Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3971b2bbb2ce0491104c0cd834f929bdc0aa4a612a8cd4edaf17b9b9cbf1b915.zip
-
Size
1.8MB
-
Sample
230110-3ew9tsdg4x
-
MD5
a9a021c4b5fd0c789617c348aa7fd757
-
SHA1
7bc99c385887517f5b4325feb6ee82338565ea21
-
SHA256
247b5d759f726ebaccddd64921d764603132e20d1c6986ca5bd1d43b7fc9b426
-
SHA512
3cf171265de18f3487a5d32465a2722503a05c69bb2166fd444b8f2052027a3faa658da2b22f81314bc85d4210c7b8bb0a0a1b913e2af209089f447208e79fb5
-
SSDEEP
49152:tfbIApwmpnZA5sDXAUNDGfyQQGCdb5E73nn0gE:tfUApZZA5uXjGlQGCd9enNE
Static task
static1
Behavioral task
behavioral1
Sample
3971b2bbb2ce0491104c0cd834f929bdc0aa4a612a8cd4edaf17b9b9cbf1b915.apk
Resource
android-x86-arm-20220823-en
Behavioral task
behavioral2
Sample
3971b2bbb2ce0491104c0cd834f929bdc0aa4a612a8cd4edaf17b9b9cbf1b915.apk
Resource
android-x64-20220823-en
Behavioral task
behavioral3
Sample
3971b2bbb2ce0491104c0cd834f929bdc0aa4a612a8cd4edaf17b9b9cbf1b915.apk
Resource
android-x64-arm64-20220823-en
Malware Config
Extracted
hydra
http://laurawright.top
Targets
-
-
Target
3971b2bbb2ce0491104c0cd834f929bdc0aa4a612a8cd4edaf17b9b9cbf1b915
-
Size
2.1MB
-
MD5
6224051522f494907ccf147546344789
-
SHA1
d348a6160285ab2b17bfa4ab12fb671bd5a62719
-
SHA256
3971b2bbb2ce0491104c0cd834f929bdc0aa4a612a8cd4edaf17b9b9cbf1b915
-
SHA512
04be2363b8e0264d57c6b637e05b14338f62066fa3260a926091f0749780b5c754249ad350c4d97a0a133b682591412f043fe69f8c015fedefc08284e14e4071
-
SSDEEP
49152:AU108yB0ekNWLBSONPBOIesOHaTLVTdhZ:Ai08yBuNWBgr5Har
Score10/10-
Hydra payload
-
Makes use of the framework's Accessibility service.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Reads information about phone network operator.
-