Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

6ffa89b4e2...4c.apk

android-9-x86

4

6ffa89b4e2...4c.apk

android-13-x64

1

Analysis

  • max time kernel
    8s
  • max time network
    141s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    27/08/2024, 12:51 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6ffa89b4e2bfa275110c6823660f114c.apk

  • Size

    14.6MB

  • MD5

    6ffa89b4e2bfa275110c6823660f114c

  • SHA1

    4f620de841b1c52f81b626508a33c070b9fad009

  • SHA256

    1f133ecd4c50c1d3622b09c147fe9b7ccae8f2ed08a20a5c2741e3237354aa7e

  • SHA512

    8e8ea3b1aba6608b5fb26687a876d94d88a83034f747d8cd83acef0dc17739cc4fa93dfbbc4b9cf75705dfaccc35c3d78342a49416be2a859e7aeba05405ab5b

  • SSDEEP

    196608:oTjxDh6r5ltMcRcSQuYvFj3fboCQTJ+E2escyuRMb94xm0TrTZ99EVFdMSV:kxDhE5ltcRFjCJbtbYwzT3D98dLV

Score
1/10

Malware Config

Signatures

Processes

  • com.playrix.donow
    1⤵
      PID:4350

    Network

    • flag-us
      DNS
      android.apis.google.com
      Remote address:
      1.1.1.1:53
      Request
      android.apis.google.com
      IN A
      Response
      android.apis.google.com
      IN CNAME
      clients.l.google.com
      clients.l.google.com
      IN A
      142.250.180.14
    • flag-us
      DNS
      android.apis.google.com
      Remote address:
      1.1.1.1:53
      Request
      android.apis.google.com
      IN A
    • flag-us
      DNS
      rcs-acs-tmo-us.jibe.google.com
      Remote address:
      1.1.1.1:53
      Request
      rcs-acs-tmo-us.jibe.google.com
      IN A
      Response
      rcs-acs-tmo-us.jibe.google.com
      IN A
      216.239.36.155
    • flag-us
      DNS
      remoteprovisioning.googleapis.com
      Remote address:
      1.1.1.1:53
      Request
      remoteprovisioning.googleapis.com
      IN A
      Response
      remoteprovisioning.googleapis.com
      IN A
      142.250.180.10
      remoteprovisioning.googleapis.com
      IN A
      216.58.213.10
      remoteprovisioning.googleapis.com
      IN A
      142.250.200.10
      remoteprovisioning.googleapis.com
      IN A
      142.250.200.42
      remoteprovisioning.googleapis.com
      IN A
      142.250.178.10
      remoteprovisioning.googleapis.com
      IN A
      172.217.169.10
      remoteprovisioning.googleapis.com
      IN A
      216.58.204.74
      remoteprovisioning.googleapis.com
      IN A
      216.58.201.106
      remoteprovisioning.googleapis.com
      IN A
      142.250.187.202
      remoteprovisioning.googleapis.com
      IN A
      142.250.179.234
      remoteprovisioning.googleapis.com
      IN A
      216.58.212.202
      remoteprovisioning.googleapis.com
      IN A
      142.250.187.234
      remoteprovisioning.googleapis.com
      IN A
      172.217.169.74
      remoteprovisioning.googleapis.com
      IN A
      172.217.16.234
    • 142.250.187.228:443
      www.google.com
      tls
      3.1kB
       8.5kB
       26
      21
    • 142.250.187.228:443
      www.google.com
      tls
      1.3kB
       643 B
       8
      5
    • 142.250.180.14:443
      android.apis.google.com
      tls
      2.0kB
       5.9kB
       10
      10
    • 142.250.180.14:443
      android.apis.google.com
      tls
      2.4kB
       5.9kB
       10
      10
    • 216.239.36.155:443
      rcs-acs-tmo-us.jibe.google.com
      tls
      1.5kB
       7.0kB
       11
      11
    • 162.159.61.3:443
      tls, https
      409 B
       40 B
       3
      1
    • 162.159.61.3:443
      chrome.cloudflare-dns.com
      tls
      2.7kB
       6.6kB
       24
      16
    • 172.217.16.227:443
      update.googleapis.com
      tls
      4.9kB
       10.9kB
       19
      17
    • 142.250.180.10:443
      remoteprovisioning.googleapis.com
      tls
      3.4kB
       13.4kB
       14
      16
    • 142.250.178.4:443
      tls, https
      327 B
       40 B
       2
      1
    • 142.250.178.4:443
      www.google.com
      tls
      1.8kB
       7.1kB
       16
      15
    • 224.0.0.251:5353
      3.7kB
       11
    • 142.250.187.228:443
      https
      144 B
       70 B
       1
      1
    • 1.1.1.1:53
      android.apis.google.com
      dns
      138 B
       109 B
       2
      1

      DNS Request

      android.apis.google.com

      DNS Request

      android.apis.google.com

      DNS Response

      142.250.180.14

    • 1.1.1.1:53
      rcs-acs-tmo-us.jibe.google.com
      dns
      76 B
       92 B
       1
      1

      DNS Request

      rcs-acs-tmo-us.jibe.google.com

      DNS Response

      216.239.36.155

    • 162.159.61.3:443
      https
      1.9kB
       5.3kB
       8
      9
    • 172.217.16.227:443
      https
      27.6kB
       17.1kB
       71
      75
    • 1.1.1.1:53
      remoteprovisioning.googleapis.com
      dns
      79 B
       303 B
       1
      1

      DNS Request

      remoteprovisioning.googleapis.com

      DNS Response

      142.250.180.10
      216.58.213.10
      142.250.200.10
      142.250.200.42
      142.250.178.10
      172.217.169.10
      216.58.204.74
      216.58.201.106
      142.250.187.202
      142.250.179.234
      216.58.212.202
      142.250.187.234
      172.217.169.74
      172.217.16.234

    • 142.250.187.228:443
      https
      9.3kB
       32.9kB
       64
      57

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.playrix.donow/files/profileInstalled
      Filesize

      24B

      MD5

      f078fad9e5236bd7e230899e0c1cf99b

      SHA1

      175c8ea552d3d04da8693d2056724639737bd28f

      SHA256

      a6b7b8e29bf0767143cf042ae7af5bc41a2530a21290868f2aae1f20ecb104bc

      SHA512

      5ebe24e7d46bfc1e9f30ca102807991636006f65cfc149b54f1a0508143064b064ad71c1e76a7151f656c69e7f83e61eb120cc264b4c6e6f04ff7177292fe8a0

      Download Submit

    • /data/data/com.playrix.donow/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
      Filesize

      8B

      MD5

      d1e23daf89445b325415b69ce58dcb2b

      SHA1

      0b087d40d1580734a60c1cffd0bbc02d00fef420

      SHA256

      e0454c2fe6f19cd0ae987bad03b5347bf8fe2435a17f801031f45afb4d92586b

      SHA512

      f116690e270d4efd4afc65738a05ca1997d3992e18f0048f195e4e2649694f3c0c87c24d86d1bf99087207752c95c6d1f62351bdd53fa9e9318c01b5824edd72

      Download Submit

    • /data/misc/profiles/cur/0/com.playrix.donow/primary.prof
      Filesize

      2KB

      MD5

      03e6482fd2feffa1ab719c69a30bffbe

      SHA1

      77d4a9373a8bb7a7d4d2235d3973e493c5bc3c92

      SHA256

      36fb647d7f4d7d9a35c6606e5c7e2c04e9706c2384e88154a76027a6e1c73cef

      SHA512

      bb1fa9b2cfc2092ea580afe96bd2e7d4b3deac459e2d9a3e6920e97afb4eab21a4b5a1c19604b28c8cfd8e6482fcbb0b2de894e3367b1f960324168ed5ba8698

      Download Submit

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.