9e945ebd56d1ec80f1ea98cd16ff40ece788e4c51f11152a17943051ba5a2ffd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

32add2fcb6...8d.apk

android-9-x86

8

32add2fcb6...8d.apk

android-10-x64

8

32add2fcb6...8d.apk

android-11-x64

8

Sharing

General

Target

32add2fcb6364cc8b3c2343b3940f98d
Size

999KB
Sample

231219-qpsm6sdedl
MD5

32add2fcb6364cc8b3c2343b3940f98d
SHA1

b01ff05841555d1a9724011b0dd62eb3cbea14af
SHA256

9e945ebd56d1ec80f1ea98cd16ff40ece788e4c51f11152a17943051ba5a2ffd
SHA512

c0c2bbaa9b9f7f043a5125f3fdeb38c7514c72d885d02f2490debeacbdb4479ba13cf69fec5ddaf8c51e99032b0713fa893f642fbf49abadb9fe857d9a39fe6b
SSDEEP

24576:Wa2uW+MI4hJQJpkUf1WKi/8+eAX/QlKloxsL9ddS5YrIvn:CuWfbhJQj/f1KU+Y4loxgS5Y8/

Score

8^/10

android evasion stealth trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

32add2fcb6364cc8b3c2343b3940f98d.apk

Resource

android-x86-arm-20231215-en

evasion stealth trojan

android-9-x86

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

32add2fcb6364cc8b3c2343b3940f98d.apk

Resource

android-x64-20231215-en

evasion stealth trojan

android-10-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

32add2fcb6364cc8b3c2343b3940f98d.apk

Resource

android-x64-arm64-20231215-en

evasion stealth trojan

android-11-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  32add2fcb6364cc8b3c2343b3940f98d
- Size
  
  999KB
- MD5
  
  32add2fcb6364cc8b3c2343b3940f98d
- SHA1
  
  b01ff05841555d1a9724011b0dd62eb3cbea14af
- SHA256
  
  9e945ebd56d1ec80f1ea98cd16ff40ece788e4c51f11152a17943051ba5a2ffd
- SHA512
  
  c0c2bbaa9b9f7f043a5125f3fdeb38c7514c72d885d02f2490debeacbdb4479ba13cf69fec5ddaf8c51e99032b0713fa893f642fbf49abadb9fe857d9a39fe6b
- SSDEEP
  
  24576:Wa2uW+MI4hJQJpkUf1WKi/8+eAX/QlKloxsL9ddS5YrIvn:CuWfbhJQj/f1KU+Y4loxgS5Y8/
Score

8^/10

evasion stealth trojan
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Removes its main activity from the application launcher
  stealth trojan
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Requests enabling of the accessibility settings.
- Acquires the wake lock
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

evasionstealthtrojan

behavioral2

evasionstealthtrojan

behavioral3

evasionstealthtrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.