Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

f3ee8522c4...78.apk

android-9-x86

6

f3ee8522c4...78.apk

android-10-x64

7

f3ee8522c4...78.apk

android-11-x64

7

Analysis

  • max time kernel
    5s
  • max time network
    118s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    23/10/2024, 01:40 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f3ee8522c46e31269449c58c69369f93a525201559fda2a2eff1d2d205f4f778.apk

  • Size

    7.0MB

  • MD5

    d2e511a1e5836f0557c695eb23307711

  • SHA1

    7e0c6781b9b560dc958d38786419f5a09dcf3cf6

  • SHA256

    f3ee8522c46e31269449c58c69369f93a525201559fda2a2eff1d2d205f4f778

  • SHA512

    56e6f6fa644e564533f0727dfddb3b22229ddffb550a8f72db58071bc48b936c3717f61a06071976b0dddef7c5381119e2e2f9f6f44c3490fbbe33bbe96c4527

  • SSDEEP

    196608:debHCUOigkvgP45yCG8Ii8Z1v1oGKoBbq27:d8iUODHrG8jdo7ow0

Score
6/10
discoverypersistence

Malware Config

Signatures

Processes

  • bot.avesta.uno
    1⤵
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4248

Network

  • flag-us
    DNS
    semanticlocation-pa.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    semanticlocation-pa.googleapis.com
    IN A
    Response
    semanticlocation-pa.googleapis.com
    IN A
    142.250.200.42
    semanticlocation-pa.googleapis.com
    IN A
    216.58.201.106
    semanticlocation-pa.googleapis.com
    IN A
    142.250.200.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.179.234
    semanticlocation-pa.googleapis.com
    IN A
    142.250.178.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.180.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.187.234
    semanticlocation-pa.googleapis.com
    IN A
    172.217.169.10
    semanticlocation-pa.googleapis.com
    IN A
    172.217.16.234
    semanticlocation-pa.googleapis.com
    IN A
    216.58.212.202
    semanticlocation-pa.googleapis.com
    IN A
    142.250.187.202
    semanticlocation-pa.googleapis.com
    IN A
    172.217.169.42
    semanticlocation-pa.googleapis.com
    IN A
    216.58.204.74
  • flag-us
    DNS
    bot.avesta.uno
    Remote address:
    1.1.1.1:53
    Request
    bot.avesta.uno
    IN A
    Response
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    142.250.187.238
  • 142.250.180.10:443
    tls, https
    202 B
     40 B
     1
    1
  • 216.58.201.110:443
    tls, https
    1.2kB
     40 B
     1
    1
  • 142.250.187.238:443
    android.apis.google.com
    tls
    8.1kB
     10.4kB
     27
    29
  • 142.250.187.238:443
    android.apis.google.com
    tls
    2.2kB
     5.9kB
     8
    11
  • 1.1.1.1:53
    semanticlocation-pa.googleapis.com
    dns
    80 B
     288 B
     1
    1

    DNS Request

    semanticlocation-pa.googleapis.com

    DNS Response

    142.250.200.42
    216.58.201.106
    142.250.200.10
    142.250.179.234
    142.250.178.10
    142.250.180.10
    142.250.187.234
    172.217.169.10
    172.217.16.234
    216.58.212.202
    142.250.187.202
    172.217.169.42
    216.58.204.74

  • 1.1.1.1:53
    bot.avesta.uno
    dns
    60 B
     125 B
     1
    1

    DNS Request

    bot.avesta.uno

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    142.250.187.238

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/bot.avesta.uno/cache/~test.test
    Filesize

    4B

    MD5

    098f6bcd4621d373cade4e832627b4f6

    SHA1

    a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

    SHA256

    9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

    SHA512

    ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    8f0e8256d66169f7d514065ea61f6384

    SHA1

    88c38833e9ac09efaba34beb4b5777b80c8e1b91

    SHA256

    a19bd0a27e95710dfda28f8af130fc1c0e31c16277e77f8ae9a07af157ca51b2

    SHA512

    a6aa19d9670e401d73bf7ad7532bafc9b823c0314d49281d347cbe02f59430ddf899b35967eae9ef44037b26bd115f4e97edfb7e4d65d477788cb48cad91401f

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    ac8bcb215d72d87ce22283ae04325be6

    SHA1

    a4e01a09e3d8f4f512d9fec5b3470f6bd3798687

    SHA256

    e9826387d02f2db7bb490abcdb5e32c2c9a80e74b6bb495f02ad2a42f34c138d

    SHA512

    7e98b541e0ab61374c904478eca853f386d02ef733beb5bd9a029abf6a3247f4e74120b561d233bc47de44d48bd5ab5aec04322887a82c6dd97db6e751c9d5be

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    e1547e8b79c364e07ff9811bb45527c0

    SHA1

    6eb0dc6a07ae026f47b9e507a797f40c9056f350

    SHA256

    a9a01ff3e282c0718610b2fc4035a58182cc74f065f95a10db951aab7f0ef985

    SHA512

    c5ef2cf45ff2a67c84537428c8f1d6d70119c480b0f8e6673f35166f695c2232fa65cb77bab71e15bd3aa71f63eab4cda7cf162538658c37dc3d6f21e2bb4701

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    1e0ef1ed19e6bff8d463459aee6edf4e

    SHA1

    7db8d6166c65e584734ff0cad7691b9d4d850bf9

    SHA256

    f335fe5ed65a1260f744f036d8fa3e0f12a3066e3a98790be5e7dfffbd732995

    SHA512

    8d3ddd2b902a6da0aaa5a8c542ce67b1748784af7e9d26575d5cb499db8640d4fc541d7ca3ccb30d8aa845335b16668faac6293e86ebbdff37b14700a758f13a

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db
    Filesize

    16KB

    MD5

    cad4e7dacf0c40891c7237ea8c1f68c9

    SHA1

    4b4ffb7382f6a91ac1696e7102b781754e93708a

    SHA256

    c39e11d06687b69b4987c0aba08f3ecc3bda96b735c7806fb99bc304ecdced7f

    SHA512

    d60f9726eab7335c7e74dcc929a90829f5bef79e2322c2268b07120a9ba14103db628e779cfa0c0e02fa15c4ac0aa09cb781adf84d260a5552a7bdd61592fdee

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-journal
    Filesize

    512B

    MD5

    d5ea5215a052b7966689f51451015480

    SHA1

    708e56a6a2bb82aa2446475e5746bba7e7ccfea3

    SHA256

    631f2f7f7ba91b85840271ec4633db76d9466f0aa341787f3efc1065d9487407

    SHA512

    dae8da3f0a351fa36d2622a44f48d581165042f50f1ad455026da2c40402b3ec4e4e555f3920639de12bdf7fe771e13ec9d769863f93195fd1b9c7b5dfa649f3

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    15860d94a958d63c016171914f476405

    SHA1

    8995f512b052b5581fb2f20379b77cc8537bdc3b

    SHA256

    eab6fb91844dd15db4d4a1288d9548a2206a8fa0853a7dd4052d1151540f5561

    SHA512

    994b6b6b544b81ee3940fb19d4ff343b49ca33c0659bafb6d324994e484cfded90341e080df503bfb874b917e5da22efd842314f31f11a58882730a35be1a985

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    9f0aa57b41405a04bc7eebd48667dcbe

    SHA1

    47cb4c3869ee1fec77b6ba1d091ac0f79b214a05

    SHA256

    ac6215bce9f54bb450ac4c5056aa20922602b19ac3e4a10977dfbe5f2bc077a1

    SHA512

    86bb6001cba02f09c9a25947021c8e785b92e218bb573771596a4c5f3d7f552ce62f688a507dc5be4790dcc5c97f59dd30a75b933f88604ea36e6f0b20b0c001

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    0c576d5a6fd305543118676c829cc0e3

    SHA1

    63f3e83c07aa4ffaba0ca5c800e6eb105a475ab1

    SHA256

    3f467ca30bd22b07e0c9fcdba2e5072cba2ef5e47d6fd87a942c1a72eb8501dc

    SHA512

    ba3073e87267caf7ce720126572d66ffe51ac09c578f90316332192b004c4b4b4022bfdd0c61512b6a5a21a9700c5ec66bbe79a83132ac6c9fdce33e879055d0

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-wal
    Filesize

    4KB

    MD5

    47bf51e35ee3d4c8f64416ab92bef9cc

    SHA1

    c40b34c4483eeac300c202aef51737a41df4819c

    SHA256

    f7a0943218129139f566b552fc746d8b656706c82e877cb3a69439de00b4500b

    SHA512

    20536ff2aa8aba4b1de27ed33ba8b481cbf07a63e52367511f24076441746d7d2a0581e79a48bfad00d9c1b5beb9456c1882ec2ed494d04389050127635ac7c0

    Download Submit

  • /data/data/bot.avesta.uno/databases/google_app_measurement_local.db-wal
    Filesize

    36KB

    MD5

    2b61d80870eaff007ce19bf60c3a3ae7

    SHA1

    817a5900bbca466028c46978ac24d12d994422cf

    SHA256

    1dd697cc33e29e86221f2fc610e74e990ed8245d62287d71db9601e12a6b6283

    SHA512

    f5c4752ce1c9f7abc1c387841381e494d875b593617de0da6392728b18d8a42024809043f01c7576db215398b48b02a6504ae6b159f20edfebb56d166694dbe9

    Download Submit

  • /data/data/bot.avesta.uno/files/PersistedInstallation2650177412583758568tmp
    Filesize

    90B

    MD5

    e8af9938e46e8dbf4d97bf64c1e83ded

    SHA1

    204598dea45beb7c24f4853d8c18ec6caa1fdaa5

    SHA256

    94e6dee8dbff44283a28d144238de885f4240a3df88e1b5a8a62e3b50fd99c60

    SHA512

    ecfad98ce61e11ff56813d8a533436372f6c65266b89481bd9edf50b3c0061e07e20efc2787c61715a0e4b1a3ed0ac6d7a00b463634b27a25af36289af09345a

    Download Submit

  • /data/data/bot.avesta.uno/files/PersistedInstallation631711617590608160tmp
    Filesize

    568B

    MD5

    a37b8cdb12a8de4026152e620141f22f

    SHA1

    a803ad1611bd503c925fafad0ee3ce8aa0f13e0f

    SHA256

    d766cc516bd932bf796d82d8ec18cb61769fa4e33bbb84a011e7f96b1116aad7

    SHA512

    304320c959044e7e94a2f84bcc5197670342ef79d2c8ceff8696a313daf8e29343fdf06944162c7ff9dc7f33dbc1f96150409b9ad8a73f6b4b20b0a69f8ffd1c

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.