Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

Chrome (2).apk

android-9-x86

10

Chrome (2).apk

android-10-x64

10

libirdevice.so

ubuntu-18.04-amd64

libirdevice.so

debian-9-armhf

libirdevice.so

debian-9-mips

libirdevice.so

debian-9-mipsel

libmibraindec.so

ubuntu-18.04-amd64

libmibraindec.so

debian-9-armhf

libmibraindec.so

debian-9-mips

libmibraindec.so

debian-9-mipsel

libmibrainjni.so

ubuntu-18.04-amd64

libmibrainjni.so

debian-9-armhf

libmibrainjni.so

debian-9-mips

libmibrainjni.so

debian-9-mipsel

libmiir.so

ubuntu-18.04-amd64

libmiir.so

debian-9-armhf

libmiir.so

debian-9-mips

libmiir.so

debian-9-mipsel

libphotocli.so

ubuntu-18.04-amd64

libphotocli.so

debian-9-armhf

libphotocli.so

debian-9-mips

libphotocli.so

debian-9-mipsel

libtruss2.so

ubuntu-18.04-amd64

libtruss2.so

debian-9-armhf

libtruss2.so

debian-9-mips

libtruss2.so

debian-9-mipsel

Analysis

  • max time kernel
    1037647s
  • max time network
    21s
  • platform
    android_x64
  • resource
    android-x64-20230621-en
  • submitted
    10/07/2023, 03:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Chrome (2).apk

  • Size

    1.8MB

  • MD5

    d518f6bd8834393054530e2b69fdc060

  • SHA1

    0b047a8b8afeb7e4954a73a3f06b11c3c8dda74e

  • SHA256

    2111701e2fb47adaba6d594319ceab8c7572d82cbc11c70a8378835d19e7718b

  • SHA512

    91536f430431d99c5d53224cb3a07e95fe83fade639e9c39e778cdc0783a2a2bc7c19eb4295edf090ef2aac503412b8268f84bba6b0822974660314798be233e

  • SSDEEP

    49152:ytcjXkmHYo9eUnRO+Jb88wOJwFdKSujBOU3vwfS:ytc4mHYo/bd81ELSMBOGP

Score
10/10
octobankerinfostealerransomwarerattrojan

Malware Config

Extracted

Family

octo

C2

https://grpweufnh734bfr3.online/N2Y5ZmU3OTI5ZDky/

https://poewjehfbwery47fr.top/N2Y5ZmU3OTI5ZDky/

https://fcercvv7erwcvnrew.site/N2Y5ZmU3OTI5ZDky/

https://wevmuty56gbfdg.xyz/N2Y5ZmU3OTI5ZDky/
AES_key

Signatures

  • Octo

    Octo is a banking malware with remote access capabilities first seen in April 2022.

    bankertrojaninfostealerratocto
  • Octo payload 3 IoCs
  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.lotfrontt
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4847

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.lotfrontt/app_DynamicOptDex/as.json
    Filesize

    2KB

    MD5

    1991a2df4dd6c0d870a335a62f5f0098

    SHA1

    9133efc2e6c361b971b96ebfe596d86e53b67dbe

    SHA256

    a124f92cd65e1fd47e603d5affdf453343a7331fd582aaa62c89d5989b500b0d

    SHA512

    e6f5b4e4c90221a26698d8fb1919b7b73b69fd1c4e481cb86d60ca3d73dca03b0cfa6327ab7e3a496a0b8f88b47558a19ff44c01b2805bf9e154f11c7271110d

    Download Submit

  • /data/user/0/com.lotfrontt/app_DynamicOptDex/as.json
    Filesize

    6KB

    MD5

    6d20583e8ff01fafd598c57fdeb5630c

    SHA1

    036bff4f53a3349cf923ea07f60dece949a571cb

    SHA256

    2d06139a25e51dcaf80b2b4ea6a82a703977d554e48558ceeb8ca4e0472af738

    SHA512

    f61b9b0fa1922f2662bb47ed0f6c0c2dc83c74dea744ddf082c986fd873c45c6c96be131c0b9eead78f1bda3e5e9a8f296341b36d805bd45e9c9d3949207545a

    Download Submit

  • /data/user/0/com.lotfrontt/cache/xzhourgpnluqbd
    Filesize

    448KB

    MD5

    c37b5f3f70dcc64cae744ac5c51c73f3

    SHA1

    1e632b0f0314ffeea00c71229689154e3dffdc8c

    SHA256

    21caa5e8a64e7e6d5e5355db951ec135a1701dd827a3e3b9a48f89da467e8579

    SHA512

    5d478334f13674fd0e2442656b32ab549d509c2eaf5619baf6265c6d4133fb001935c140ec8425a5caa0238e787b780f87dae2a53bccf0e88ff96c7ac1ab7f65

    Download Submit

  • /data/user/0/com.lotfrontt/cache/xzhourgpnluqbd
    Filesize

    448KB

    MD5

    c37b5f3f70dcc64cae744ac5c51c73f3

    SHA1

    1e632b0f0314ffeea00c71229689154e3dffdc8c

    SHA256

    21caa5e8a64e7e6d5e5355db951ec135a1701dd827a3e3b9a48f89da467e8579

    SHA512

    5d478334f13674fd0e2442656b32ab549d509c2eaf5619baf6265c6d4133fb001935c140ec8425a5caa0238e787b780f87dae2a53bccf0e88ff96c7ac1ab7f65

    Download Submit

  • /data/user/0/com.lotfrontt/cache/xzhourgpnluqbd
    Filesize

    448KB

    MD5

    c37b5f3f70dcc64cae744ac5c51c73f3

    SHA1

    1e632b0f0314ffeea00c71229689154e3dffdc8c

    SHA256

    21caa5e8a64e7e6d5e5355db951ec135a1701dd827a3e3b9a48f89da467e8579

    SHA512

    5d478334f13674fd0e2442656b32ab549d509c2eaf5619baf6265c6d4133fb001935c140ec8425a5caa0238e787b780f87dae2a53bccf0e88ff96c7ac1ab7f65

    Download Submit

  • /data/user/0/com.lotfrontt/shared_prefs/main.xml
    Filesize

    131B

    MD5

    6187424d8472e95432406f578a60fe9d

    SHA1

    175cf0043f8cb76f31f0568e2be8490b6c5af097

    SHA256

    f437f0d97387b3990865e41068fbc0f0f89f9048079604e0b98eff128eb27442

    SHA512

    3ccb84948e40fb8be21fdd8e23028ad722990d6555c05927b676d3d9fad5ccc2ebca8a485169e033f975ba341a3c673f8ba5f915de1ee91eedaef0b9acf70d41

    Download Submit

  • /data/user/0/com.lotfrontt/shared_prefs/main.xml
    Filesize

    5KB

    MD5

    f30c28d47677c9f50f9f62c3830fcbc6

    SHA1

    31dc6cb346a6f5a2049d7ed0c3ee8dfee2378aec

    SHA256

    8e51e97a2b091708db64361711e453d4ce7a1bf590ec3d24485c33200c881a93

    SHA512

    30c88afdc37cf1b6030424ff364adbd1c77f88dbc326214b8635e7e4100b842b21277a29778603a143e79186f0538389bf0ee0dab3f74110a86c5144e74e12dc

    Download Submit