Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

2024061317...gn.apk

android-9-x86

4

2024061317...gn.apk

android-10-x64

4

2024061317...gn.apk

android-11-x64

1

Resubmissions

13/06/2024, 17:40 UTC

240613-v82gmsxdmc 6

13/06/2024, 17:16 UTC

240613-vtfavs1dql 6

Analysis

  • max time kernel
    126s
  • max time network
    180s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    13/06/2024, 17:40 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    20240613171454_app-aaaas12_sign.apk

  • Size

    10.4MB

  • MD5

    06b4bcc87b614912b132c97a6b96568c

  • SHA1

    e8696dbc5a32c6c5e3e3e8593951bfc32a7192f8

  • SHA256

    0214c54a56daded2233fdee3d192719902388a1ce660ca1263e6a0563f5f5282

  • SHA512

    0d5d146588841131d6e08ac791effb7d7647b57370d1da102924a20081a53c8a91c13f95d35aad403f815a67065cb650cd92c1d5ed571d19c440c6556c48c217

  • SSDEEP

    196608:GxcunZna03YaateJ9bJpX+aaF85RYmBePAEo7NroAr//ZJni7oHFVI1qLRi:Gx1I0oOTJt+ac85RYfPAEoBtr/hdJFBA

Score
4/10
persistence

Malware Config

Signatures

  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • com.vid.yogirbl
    1⤵
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4236

Network

  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    142.250.187.206
  • flag-us
    DNS
    indusincard.com
    Remote address:
    1.1.1.1:53
    Request
    indusincard.com
    IN A
    Response
    indusincard.com
    IN A
    89.117.157.196
  • flag-in
    POST
    https://indusincard.com/register
    Remote address:
    89.117.157.196:443
    Request
    POST /register HTTP/2.0
    host: indusincard.com
    content-type: application/x-www-form-urlencoded
    content-length: 154
    accept-encoding: gzip
    user-agent: okhttp/3.14.9
    Response
    HTTP/2.0 201
    x-powered-by: PHP/8.1.27
    cache-control: no-store, max-age=0, no-cache
    content-type: application/json; charset=UTF-8
    content-length: 63
    content-encoding: gzip
    vary: Accept-Encoding
    date: Thu, 13 Jun 2024 17:42:27 GMT
    server: LiteSpeed
    platform: hostinger
    content-security-policy: upgrade-insecure-requests
    alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
  • flag-in
    POST
    https://indusincard.com/register
    Remote address:
    89.117.157.196:443
    Request
    POST /register HTTP/2.0
    host: indusincard.com
    content-type: application/x-www-form-urlencoded
    content-length: 154
    accept-encoding: gzip
    user-agent: okhttp/3.14.9
    Response
    HTTP/2.0 500
    x-powered-by: PHP/8.1.27
    cache-control: no-store, max-age=0, no-cache
    content-type: text/html; charset=UTF-8
    content-length: 0
    date: Thu, 13 Jun 2024 17:42:41 GMT
    server: LiteSpeed
    platform: hostinger
    content-security-policy: upgrade-insecure-requests
  • 142.250.187.238:443
    tls, https
    858 B
     40 B
     1
    1
  • 142.250.187.206:443
    android.apis.google.com
    tls
    4.9kB
     8.7kB
     19
    20
  • 89.117.157.196:443
    https://indusincard.com/register
    tls, http2
    1.8kB
     5.8kB
     15
    16

    HTTP Request

    POST https://indusincard.com/register

    HTTP Response

    201

    HTTP Request

    POST https://indusincard.com/register

    HTTP Response

    500
  • 224.0.0.251:5353
    3.7kB
     11
  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    142.250.187.206

  • 1.1.1.1:53
    indusincard.com
    dns
    61 B
     77 B
     1
    1

    DNS Request

    indusincard.com

    DNS Response

    89.117.157.196

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.