Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

Virtual MOD_3.2.apk

android-9-x86

7

plugin.apk

android-9-x86

plugin.apk

android-10-x64

plugin.apk

android-11-x64

Analysis

  • max time kernel
    126s
  • max time network
    180s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    23/08/2024, 02:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Virtual MOD_3.2.apk

  • Size

    5.1MB

  • MD5

    21b6ee6cac28641e4127d491b2070319

  • SHA1

    bf559e49322c248bc904f14fd5658c764790046d

  • SHA256

    5cbf639f9c2434de9227a412f52ffec78aa2c6f40b6d8cd913b248eb7fd96e86

  • SHA512

    8d065be940512b5afc0f09a32ffc8cd3853b1325df7644de4f045e683d9485f22a1893b2417a09a1fb3e8da82a7bcc3318a12599e2c8f8dd8de9d3f0e61b590b

  • SSDEEP

    98304:kMncVsu2KeFvFk7EO4EUMYlyHs3mddWRztQe3lbQakvY9u:kMcVsu0vFkoO4EWlylG55qvf

Score
7/10
discoveryimpactpersistence

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Requests dangerous framework permissions 2 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.guanyin.litv
    1⤵
    • Queries information about running processes on the device
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4317
    • sh
      2⤵
        PID:4414
        • logcat -c
          3⤵
            PID:4442
        • sh
          2⤵
            PID:4461
            • logcat -f /data/user/0/com.guanyin.litv/files/logcat.txt
              3⤵
                PID:4480
          • com.guanyin.litv:plugin0
            1⤵
            • Queries information about running processes on the device
            • Queries the mobile country code (MCC)
            • Registers a broadcast receiver at runtime (usually for listening for system events)
            • Uses Crypto APIs (Might try to encrypt user data)
            • Checks memory information
            PID:4593

          Network

          MITRE ATT&CK Mobile v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/data/com.guanyin.litv/app_webview_com.guanyin.litv:plugin0/Web Data
            Filesize

            52KB

            MD5

            5168d8c4556ac22decc2362ce61ddafb

            SHA1

            664cb3c7b0b5b13c3b915c28354793bcc0afd408

            SHA256

            5057cf5dab27589d93f7d55ffa505ea8249c213b79fd8c85ac39423c135c5db6

            SHA512

            81cefa22b3b1d30acf590b44b97a47b68c265a15b3725ff348ac0256faae0aa76b6a9bedece897c912bbcc86623c3a20c193ff131d9a25d0ee8e315394ae332d

            Download Submit

          • /data/data/com.guanyin.litv/app_webview_com.guanyin.litv:plugin0/Web Data-journal
            Filesize

            512B

            MD5

            98a31af652c09e786cbdc41eb7d46c27

            SHA1

            fdfdb0b2af14e5df4b062a02fbd86c7fa54a618b

            SHA256

            fe3c5be5e2ef9f93300e7d9526f72b4a77f92bdb65e2fbdf0c8030db6958bf98

            SHA512

            574ee7b9b4c39323f716c96a5b344382696ee3795176e8e19bfd9187701827f83c12ebb499738489c245bb7b037f922ca2131af868538889b20fd856b89de544

            Download Submit

          • /data/data/com.guanyin.litv/app_webview_com.guanyin.litv:plugin0/metrics_guid
            Filesize

            36B

            MD5

            c0cd108aabe4556a45bd88f671b66c67

            SHA1

            03d85693414184300a2944ebbfcbb8c16b59bad0

            SHA256

            45445dd65cc23f9694137b3c49e4cdfc940621a0ba91fd9c8f7b06568f83fc24

            SHA512

            9a24e434e36fd8904ad0bb8114c705b01fc498077deb223824e85bb91bf739d9eb428a045a5bc6df9ee6a70a4c695426fde0c78321d93f31eb34fb66b00532c0

            Download Submit

          • /data/data/com.guanyin.litv/files/app-plugin.apk
            Filesize

            1.1MB

            MD5

            6678be7fd6acf4426181f48b3683cd93

            SHA1

            c186b574fea271e8e2b53736bb073e946e73affa

            SHA256

            828f12c340feb48dfc78389a365309398279adb7e07176bac6beed788ac8338c

            SHA512

            bf11ccfe5c7183ce747e6643b6ecb1074fe86469c9efbb023b931b398eb75efea83ae66ae3b88042f79f4d1c286ce2a6c2906b6b2ac93c71387339c2dd85dcbe

            Download Submit

          • /data/data/com.guanyin.litv/files/app-plugin_3bd965827a5fa5b5d679383186104ba7.apk
            Filesize

            1.4MB

            MD5

            3bd965827a5fa5b5d679383186104ba7

            SHA1

            60488b3edbdd3508a1cf3f95ea2b804ff31edee5

            SHA256

            edea6441f5ea36116f0c1fbe981cd13cdf50fe58c88af836fe421be0dcdb09bd

            SHA512

            088e25da967cd6fe466d2cfd2c9e314599efe584321cfbc496db9e8b08edc09ae886dc6ebe11d40f1f9f107fe45c8d47e72cde33835c4f6b98ff91a61456d0d9

            Download Submit

          • /data/data/com.guanyin.litv/files/log.zip
            Filesize

            5KB

            MD5

            abd9532edcddb04f1185074646ba4be8

            SHA1

            1d7395b69195806a8027db218f0b716bcc0cec8e

            SHA256

            4cab39f5c9f5822aa5f9c057299ee29f7657c865c3b24bbd704a4456f76ad05f

            SHA512

            a5ea51f9a6694e338124ae43e154bcca3c52a534f4792707ab70dabf98dff0f9366ed197f865a89cc3134050a7f0cd0191692cd5834c03ee26789d632d5a269c

            Download Submit

          • /data/data/com.guanyin.litv/files/mmkv/app_config
            Filesize

            48KB

            MD5

            661d2588775c2cb0a003198fe1d78e47

            SHA1

            b625d8c484c96a1d0804ae6472f2094adfd9a2b6

            SHA256

            eb8f5f7364cb7b3f42c4936efd2a4589501a55352248ff37fdc7f63fb44045b3

            SHA512

            44d9245cd73919eb35a2d432d081745fe95d626201374e76ec8143e36a01f679f6872e8cd32a35df34f5b76a6604e24754381a6e60ac4e1a1ec92a5dc2c2ccf5

            Download Submit

          • /data/data/com.guanyin.litv/files/mmkv/app_config.crc
            Filesize

            4KB

            MD5

            620f0b67a91f7f74151bc5be745b7110

            SHA1

            1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d

            SHA256

            ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7

            SHA512

            2d23913d3759ef01704a86b4bee3ac8a29002313ecc98a7424425a78170f219577822fd77e4ae96313547696ad7d5949b58e12d5063ef2ee063b595740a3a12d

            Download Submit