Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
177s -
max time network
168s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
16/06/2024, 04:30
Static task
static1
Behavioral task
behavioral1
Sample
Downloader.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
Downloader.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
Downloader.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
Downloader.apk
-
Size
3.2MB
-
MD5
b5187d166fc645959dbbfbf23c86cd20
-
SHA1
292da90e6d1f1795bb71774cf88fb8b7283b06b9
-
SHA256
da05ee4a4b58e491a1754c87bb1c5fbd9293d8eb767bcffa54c4ba08f560143f
-
SHA512
b50970c31d9e5a864590a38f4ec6a06f0038c0200edf0bd7a534ebe3448f19fa45c8cd635d17dc825f73bc5b02afacf397d77ce0a1b7a465b53bb19667d63c56
-
SSDEEP
49152:MATA3dFRt9dRo0dfaO/KnALHdvQvwk9TpP5Z16o7JKksTjpO6X82v28SEjoQiEtU:ZAfhdGV5ALBQZ/37Jmnga27EjV8sET
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.herocraft.game.treasuresofthedeep/files/2ce38a8f.dex 4767 com.herocraft.game.treasuresofthedeep -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.herocraft.game.treasuresofthedeep -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.herocraft.game.treasuresofthedeep -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground com.herocraft.game.treasuresofthedeep -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.herocraft.game.treasuresofthedeep -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.herocraft.game.treasuresofthedeep -
Reads information about phone network operator. 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.herocraft.game.treasuresofthedeep
Processes
-
com.herocraft.game.treasuresofthedeep1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries the mobile country code (MCC)
- Checks memory information
PID:4767
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.3MB
MD5927592bde2f5eb4826b5530b42ce1514
SHA1b81b4045976b04cd3bb0407433160cb7a866a6fa
SHA25677013e4cf3f4d1139bd9de60ae815104448ea16e753a7dfc84d0f6f92b04a0de
SHA512a721e494c1f0f3bdec8461f38ac00b7f791ca39b87ad4f5a053f22d30dc650a58f4160057f030d77b78e19193e78fe0c32407955474aacb96a30c8d63a5e83bd
-
Filesize
231B
MD5555cf2a35d92eddb0c62c1fc64049cd0
SHA13d9a15388f5970943f60aae26585f24f50fa37c6
SHA256e91ec5105e927bd4c2d3fa95fe94124a4a563ff839f0106b95b6dfdc65ef1bcd
SHA512599e23c67a30a6187a9fc419b9f517d25529422cdec785b4a2aea31ce6908bb0ac41a4a2d66445d7ab3ee22031da167454c970c7fa286d61c080a57c52d50217
-
Filesize
231B
MD594160a26526f0ed2cac281bf69e01b34
SHA194dfe23626695295083f6d37d7fb0992cccb953b
SHA25626f259399ae09efa64c11912d049ef63f017175caf961719bba7a8dcc8ae6114
SHA5126ddc1bd3d3b303fcc4565cf1ab8162a34966abc7f98178750e2c4ab54e9faf333f4dbf45adfc9c7b30eae0a2338004624d6e6d34ec7e792f7bb35e007b0bc87d
-
Filesize
730B
MD5d511aaef9d11b058df31dd4dcd2c89ef
SHA1e9b72b4c047498c0dc9465c4bb2449063f4f471e
SHA256946df6d7d651a9735370d1afbb27a803d38e264b9f9e2a2f52f5f59c944d30d0
SHA5124b299df6e1d857e95880a2cea308a86c204194f2755f261fab6d660d567a8de140743df1fabd1422fdc7bfe43d7bb073e1f15bd56558eb1bfb8de4a6afa3a0e5
-
Filesize
6.4MB
MD5a4e8d55e3c43288be8fc03ab0e705008
SHA1272baf3219a19a93d27ffcd5fbe091d5c8b324ed
SHA25688afa18aa2ca15a9bb8790e533e4e161a2ee8f1f6072f0cf94215ce6a9458864
SHA5120a4116eedd73ec81c186722416e84a0b3a6d746b6b0e2dfc5e1362975168e6c5e4561650329188853a3a590644852341cfedfc81accb2e5d428dfb8b72abd731