Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
2118536s -
max time network
93s -
platform
android_x64 -
resource
android-x64-20230621-en -
submitted
22/07/2023, 15:36
General
-
Target
0fd16e91ce30d696f7a875c51e8203a644fe4e8262901179f9ab0f5bfc3afd68.apk
-
Size
541KB
-
MD5
52bffc6ee57dc05127b0ff5fa0b271b2
-
SHA1
49529bfddbbafc73bfaf63d9e034dd339fbdaba6
-
SHA256
0fd16e91ce30d696f7a875c51e8203a644fe4e8262901179f9ab0f5bfc3afd68
-
SHA512
de7867b4ab6061cdee6d80eabf1aa5d08a552cf8ba0cca2703e9c57f92a21eaddb8b87a7d144ec73843d5c493f493ca5a1c8c4e2ece60d5ebce83b43406c0516
-
SSDEEP
12288:07t9/9bc8U/4AtkMfABsVP2vPDd53+mEb8dIgbni:C9/JLAtk9BoP2vrdR+n8dIUni
Malware Config
Extracted
octo
https://193.42.32.180/ZjU3NWNhYzE5Mzhm/
https://saldirmorukss222.net/ZjU3NWNhYzE5Mzhm/
https://saldirmorukss122.net/ZjU3NWNhYzE5Mzhm/
https://saldirmoruk4ss22.net/ZjU3NWNhYzE5Mzhm/
https://saldirmoruks6s22.net/ZjU3NWNhYzE5Mzhm/
https://saldirmoruk7ss22.net/ZjU3NWNhYzE5Mzhm/
https://saldirmoruks8s22.net/ZjU3NWNhYzE5Mzhm/
https://saldirmorukss2322.net/ZjU3NWNhYzE5Mzhm/
https://saldirmoruksas282.net/ZjU3NWNhYzE5Mzhm/
Signatures
-
Octo
Octo is a banking malware with remote access capabilities first seen in April 2022.
-
Octo payload 3 IoCs
-
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
-
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
Processes
-
com.mencompleteynjk1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
48B
MD5046a414913add6f5bb60072c7db819b6
SHA1451ee4f6809260aec622d772fd329c7d0297a842
SHA256b66c1320cb063a1d391c94273572ea6edae76c8c8b0a07f8d75c88686f0df72a
SHA5124e6355f3051ed5e811ab030abde1f5be7f5e1cf33be99cd08477e9b6c015deb1d8bd75a09fb9c7176b8511c5ad0a67abc0902a3531e97564ccb6afc57496a47c
-
Filesize
450KB
MD5aa9382ad99c8c400c9f57791e976cbae
SHA1cd35c2c6c78209c97fadef6328fc052b309c8754
SHA2561b5ac7b4de7de16a5cc8045209734b77aa82d3e19bf9cd808a4946bda40d7fb4
SHA512e218bcfa75573392301beb7dbf22e27468c0bc4fa5103a4be68a0887047b5aef65d2ac64bc5bbbbdccb865d797af597b6b2f51916ce64b37b7347d9e4c6150a3
-
Filesize
450KB
MD5aa9382ad99c8c400c9f57791e976cbae
SHA1cd35c2c6c78209c97fadef6328fc052b309c8754
SHA2561b5ac7b4de7de16a5cc8045209734b77aa82d3e19bf9cd808a4946bda40d7fb4
SHA512e218bcfa75573392301beb7dbf22e27468c0bc4fa5103a4be68a0887047b5aef65d2ac64bc5bbbbdccb865d797af597b6b2f51916ce64b37b7347d9e4c6150a3
-
Filesize
450KB
MD5aa9382ad99c8c400c9f57791e976cbae
SHA1cd35c2c6c78209c97fadef6328fc052b309c8754
SHA2561b5ac7b4de7de16a5cc8045209734b77aa82d3e19bf9cd808a4946bda40d7fb4
SHA512e218bcfa75573392301beb7dbf22e27468c0bc4fa5103a4be68a0887047b5aef65d2ac64bc5bbbbdccb865d797af597b6b2f51916ce64b37b7347d9e4c6150a3
-
Filesize
137B
MD58ba8c4112f31487f9f9ce071ffa4fef9
SHA1c136284c52462038e88c1cd7785510dfc938abdf
SHA2567ad9f9bbde4f43099444f9dbfb302217acb1af32bef9c56316f76643baaeb9ab
SHA51263797963bc21e66694053b9a40e84a9a07a792c81d1054f9a31227fb0476b2a3ee032aa2d0f54a8e0ba87ca5df33db6da0bfd3c19ea951d797c786bc26d845fe
-
Filesize
210B
MD5bda86cf577433d4642f67219203b23e9
SHA1ce70ce16d596c4741736c78093176b0da2550073
SHA256412791322ff151e84184ada475d60bba2f2a22c2c3b1b2c87df16348a9afcb64
SHA5128f109b57d870bd2ef5e9de6c9bda85c7c9eed0c3669cfffc49db5cb0896f6cc97ad61b40afc8959b75efd1c32200edb330662bc179043fae8030b394fa0e4b8e
-
Filesize
5KB
MD5bc9492d438a284f4f4d8b96eeb1dddda
SHA1d5c757b0b878402cede29ab80aefec2be8105a42
SHA256554898bfb3d4bea8613764609048f8c9430caae851951c93c1e2602e551ed599
SHA5128fea3da78c7c39d836000403db2ca8dccff8fce61321b35b572201895ecdf627c3ac8530ccc57fd9cf9c1edee3e4d70186e5fcf0ce289847dfa38b09e5cf9d96