Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

brotato-v1...od.apk

android-9-x86

7

6fc6093352...c6.ps1

windows7-x64

1

6fc6093352...c6.ps1

windows10-2004-x64

1

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

tt_nd

ubuntu-18.04-amd64

vpaid_html...e.html

windows7-x64

1

vpaid_html...e.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    brotato-v1.3.188-mod.apk

  • Size

    130.2MB

  • Sample

    231011-m6h9aaac6y

  • MD5

    f0b1c85e47b1c3ef699a640d5e190a6e

  • SHA1

    96275c28d3d3e7703b34d6eb632becb82a1c9561

  • SHA256

    2fa5a5e28cf8526028d17376f114058dcc8c47bf7618695a515662001b5c5c08

  • SHA512

    79ad4c9c2d629ef18c95ee031c0d2868bfdc194a1bdc5dc1f1fe4a258f103f1536b0366abdbdfb9f10405ac3bcb55eb924f893fd7552a85205899de5b9c94830

  • SSDEEP

    3145728:VQC39RjbSxwHso6jgO8u/ejK0G66CXuLOJK05hNlJPhcOM9BNGCzrWbgdC5:RKwHq6u/mk8Y0rthO979C5

Score
7/10
androidevasionlinuxransomware

Malware Config

Targets

    • Target

      brotato-v1.3.188-mod.apk

    • Size

      130.2MB

    • MD5

      f0b1c85e47b1c3ef699a640d5e190a6e

    • SHA1

      96275c28d3d3e7703b34d6eb632becb82a1c9561

    • SHA256

      2fa5a5e28cf8526028d17376f114058dcc8c47bf7618695a515662001b5c5c08

    • SHA512

      79ad4c9c2d629ef18c95ee031c0d2868bfdc194a1bdc5dc1f1fe4a258f103f1536b0366abdbdfb9f10405ac3bcb55eb924f893fd7552a85205899de5b9c94830

    • SSDEEP

      3145728:VQC39RjbSxwHso6jgO8u/ejK0G66CXuLOJK05hNlJPhcOM9BNGCzrWbgdC5:RKwHq6u/mk8Y0rthO979C5

    Score
    7/10
    evasionransomware

    • Acquires the wake lock.

    • Checks Android system properties for emulator presence.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1

    • Target

      6fc6093352606f141b77290563659fc6.resource

    • Size

      445KB

    • MD5

      fb7b1bb90ff8ffb25e3778f0572cdabf

    • SHA1

      32f6171ac7b64f51e4666fa97e4949281ba8b162

    • SHA256

      e289be24c4ade869536873c4a8d081c8f9e5ea7e82edda113fdb02919f5c1ead

    • SHA512

      cc9b0ed9f493f8a467501ca7cbc8779283376260486346a15235c8add07323f1d816800857e17722b5c9c7477abeb1c97ce9c9276f13280a22fd3f092744d8db

    • SSDEEP

      6144:uwzp8vTMziEwO1jE2nP0WlmLvfR7JMqUWqGjkvs1squ+h/pI0qsNfN:ny7My2nP0WWvJlMtiasuqP9Ku

    Score
    1/10
    behavioral2behavioral3

    • Target

      fyb_iframe_endcard_tmpl.html

    • Size

      520B

    • MD5

      7844cba73b7b4b439b587dd501e92d82

    • SHA1

      25a452bc6886d0e05d4a73da785021fd4c477a04

    • SHA256

      e042e304cecd19bb6816de0150d3895e2717e66dda91f7e189610687c049dae6

    • SHA512

      f54c2d7c0b265aa7c6feb18b8fb6740e01c9e3aeb19bf420d39832737fa59eed8fb959c8aa8a99c0efc87ca3399a244a918f0b4e90b0ee831a87e8afefdf2711

    Score
    1/10
    behavioral4behavioral5

    • Target

      fyb_static_endcard_tmpl.html

    • Size

      3KB

    • MD5

      d18fb1787ce0e84567496b8564e452aa

    • SHA1

      007033d0824685600611af6992060577e127dd23

    • SHA256

      2ae5e0576febb1a1cd63b10bf71644f99fcfd0fe7fb1f2d19525594165294e51

    • SHA512

      ba5225a80941e3ee4ff18401b910968a6cab47634914ecb68213599b96fd4b39c8722e82bf2883faf355d9416a6f2acaa36151a5d8969079cfcd4c6795f6003b

    Score
    1/10
    behavioral6behavioral7

    • Target

      tt_nd

    • Size

      5KB

    • MD5

      cfb58d5a778a4da98783db9388bacfc5

    • SHA1

      4e826b8e65f7a81ee0c30836f132632054f338e7

    • SHA256

      64f11eb5134f29bcff547988289baff229b05faf93adac63d3a3bfe97c7f810a

    • SHA512

      1cac2288c9d222dbd195e3b929aebb887e5ff8d13c46675bcc879c762d09311b97a1e331389df520165cb994f1717ee5debf1a97a7563c474130943d5cd4267c

    • SSDEEP

      96:PWuzrX8H2mrqoAuRJff9SgbhWFllXU+9z:PlrXWRJ9Sgbh0l5

    Score
    1/10
    behavioral8

    • Target

      vpaid_html_template.html

    • Size

      16KB

    • MD5

      e276e92e96646fdac5a1988074f33954

    • SHA1

      1a7aa338deba5f148ea18666ec1ec4fbf5ea148e

    • SHA256

      4b8fd03cf268f9cd2f7432e13e8a7862760f7a6ed10bbf96dcc8232d2d382b42

    • SHA512

      8425f53afde718047c310fc74a8d3924ce47f61f33fbb99d52147364244b9252b87ce1ebaac80db9d27151d0969537737c042e0f615e354bf2edaac6b13ce065

    • SSDEEP

      192:mrLYJFkVvGFQshArPtP842+Lw1wOEeR6kad8bWXSrJEBOn8TsjNC4ck8aanlDTt2:8U42Fn9qW4+EQNuSXIlodoG

    Score
    1/10
    behavioral10behavioral9

MITRE ATT&CK Enterprise v15

Tasks