Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

7db89b7e27...84.apk

android-9-x86

8

7db89b7e27...84.apk

android-10-x64

8

7db89b7e27...84.apk

android-11-x64

8

Analysis

  • max time kernel
    168s
  • max time network
    189s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    02/08/2024, 02:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7db89b7e27a63e209b3c396626a627bdc67ed5104a73be96b9fc6e559eb6ce84.apk

  • Size

    6.8MB

  • MD5

    1e64eff544bffee632f02830a8b176bd

  • SHA1

    6820b9ce37c29871ef50c28d0790ee2c57df82cd

  • SHA256

    7db89b7e27a63e209b3c396626a627bdc67ed5104a73be96b9fc6e559eb6ce84

  • SHA512

    36b932abea2a0826f873d67835db78afc8d3d9d446ac285f69d2e2aba05ec5d28cafaeae3f870e57eac965c49b9b3e8a2136a299a4b5f3be84283cd0581614b9

  • SSDEEP

    196608:4Kk+Ibp3avNs0Ki0LsehuOFv+rxK8w3Te16nU46xKBB:ar38Ns0YLXVFvCxw3y16nh

Score
8/10
collectioncredential_accessdiscoveryevasionpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Reads the contacts stored on the device. 1 TTPs 1 IoCs
    collection
  • Acquires the wake lock 1 IoCs
  • Declares services with permission to bind to the system 3 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Requests dangerous framework permissions 8 IoCs
  • Checks the presence of a debugger
    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • com.ary.Configuration
    1⤵
    • Checks if the Android device is rooted.
    • Makes use of the framework's Accessibility service
    • Queries information about running processes on the device
    • Reads the contacts stored on the device.
    • Acquires the wake lock
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4268

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.ary.Configuration/cache/volley/-15765807901702283088
    Filesize

    865B

    MD5

    47c5270ba6bcbe5d8a6888d0aaedf9ab

    SHA1

    42c6d19b76f61a8ff2e7809258112a417d2dcb3e

    SHA256

    5130e4f6f8a9511049d1f855a546afecc385cc4e02e2c52778678d5bf19940ba

    SHA512

    e693f9ff8d40a4067f4488d9f929d08b359fe22feaa548f8278bc7f7f6683fed97b54cf438ab8e68b5faf2478f5c041bde02b7dd1c868b008a4d616db179cfbc

    Download Submit

  • /data/data/com.ary.Configuration/cache/volley/-15765807901702283088
    Filesize

    646B

    MD5

    e091c90a5c01989792833edb873124d7

    SHA1

    787e22d64011e1edf72c0e75c5833e36abda03d4

    SHA256

    15e5a35b4896f214289eb1be3b3699b7e431b87c41007d732c8e95baeb5f6dfb

    SHA512

    4cf8707e5161ca44ef19fc409669b05cd78eb414f97bcd3ca42cb00adb690318a3f1d3887dc15c36b4d295778149756c8a9ce49b702d7f5e59c738c58e5e5662

    Download Submit

  • /data/data/com.ary.Configuration/cache/volley/-15765807901702283088
    Filesize

    645B

    MD5

    f56a856d16b53f8628a2c2b3fa7b38c4

    SHA1

    43e3197a2a4edc1e3c969a67e66d12c2876dd96b

    SHA256

    4c1de588f4db51303ebd5c3020f269c2d48837f75d2062dd64a27045a5c4ee2f

    SHA512

    ffd8b97525f213c2ce39b55855e3f35fb0975b2b1a0e93036b10e819e5b1691175b025a2100da745256b35a72bf52eefab2bc5b94d904a4aa8edd9e2c90469a5

    Download Submit

  • /data/data/com.ary.Configuration/cache/volley/-15765807901702283088
    Filesize

    645B

    MD5

    e86667984d66bb21e61d628a84ae2882

    SHA1

    168086faa8645d35ccf5a492cddac78c6e57f972

    SHA256

    659ad0b74b33db08ff0b466b2717cdb0954d0f8625252dc388b39391ab052598

    SHA512

    75437aedf356e5e1c8175859843058ebd2f6ba5da20727e78247f2bc2c7f79ff2e60deb43a215dfba6efa9dfea8c7aba6cf783ce3159b321fd309d43bca97ef8

    Download Submit

  • /data/data/com.ary.Configuration/cache/volley/-15765807901702283088
    Filesize

    627B

    MD5

    8fc10616bb4ed8996d1735a92ccc1cb4

    SHA1

    b07567c87f3263c9adaa7c93ca169f5826c81b32

    SHA256

    f43723e45a1d5ed68ad5e9c8eafde56c9b269c14f870d7a51e3df490a8741064

    SHA512

    bd17c94cfc56c644ac713951eb5ad8d3ed2be1318b0ae2b0b1fb80b324e8e3878c88ad8d81e8d52af3aeb48ed3bbd187e57a51562ff1e9df4b194608ef6f6f0d

    Download Submit

  • /data/data/com.ary.Configuration/cache/volley/-15765807901702283088
    Filesize

    684B

    MD5

    8386df387a00b7a1a9d65131737ff566

    SHA1

    01fd5bd2dd75349c48bf8b32e4f3f166227ac0ea

    SHA256

    ee84ab0de48cf18ab3ed374ab4d2ee18c03dde8adacb15dbf75b88a53fbbb956

    SHA512

    32ef8fcb21a8fb9cd776485ef1dbc76b586937c4b77664763acc97e3e8708720d26de16d9b41b101c9cd2c718b3d3f8bd6b1cce402947272751782a38d87c816

    Download Submit

  • /data/data/com.ary.Configuration/databases/com.google.android.datatransport.events
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.ary.Configuration/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    e0f24b7568ce763d45595f3b6036da55

    SHA1

    67a040707a9371cbc7353cdbb1d0ba1d148001af

    SHA256

    95045b0c7d6244e28578e5a63a33f80a1714cc45ef2ef82dcd15bc51eb02a7a5

    SHA512

    9a8dae5239591fbc17e11f41a4778933350b44b6a7fc3c6add1433ae826e5eadb99ae2a8e2f4ea68c8fe3faac4a3f28a11301dd7fa41ac96d6bb73591303da63

    Download Submit

  • /data/data/com.ary.Configuration/databases/com.google.android.datatransport.events-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.ary.Configuration/databases/com.google.android.datatransport.events-wal
    Filesize

    68KB

    MD5

    094c8884594047df00e762b2c9b4edda

    SHA1

    53c1df8487ee02d84428b1e33a789662d24d2a15

    SHA256

    82500088ea4f7bf21ab3a2b1e79040ec3d41775ca51ec9c77776661fc5b1e490

    SHA512

    db441b62439c98bcb82b2eaf8727700414f4cdebfd1744980cceef797ecbd3fc342d1a1bd239441dc5b0e053e80dc4401f482792e0eadabda03024ef82b74381

    Download Submit

  • /data/data/com.ary.Configuration/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    7237409e0640cfab7bdbd429bf821a3b

    SHA1

    4c3da934842f8d4835dfe2a9c275a300e5123309

    SHA256

    5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

    SHA512

    c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

    Download Submit

  • /data/data/com.ary.Configuration/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    a779cfd82413d1af6e26f62b176af475

    SHA1

    aec28c7d11fb13de692d617aeadf7cb2f99b4295

    SHA256

    6926285ef30e6fec0e890f5115c6b0dd9a544f96ba29f30d33fd2705792b7012

    SHA512

    92e304f6cf8e46aadf6fe6ae0c6ecf1a742622959d6025839c52d4c15c55ecddc773dcf05dbab60f6fd427e9c941c0137211ba02724526059962186bac0c3f60

    Download Submit

  • /data/data/com.ary.Configuration/databases/google_app_measurement_local.db-journal
    Filesize

    512B

    MD5

    91b081a979c647b3ec7fa7307b2401de

    SHA1

    15233f50a8af060e68b46b8c1a5421278de98894

    SHA256

    d45f2cb5773df87f9dcf6f669f11335cac8b548e466f157d85bf9d5bcccbdec4

    SHA512

    04a53d0e832779f45b02048b3f9c003e66f14d761f20b2cae16e5a07c10571efb93708926684098da12e412dd773cb8d971368499e9cea5beab9033bb052a352

    Download Submit

  • /data/data/com.ary.Configuration/databases/google_app_measurement_local.db-wal
    Filesize

    36KB

    MD5

    d4ef368f6090e6b6066169bcf12650d6

    SHA1

    6ae48225781cffed7886f9d4dd4bc958b57c31a6

    SHA256

    3718333d283cbd26a34e2c27ff84cca2b131f3848706c8794ac3b686b7921aaa

    SHA512

    e91c021a7fde6943a4a65e74926887a446660b34ca58c1f08a69bf34ee3d366ee6f3bb0f6606e2fb9503ad8779df9a7ccf600a21a67a7f49ac0c081b6ca83012

    Download Submit

  • /data/data/com.ary.Configuration/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    adee2c4b1cb83e29ea424eb06d0ba1cb

    SHA1

    21c1a658bebc2ac7682de42576277f0a3a1d347a

    SHA256

    189a0f8ee4c72f91f9b85bd9dbbd58731cd0709b0867c83961b6889faf7fc5af

    SHA512

    4cd7a9ddc6177374320c04f6b80db670359ab18eb052ed9ba3a040be85145cb36d30fe0cc02f18468f2f4bb8dfa4f098ed48d0d1e236fcc14dbd21d0dc643de6

    Download Submit

  • /data/data/com.ary.Configuration/files/.com.google.firebase.crashlytics.files.v2:com.ary.Configuration/open-sessions/66AC3DFA00FD000110AC94736D445F86/report
    Filesize

    787B

    MD5

    ef88f15b535691e4847a99c5b96e0b96

    SHA1

    fb4dae788edfa476e166273de7d13bcdbe464e11

    SHA256

    066f4427948b872a9ff76398e08963d2e8bd45a1140bcbd559ee44f607ea4ba7

    SHA512

    6679555b72465dcc24dc6fc4050af951d5dbce9c4dd261aa5ae02ea28366971f4947b35a4659245873324c9bffa1f6eb1491b52c216278518a93108b51b34612

    Download Submit

  • /data/data/com.ary.Configuration/files/PersistedInstallation2526271946298963451tmp
    Filesize

    567B

    MD5

    f0a8a60d6fb55ca9d905033de9e7bc51

    SHA1

    2e50020255f9be927188290a4587a32d44289354

    SHA256

    7167268965fd91bbe8fb25fea0072e8bccc5f34e89ef242e9abe5c6eb9a20857

    SHA512

    aa673f6c20cccf7e3ce5e9fa3a104106a563b1fe9029f838213cd5a51ce34f123d151892e7492a755cc8458cba162dd529770ab58e9e5c5006c9bc05892a763f

    Download Submit

  • /data/data/com.ary.Configuration/files/PersistedInstallation4003837122371914458tmp
    Filesize

    90B

    MD5

    728478279fe80c5449aaf37de15e3463

    SHA1

    a5dffa752cd8f95d0d2c4ab0b85318b4655bed11

    SHA256

    6ca8b26d5bf45e4414be1ec2c088a87c6d65359c032f339738fb78edb2831594

    SHA512

    cc7e1bb24775b1c56cfdfff185f6fab46472e337faf8c60c941df75b39ed715fc3120428eff40fe284c4bd0bd86b50a6f6ab367f803a6ee70268f6d4f92cba16

    Download Submit

  • /data/data/com.ary.Configuration/files/apks/AApk.apk
    Filesize

    6.8MB

    MD5

    47bbb6b73f55739b481102b03f5c259d

    SHA1

    568aa7f71d528a96f9de3c39cfbb5eebd1c4d1a7

    SHA256

    3141a558165d163dc83f2a969185cc38ee3ed0a4e8295ea4ac99395a9cdb7499

    SHA512

    9df376e4bbc748a734521fb1db970f1d201ede7f7332992d30f4407e3ea52f8726f7d5d4015cabc59eb542a8c8bf399259f5e7958da7eb8c85125fbe5856c448

    Download Submit

  • /data/data/com.ary.Configuration/files/localLog.txt
    Filesize

    43B

    MD5

    78753be5c1fecd79425d6643d90ecf55

    SHA1

    c7e2bb614fefb376745912ae016e58fdfcca2e35

    SHA256

    1fa6eb45af1aa167dbd5d4714cfc0f9a9c73ace770dd13d836daa87bc72e8938

    SHA512

    d4ec5e9a03d11def4accb654f7454818f1cf82e6e5f8fbe8e5ccbfb6bc63747c432cd53dc97b228eeaee6aae8184e2cae5286e49224b3d392f432c33946d2f2f

    Download Submit

  • /data/data/com.ary.Configuration/files/localLog.txt
    Filesize

    82B

    MD5

    db65c7f97007533b2f3c5f7fdd3b10ec

    SHA1

    ce30d541e9000d5ac2073df714a4b0a6b2dcd7de

    SHA256

    ae3b754a60873e0483db77e984c67ba5ca4b274de83ab68d791dacc2a8f6cb3d

    SHA512

    6c4b911773cc8941267dae2ea55317794e3c19715c0442fe9b48eaf5c06565a41cb1f8cbfc1153d4eecb3d6cecf076917416270b1ba85e0fe71ceed1fc12a833

    Download Submit

  • /data/data/com.ary.Configuration/files/localLog.txt
    Filesize

    82B

    MD5

    b7f2c50e687d119c7a286e2b652cda02

    SHA1

    995d50ca839ac6294e7088d1937b480347acea34

    SHA256

    a54a1013613b412b71287e1350fa1e40fa0c470e57180c79a89ff4d9c09b2109

    SHA512

    9d4a2372f6a961b8076b6fd14f65e077ff24d3bf27566b316580cbe0aff2e8db6b1be8fd18c1bba144047c4b9d21f516dfd0a560f68cda1c46c97796efeb6696

    Download Submit

  • /data/data/com.ary.Configuration/files/localLog.txt
    Filesize

    34B

    MD5

    2ef4b259738ed257f6cf8f413107b001

    SHA1

    9f6a9bf8c3010765c58920a6dae27120147008db

    SHA256

    dafd2d24305e480a88a721bcbabda3f295fa49fa03aa96d2b928807539e1a6be

    SHA512

    1c18db5d58be9ccae66fb0b8a352ac24fd7f032fd2dbd49b5b2cfc7a1299662cac5d8fa7d0a60adfaa425c84ccc873be9fda64de8cf71b163c89639ee8eebed8

    Download Submit

  • /data/data/com.ary.Configuration/files/localLog.txt
    Filesize

    103B

    MD5

    9719a135cbf4c3c06c087ca5e64517a3

    SHA1

    77cd791123f310d9b4cb2d606095e0c941f15302

    SHA256

    4f9aaf5d2c5835181a5ff1b561d81e5749ec6fd4ba6959cfbad7f4568d9f2d1d

    SHA512

    999b34c9bcd646758eacc9c6c0d65f1447c0b4c36ad39c9a5d9080e09d4cf80315b544cfcc74da58e0423e1fab7e5822ea97438cd5fe68aae36b2e90981753f0

    Download Submit

  • /data/data/com.ary.Configuration/files/localLog.txt
    Filesize

    599B

    MD5

    ee586e04436b397815b6a63cd7c42d63

    SHA1

    20441b8f9d8b09394dd9d6be7afcd90872a20b0a

    SHA256

    5fbaf16c4f798f0ed3578cc39a7a828bc3931e5be8f22a593db12527d0931d9f

    SHA512

    20b31c99b09bc661b63942a3d60338e630e95f816d95736a288957162e159554d78a776786c2fdda1e6bb39b9491c5b7aa7ae73a25b52de7651bcb843f646bf4

    Download Submit

  • /data/data/com.ary.Configuration/files/profileInstalled
    Filesize

    24B

    MD5

    d3e05d2d40af57380781a335a95cccaa

    SHA1

    d31647b8fe5b7fbe493cafdba338cc6cb1593880

    SHA256

    c86068b9c2bbad7553c898584f0a1933a1b241c84704e02a54827f9df80fbf65

    SHA512

    dbf41ad9b2f01dbd803d6ce94c4a671c84f65a72e99580b29f60d91412135431449dc5bf9c0ec5a0a2aadcb4138986d1628ccde808fbd16bb1eea66c960689be

    Download Submit

  • /data/data/com.ary.Configuration/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    54d0c733cec6ef8ffb889f056b0c0fb6

    SHA1

    3358a6888739b30cee22138dd7d0ac4541db5247

    SHA256

    a8211fc91d0f1920df0f974eab6189cd918355639e0a7b11026b156c130e5e6e

    SHA512

    684af0d3e74485da14661e5ffae985a6dab78049dd3d3c8cb988e1fa2d2748280697ecdeda53f19d4af6cb05484959805d12cf055878d047f7a873a016e33534

    Download Submit

  • /data/misc/profiles/cur/0/com.ary.Configuration/primary.prof
    Filesize

    1KB

    MD5

    4176b0c3ebb802566a5bf877861cd0e6

    SHA1

    909639413fe0507917fb27d51c4c4d8f7264321f

    SHA256

    21d5dc40fd77bffe040732af5ee0b689ba7052ca7c86ad259ddb0c3a8f5b5a99

    SHA512

    d053b83172388e741d55f5305d60b2d92f827f20726173d36bb8e3f3b2b34c21f8a7b357a2461eced035feb62f1f4813cc2432a436345d912eeb385e969054e7

    Download Submit

  • /data/misc/profiles/cur/0/com.ary.Configuration/primary.prof
    Filesize

    11KB

    MD5

    f17608e4d5b3025cd25c350734969f77

    SHA1

    a464514faac72d8f302a9f6153bcd4790b118d6e

    SHA256

    14b037e7d24a075c53b57e5c7db3e2d5ef5324ad92e45e41ddc3dec0d7e81b1a

    SHA512

    49bced0ecf505b508a48377ecc2745a82492007ddae8f03d7bedce9a1de76c68591c28a7917e35841ce7e0ac53b81cf160e6951263492a5b2665bfbb52e1caf5

    Download Submit