Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

base_113.apk

android-9-x86

8

base_113.apk

android-10-x64

8

base_113.apk

android-11-x64

8

Analysis

  • max time kernel
    12s
  • max time network
    136s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    01/01/2025, 10:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    base_113.apk

  • Size

    53.0MB

  • MD5

    85ed51b00887d331b476f9568222743c

  • SHA1

    fba6938bd6a675b21b4d77d49a58e7fc0b8f9e4d

  • SHA256

    769840a979ee956291e924d5cb95061f424adc3221b26d85e0e8e7f65777decf

  • SHA512

    e097b553c7682849580c0841f89e7141f92a1c2c6e6252496c3e61f504c1e7522953ffb9a61cb129f14100e4e6d39433f7a2c21a3596029422b1c5d27a6c962a

  • SSDEEP

    786432:phP09KrszNOTCzZSs1LllhySA2yFy5msUonUdnp5ZxQ56OcpvcZbE33bHeVjKek7:f09Kgzacht85sXU0DcpvkEnoYcxiJ

Score
8/10
discoveryevasionpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Acquires the wake lock 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Checks the presence of a debugger
    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
    persistence
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.makemytrip
    1⤵
    • Checks if the Android device is rooted.
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:4285
  • com.makemytrip:playcore_missing_splits_activity
    1⤵
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4384

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.makemytrip/databases/com.google.android.datatransport.events
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.makemytrip/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    547a92f1365a247a942bc7b96775fe60

    SHA1

    4996c32ba0cfa7cb9ee64ebe1cbff80da027709b

    SHA256

    fced685f4235e1c5e3297954502f3a21204c6fb9e979648c5f59f324567a2e96

    SHA512

    88f04fd62087dbd7a264815e91c1d34089165e44167b53e66f5883eaaf200aa1f208822690ebe3ff38945d25bee4c8336cbf5bc0ffa60dd99877d73cbae69362

    Download Submit

  • /data/data/com.makemytrip/databases/com.google.android.datatransport.events-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.makemytrip/databases/com.google.android.datatransport.events-wal
    Filesize

    68KB

    MD5

    9e3323f14c16e1b46fd1725465f35e0c

    SHA1

    d4d20815278da0188214aba1385b3c8615734eb5

    SHA256

    39ccc309c5c1a9cd6e2ed1089a842f4956f0e5cfcacb6ae7f330c72b3b795f9b

    SHA512

    c479574493687ed80f262799c3f66340fe08c22f540c62f0f33fa4c1c1010009a108e69ce6026e9af456fab5332df46ec2672a1b1dcbf86cb5962ff517ce0602

    Download Submit

  • /data/data/com.makemytrip/files/.com.google.firebase.crashlytics.files.v2:com.makemytrip/com.crashlytics.settings.json
    Filesize

    710B

    MD5

    6181de711c4ba9e5330f9164cc4d6235

    SHA1

    11ab8b4c686ce5c157924eb79c213551a34b24e9

    SHA256

    fefad7b5041335efaefea62eeeae34996130b25c925c5255cb42618eb6b8866c

    SHA512

    d5998be23fcf91df58df1c15f154b4f431b8ce385f0e78b3bd8c3c98c07c982a071b0d0dcde75a2b59099dbd3d1197331985f8ca967a77e288b3e9eac9cb894f

    Download Submit

  • /data/data/com.makemytrip/files/.com.google.firebase.crashlytics.files.v2:com.makemytrip/open-sessions/677519180285000110BDBA157185ECD7/report
    Filesize

    735B

    MD5

    82bd07a4ce8c4a1ce526125b4f744957

    SHA1

    772829fe45e3a4020d247e5f6fc2f70b3bc4d773

    SHA256

    3a312ba103c3bb0505caad542dfca07aadf85790ede0e7dea26f991eef310a34

    SHA512

    6363d39c93ca92c8caba9745c495ab3a3aade74e8d14fba9dfaa2bbb4c04f8ba11ced188a0846abeded14d554a234d2db14bbf462dd1f2feceb8bdc69638bfd5

    Download Submit

  • /data/data/com.makemytrip/files/PersistedInstallation7372989298851705007tmp
    Filesize

    90B

    MD5

    1c98d3925062662aa134f6dbb305fc82

    SHA1

    1cbb1b0507a1c67c5c688a8266f7f6409f0a09d2

    SHA256

    a8e1b68e3631a1fda19ffa9f293fd0d7bce9a7f65c71c12fe19e11b6b8d1500d

    SHA512

    7c457093e79ba18900e01a5a0cd4dbb23f755ad07fbafcb41a375854e75388416e0fe15190d079bd776840cb0b1f99eb39be3d1b0af904d933a4315fbe970ef7

    Download Submit

  • /data/data/com.makemytrip/files/PersistedInstallation9060422116280589670tmp
    Filesize

    561B

    MD5

    f8404b0decff0ae8d3728f44a95e6be1

    SHA1

    edddd9b02eec66daf953e3101bb3df0e45f5acfe

    SHA256

    4d1f566c50f6d2ab6ab106e987445fd0aa20fbbf73e0e6ac51eecfa991c4cc83

    SHA512

    f09050e6d5969f2fa8e1efbbae66ecd0951f67f26905bd4b1e7c5b93fc8138dc40715f0975e9fc85c9f7af5c400b12c860bc52e883b50e4f354377383ecc6865

    Download Submit

  • /data/data/com.makemytrip/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    38ed1d7c125d3c5e9d2f5e8513a1a00d

    SHA1

    a47fa8658404d81401786a8dd675f06affd0f01b

    SHA256

    6dd05cfdf899487dd155246b66a72967c4d797226f42842d0ea7b83e39be26a6

    SHA512

    5c35651c891f0cc7dd7636b023c51f54952a9c35b71eaca4b2e8346166c3cdc0430ff16011d75950dac2e0e2de79227a842f8e7cb0cd3ffdd247f68946f4769a

    Download Submit

  • /data/data/com.makemytrip/no_backup/androidx.work.workdb-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.makemytrip/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    57e9361ad03e401a6aafbf09d3db9f05

    SHA1

    f061d9a366018fd93f34fa7edcc1d86251f88fc9

    SHA256

    fb014c9cf43d25e32f93ec71d172d2b5c6c1410df644c4b8193cc241727bd7da

    SHA512

    3909ccf48bcf7b860d7e224049aa9fcb9f778dbfd6e882813e5f33caf8ea216e02e7833f16adba988ee7cb4bb8ef8a850559b3d28ac2d70b0f908c3fb6497ed8

    Download Submit

  • /data/data/com.makemytrip/no_backup/androidx.work.workdb-wal
    Filesize

    108KB

    MD5

    cf20c397f87d62c8fbe7bf50a425f1b5

    SHA1

    4b8a48d5cc68d0ed2370e0ee1515fdf743060bf8

    SHA256

    57fb6d3604fb97850205da4a8a9dde4b76fd339789884c67348db597a819adae

    SHA512

    c4e7a6ef25f00e6e10ece33d0e204d34b2c1bde2b4a22183bdbeee63947ef8986504590f603a46575cc9f5b7921c3e07d73b4af51a8f34de5fee3bac207d17ae

    Download Submit