassetlinks.googleapis.com
    IN A
    142.250.180.10
    digitalassetlinks.googleapis.com
    IN A
    172.217.169.74
    digitalassetlinks.googleapis.com
    IN A
    216.58.212.234
    digitalassetlinks.googleapis.com
    IN A
    142.250.178.10
    digitalassetlinks.googleapis.com
    IN A
    216.58.212.202
    digitalassetlinks.googleapis.com
    IN A
    172.217.169.42
    digitalassetlinks.googleapis.com
    IN A
    142.250.179.234
    digitalassetlinks.googleapis.com
    IN A
    216.58.213.10
  • flag-us
    DNS
    federatedhermes.w2app.me
    Remote address:
    1.1.1.1:53
    Request
    federatedhermes.w2app.me
    IN A
    Response
    federatedhermes.w2app.me
    IN A
    104.21.30.120
    federatedhermes.w2app.me
    IN A
    172.67.172.229
  • flag-us
    DNS
    s.w2s.app
    Remote address:
    1.1.1.1:53
    Request
    s.w2s.app
    IN A
    Response
    s.w2s.app
    IN A
    104.21.88.139
    s.w2s.app
    IN A
    172.67.180.24
  • flag-us
    DNS
    safebrowsing.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    safebrowsing.googleapis.com
    IN A
    Response
    safebrowsing.googleapis.com
    IN A
    142.250.187.202
  • flag-us
    DNS
    federetodhaemesx.com
    Remote address:
    1.1.1.1:53
    Request
    federetodhaemesx.com
    IN A
    Response
    federetodhaemesx.com
    IN CNAME
    site.speedscdn.com
    site.speedscdn.com
    IN A
    104.18.21.48
    site.speedscdn.com
    IN A
    104.18.20.48
  • flag-us
    DNS
    static.w2.app
    Remote address:
    1.1.1.1:53
    Request
    static.w2.app
    IN A
    Response
    static.w2.app
    IN A
    172.67.25.105
    static.w2.app
    IN A
    104.22.29.157
    static.w2.app
    IN A
    104.22.28.157
  • flag-us
    DNS
    www.google.com
    Remote address:
    1.1.1.1:53
    Request
    www.google.com
    IN A
    Response
    www.google.com
    IN A
    142.250.187.228
  • flag-us
    DNS
    update.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    update.googleapis.com
    IN A
    Response
    update.googleapis.com
    IN A
    142.250.187.195
  • flag-us
    DNS
    rgmmxinfmxybw
    Remote address:
    1.1.1.1:53
    Request
    rgmmxinfmxybw
    IN A
    Response
  • flag-us
    DNS
    nhnbjkkmnc
    Remote address:
    1.1.1.1:53
    Request
    nhnbjkkmnc
    IN A
    Response
  • flag-us
    DNS
    mqnmuyvrgidue
    Remote address:
    1.1.1.1:53
    Request
    mqnmuyvrgidue
    IN A
    Response
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    142.250.187.206
  • 142.250.187.195:443
    tls
    145 B
    40 B
    1
    1
  • 142.250.187.234:443
    digitalassetlinks.googleapis.com
    tls
    2.6kB
    7.7kB
    17
    18
  • 104.21.30.120:443
    federatedhermes.w2app.me
    tls
    792 B
    5.9kB
    9
    9
  • 104.21.30.120:443
    federatedhermes.w2app.me
    tls
    4.0kB
    30.6kB
    50
    48
  • 142.250.187.202:443
    safebrowsing.googleapis.com
    tls
    6.0kB
    380.4kB
    98
    272
  • 104.21.88.139:443
    s.w2s.app
    tls
    1.3kB
    6.5kB
    12
    11
  • 104.18.21.48:443
    federetodhaemesx.com
    tls
    3.2kB
    80.4kB
    39
    75
  • 172.67.25.105:443
    static.w2.app
    tls
    1.7kB
    19.3kB
    18
    23
  • 142.250.187.228:443
    www.google.com
    tls
    1.4kB
    6.4kB
    13
    16
  • 142.250.187.195:443
    update.googleapis.com
    tls
    2.7kB
    8.0kB
    10
    14
  • 142.250.180.14:443
    tls, https
    858 B
    40 B
    1
    1
  • 142.250.180.14:443
    tls, https
    858 B
    40 B
    1
    1
  • 142.250.187.206:443
    android.apis.google.com
    tls
    5.6kB
    8.7kB
    16
    23
  • 224.0.0.251:5353
    3.7kB
    11
  • 1.1.1.1:53
    digitalassetlinks.googleapis.com
    dns
    78 B
    334 B
    1
    1

    DNS Request

    digitalassetlinks.googleapis.com

    DNS Response

    142.250.187.234
    142.250.187.202
    172.217.16.234
    142.250.200.10
    142.250.200.42
    216.58.201.106
    216.58.204.74
    172.217.169.10
    142.250.180.10
    172.217.169.74
    216.58.212.234
    142.250.178.10
    216.58.212.202
    172.217.169.42
    142.250.179.234
    216.58.213.10

  • 1.1.1.1:53
    federatedhermes.w2app.me
    dns
    70 B
    102 B
    1
    1

    DNS Request

    federatedhermes.w2app.me

    DNS Response

    104.21.30.120
    172.67.172.229

  • 1.1.1.1:53
    s.w2s.app
    dns
    55 B
    87 B
    1
    1

    DNS Request

    s.w2s.app

    DNS Response

    104.21.88.139
    172.67.180.24

  • 1.1.1.1:53
    safebrowsing.googleapis.com
    dns
    73 B
    89 B
    1
    1

    DNS Request

    safebrowsing.googleapis.com

    DNS Response

    142.250.187.202

  • 1.1.1.1:53
    federetodhaemesx.com
    dns
    66 B
    127 B
    1
    1

    DNS Request

    federetodhaemesx.com

    DNS Response

    104.18.21.48
    104.18.20.48

  • 1.1.1.1:53
    static.w2.app
    dns
    59 B
    107 B
    1
    1

    DNS Request

    static.w2.app

    DNS Response

    172.67.25.105
    104.22.29.157
    104.22.28.157

  • 1.1.1.1:53
    www.google.com
    dns
    60 B
    76 B
    1
    1

    DNS Request

    www.google.com

    DNS Response

    142.250.187.228

  • 1.1.1.1:53
    update.googleapis.com
    dns
    67 B
    83 B
    1
    1

    DNS Request

    update.googleapis.com

    DNS Response

    142.250.187.195

  • 1.1.1.1:53
    rgmmxinfmxybw
    dns
    59 B
    134 B
    1
    1

    DNS Request

    rgmmxinfmxybw

  • 1.1.1.1:53
    nhnbjkkmnc
    dns
    56 B
    131 B
    1
    1

    DNS Request

    nhnbjkkmnc

  • 1.1.1.1:53
    mqnmuyvrgidue
    dns
    59 B
    134 B
    1
    1

    DNS Request

    mqnmuyvrgidue

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
    109 B
    1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    142.250.187.206

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.