Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

legion_anime_66.apk

android-9-x86

8

legion_anime_66.apk

android-13-x64

8

Analysis

  • max time kernel
    12s
  • max time network
    134s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    25/09/2024, 16:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    legion_anime_66.apk

  • Size

    26.9MB

  • MD5

    f2f58be6ce3a0788f0df6d9072d0d750

  • SHA1

    6e796d654ea41bc6df55a693187cbd496d1a4d73

  • SHA256

    10781f708b988be37cc796901d19cddf1422fccbff49917d41d9a3d6226e67ce

  • SHA512

    93eb47d4f76f5f121c39e9c50cbcdf21829aeae2807a16af32331bcd4612a973e56f38cd59998e0b2d9bbced73de4d83556fb159d7c963bef9f61573d57aaf41

  • SSDEEP

    786432:JLZtr61ip3afTgiJviOgMXPSv5sd7095Pchtd:vN6SKfJKOg4PShGNtd

Score
8/10
discoveryevasionexecutionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Acquires the wake lock 1 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • aplicaciones.paleta.legionanimefull
    1⤵
    • Checks if the Android device is rooted.
    • Loads dropped Dex/Jar
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Queries information about active data network
    • Schedules tasks to execute at a specified time
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4361

Network

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/aplicaciones.paleta.legionanimefull/databases/OneSignal.db
    Filesize

    52KB

    MD5

    c524dee8e5034f1e190b36d65b4b0969

    SHA1

    3559430ef8ae60e46091c23098e92f4e06c4a96b

    SHA256

    8413c63e50eefd69ccafc07a38585e7c4827fa7c978b3e21d06104cd5ea5f97a

    SHA512

    19938804f8540f9fc7f4f057fa1b2fee8591d8272019aef523f3ff8efd362951b9c2d78e9d282059e2191d219e2b5d983b9b07fd641b745f45d7f1f1271cbb57

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/OneSignal.db-journal
    Filesize

    512B

    MD5

    1493a718a16595e325ded38c616540e1

    SHA1

    37bf8bf3aaeb4004bf5b27e63983412586c23ceb

    SHA256

    e1eaffbdd254176871d4d459e8d74b1e567f410951ab6e9de489276e90649f3f

    SHA512

    7fd7fd02ee9e2f3ccd74e4a6a78e90f53bc543762b2c641243c5e4ea1ba58ae06d2c00c69db762d6aa6bddb7de6596235b70bfcf0af2b6918049e8bc8cd09a87

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/OneSignal.db-journal
    Filesize

    8KB

    MD5

    d245d7854ca921e8136ea9af67eb85b9

    SHA1

    d88ccbb87d3f02a27e94679e487ea9494fef3fa5

    SHA256

    6ab2217b97d42262990d140d7540895a4e38bffaf34a3c0f41f57433fee96b3d

    SHA512

    44485d2aa46434d20d0d532b24a3b41f92d260c2facac91600c00a13918b20fa95e2801a1bc7e8d67f9e9b1fd6452d1bd7e2c48a9f13a4abb435292c28b4a59c

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/OneSignal.db-journal
    Filesize

    8KB

    MD5

    829ba807c1af0853a7a1b0c0dde83e5d

    SHA1

    d5dcc1c194d8ee62f671eb569fd58fd5b8a52e62

    SHA256

    80456f3e2230bb823c2e1b78ed9805ee6eaa766224c2569ac3f2068176d3f48e

    SHA512

    e67e25b05f737b8ef98ee75716c6da17b805b3f81e4a639b48a54a909532ca313d1a3e5c6f0be4ea8c356ce9d651d70ab2a3376657522193048444be830e65e9

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/com.google.android.datatransport.events
    Filesize

    56KB

    MD5

    aa6dfcc6cce597d1dfc1f7056dc1fbb0

    SHA1

    5211053f94cbe860798253ac1909fe210db1ab9f

    SHA256

    a78b47ea975ff531c3a9798aaf22b790f32958093af7b2c0c6c3405558accbed

    SHA512

    18e5ed9329805242d820352d35426f9b19a2552b6caeaa3415f75c49d8e3a6d849dc996226427b5ba6bfcb1c3864c83379df1fd1a68ea965bd76a6c66c3c739c

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    8effacddeaa2baa5787c9e76709412e1

    SHA1

    d49347dc1a732ddabfd6a81a559339e971081ebe

    SHA256

    4404f5702f2d341526c62449349dd1a39f6e97963aae1b69a2b4984970e41542

    SHA512

    32653e9951a7f581056a196ab77c31b725618127113f59f4d95925f85ec8fc7703d34e109a9eae4e65ca513746cca1d32452ad1d24478e8488860cd2c287f5cb

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/com.google.android.datatransport.events-journal
    Filesize

    8KB

    MD5

    6a3802c043b78be6cc3155cb33c3e360

    SHA1

    77e3017bf30547acf043837dc0e3fc75b9c4eb00

    SHA256

    c48d78d15f2dde29cf1613e53dfc4d66a91a79a2c54560252e77bbe274a03643

    SHA512

    4e9fe099d45c0a18f65d9065c1ce9d6926d4b52e5a455ab86ed5838491f7a925bc5cb300ab6383f7f77b2b976e591cacddc37d7edc842b61d50a1263002afe9e

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/databases/com.google.android.datatransport.events-journal
    Filesize

    8KB

    MD5

    713cd11d9bbfacaad69444042dbade86

    SHA1

    8a630d18390179526dbc1f16a872241bbfe6dabd

    SHA256

    32246d2a940db0e61a6c02dbf5793f3b35cadd39bae1afa0b741c284be5a1ea3

    SHA512

    0225256b0e652c314968f821fac4c87d2b5c6ca71ebd2f66c67f8d3cef0dc1dff1c3540bc337075227205dc312c5969299b8f0b9c1dbdf195884d9ca3b974985

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/files/PersistedInstallation2253201836296596880tmp
    Filesize

    570B

    MD5

    52a68757ab75f969e519baa9cafcad05

    SHA1

    793de36476aa69c511ac5ae3450848f14c48387f

    SHA256

    eb11ebc29bec79f29a2e5ce41503032c6eb59685ccbd676dbf7253692fcda84a

    SHA512

    ff89b6df3e34dc73901c59decea1bccbe9fd3bd7c251fe83c75f6480bc0ea04b4b6a4619cc501e5164b0a9cf1b082387bc809bbabfa6cbd7ea71c7713338be84

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/files/PersistedInstallation4107024983234257537tmp
    Filesize

    90B

    MD5

    449c83451a8a913bb58a4d9ccf91c20c

    SHA1

    4500b961d347861f2371b46d2139fad0fe9dda5f

    SHA256

    cafe5b95a0166c4c35e456b6a83f5c2e711433cecad7d0abdc8291e998300307

    SHA512

    eb3bd2d98ffbcf5ee33bf4615059fc6991b79414383961e6e036b88610d2457e9fce834446cf2818df8c45597283932ba0948f81b961ea83e1aaffc005a7ac10

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/files/PersistedInstallation7208789680905888172tmp
    Filesize

    90B

    MD5

    6c64e3f53a821657dffa20db8e420537

    SHA1

    9beb1da0d00d176a47bdc10410a565b1ec2043d0

    SHA256

    f4b775906855758b198981bacc8683d50d90437bcd2074b46597aaa47d201740

    SHA512

    f3dafbf34c35539e6e6558d302d319a43c285b9ef8484bdd87358fb0bd310efcd8fe09ff8e7f6f3a52ce77dc99b9733d8b9573999d25db64879a03db8c30cd27

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/files/PersistedInstallation8494839145061939414tmp
    Filesize

    566B

    MD5

    2471355631e592db2ef422df2899728d

    SHA1

    9b34a5635ae25c9a4eccb3f77b965dcecb87297d

    SHA256

    c4cfe3e1316849962b0dc557823365cd0b713056f7f03c6b084592bb21030b9c

    SHA512

    1ad28fd4d236f7345671aa3a9f93017b554c5bb5fb5bfc03c9bf614c089c578c2c4a7bcf0c035045ac3b34e99d7c203eabf4a46342cb1292795b7f45744f7c69

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/files/legion.realm
    Filesize

    24B

    MD5

    a6574431b943e0bf47642c666f3fbbe7

    SHA1

    79191cabd86accd903f27c523c95ef19933c64d1

    SHA256

    60692d3a39b5fa2c7ea60c7be7014c2069f7c0a3fedafa269addd8143ec15f6d

    SHA512

    c438e1cda3bce0de04a34e3f53f17f7cdd235e80c656c31e43a21b37e77dfd90de14c17a5c6719b84a14899ff41107a75790b35306c7ecb1674d6f60de9bbbef

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    0eb157e1a86d4d00aa601dd2f6ff3ee3

    SHA1

    fee434f784e73cc7916322e949f727caf8363102

    SHA256

    b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

    SHA512

    b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    995da49751b59d944ff38487d97be716

    SHA1

    23a62c1bdeb161e32feccbc194587bee3542d111

    SHA256

    94b9179bcdedeebbcb5c58e691df537f5fadf2649380eeb17f995daeaa47592f

    SHA512

    022e5c1395f664a7350d770b808ca73f79fee7c20ec38d4c127f77133bf0a42ec129226360b568e985b61df87697fe8393c5448fb735670c2aa0749ba0a563c2

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/no_backup/androidx.work.workdb-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/no_backup/androidx.work.workdb-wal
    Filesize

    108KB

    MD5

    bf6e3f28c90493ff8d47eacfeb669aa9

    SHA1

    a974041a742fcd33fad89ec5cfeeaa8365f9ae46

    SHA256

    5a8df3fb57a14ec72186030249fd8a7dce9115e108b83e60e72907e44f62a4fa

    SHA512

    1a73f7bc87f30507240adf44d6391f4baa7e42d5b49298464c802fed1aae4b2e8f491c70052b6f07658271f7f8e7d5374079ffb51de3fc0978bd43efde1e2671

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/no_backup/androidx.work.workdb-wal
    Filesize

    177KB

    MD5

    ffb8f196ec3483736f0042cd555a8245

    SHA1

    4769af93a1e42807be4cfaaf97b18daab13c0ed3

    SHA256

    baee1ad66e3a28b59009d0d54c032db0499c13f79a75899183bc1bdd139ec71a

    SHA512

    f82196c4bc31e9efe3bc1690064c725dcc20198f48be59a1a24ca70422cf58c184dfe41a72b2441c4c121ce2ca6e44dc71bfe2675d75dfbb451a59f922da8d29

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    2f5a82e4c378ca5fac1ed8bef0d07d36

    SHA1

    88c18f5879c2fc349cf7dd10f3b74026796b7604

    SHA256

    0f53ff0be80518f9ab4fbf21f0d3a05ecc27ee44e5f4dc707dc5c49dd055efcf

    SHA512

    be767872bc6046e0000d8ef393a384df83021cdf1172c255bcdf9c00802bb586c779048fa4f749c83afb5df254f362c7d03531ed300b30641132e717b9788a6c

    Download Submit

  • /data/data/aplicaciones.paleta.legionanimefull/oat/x86_64/[email protected]
    Filesize

    59KB

    MD5

    50e49f875c771a12efdebed723ff5b96

    SHA1

    bf7862f15195be44f3eb04c4ba241682cae9bf0e

    SHA256

    d5253cea438bae074fff86e0c8313579e0ce5d49b4b57e458b6d71f65d497072

    SHA512

    4c9013f2727ce9058097e1be8d705a7f799c3eadc05aea6a559dbf9c4b099a9d58dcc7b4d6507413bcccc92bbdf59abcfc11a18215d4b42b8f8a95b468384a03

    Download Submit

  • /data/user/0/aplicaciones.paleta.legionanimefull/[email protected]
    Filesize

    3.2MB

    MD5

    42a776716f329899669f6d761d626003

    SHA1

    7c8a66fddabe92a33367f14c29f13955149223c1

    SHA256

    7aae06433cff5967ac254484d784c2c348380891d0914c56de64e7e006668cd4

    SHA512

    bebfa64178281625ce6a58a3ed61ec0b80278041b79a6db210ffc5e0536056174582daa32c2042d1dac5be7a5b8afa19c55a92b7067ada2f25072375c8e22cf1

    Download Submit