Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

02637f8ea0...18.apk

android-9-x86

7

02637f8ea0...18.apk

android-10-x64

7

02637f8ea0...18.apk

android-11-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    30/09/2024, 17:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    02637f8ea02b60ef4a73817fdaf01485_JaffaCakes118.apk

  • Size

    932KB

  • MD5

    02637f8ea02b60ef4a73817fdaf01485

  • SHA1

    1d0ef0037ea0d65bcefee4fbb8e2be902c56349e

  • SHA256

    0e9acb9d441235efa9d03f6737822ae1ab96ee44127730edf921e3f67297ea9d

  • SHA512

    87c4163ae4c3ff078848a06afdd4349f43f309f4a7410fccb0e0188ec674789909546a48a27b267e8f53adaf2f454cae2cd1ccda2b9405af0fc74f2404eb352b

  • SSDEEP

    24576:5pQ//xsrQQ1GI/zPA87piNpAKxGmUITSHsL9/QWSYuI+9f3:5pQ//IQoGIzA84pAEGmjL9YWSYuF9P

Score
7/10
collectiondiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries the phone number (MSISDN for GSM devices) 1 TTPs
    discovery
  • Reads the content of SMS inbox messages. 1 TTPs 2 IoCs
    collection
  • Reads the content of the SMS messages. 1 TTPs 1 IoCs
    collection
  • Acquires the wake lock 2 IoCs
  • Queries information about active data network 1 TTPs 2 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
    impact

Processes

  • com.hhh.qingcnslaidx
    1⤵
    • Loads dropped Dex/Jar
    • Reads the content of SMS inbox messages.
    • Reads the content of the SMS messages.
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4976
  • com.hhh.qingcnslaidx:LocationService
    1⤵
    • Loads dropped Dex/Jar
    • Reads the content of SMS inbox messages.
    • Acquires the wake lock
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5016

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.hhh.qingcnslaidx/databases/baidu_chq
    Filesize

    52KB

    MD5

    e2da3196f34eed3c5e8fd175353dae46

    SHA1

    0ea9ebd0c1c027ec1b43f021a8e8a438092eea11

    SHA256

    25a08324412d482d4326d68e88e2434cffc6364befbafeefe5c3540c78583531

    SHA512

    b4f6687c223bea0ca91fce668dcea9c49891ed5f4eb099121908e712cee4647a3036ad690e7faa49e847291521f0ff343379de31650f823ed5137ef286431e68

    Download Submit

  • /data/data/com.hhh.qingcnslaidx/databases/baidu_chq-journal
    Filesize

    28KB

    MD5

    e913988027a68ad34059c6c59375d2de

    SHA1

    f9f34a42abdfe5315c3121d0ae1ac932763363f3

    SHA256

    1ff07efc4b402e13a8512ee44688af1ea5654ce51a9bf404633d20e12e486778

    SHA512

    30d64ded158b14fea30ac6d234a0777d11fc35a3f0b825ae5b549857dc149bc3f204a0f63a8bf7d007fb2e4aff555d7db3a9677aae06767ef0c5390fb5c7352a

    Download Submit

  • /data/data/com.hhh.qingcnslaidx/databases/blue_chq-journal
    Filesize

    512B

    MD5

    f631d6576cf804ee46d1838375525880

    SHA1

    6ac4eea6f03f14bbdcd57158ac7d8da86c57aa43

    SHA256

    fa69819ccf38c67ae5027e35a21405c574ff57924330a52a32bef2795ce540bf

    SHA512

    6c0c3971a3e274d2a7ac39d8f45c0a519590c0e97fd49c942f93a8ca4f9a4cf0220cdbacbf5711606bf28589e1048e56a1e8a1c7f714129536d54d92057ad2e8

    Download Submit

  • /data/data/com.hhh.qingcnslaidx/databases/blue_chq-journal
    Filesize

    8KB

    MD5

    dda4656c12ba21b2789ab726765ca5a2

    SHA1

    eadf059b58ccececdc2fe11f27010eb3b6ded065

    SHA256

    75a684c8448cf3ef4135876d3c7b9234cb2c1e36c303cede6aa833259a293a39

    SHA512

    88af73df64059ac61ff07e7737b6551824340db149d9dcb765ea5395c627d2769d86f38e13e678b820db51020d35b27adf39e29c05cd5f334df57629a392662f

    Download Submit

  • /data/data/com.hhh.qingcnslaidx/databases/blue_chq-journal
    Filesize

    8KB

    MD5

    5d8530e95948f83a1edef57ee36df611

    SHA1

    3025ff67ead1152dd63d59d14db59c4da538cb24

    SHA256

    9df3dcffe6c0762ae58630fc4b301905d6f74444b9698ef151c4da2cc6e1f5e7

    SHA512

    0b4aece65b5582009430030bf814e3bb3f06fed2454a560ec7464a464be7955a3ad5f26ee85768dbd1edad3e0e3f09e83284493191d9b7b7a0762407488da998

    Download Submit

  • /data/data/com.hhh.qingcnslaidx/databases/blue_chq-journal
    Filesize

    8KB

    MD5

    f381a9003355838a26b0987ad698859c

    SHA1

    168a1cc75485f484d3d690ed71d0dcb08fbe96f2

    SHA256

    dd7dd2794f77620dc31fb06ed8cf831f916ee5abfb9a4754e177d5a03c9a09b4

    SHA512

    3a92d081109b2fe29326950292180594da980f5a8e2db0eb24a204466ba471ce0cc17714763e4a51dc1efa9cc4de51072c34619547686c83bf7f01e6e5d6213a

    Download Submit

  • /data/data/com.hhh.qingcnslaidx/databases/blue_chq-journal
    Filesize

    8KB

    MD5

    9ba6ec035208e40d0ae5997d89225a46

    SHA1

    b4ee43d61c0384320034baaa9a06e2e0e7a5eecc

    SHA256

    821b289ff0d5313e06a0bbaa198c654edbbe8340de01f3212833477b204a0e04

    SHA512

    712064cb7d67b8d21e0dd1b86ab9fe3ba128aac73de43d40263abbc0d3b1a08c209a5cdff8f049e994367f4adb9004810ac3f9ab1bd04717ff6da6776bb80876

    Download Submit

  • /data/data/com.hhh.qingcnslaidx/databases/myqqdb
    Filesize

    20KB

    MD5

    ac742d4baf94c5781bfef105f5b4ddd5

    SHA1

    66c65db1e099782e6a70c5feb36c9ce213dbfa73

    SHA256

    f230de9bf5c2b5959dbfb25a31b54e91489fb133cd32ac1ba5b2b3543ba9131e

    SHA512

    1fad58fc102c38419b798672eb510e1ee2f7774110eab645972acbf1ef5ad96400b2f5f035cf7d33ca6f0e950e18918e6dc433b1aa84289404a7a40e1ca6668a

    Download Submit

  • /data/data/com.hhh.qingcnslaidx/databases/myqqdb-journal
    Filesize

    8KB

    MD5

    eca1d98fd1437a2a6198be85ccf8ea9d

    SHA1

    fe29c336aa7228813739126d0cf25c31b11fb904

    SHA256

    46bd69099be04e0cf373e673b6212ed01f073df15f4b1f26f1a97e6803a125ee

    SHA512

    c6414b6ab5a814ce9653223af1aca0293a5ee618182abc11a309359ee479763d6949d93a61f949a45af84d004641a84c1be7c8f0b0532a4d8cb31d58bd0c446c

    Download Submit

  • /data/data/com.hhh.qingcnslaidx/databases/myqqdb-journal
    Filesize

    8KB

    MD5

    082fc880638f67ecc20c19916b8b5638

    SHA1

    91709f4e182aea3323cc0dbd92a74da69133bb2e

    SHA256

    100d087637fe5f08b137afbfd01a092e2d04be2eae714071cbd80a14734e6e84

    SHA512

    480f7f6c22b139006683c06a5baeb09714552288484121f70800ac1a70f8c16ce6487ab206174d7d37676134d395f671e1a207b5df339e0883b8e0c3cb3540b2

    Download Submit

  • /data/data/com.hhh.qingcnslaidx/databases/myqqdb-journal
    Filesize

    8KB

    MD5

    70695cae9405d6f8c67bde9b76524e25

    SHA1

    97652eef4ad4e906e8eb6c04611345cea940fafb

    SHA256

    abfb9fce3ba99bc94eb46ead11e9b43d9be28b76ff9fadd6d29ed66db7096d6a

    SHA512

    0dc67d46afab0a8d27d291076ae5383653a219d0523b594fd1fe719401055abfd1aaa715ff656ff2a21f0bceecce41fb91b1060fe50f628a508f4dc09da02d86

    Download Submit

  • /data/data/com.hhh.qingcnslaidx/oko.jar
    Filesize

    20KB

    MD5

    a4ff2168d0b3d0fdb947aa0b1c2243e7

    SHA1

    3542542c7336c06aeebcdc550ee738365e062ca6

    SHA256

    6238c52a29fd4dc2ac450f2637892b861a11418610b1be45a852203b6a75ed51

    SHA512

    cd39e87161e432e162cdecea4c4638d49e4b1b06e9b60c28a2d3c823e235bc6e02acdeba0c03dd101eaed20ed5e9f7744d7a02fa83402716b6cf66c98402da06

    Download Submit

  • /data/user/0/com.hhh.qingcnslaidx/oko.jar
    Filesize

    43KB

    MD5

    82e6bb1bafe35ac95f3aab71965ceec7

    SHA1

    3d81d7a4575011d9521180ed7767d13463cf0413

    SHA256

    7b5f5938c60be155524b4c0dc2c4a8d48830b3770b94583bb520ba7c3fb9c85f

    SHA512

    4cc529c2a4a4e1a31f331f29e356949b7ca5f072c7eea9eb874d10d2b371149e6ed0040f2644f48fb370dab54090e8cec054f9040b22635d09cb3009666332eb

    Download Submit

  • /storage/emulated/0/device
    Filesize

    8KB

    MD5

    76eeafef7d561649b1dc5c5cb2c5ac86

    SHA1

    6406cdfa96bff5b27ef47ea1991b87ea60736562

    SHA256

    dff7640582e59fb440d8aaeb54d199a48108f39434efd172d25d4034bf7f1bd5

    SHA512

    0d3c75dd643730b25afa2ab72c6ecd1de011c5d571d759d4b30b814795ea9aebac6018390652e65b000ae712350c2f16bbd270d283041a31646604b366c1ff3d

    Download Submit