Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
WhatsApp_Plus_v17.36_waplus.me.apk
-
Size
55.8MB
-
Sample
230518-twdz5sbh5x
-
MD5
3a4722728047a5fc5cfdd256a87afaed
-
SHA1
d6522395171a42122d7d192d27d6fb3f1036c16a
-
SHA256
3b582123b9c508543394e2ba04a27126239111eb3b519d7d8a0ad88a21c434fe
-
SHA512
e7f896863631a78854cf61da832f7ba086d41213dace5a9e2f426e0bb41e9263bc99aabe85c05fe1b9f3c60de2f92e8d76ee6d77e640cefb3c5c90092b2bbbdd
-
SSDEEP
786432:fGY6XGQSZUyCHu5H6FYzjvPIHAx0gF6M60bucDPfQKZFzZ16mWWKbUjkrKraqQ:f5qYgCTzjI6rnNZFL6mWzoj9PQ
Static task
static1
Behavioral task
behavioral1
Sample
WhatsApp_Plus_v17.36_waplus.me.apk
Resource
android-x86-arm-20220823-en
Malware Config
Targets
-
-
Target
WhatsApp_Plus_v17.36_waplus.me.apk
-
Size
55.8MB
-
MD5
3a4722728047a5fc5cfdd256a87afaed
-
SHA1
d6522395171a42122d7d192d27d6fb3f1036c16a
-
SHA256
3b582123b9c508543394e2ba04a27126239111eb3b519d7d8a0ad88a21c434fe
-
SHA512
e7f896863631a78854cf61da832f7ba086d41213dace5a9e2f426e0bb41e9263bc99aabe85c05fe1b9f3c60de2f92e8d76ee6d77e640cefb3c5c90092b2bbbdd
-
SSDEEP
786432:fGY6XGQSZUyCHu5H6FYzjvPIHAx0gF6M60bucDPfQKZFzZ16mWWKbUjkrKraqQ:f5qYgCTzjI6rnNZFL6mWzoj9PQ
Score9/10-
Renames multiple (70) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Acquires the wake lock.
-
Reads information about phone network operator.
-
Removes a system notification.
-
Uses Crypto APIs (Might try to encrypt user data).
-