Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Facebook Lite_361.0.0.12.5_Apkpure.apk

  • Size

    2.2MB

  • Sample

    230629-hn5mcacc32

  • MD5

    27c82e2f445871eeec618357e139dcf5

  • SHA1

    eb836554cc40f1e1d344d4287d96e213a276c415

  • SHA256

    cfaba4561c09924694308b4e2bc8382006e2f64d6e25a134a2d7457cc3a1cac9

  • SHA512

    f13401a50b587ba506e3a7a0af71c8c21ff3fdf174a465c866ca93a18f3c0dbbe5b9ed51d167eaee729f6c5b83b658c133155d1f8b8c2168a0ec31d73ea0f0c8

  • SSDEEP

    49152:7Y7oS29DER0q6684LBXpP+YGnnZTUrqlZln7Xe1vqhVUBwT0JZ7KDr:7jD/FJ+wV2rqlLeq3nw7KDr

Malware Config

Targets

    • Target

      Facebook Lite_361.0.0.12.5_Apkpure.apk

    • Size

      2.2MB

    • MD5

      27c82e2f445871eeec618357e139dcf5

    • SHA1

      eb836554cc40f1e1d344d4287d96e213a276c415

    • SHA256

      cfaba4561c09924694308b4e2bc8382006e2f64d6e25a134a2d7457cc3a1cac9

    • SHA512

      f13401a50b587ba506e3a7a0af71c8c21ff3fdf174a465c866ca93a18f3c0dbbe5b9ed51d167eaee729f6c5b83b658c133155d1f8b8c2168a0ec31d73ea0f0c8

    • SSDEEP

      49152:7Y7oS29DER0q6684LBXpP+YGnnZTUrqlZln7Xe1vqhVUBwT0JZ7KDr:7jD/FJ+wV2rqlLeq3nw7KDr

    Score
    9/10
    • Renames multiple (52) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks