Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

Downloader.apk

android-9-x86

7

Downloader.apk

android-10-x64

7

Downloader.apk

android-11-x64

7

Analysis

  • max time kernel
    10s
  • max time network
    169s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    16/06/2024, 04:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Downloader.apk

  • Size

    3.2MB

  • MD5

    b5187d166fc645959dbbfbf23c86cd20

  • SHA1

    292da90e6d1f1795bb71774cf88fb8b7283b06b9

  • SHA256

    da05ee4a4b58e491a1754c87bb1c5fbd9293d8eb767bcffa54c4ba08f560143f

  • SHA512

    b50970c31d9e5a864590a38f4ec6a06f0038c0200edf0bd7a534ebe3448f19fa45c8cd635d17dc825f73bc5b02afacf397d77ce0a1b7a465b53bb19667d63c56

  • SSDEEP

    49152:MATA3dFRt9dRo0dfaO/KnALHdvQvwk9TpP5Z16o7JKksTjpO6X82v28SEjoQiEtU:ZAfhdGV5ALBQZ/37Jmnga27EjV8sET

Score
7/10
discoveryevasion

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery

Processes

  • com.herocraft.game.treasuresofthedeep
    1⤵
    • Loads dropped Dex/Jar
    • Acquires the wake lock
    • Queries information about active data network
    PID:4292
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.herocraft.game.treasuresofthedeep/files/2ce38a8f.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.herocraft.game.treasuresofthedeep/files/oat/x86/2ce38a8f.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4318

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.herocraft.game.treasuresofthedeep/files/2ce38a8f.dex
    Filesize

    2.3MB

    MD5

    927592bde2f5eb4826b5530b42ce1514

    SHA1

    b81b4045976b04cd3bb0407433160cb7a866a6fa

    SHA256

    77013e4cf3f4d1139bd9de60ae815104448ea16e753a7dfc84d0f6f92b04a0de

    SHA512

    a721e494c1f0f3bdec8461f38ac00b7f791ca39b87ad4f5a053f22d30dc650a58f4160057f030d77b78e19193e78fe0c32407955474aacb96a30c8d63a5e83bd

    Download Submit

  • /data/user/0/com.herocraft.game.treasuresofthedeep/files/2ce38a8f.dex
    Filesize

    6.4MB

    MD5

    a4e8d55e3c43288be8fc03ab0e705008

    SHA1

    272baf3219a19a93d27ffcd5fbe091d5c8b324ed

    SHA256

    88afa18aa2ca15a9bb8790e533e4e161a2ee8f1f6072f0cf94215ce6a9458864

    SHA512

    0a4116eedd73ec81c186722416e84a0b3a6d746b6b0e2dfc5e1362975168e6c5e4561650329188853a3a590644852341cfedfc81accb2e5d428dfb8b72abd731

    Download Submit