Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
PhotomathPlusv8250ModVict.apk
-
Size
14.9MB
-
Sample
230630-swqhhadf68
-
MD5
213e804b3bff22d1d2cca1ad430fb2f3
-
SHA1
c3dc4a3eec30fd5e41207b7ecae5289dd085c33d
-
SHA256
319589df208900a9556dab9378bc8ab9874f1f2f9a22dc5ab9c6168315aa72fc
-
SHA512
f48484cf9556295cf4aae6952c0e9972f4df97077460d18d72ba46a4dea24f30dec91e1eb67712c48575e3795a79e2b5b2ee16c93f227115b1e7a1654a02c6f0
-
SSDEEP
196608:UbF5+Py5KRcGUYS6aeRKZwchQFtRA+UK7xrqKn7Ne9tMOobdLrfH6l1d7abN9P0z:8F2MC7kucEfA+HrqESthotS8fClD
Static task
static1
Behavioral task
behavioral1
Sample
PhotomathPlusv8250ModVict.apk
Resource
android-x86-arm-20230621-en
Behavioral task
behavioral2
Sample
PhotomathPlusv8250ModVict.apk
Resource
android-x64-20230621-en
Malware Config
Targets
-
-
Target
PhotomathPlusv8250ModVict.apk
-
Size
14.9MB
-
MD5
213e804b3bff22d1d2cca1ad430fb2f3
-
SHA1
c3dc4a3eec30fd5e41207b7ecae5289dd085c33d
-
SHA256
319589df208900a9556dab9378bc8ab9874f1f2f9a22dc5ab9c6168315aa72fc
-
SHA512
f48484cf9556295cf4aae6952c0e9972f4df97077460d18d72ba46a4dea24f30dec91e1eb67712c48575e3795a79e2b5b2ee16c93f227115b1e7a1654a02c6f0
-
SSDEEP
196608:UbF5+Py5KRcGUYS6aeRKZwchQFtRA+UK7xrqKn7Ne9tMOobdLrfH6l1d7abN9P0z:8F2MC7kucEfA+HrqESthotS8fClD
Score9/10-
Renames multiple (248) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Renames multiple (68) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Acquires the wake lock.
-
Reads information about phone network operator.
-