Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

mobelejen.apk

android-9-x86

8

mobelejen.apk

android-10-x64

8

Resubmissions

18/01/2025, 17:43 UTC

250118-wamq9szrhk 10

Analysis

  • max time kernel
    899s
  • max time network
    866s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    18/01/2025, 17:43 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mobelejen.apk

  • Size

    549KB

  • MD5

    45be5a7857a4fa1c5eadd519e9402e8a

  • SHA1

    36feb0809c1853f9a1f6d587302691abd7ce90e9

  • SHA256

    7d59e24f4bdf28a846d21e2608796f7e91389c4778bec75369d7b05e3f8449a5

  • SHA512

    46c869051e0c97b68f4388b87caecd82bf7362110a34ebb28ddc5fcd6c8a0e339eeaafbfce54d22593e245457fae7ec4c36b49a8556d3327ba7f90a40dd96a73

  • SSDEEP

    12288:9cVS3EVqPlR6i0Ci3jM34D9zSxjRH6+O//n3tKpSsM+1HA+3De7:9OS3EW6i0C+M3SziN6+ONjstgYDe7

Score
8/10
collectionevasionimpactprivilege_escalationstealthtrojan

Malware Config

Signatures

Processes

  • com.elite
    1⤵
    • Removes its main activity from the application launcher
    • Reads the contacts stored on the device.
    • Tries to add a device administrator.
    PID:4203

Network

  • flag-us
    DNS
    semanticlocation-pa.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    semanticlocation-pa.googleapis.com
    IN A
    Response
    semanticlocation-pa.googleapis.com
    IN A
    142.250.187.202
    semanticlocation-pa.googleapis.com
    IN A
    142.250.187.234
    semanticlocation-pa.googleapis.com
    IN A
    172.217.16.234
    semanticlocation-pa.googleapis.com
    IN A
    142.250.178.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.200.42
    semanticlocation-pa.googleapis.com
    IN A
    216.58.204.74
    semanticlocation-pa.googleapis.com
    IN A
    142.250.179.234
    semanticlocation-pa.googleapis.com
    IN A
    216.58.213.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.200.10
    semanticlocation-pa.googleapis.com
    IN A
    172.217.169.10
    semanticlocation-pa.googleapis.com
    IN A
    216.58.212.202
    semanticlocation-pa.googleapis.com
    IN A
    216.58.212.234
    semanticlocation-pa.googleapis.com
    IN A
    142.250.180.10
    semanticlocation-pa.googleapis.com
    IN A
    172.217.169.74
    semanticlocation-pa.googleapis.com
    IN A
    216.58.201.106
    semanticlocation-pa.googleapis.com
    IN A
    172.217.169.42
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    172.217.16.238
  • flag-us
    DNS
    semanticlocation-pa.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    semanticlocation-pa.googleapis.com
    IN A
    Response
    semanticlocation-pa.googleapis.com
    IN A
    142.250.187.234
    semanticlocation-pa.googleapis.com
    IN A
    216.58.212.202
    semanticlocation-pa.googleapis.com
    IN A
    142.250.180.10
    semanticlocation-pa.googleapis.com
    IN A
    172.217.169.42
    semanticlocation-pa.googleapis.com
    IN A
    142.250.200.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.178.10
    semanticlocation-pa.googleapis.com
    IN A
    216.58.212.234
    semanticlocation-pa.googleapis.com
    IN A
    142.250.200.42
    semanticlocation-pa.googleapis.com
    IN A
    216.58.204.74
    semanticlocation-pa.googleapis.com
    IN A
    172.217.169.10
    semanticlocation-pa.googleapis.com
    IN A
    142.250.179.234
    semanticlocation-pa.googleapis.com
    IN A
    142.250.187.202
    semanticlocation-pa.googleapis.com
    IN A
    216.58.213.10
    semanticlocation-pa.googleapis.com
    IN A
    172.217.16.234
    semanticlocation-pa.googleapis.com
    IN A
    216.58.201.106
  • 216.58.204.78:443
    tls, https
    858 B
     40 B
     1
    1
  • 172.217.16.238:443
    android.apis.google.com
    tls
    8.7kB
     11.8kB
     26
    37
  • 142.250.179.234:443
    semanticlocation-pa.googleapis.com
    tls, https
    1.2kB
     40 B
     1
    1
  • 216.58.201.99:80
    520 B
     10
  • 142.250.178.4:443
    tls
    135 B
     40 B
     2
    1
  • 172.217.169.34:443
    tls
    135 B
     40 B
     2
    1
  • 142.250.179.234:443
    semanticlocation-pa.googleapis.com
    tls, https
    128 B
     40 B
     2
    1
  • 142.250.180.10:443
    semanticlocation-pa.googleapis.com
    tls, https
    128 B
     40 B
     2
    1
  • 142.250.179.234:443
    semanticlocation-pa.googleapis.com
    tls, https
    128 B
     40 B
     2
    1
  • 142.250.200.35:443
    tls
    135 B
     40 B
     2
    1
  • 172.217.169.14:443
    tls
    135 B
     40 B
     2
    1
  • 142.250.200.35:443
    tls
    135 B
     40 B
     2
    1
  • 172.217.169.14:443
    tls
    135 B
     40 B
     2
    1
  • 142.250.180.10:443
    semanticlocation-pa.googleapis.com
    tls, https
    128 B
     40 B
     2
    1
  • 142.250.200.35:443
    tls
    135 B
     40 B
     2
    1
  • 142.250.200.35:443
    tls
    135 B
     40 B
     2
    1
  • 142.250.179.234:443
    semanticlocation-pa.googleapis.com
    tls
    135 B
     40 B
     2
    1
  • 224.0.0.251:5353
    3.8kB
     12
  • 1.1.1.1:53
    semanticlocation-pa.googleapis.com
    dns
    80 B
     336 B
     1
    1

    DNS Request

    semanticlocation-pa.googleapis.com

    DNS Response

    142.250.187.202
    142.250.187.234
    172.217.16.234
    142.250.178.10
    142.250.200.42
    216.58.204.74
    142.250.179.234
    216.58.213.10
    142.250.200.10
    172.217.169.10
    216.58.212.202
    216.58.212.234
    142.250.180.10
    172.217.169.74
    216.58.201.106
    172.217.169.42

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    172.217.16.238

  • 1.1.1.1:53
    semanticlocation-pa.googleapis.com
    dns
    80 B
     320 B
     1
    1

    DNS Request

    semanticlocation-pa.googleapis.com

    DNS Response

    142.250.187.234
    216.58.212.202
    142.250.180.10
    172.217.169.42
    142.250.200.10
    142.250.178.10
    216.58.212.234
    142.250.200.42
    216.58.204.74
    172.217.169.10
    142.250.179.234
    142.250.187.202
    216.58.213.10
    172.217.16.234
    216.58.201.106

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.