Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Chat_Smith_v3.4.1_(447)_Mod.apk

  • Size

    105.4MB

  • Sample

    231124-xhldvade57

  • MD5

    9b4fecf285e788c90414733a593bc8aa

  • SHA1

    4f5863b171efbcaed8341fba6380db02afc89cf3

  • SHA256

    b2fe49377c9a18bd30d4709499d66bf3d48ff7cb146dcd7b7da6a88fec6c142f

  • SHA512

    c2a8072814b08d3a0a13b7083f02a5e4db8a490775152bf7ab42e93d13ac44f67817f84b2d2274582ec37056a5866bbe6249330dd3ccf9766bc565e5a2404f45

  • SSDEEP

    3145728:iqTTB4LmF4CMwhgoA9dbmfiNGzq30SxlcQ5HsJ6w:RXB4LmrvzGEogKPv9HsJ6w

Malware Config

Targets

    • Target

      Chat_Smith_v3.4.1_(447)_Mod.apk

    • Size

      105.4MB

    • MD5

      9b4fecf285e788c90414733a593bc8aa

    • SHA1

      4f5863b171efbcaed8341fba6380db02afc89cf3

    • SHA256

      b2fe49377c9a18bd30d4709499d66bf3d48ff7cb146dcd7b7da6a88fec6c142f

    • SHA512

      c2a8072814b08d3a0a13b7083f02a5e4db8a490775152bf7ab42e93d13ac44f67817f84b2d2274582ec37056a5866bbe6249330dd3ccf9766bc565e5a2404f45

    • SSDEEP

      3145728:iqTTB4LmF4CMwhgoA9dbmfiNGzq30SxlcQ5HsJ6w:RXB4LmrvzGEogKPv9HsJ6w

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

    • Uses Crypto APIs (Might try to encrypt user data).

    • Target

      img_brand_tagline.png

    • Size

      3KB

    • MD5

      d4cbc5fb9bae5de0e8f6e9d8a43a121c

    • SHA1

      91a6825d6e9d790d3c5e6ab256aa8e3987e65663

    • SHA256

      ab8a4530162935a9a134a721b749fd633352956de87707d23e802f500e23d226

    • SHA512

      c0b06136c476f737e518061881b7b4aa2feaedd0bf42fbe56ba65ec95462fc7f53feaec43f9d2013f46871a56f3541bd3fd52aae2b505a137e2ea0d39e0a3c15

    Score
    3/10
    • Target

      img_business_plan.png

    • Size

      1KB

    • MD5

      affbd3d9323a7eb439cc84f8b2f76405

    • SHA1

      41f82d2ce96c3250284870d145c6ae57800b05b9

    • SHA256

      af6ebc6b53b2e721633c36b6ea866fc1d93331a2f710b2759d0955f53c2b2382

    • SHA512

      3a1cc22184ad2ed5c71eb3e9867398ed2e60a42f2f894600f626f7f32378b1d56ae49e94436dcfe5fcc8414b4336b696ebc29e6ab52f92cfae5710c0f1dbf837

    Score
    3/10
    • Target

      img_character_creation.png

    • Size

      4KB

    • MD5

      2f211145d533f0aae9ff1bb8d655516b

    • SHA1

      94aa12ec373ac5af661a27ffee17d0e34d1bc7ca

    • SHA256

      e8f2d124512c9664584e71103efae4e2c3fcbdfc57611cf83a1ed32dae558005

    • SHA512

      60f7866702c7ec3cbf2127fbe93b177db36a4002c480a6b5e22ed8f04fcb114e0cd7718356e4ee83c38aba03ae93c7ebd7c54b7922d58a8e31d50bd38c98f7aa

    • SSDEEP

      96:1bWxwLtJ5k6iM1HeMx9YzzBTJTRm8xpUUgjH23wA4h1jd:1v9HDxgz5e87mHth1R

    Score
    3/10
    • Target

      img_chart.png

    • Size

      3KB

    • MD5

      fa4567e8305333d4c4c0db5817a2cfcb

    • SHA1

      0aeea73178ca411e5f3854cc221a9283ca6404fd

    • SHA256

      37df668c177384ae6b5ba4491736940e3b952d0756eef445d540683a0f7ab1cd

    • SHA512

      2cc65b960a80fe7a55ae830cf71fdf34e707190b7c24e77456ee6803d678d9efb6aef6c999bdf33a10e0b0b216d30c2a432ebcef839759e94e0bcab3ee65568f

    Score
    3/10
    • Target

      img_check.png

    • Size

      2KB

    • MD5

      d4a2a4930babcb6fdcb7abf45a190f7b

    • SHA1

      aab61604845c5766f10deeb1965ea80ef4c193b8

    • SHA256

      52c2d7b54625af5fe3f5b31b4d443a734d1ce74d4e34b3a27506bd243fa12fe2

    • SHA512

      c743606c540aa461356182f17d431c2ede7e9e8f1e591e13158b0abc3a4e547cdf52a7c2fa39b7f973b02761a1d22e2a0de205eb98c7b0e7eda740fcc185dde4

    Score
    3/10
    • Target

      img_clock.png

    • Size

      3KB

    • MD5

      86c802e2342b2fe665e403dd7af8f6c9

    • SHA1

      ab98e780dbcf99f948ed6872f52558b15bd39b4b

    • SHA256

      91193336af5b8699e88d1a6121cf48cd24266085c3f2d722d8ec179d6db40b8a

    • SHA512

      a07ab74211cef4e5a1b49c80f6456024dc363a84922fbe11bf3895af4d7b9428b3837e840db33de2c2904b149e71163a60e485e8d2699276a7579eaf315c3a2d

    Score
    3/10
    • Target

      img_comedy.png

    • Size

      1KB

    • MD5

      3006b921847c8a1ac235fb006bd32616

    • SHA1

      b4bd5d8103f6c334030e3f93e57ccd27ef6dfe57

    • SHA256

      a8e122d93c7c54efd8c0229db34413766fdd4c7e2d3c2a3862f56a5971acf162

    • SHA512

      a4b6421d1d9554b68bf8667f62286128f92c251e873b2553822bbd97982520add7a970ed8074d3e196cb445ba49b839029ac8b30dbc905a962ea86b6f89523c6

    Score
    3/10
    • Target

      img_competitor_analysis.png

    • Size

      1KB

    • MD5

      3adeef5a2dbf6d8ac386b24ccf118f29

    • SHA1

      72b1c48b988426f505e0cb889adf0148acb6d79d

    • SHA256

      fb1db1c3cfa72a605ffba5f6109d0c541eb710da6d311f1d211674678df516c1

    • SHA512

      91d0b0ad47fa0215601031e116b84f5ac2ba3c2fbdcdf59b7c20709ee1de34b661803ab78769b47b11f90a6bcb33bd4d9e3689af3d533f0ae29382c70f1edb11

    Score
    3/10
    • Target

      img_copy_inspiration.png

    • Size

      3KB

    • MD5

      c37d3430cfb986f65f2a0f4f61957359

    • SHA1

      a8eb572be329aec1f5de83bd685d026d61c3a84f

    • SHA256

      144bb30d406310113de5abd8f85817273c15a65ec793167a3244e0018d3f31e8

    • SHA512

      6c7458f6ad6987cc183ac94a0e61d0abe67e3f802888dc693d9c736e0e487cf270000f1a1540e677157fba7b7d1edac357e71a80ebfae5af2f20bf497df43f1d

    Score
    3/10
    • Target

      img_craft_ideas.png

    • Size

      3KB

    • MD5

      f6f79f68006ebee5028bd71e92db7c3a

    • SHA1

      afdfefbb8cf773649525059341d8d5cef01574ef

    • SHA256

      4ea9d26c3760957194cb4408c55b2e1511f484f880ff025fc45226af5e0fb06d

    • SHA512

      1573e7cb12767d60c8c5f8d5761178c6fef0808ffc70e2791369736d77540aefc29a246082dfd78d0e34a7a6467a34bccef1a5bd22a70b084939f4d4fc0b7fbf

    Score
    3/10
    • Target

      img_creative_story.png

    • Size

      3KB

    • MD5

      570a43309d60ba60851734a18d5805bf

    • SHA1

      15a8cb88a32c7f212f55610063ba08df5d2f8693

    • SHA256

      31a7c0d844e54e7c73bd3cc116a95edbd1aea86328af1c689ccf7e0329638471

    • SHA512

      8e090793278b26e95fddf7be594d01bd687ec23172ca556638db2f65f9806e64287bb4132d59a9df246711ef02c0e1f766915aa22eee4db87e0bcfbf9122dd53

    Score
    3/10
    • Target

      img_dream_interpreter.png

    • Size

      2KB

    • MD5

      2e3f20bcb09569987c71814f6bef7139

    • SHA1

      512122d55a2d5debb0861b0d8afe53aaca468ef9

    • SHA256

      bd78bcd527b7b494ea1cc0306cc36083b7c7f7e42e83cdffa7f92ab26a73dea3

    • SHA512

      a6b0d8284caebb07fd1c9a4992a7b87dfb5926a6c7634c78a2cd7145620346b678a3e4743d022af1868617c799343a488506994a47d17232cdffb0801c0612fd

    Score
    3/10
    • Target

      img_email_drafting.png

    • Size

      2KB

    • MD5

      484795a503ebc558d824cf282bc8602f

    • SHA1

      86a9254927669451c393dd630ad01f283cc79f6d

    • SHA256

      39512aa259888627dd4f9399002ac0712b7f8f5cbbea8ae2d312e450e4464c96

    • SHA512

      1fdb285162ab7291a95336a9bda855ffbb4c4279debeb94f2e0d4ea69679921e73464df458cd4a35cfa320f7dddecdfff5575bf94f1fc2fb0d5f19b958138076

    Score
    3/10
    • Target

      img_email_generator.png

    • Size

      2KB

    • MD5

      1053aed4944e3745de02108fd1f193c6

    • SHA1

      b5a014778e4daec68eab69ae073a7cae9ecefc29

    • SHA256

      f8167533ceeeae92f1cf1a351edfa58a5de75c2b022be66ffc9e566b1144934b

    • SHA512

      5532b282f3a538745127faa599c9c8c51be7a18d98c43a8e1390e4b9936cd890d6b1de7fa16892f5aa604eae08a985525e703d5f307da3093f834d1c8f22114f

    Score
    3/10
    • Target

      img_email_writing.png

    • Size

      1KB

    • MD5

      6c3ef5082f153be721077f7f65f9119b

    • SHA1

      e71fb4b49455f07fbd6b9417315bbbc4cec566f4

    • SHA256

      98d3baba2a52e88a7818284c951a8a8df51d4c66078151c8d3ac125973fa01c7

    • SHA512

      b768c55071768d3035211432d11d0fe0ee41779f7bd5f0652d3ec5ae163f141e581f30db732180320979da1dd39835164df01d39b4167dcc925c36d9ce3093ca

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
7/10

behavioral1

bankerevasionransomware
Score
8/10

behavioral2

bankerevasionransomware
Score
8/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
3/10

behavioral30

Score
3/10

behavioral31

Score
3/10

behavioral32

Score
3/10