Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
230908-dzpm2sgc54_pw_infected.zip
-
Size
3.1MB
-
Sample
230908-hq7vgshe94
-
MD5
a5a0cfd5d4cccf68644983bf794ad9be
-
SHA1
905d3efaeba91578e4c5ae9294a40a7aafcae4fd
-
SHA256
c3a68f5783001da938ec752fe34e9dca921f190bb65ed408a873e72be7d25236
-
SHA512
6c678a902a0a5a662dac0fd40fd28141c3ca32520410b6d09f55ef843408c136af0c820df04559f7c583392ba6e37ee9666476304072eccccb5110af71c4217f
-
SSDEEP
98304:W5zurV4M0MFU4wX9t4FIw0+mIEA8vma4YNW:W5zupDKNG1Kq
Static task
static1
Behavioral task
behavioral1
Sample
Lol.apk
Resource
android-x86-arm-20230831-en
Behavioral task
behavioral2
Sample
Lol.apk
Resource
android-x64-20230831-en
Behavioral task
behavioral3
Sample
Lol.apk
Resource
android-x64-arm64-20230831-en
Malware Config
Extracted
hook
http://193.233.196.2:3434
Extracted
hook
http://193.233.196.2:3434
Targets
-
-
Target
Lol.apk
-
Size
3.7MB
-
MD5
10f5a518febd8b0b08b7f69982bc0a7d
-
SHA1
77137ca4881b82a9baf3dea99e03ce92c89cc742
-
SHA256
238cdfbab88cbcb6b1a2379b2a18c993640c1f498c4cb0e9faef408331f41c0b
-
SHA512
52c557425b2eff4f244c2c34280118e913574c0b3a51bff966c4fb4538afdc1220ad6f94956098aeb53cee4984aeff30142f148f6e19c1a978af6d0e7801f918
-
SSDEEP
98304:z/Se3GAtk9/CYItyoKmFTwgzOOH2qWS9Rr:+e33tcPItTvFcg5W6b
Score10/10-
Hook
Hook is an Android malware that is based on Ermac with RAT capabilities.
-
Makes use of the framework's Accessibility service.
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Removes a system notification.
-
Uses Crypto APIs (Might try to encrypt user data).
-