Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
143s -
max time network
155s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
07/01/2025, 02:07
Behavioral task
behavioral1
Sample
20a567a487c0f14bef235ee94c363bcdffc79dce6b82e3ed73e0455d2dc51a23.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
20a567a487c0f14bef235ee94c363bcdffc79dce6b82e3ed73e0455d2dc51a23.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
20a567a487c0f14bef235ee94c363bcdffc79dce6b82e3ed73e0455d2dc51a23.apk
-
Size
2.9MB
-
MD5
cfc62e2d95de52f92299675c70ddc9fc
-
SHA1
d07d2a50b5cc4dd449825b497cec45b3c0c80908
-
SHA256
20a567a487c0f14bef235ee94c363bcdffc79dce6b82e3ed73e0455d2dc51a23
-
SHA512
6a0185e9d4bba7bfe77de6fb2f951d454f89c34a615bcad05a9b297544c2eb071532df7d7eb9d307a65355b8c7c42f148c4f07bd98654fd4569423210b1a7dca
-
SSDEEP
49152:jDxlyUV5Py/PYyg9Kqy6pIBlFROvqYDoQHwuA1UA7vb3+ez9TJVp8gKSlbc:CUV5aNpLyvqYDoQHwXvbuez9l8gKuc
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.tencent.mobileqq -
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.tencent.mobileqq -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.tencent.mobileqq -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground com.tencent.mobileqq -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.tencent.mobileqq -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.tencent.mobileqq -
Reads information about phone network operator. 1 TTPs
-
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
description ioc Process Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS com.tencent.mobileqq
Processes
-
com.tencent.mobileqq1⤵
- Queries information about running processes on the device
- Requests cell location
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Requests disabling of battery optimizations (often used to enable hiding in the background).
PID:4519
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Foreground Persistence
1Hide Artifacts
1User Evasion
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
40KB
MD51cf3f63c021d755a21623e6d0e86dbc6
SHA1e40e0f1faa61abcca7ba3394c54c92ff7334b49b
SHA256100c67650ba652d547d8a1128edc550a8e95541a1d9268a199d1b924294d0895
SHA51238d72e14f3513ffd26989cbda3df46ed3dd6e731bdfae56440eff6b64760cc13f91014281c9add61e018fe3529e49c63a6892ca22479515816c768b546244466
-
Filesize
512B
MD50180e45dd72c3b695a8e2c111eab28df
SHA1127ab7878cd87617e83d79258ba4d88a5f68c90d
SHA256ba9dea5e955fa5de808d1debec9661e27ad33a5826032a6bcec4093d86f75a23
SHA51235bf72dcbe76edee25d4c60d4ff0e3e47763f341bf76f3137cde0080ff4cb57f1ab47a010cc2603306de956b32e58ee0f65c35ad00f92f2b1bb9e3cd546f0794
-
Filesize
8KB
MD57300282e5b92bc04ca873816d3481662
SHA11c24353d454f580379ba5b26a1d18fb7a1c6c6d7
SHA256a0cbd7681b3d2dee2d9e598b0f23dd54e3d00acf93abb301eb1f7774bc5d201a
SHA512d57243d3618a7a47d0c247e11db8ca78b0dc534ce16830d973b7b42d6c0cd7a99c065e0d7a20165ba21451f9974ea9ab14cbcc0d35a5fe6bc6eb529bf2455626
-
Filesize
8KB
MD58c36ecf0b5f7673fb2701293b02c10d9
SHA14500c793b0852e896f90b3efdf2b40bf06384efb
SHA2562b86cd4feba09cfbeaf26b87e249a5f9b4c8e86801c25a254c93e82d08e4fd79
SHA51286c8fbab58dac2c46e3d2993b455e4c38cdbe4aaf61dc20e4097fed2c1c757366f36f664fa95059a48e65bd2b9bc5660f4c49028e9bb9cc44a1cfb8e3fb3c5c6
-
Filesize
114B
MD5551aab6eb91a05acdd77861732bdf60c
SHA10bdb10270e93bd66c7239b92faa0b24d23099257
SHA256bd4b260f44e08d464039f89bcc77d041393e46edd1484d94a4e6160ff6780d63
SHA51219be9efb077fe2664b70b6d0ebb96ca4126131d46b78be74a178265555efb0134ab5ce64e92df939092f756a3d9dd8356a38e0516e99e979582e665f2587269c
-
Filesize
90B
MD5856e65db37dae1d519bf2ec3af2db4e9
SHA1c981a281b5b4f99b4dd19fa8a82defe8c67f259e
SHA25618634e8e91660a1db3f0b31aca14213669ff7351983ae7816e3285e3871c93f5
SHA512253a0207d790ee4ef0cda4fca5e98fbec6379e6864a84fae6fffd42e60fd1068be7bf3ad459895451333ec971a56b414621b7058ca8e9a60c1f16123c9f4422c