Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
4178408s -
max time network
162s -
platform
android_x64 -
resource
android-x64-arm64-20231023-en -
resource tags
-
submitted
22/11/2023, 22:00
General
-
Target
2731ce15164f3117338ffaa0a5656c987449bca56f213db32b6269e20d133fd4.apk
-
Size
1.7MB
-
MD5
99d7ba11670f792959351c899afad97a
-
SHA1
277dd9436d9f85ad2bde242768bf45b38f80a8f4
-
SHA256
2731ce15164f3117338ffaa0a5656c987449bca56f213db32b6269e20d133fd4
-
SHA512
d65304503cf803ab570423db5366a06183e73efd7db2e577a4a4b9dc7b8459220c5934aa86e2330bca36a961682598db772a761a89b442254db55258591f6008
-
SSDEEP
24576:6o/JQZLFq/V4/S5c+gxMk07CSXl28R1tdJntPCEBMXiUbwaN7MTMSgXqysTEy3ET:t/J/IzAhw4FjQXwRAhqysTXvLDe
Malware Config
Extracted
cerberus
http://188.120.236.119/
Signatures
-
Cerberus
An Android banker that is being rented to actors beginning in 2019.
-
Makes use of the framework's Accessibility service. 3 IoCs
-
Removes its main activity from the application launcher 2 IoCs
-
Loads dropped Dex/Jar 6 IoCs
Runs executable file dropped to the device during analysis.
-
Requests dangerous framework permissions 1 IoCs
-
Tries to add a device administrator. 1 IoCs
-
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
-
Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
Processes
-
com.garage.electric1⤵
- Makes use of the framework's Accessibility service.
- Removes its main activity from the application launcher
- Loads dropped Dex/Jar
- Tries to add a device administrator.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Listens for changes in the sensor environment (might be used to detect emulation).
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
MD59671b4e0e35a3d48535dcb8810bddff3
SHA1a7858ee20f254629f723a91105591709a81db882
SHA256d7960df23591785eafe9e1e6226869adf4973e4b579c15597f5cd1713d15cbe3
SHA5126c8c54909e69efd4f65c29798d8f44ff2941ad434d25c26c4afa326cbbccea11faedf931bc06fb76a1943b97cf601e170c123435c68d0e4b314504ce122b6a52
-
Filesize
64KB
MD5e62b0fe49983d44cf7af17fd0f5fd3ea
SHA1aeefe1ff4cdfaaf08ded93c54fc2fb4c65ac9705
SHA256dc9792a3f03972315f03c2deed35b742bec3c1daa1a60f74dbc338bafa2f8a20
SHA512621be6a6266959b5b7d4ddfb574dcc9dc639b5d6576b4284159ce0abf7bc0dcb45abd3106f5cde12eb7acd8015eabf0f5bacd86dc8c92896b262849160c8b4ab
-
Filesize
118KB
MD5d3a1e2a92c440d9a1127ed0df9d6a87f
SHA1a81c6f74437911ddcf9cea3e3f4bfce579d7d07d
SHA256c19624de740dee2572875175e52756ec38803d9a818091aa0228e880e5f79a87
SHA512a6805b109027c00cf94d76a5cd1a15980a792a16d6b60cd00e23bdc9d8579c50460b8e1fde29127aa4c0660bd0e808518359f948ec1c6ddea14c29407ea9d703
-
Filesize
142B
MD57c2be3eeb7912d2b7ee2ff67a20675c5
SHA187940eeeb0f5562305e7f7f7822bf862932af20d
SHA25611d96cd3eacb356ec9df0d8e4fc2a5ac34378144dbbab79e7431dab594865bd0
SHA512c5167dc05fe001af98ca416eb66fbdf94765fb71486ff8022ec09bd902dd4590fbef55e22e0707520e61876dba1e695b6aef6c7d3afcf0b42715096271aede01
-
Filesize
355KB
MD5c21bc1c40f44adc1300b331be089f7f8
SHA1e8460c818c8fce1343e9e599f441b2cb29232fea
SHA256633709cb4292091bce05df3ff2367b5c52660c4ed6b8229d22f53c2fd0a2df75
SHA512619ec3d63b38eba2b7f82c956049e72240e8b199b2bf5325d90903269124924de01a3564ece2b2194040699bfdae071a8e83a018ee61837ff5b365eb1ad8bf32
-
Filesize
317KB
MD5352863e0bfbbc06860cae8051d441135
SHA13b92be36e9b4d481005ac758d0d30719652d096b
SHA256deb71af3eda28d15f451986b525229fdabff33e3458154740c2a8beb3470bb65
SHA512307e0c4c64c718d64ab3f35b81fe7d72a63bba93a7ed4dd033079e98e406b95638779aca81570c2129f1adad7a2a8792a22f462ebbccb395f665657dc79c2133
-
Filesize
317KB
MD5352863e0bfbbc06860cae8051d441135
SHA13b92be36e9b4d481005ac758d0d30719652d096b
SHA256deb71af3eda28d15f451986b525229fdabff33e3458154740c2a8beb3470bb65
SHA512307e0c4c64c718d64ab3f35b81fe7d72a63bba93a7ed4dd033079e98e406b95638779aca81570c2129f1adad7a2a8792a22f462ebbccb395f665657dc79c2133
-
Filesize
317KB
MD5352863e0bfbbc06860cae8051d441135
SHA13b92be36e9b4d481005ac758d0d30719652d096b
SHA256deb71af3eda28d15f451986b525229fdabff33e3458154740c2a8beb3470bb65
SHA512307e0c4c64c718d64ab3f35b81fe7d72a63bba93a7ed4dd033079e98e406b95638779aca81570c2129f1adad7a2a8792a22f462ebbccb395f665657dc79c2133
-
Filesize
118KB
MD5d3a1e2a92c440d9a1127ed0df9d6a87f
SHA1a81c6f74437911ddcf9cea3e3f4bfce579d7d07d
SHA256c19624de740dee2572875175e52756ec38803d9a818091aa0228e880e5f79a87
SHA512a6805b109027c00cf94d76a5cd1a15980a792a16d6b60cd00e23bdc9d8579c50460b8e1fde29127aa4c0660bd0e808518359f948ec1c6ddea14c29407ea9d703
-
Filesize
118KB
MD5d3a1e2a92c440d9a1127ed0df9d6a87f
SHA1a81c6f74437911ddcf9cea3e3f4bfce579d7d07d
SHA256c19624de740dee2572875175e52756ec38803d9a818091aa0228e880e5f79a87
SHA512a6805b109027c00cf94d76a5cd1a15980a792a16d6b60cd00e23bdc9d8579c50460b8e1fde29127aa4c0660bd0e808518359f948ec1c6ddea14c29407ea9d703