Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

chrome-upd13111.apk

android-10-x64

10

Resubmissions

03/05/2023, 10:24

230503-mfvjmaec56 10

17/03/2023, 07:38

230317-jgfv3sgh7x 10

Analysis

  • max time kernel
    3777369s
  • max time network
    85s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • submitted
    03/05/2023, 10:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    chrome-upd13111.apk

  • Size

    541KB

  • MD5

    a9b1a776b600baff0832bf897c1a811d

  • SHA1

    283e8e6d16caf9b9e4fb93644e3207a1c436735f

  • SHA256

    57031f6fae595c9cbf89d9c9ae77fd4ccdb1cee766d8afaea9625efa58910fd1

  • SHA512

    3d7a58582ecf58afa50b85f443f30328ee6fa1d441a5efab43346a922557274209a9b0ca087c07af0b4495f41ef2b3ecb1dd0843518d092cdcc18b07b1f2e3ce

  • SSDEEP

    12288:GjSJnCtrt7YhSGyMZM/WH9iy94/oVHRjE8bztEqe7pudc9wjN:DnG/awWH/bVe8bz+qecc9wJ

Score
10/10
octobankerinfostealerransomwarerattrojan

Malware Config

Extracted

Family

octo

C2

https://countnatbt.site/YWRhZjAxNGM1YjFh/

https://mix3etbt.website/YWRhZjAxNGM1YjFh/

https://btcountates.fun/YWRhZjAxNGM1YjFh/

https://3countbt.pw/YWRhZjAxNGM1YjFh/

https://vat-app.su/YWRhZjAxNGM1YjFh/

https://alleggro.pw/YWRhZjAxNGM1YjFh/
AES_key

Signatures

  • Octo

    Octo is a banking malware with remote access capabilities first seen in April 2022.

    bankertrojaninfostealerratocto
  • Octo payload 3 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.amongrestuv
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4707

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.amongrestuv/cache/qnqmyysldobxfxp
    Filesize

    448KB

    MD5

    7301601b80f1eb5e627e0dd665a1133b

    SHA1

    7beb4a9e85d728531e6931fbd49f7cc1562102a0

    SHA256

    e5d85ddf1caf74c78447f42998e050b291c7bd1326bdf696cf0e41b3d015c9e9

    SHA512

    9cb975f387b218b934e67abedc332a1266111660cf8431154ecb225fe6d61402f0213d34c87b1085929beccccf7abace618b91e5a2ca7a7a804ee82eb5761dc7

    Download Submit

  • /data/user/0/com.amongrestuv/cache/qnqmyysldobxfxp
    Filesize

    448KB

    MD5

    7301601b80f1eb5e627e0dd665a1133b

    SHA1

    7beb4a9e85d728531e6931fbd49f7cc1562102a0

    SHA256

    e5d85ddf1caf74c78447f42998e050b291c7bd1326bdf696cf0e41b3d015c9e9

    SHA512

    9cb975f387b218b934e67abedc332a1266111660cf8431154ecb225fe6d61402f0213d34c87b1085929beccccf7abace618b91e5a2ca7a7a804ee82eb5761dc7

    Download Submit

  • /data/user/0/com.amongrestuv/cache/qnqmyysldobxfxp
    Filesize

    448KB

    MD5

    7301601b80f1eb5e627e0dd665a1133b

    SHA1

    7beb4a9e85d728531e6931fbd49f7cc1562102a0

    SHA256

    e5d85ddf1caf74c78447f42998e050b291c7bd1326bdf696cf0e41b3d015c9e9

    SHA512

    9cb975f387b218b934e67abedc332a1266111660cf8431154ecb225fe6d61402f0213d34c87b1085929beccccf7abace618b91e5a2ca7a7a804ee82eb5761dc7

    Download Submit

  • /data/user/0/com.amongrestuv/shared_prefs/main.xml
    Filesize

    133B

    MD5

    548b670f6d33c340e0f841bd9554fedd

    SHA1

    23c2fcab6da21a03a6884a8db1fbda44dedb0e65

    SHA256

    367794fb22730c3925502e8968b17f5384c40795b69b9057dab41d97ef70d221

    SHA512

    7ce80d8623fd4efd7b50b653b34eddb6af9c17373cbee710954240c75607ab9ff0f3382e0fd6c8fb718bf1e38090585133c0f5c8af672f4c229d22d0adaec732

    Download Submit

  • /data/user/0/com.amongrestuv/shared_prefs/main.xml
    Filesize

    5KB

    MD5

    cffbdd9f6379462f97c979fa252c0891

    SHA1

    12c8b662bbf373c5d6b8215d7e60e530efc6010e

    SHA256

    e2793197b23eb3ddeda7da581cff30f19d80748e9ba87613511c16280a8ea16a

    SHA512

    6d3ac1eb44b6aba0d5e3f4d30ab8c57e6e479fb55d2930497884db6a255f576850b219d019d44c0e60b772327b6c33513c9bdb7b246ff65f861420b9d2513622

    Download Submit