Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

b7e7d60901...18.apk

android-9-x86

7

b7e7d60901...18.apk

android-10-x64

7

b7e7d60901...18.apk

android-11-x64

7

Analysis

  • max time kernel
    64s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240611.1-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
  • submitted
    17/06/2024, 09:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b7e7d60901cc63f86c3cec1f7c1afdbe_JaffaCakes118.apk

  • Size

    2.3MB

  • MD5

    b7e7d60901cc63f86c3cec1f7c1afdbe

  • SHA1

    86294480d19189a09dd0a1bb22aaf5c0c043da2a

  • SHA256

    dcfb80c992482e311be51eb59f37e2cd64c90050ff6e8ba3b7e35d2ac952210b

  • SHA512

    5f2c56f6841b8b805cad175e619ca2152a9a546c57b493854576cf67f23b0daf2e1bcfe1af6ec9edbad29e3cd8c732cfa9590a474f6e50f2eb9430955729eb80

  • SSDEEP

    49152:BuKLFsUTPxqzcAuZzAnB/doYiJiPKHuyucEGiNkvOccknQ:BrsUjxsGyerWKHloN0Q

Score
7/10
bankerdiscovery

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Checks CPU information 2 TTPs 1 IoCs

Processes

  • com.xunyou.xunyoubao
    1⤵
    • Queries information about running processes on the device
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Checks CPU information
    PID:4498

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.xunyou.xunyoubao/databases/xunyoubao.db
    Filesize

    24KB

    MD5

    287a5a1c5528889b37e63f34eef61516

    SHA1

    f0690aa3edd3ed6017dbcee04b3475c2917866c8

    SHA256

    2052f64e29fb61d613eddb36b8d8c45e2b16b8a09b97241d93e3128006a0d9f9

    SHA512

    241ce138c7fcfbe997f8146e309869fa0f8ee8e06a3720a7187e2a12cdbdf1646b7ad85acaeddfafc01350de29034916a64f3dc8562eceff77a892736be42e3d

    Download Submit

  • /data/user/0/com.xunyou.xunyoubao/databases/xunyoubao.db-journal
    Filesize

    512B

    MD5

    3bdcf13a32599c2cc9b8c1e872ab9933

    SHA1

    e0a701c382252c375b23cf85e0ecec2c455c873b

    SHA256

    3cd6fd177f98746d803b44fcc0ed14fd5f9232e018cee193486e3b64316b8d95

    SHA512

    fddf966a4b5bc79e7bcc813bd98db601165bb3b036f769146b3ccbd8ca86ea5c4a55fa144a255eda41e0d002c5919616dd9329bcbfda7c9641ab070bcd5c7d80

    Download Submit

  • /data/user/0/com.xunyou.xunyoubao/databases/xunyoubao.db-journal
    Filesize

    8KB

    MD5

    e4c4deed6043bb23bd80a61ff708980b

    SHA1

    0bca925d5cf2d72452f39ab661a34adde35c6c3b

    SHA256

    831c1eeb6c0aa611865d931329b855da8908d611a6ed6a3e248c3af2975b5f1a

    SHA512

    c4f87f748fe788fdcfe1bdb60467f8693004c4fbf5f0cedc52343078329b90d4ea34ac7496bc261314cb87182d283ce2c3f98b29639e90fc32965a1f554ee849

    Download Submit

  • /data/user/0/com.xunyou.xunyoubao/databases/xunyoubao.db-journal
    Filesize

    4KB

    MD5

    49b8397631b1c9e990bac595f8adb5b4

    SHA1

    b32970dab6e30b1838a59411e0a410d7432d4827

    SHA256

    2fbac03ab7b6c130f85b1f3acfed390f05a10c8a5762a7b2f1387dfdd6c2bfaa

    SHA512

    c036bbdab6a74e6580ecd6694823f7db931f757a8563244617da263ed9f0ef48b869b9fb466083d94de629e9ab17ae4c6dacd4631fd175bf29e6b5a3afadb70b

    Download Submit

  • /data/user/0/com.xunyou.xunyoubao/databases/xunyoubao.db-journal
    Filesize

    8KB

    MD5

    2264d8892d779bad7ca3fc56071d3145

    SHA1

    2cce543b0f0f3278cc7671d2370601e8583e7db6

    SHA256

    4de4eda490366d923e482acaf137f6e14375bf17e5634f4ac1332bd65229216d

    SHA512

    f76801f1835d6a7a905d72267dd7ddeb61e634d2da8b110102f7da7bb73be7aa2e250c463d8985f974a636392becae8af515d0bf24594f5a06029f56cb884256

    Download Submit

  • /data/user/0/com.xunyou.xunyoubao/databases/xunyoubao.db-journal
    Filesize

    8KB

    MD5

    8fd97981e4c95796af3301fb4c8efebd

    SHA1

    53a96df94d5ab5d2c4c11fd9425c07d4f7471d23

    SHA256

    9c667de3556c9a268ece907e1d7d57ed9559b8fa5c1f79a526c38485f6c670ca

    SHA512

    355883f9cb815228f6da70b7b53e55a9901eb01d2743eed030a9c78689d5fcba7f2c275f9a5f1ee7471eaebd6626b9120f5d36a1d4c38d3a7649ce9787c46c35

    Download Submit

  • /data/user/0/com.xunyou.xunyoubao/files/mobclick_agent_sealed_com.xunyou.xunyoubao
    Filesize

    536B

    MD5

    11faabf46aba5cdf128986fbf55f93db

    SHA1

    39249add97f06e3a76b177d5b830500b845f03d5

    SHA256

    351890e9af57d6a2f65643d75beacf2b9ee98b733f738c5bd258c05fac56cab0

    SHA512

    527a2f6a46756565b4330ee521caadce3f8640df56dcce71c85dafcc2bdad0bb46bc288caa8787075b3614e9fd45cb130640cc588c933d2f63469dad84be56e3

    Download Submit

  • /data/user/0/com.xunyou.xunyoubao/files/umeng_it.cache
    Filesize

    148B

    MD5

    1f0db72ffbb6d486b6f1dc7dded46c84

    SHA1

    303025cd48b5ee4f4f90e992f3f73a2ae75e88ca

    SHA256

    ce39312b7efad43ec6c44489887b26ff9200254b8a8cd4653fe8d34f764e1e6c

    SHA512

    8023f3fa7a4e2617414e2304ab378a7788f10e436569d28a907ba8a7264f616516bdcf590b61ec77976436be3acb06b99fd8fe2ecdeac22ac11badc38e3a7d09

    Download Submit