Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

96f1bf8b95...18.apk

android-9-x86

7

96f1bf8b95...18.apk

android-10-x64

6

Analysis

  • max time kernel
    176s
  • max time network
    181s
  • platform
    android_x86
  • resource
    android-x86-arm-20240603-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
  • submitted
    05/06/2024, 01:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    96f1bf8b954af271ee2f83952a310d0b_JaffaCakes118.apk

  • Size

    30.7MB

  • MD5

    96f1bf8b954af271ee2f83952a310d0b

  • SHA1

    07fdd45c61c9707947599ba47d025d8d2a64e292

  • SHA256

    3441938ef791c9881ffd01f535333c18460a49dba15d9e234c28c112a7ac766d

  • SHA512

    aca22128a764f423289a19a06c69825da185e7cd15666dce067522d73832d34e79cd39078a559ec3a517971c6be875a4cf6b22e97482114ca3730d0d3c493982

  • SSDEEP

    786432:GJ1QwSc+079fmNNf73Ns7VB707Lhks94hym:GkwDbeT7W7X70C9ym

Score
7/10
bankerdiscoverypersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • com.gamespire.photonstrikemod
    1⤵
      PID:4284
    • com.gamespire.photonstrikemod:pushservice
      1⤵
      • Acquires the wake lock
      • Queries information about active data network
      • Registers a broadcast receiver at runtime (usually for listening for system events)
      PID:4314

    Network

    MITRE ATT&CK Mobile v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.gamespire.photonstrikemod/databases/pushsdk.db
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.gamespire.photonstrikemod/databases/pushsdk.db-journal
      Filesize

      512B

      MD5

      7caf3a15c7f1427349ace6bf154990e2

      SHA1

      ddf2b781af484558af1a3717821cc644b693b28d

      SHA256

      d819d8a8120ea180e5e5135889515e166814cf8fb5a4554709a9123428eaa2d4

      SHA512

      d383c386fb2c78a22116011777435788081d1b5dcf89ce7ce16b01889ba0741f7c3ee9d8d597240b3357ae8b1d43eabf5b9043f09a35df9122090ba6b5460df0

      Download Submit

    • /data/data/com.gamespire.photonstrikemod/databases/pushsdk.db-shm
      Filesize

      32KB

      MD5

      bb7df04e1b0a2570657527a7e108ae23

      SHA1

      5188431849b4613152fd7bdba6a3ff0a4fd6424b

      SHA256

      c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

      SHA512

      768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

      Download Submit

    • /data/data/com.gamespire.photonstrikemod/databases/pushsdk.db-wal
      Filesize

      185KB

      MD5

      d70023f136fad0570b8b4194bf5b0f42

      SHA1

      f1f91702ab638cefdaaaa00e8999725df36d9caa

      SHA256

      5f7134803999294b7eb4936a3f7f410aa4288fa50723afb0b905c091420eaf74

      SHA512

      f45d21434f32d0ba0570aecf0db6d097121a91abfa46221bbaf18a6ba627854ae01c807a2ffd3c77506e13a856f3018b4c5c790b5cc9d08ba77fb05af51e2c8e

      Download Submit