Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

6

275e493612...c0.apk

android-9-x86

10

275e493612...c0.apk

android-13-x64

7

Analysis

  • max time kernel
    5s
  • max time network
    155s
  • platform
    android-13_x64
  • resource
    android-33-x64-arm64-20240910-en
  • resource tags

    arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
  • submitted
    11/01/2025, 22:07 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    275e49361237833cdec20921929fe0cf9f76552d77d8fae601cfd29d2d2532c0.apk

  • Size

    3.2MB

  • MD5

    bf2a2f3b770a9981c697f26cd0870f2a

  • SHA1

    67a65c7fe1eb75495a63dd2bcda8f8795f9e6c8d

  • SHA256

    275e49361237833cdec20921929fe0cf9f76552d77d8fae601cfd29d2d2532c0

  • SHA512

    fc25a59b347ab42e97c977159644f49780aa1127b5278298c44988694b177caa2611bd86a00e8ac851765b9ee1a502141c9aaa5c20668b791d0fb8f5baba829c

  • SSDEEP

    49152:O+NcRCY35qK6xWOKzR4gu0xNV7yGE4ZTYb3XCXsyT9hTtjoTdx6Gg7Li:BNcQY35qKksegP7pVYb3XCXLJn83g7Li

Score
7/10
evasionimpact

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.wantbook61
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4505

Network

  • flag-us
    DNS
    rcs-acs-tmo-us.jibe.google.com
    Remote address:
    1.1.1.1:53
    Request
    rcs-acs-tmo-us.jibe.google.com
    IN A
    Response
    rcs-acs-tmo-us.jibe.google.com
    IN A
    216.239.36.155
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    216.58.212.238
  • flag-us
    DNS
    remoteprovisioning.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    remoteprovisioning.googleapis.com
    IN A
    Response
    remoteprovisioning.googleapis.com
    IN A
    142.250.200.42
    remoteprovisioning.googleapis.com
    IN A
    142.250.200.10
    remoteprovisioning.googleapis.com
    IN A
    216.58.201.106
    remoteprovisioning.googleapis.com
    IN A
    216.58.204.74
    remoteprovisioning.googleapis.com
    IN A
    216.58.213.10
    remoteprovisioning.googleapis.com
    IN A
    172.217.169.10
    remoteprovisioning.googleapis.com
    IN A
    216.58.212.202
    remoteprovisioning.googleapis.com
    IN A
    216.58.212.234
    remoteprovisioning.googleapis.com
    IN A
    172.217.169.42
    remoteprovisioning.googleapis.com
    IN A
    172.217.169.74
    remoteprovisioning.googleapis.com
    IN A
    142.250.179.234
    remoteprovisioning.googleapis.com
    IN A
    142.250.180.10
    remoteprovisioning.googleapis.com
    IN A
    142.250.187.202
    remoteprovisioning.googleapis.com
    IN A
    142.250.187.234
    remoteprovisioning.googleapis.com
    IN A
    172.217.16.234
    remoteprovisioning.googleapis.com
    IN A
    142.250.178.10
  • flag-us
    DNS
    www.google.com
    Remote address:
    1.1.1.1:53
    Request
    www.google.com
    IN A
    Response
    www.google.com
    IN A
    142.250.187.196
  • flag-us
    DNS
    www.google.com
    Remote address:
    1.1.1.1:53
    Request
    www.google.com
    IN A
    Response
    www.google.com
    IN A
    172.217.169.4
  • 216.239.36.155:443
    rcs-acs-tmo-us.jibe.google.com
    tls
    1.5kB
     6.8kB
     12
    12
  • 216.58.212.238:443
    android.apis.google.com
    tls
    4.1kB
     7.9kB
     27
    24
  • 142.250.200.42:443
    remoteprovisioning.googleapis.com
    tls
    3.6kB
     13.5kB
     17
    16
  • 216.58.212.228:443
    www.google.com
    tls
    1.1kB
     5.6kB
     11
    8
  • 216.58.212.228:443
    www.google.com
    tls
    2.5kB
     8.3kB
     21
    18
  • 172.217.169.4:443
    www.google.com
    tls
    1.1kB
     4.7kB
     9
    8
  • 142.250.187.198:80
    312 B
     6
  • 142.250.179.226:443
    tls
    135 B
     40 B
     2
    1
  • 142.250.179.226:443
    tls
    135 B
     40 B
     2
    1
  • 142.250.179.226:443
    tls
    135 B
     40 B
     2
    1
  • 142.250.187.198:443
    tls
    135 B
     40 B
     2
    1
  • 172.217.169.66:443
    tls
    135 B
     40 B
     2
    1
  • 172.217.169.74:443
    remoteprovisioning.googleapis.com
    tls, https
    128 B
     40 B
     2
    1
  • 216.58.212.193:443
    tls
    135 B
     40 B
     2
    1
  • 216.58.212.193:443
    tls
    135 B
     40 B
     2
    1
  • 216.58.212.193:443
    tls
    135 B
     40 B
     2
    1
  • 216.58.212.193:443
    tls
    135 B
     40 B
     2
    1
  • 216.58.212.193:443
    tls
    135 B
     40 B
     2
    1
  • 216.58.212.193:443
    tls
    135 B
     40 B
     2
    1
  • 142.250.187.234:443
    remoteprovisioning.googleapis.com
    tls, https
    128 B
     40 B
     2
    1
  • 172.217.169.74:443
    remoteprovisioning.googleapis.com
    tls, https
    128 B
     40 B
     2
    1
  • 224.0.0.251:5353
    3.7kB
     11
  • 1.1.1.1:53
    rcs-acs-tmo-us.jibe.google.com
    dns
    76 B
     92 B
     1
    1

    DNS Request

    rcs-acs-tmo-us.jibe.google.com

    DNS Response

    216.239.36.155

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    216.58.212.238

  • 1.1.1.1:53
    remoteprovisioning.googleapis.com
    dns
    79 B
     335 B
     1
    1

    DNS Request

    remoteprovisioning.googleapis.com

    DNS Response

    142.250.200.42
    142.250.200.10
    216.58.201.106
    216.58.204.74
    216.58.213.10
    172.217.169.10
    216.58.212.202
    216.58.212.234
    172.217.169.42
    172.217.169.74
    142.250.179.234
    142.250.180.10
    142.250.187.202
    142.250.187.234
    172.217.16.234
    142.250.178.10

  • 216.58.212.238:443
    android.apis.google.com
    https
    2.9kB
     6.3kB
     5
    7
  • 1.1.1.1:53
    www.google.com
    dns
    60 B
     76 B
     1
    1

    DNS Request

    www.google.com

    DNS Response

    142.250.187.196

  • 142.250.187.196:443
    www.google.com
    https
    3.4kB
     8.3kB
     11
    11
  • 1.1.1.1:53
    www.google.com
    dns
    60 B
     76 B
     1
    1

    DNS Request

    www.google.com

    DNS Response

    172.217.169.4

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.wantbook61/app_ded/bMdd83dBTJZkJLo3Qmq5gv0mEF1XorOz.dex
    Filesize

    3KB

    MD5

    d9590dee477c8a3176d9192c534a27e1

    SHA1

    4f60dc5a697d4b7e9c1961c41adf7a57d1383f08

    SHA256

    feea1704a54966b6c60be61185bd0dac9d5d3a243d55abb8f10d80598a63f5fd

    SHA512

    1c545ed4ff50df66c168748240b1b9fe5ed3a94fc7abdd3d6137737502c5135539bc8fc0a27b8a29de6832c5987212ec0222f81ef33b2fdf8ecb273c49bea20f

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.