Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
3528183s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20231215-en -
resource tags
-
submitted
31/12/2023, 09:35
General
-
Target
311a7c63e1bc046c93389619e4d575fd.apk
-
Size
149KB
-
MD5
311a7c63e1bc046c93389619e4d575fd
-
SHA1
01b97d16bf0a1d22ef906b364ce374dd474d6d18
-
SHA256
13436a08047a69ec2e258eb718512d74f101e01638b17ab6fc7b53a92f0047e8
-
SHA512
6b9a95b7028606b82546ac2dc8587b046db250973a115f805281948769ace181e88b11feddec7b85d4d2cc476b4fbc8efdac5726c3e7c7ee2378db12b6f17c84
-
SSDEEP
3072:iqMiy35aRvgtguvf4ZlYYBTcmQD/0UxKPnVBIVBQhPZhPRh4t:iqMH3Xgu34UYB1Qj0Uxi/I/SHJh4t
Score
10/10
Malware Config
Extracted
Family
cerberus
C2
https://genclikbayramlari.com
Signatures
-
Cerberus
An Android banker that is being rented to actors beginning in 2019.
-
Makes use of the framework's Accessibility service 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
-
Removes its main activity from the application launcher 1 IoCs
-
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
Processes
-
com.mtcifx.epxpzddgchs1⤵
- Makes use of the framework's Accessibility service
- Removes its main activity from the application launcher
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Listens for changes in the sensor environment (might be used to detect emulation)