Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

409e321dc9...18.apk

android-9-x86

7

unicom_resource.apk

android-9-x86

1

unicom_resource.apk

android-10-x64

1

unicom_resource.apk

android-11-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    13/10/2024, 15:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    409e321dc965e8846553bae3aa43ade8_JaffaCakes118.apk

  • Size

    52.5MB

  • MD5

    409e321dc965e8846553bae3aa43ade8

  • SHA1

    2cafd0bd54a82411dcef5c63e2ad20a0a3bfe36f

  • SHA256

    d3bfc11b40cd83d8d00fb77dc24ea0ff30d09567eab5bcf9c41815984d7ffa2c

  • SHA512

    9d618d99797aac6f3d5910421455e5e0757773ee882d6bee988ca3ee8e11bfe3bea66f379cab980d47c6d6d937c9e7bb7d4a4a2e42f14cbc67f58d90fdce0e7c

  • SSDEEP

    1572864:BckHwOcPIfowIzaJdUxrmidZ1NjgKFa0pSeDrQvr0qJ:BckHwKUaExrnd/NjgKM0Mug4qJ

Score
7/10
discovery

Malware Config

Signatures

  • Queries information about running processes on the device 1 TTPs 2 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery

Processes

  • com.joym.armorhero.pps1
    1⤵
    • Queries information about running processes on the device
    PID:4262
    • getprop ro.product.cpu.abi
      2⤵
        PID:4290
    • com.joym.armorhero.pps1:unicomuptsrv
      1⤵
      • Queries information about running processes on the device
      PID:4313

    Network

    MITRE ATT&CK Mobile v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.joym.armorhero.pps1/.cache/mmbclasses.dve
      Filesize

      24B

      MD5

      a9a1d7cd1eaf0e7f1998cb2ef4bed4ef

      SHA1

      824a53edfb4542c408c8d43e0615b7c28ed16ba5

      SHA256

      4307491e47f082e5f663eee645cee9a2dd983ef7c2c22886a51f245e45b9102a

      SHA512

      f97fd82c14ac87e264bfe8df20fa8d9bcdb4d08ea8097bbabc74f092286e8c36d1d643e2d746e78104398f83a315d7e6b4a95a6e5e9f60af7a74d2229c910d86

      Download Submit

    • /data/data/com.joym.armorhero.pps1/.ulibs/decrypt.so
      Filesize

      29KB

      MD5

      d7cb8b5358b1c095511cf9edb1c13354

      SHA1

      2ecc10b8e73597d54bd13b7b2046477f1bd40939

      SHA256

      e551db916184b19a7dbd2393e41b54543cc5eeb10ce3550b5219695ab6126998

      SHA512

      c73123bae60da7a98c56f7209a5b43b3939e774b288790a8392713c1eb6c1ae4902948d2e2faa07648df5d0e9c35753cd6ca4c0f2e9cb67c3fa45eb6d5599cb4

      Download Submit

    • /data/data/com.joym.armorhero.pps1/.ulibs/libunicomsdk.so
      Filesize

      25KB

      MD5

      1bed8a396868ebc83b1082a9dd8f64a9

      SHA1

      13de7ca68be8df5b22ba2439d660b82676aace66

      SHA256

      62d76b4054b0b0d4544bb1c4f5236b6198c95f0284f60cb42e013bff34b8a2e6

      SHA512

      0ce9f83952e3c3fdfef20a88351e3243d68b9e504309b8c17f0d5932ac6bb0f8b337b0b467c2a1ae525f02ac0a427cb17acef97c2d084b8b60d9b3836c677980

      Download Submit

    • /data/data/com.joym.armorhero.pps1/files/d_data_store.dat
      Filesize

      8KB

      MD5

      68dd7ee58f4157e0f675dad9f80d312c

      SHA1

      4d60459e2a78d924123934fbddaf2bd42c0ae361

      SHA256

      e24d4c31308abc367f95a2ad49dfe026a5bacfc2580fe8453c7fe43f600b66bc

      SHA512

      02e123f42e0b87606b6943b7dc936ba842b70f7c44df5227c06ac230090e065738bd9bbed6a40174cc5a37d453f68d07c81661dccf0f3ac15e318b7cbec42813

      Download Submit

    • /data/data/com.joym.armorhero.pps1/files/iridver.dat
      Filesize

      8B

      MD5

      f3257e5cf9cb4df80b664d49ac98fc54

      SHA1

      1abd60a397615921548d798afac0831d05f74bcd

      SHA256

      0323ec6cd6be9305f6b4fe9588310c3c433ff9219fe631c92444f0d7dd8d0a6f

      SHA512

      c03e26996fdaae5bd292dca61021af8900c86a0cc26746c5d03b81ce109bfba888a10371e9f90dfb5249c79d932e6c5e9a41f84f2aca1144f1d39dc4576e6a2b

      Download Submit

    • /data/data/com.joym.armorhero.pps1/files/libmegbpp_03.01.00_01.so
      Filesize

      583KB

      MD5

      9acc2a366fb8d0020e534d7f122250a1

      SHA1

      88944f671633ca222ed9c30f6580895f47bbc4e3

      SHA256

      c389ea9640bf025e212484fc3b7c2ee7ef9c5de2cf3ebb731c86eb8e0c1e9372

      SHA512

      0b54f3a19721ee611edee1de14b508d734053d588b7bfec0d0594e4f804b159d75bc8e6474ff1eabb96e89ffeace5d6bbe17ec2bc350d085f08e5f584e0f9105

      Download Submit

    • /data/data/com.joym.armorhero.pps1/files/tmp/AndGame.Sdk.Lib_20150_86098B59D437DE14494674358197AAEA.dat
      Filesize

      492KB

      MD5

      86098b59d437de14494674358197aaea

      SHA1

      815f17554d45f834c613640bcbf99ba4e245f110

      SHA256

      d7972f0b375427ebb84d3143143959c5d2d5dfcc4a4821fdd2b0a604cd744e7f

      SHA512

      0c8823b60fc81a4d403e9042ccbb52efe6304b0f1a42afa4674249ee1ec5305ca4f27b20cbaf6f3705cb127fd5cbbf57fa8d7f6c0de852a5ef9032095f8d9319

      Download Submit

    • /data/data/com.joym.armorhero.pps1/files/tmp/c_data_store.dat
      Filesize

      365B

      MD5

      3793821c0bdc59c24ff6c4dbf2a0af8d

      SHA1

      1402e76741c5ffcc096d2507cf8b6a1028827723

      SHA256

      12045b662fac6c00b9e1435e1a460f5b4e0844a753ad418720533f895f3dd8c8

      SHA512

      7e2ea86e670a84d99f650cf4389bcd673e777a10e82a7a2020c07b279469c2322ba98b6947b86b5b4345f293fff847dc3642308b4a1a093aa5fe8cbd027d66ae

      Download Submit