Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    WhatsApp_Plus_v17.36_waplus.me.apk

  • Size

    55.8MB

  • Sample

    230518-twdz5sbh5x

  • MD5

    3a4722728047a5fc5cfdd256a87afaed

  • SHA1

    d6522395171a42122d7d192d27d6fb3f1036c16a

  • SHA256

    3b582123b9c508543394e2ba04a27126239111eb3b519d7d8a0ad88a21c434fe

  • SHA512

    e7f896863631a78854cf61da832f7ba086d41213dace5a9e2f426e0bb41e9263bc99aabe85c05fe1b9f3c60de2f92e8d76ee6d77e640cefb3c5c90092b2bbbdd

  • SSDEEP

    786432:fGY6XGQSZUyCHu5H6FYzjvPIHAx0gF6M60bucDPfQKZFzZ16mWWKbUjkrKraqQ:f5qYgCTzjI6rnNZFL6mWzoj9PQ

Malware Config

Targets

    • Target

      WhatsApp_Plus_v17.36_waplus.me.apk

    • Size

      55.8MB

    • MD5

      3a4722728047a5fc5cfdd256a87afaed

    • SHA1

      d6522395171a42122d7d192d27d6fb3f1036c16a

    • SHA256

      3b582123b9c508543394e2ba04a27126239111eb3b519d7d8a0ad88a21c434fe

    • SHA512

      e7f896863631a78854cf61da832f7ba086d41213dace5a9e2f426e0bb41e9263bc99aabe85c05fe1b9f3c60de2f92e8d76ee6d77e640cefb3c5c90092b2bbbdd

    • SSDEEP

      786432:fGY6XGQSZUyCHu5H6FYzjvPIHAx0gF6M60bucDPfQKZFzZ16mWWKbUjkrKraqQ:f5qYgCTzjI6rnNZFL6mWzoj9PQ

    Score
    9/10
    • Renames multiple (70) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Acquires the wake lock.

    • Reads information about phone network operator.

    • Removes a system notification.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks