Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
150s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system -
submitted
14/03/2024, 08:53
Behavioral task
behavioral1
Sample
3ee0b5f142884ccd460b619f7a536b4c68d0d649e34ce477cfe97d18b9620453.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
3ee0b5f142884ccd460b619f7a536b4c68d0d649e34ce477cfe97d18b9620453.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
3ee0b5f142884ccd460b619f7a536b4c68d0d649e34ce477cfe97d18b9620453.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
3ee0b5f142884ccd460b619f7a536b4c68d0d649e34ce477cfe97d18b9620453.apk
-
Size
2.8MB
-
MD5
db6463dca0973bb704ac9fce68a1dd23
-
SHA1
c35ffe6ab3797981da3b8fd830d4d0b3f3b24e2e
-
SHA256
3ee0b5f142884ccd460b619f7a536b4c68d0d649e34ce477cfe97d18b9620453
-
SHA512
bdae2fe17fb616a22c8559083e30d23ae5030923bb3dd95f7bab6e7ba38d19a22fa3140048f6cd222b2bbdb5087c7b9524fd695877734b3f64c5c809144f4fd8
-
SSDEEP
49152:9OcwHfICXpT/JVb0Tnb3fj29kgzpWUYCHBSZyL1xB07DsiHDwJAC6lg/Go:cT/ICXlvb0/PjakgPYCHBSZC1XCYiHC1
Malware Config
Extracted
hook
%INSERT_URL_HERE%
Signatures
-
Hook
Hook is an Android malware that is based on Ermac with RAT capabilities.
-
Makes use of the framework's Accessibility service 2 TTPs 3 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
description ioc Process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId com.tencent.mm Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText com.tencent.mm Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId com.tencent.mm -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.tencent.mm -
Reads information about phone network operator. 1 TTPs
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5f48acd142a478a8c231ac737bbbb6376
SHA1c3b9b8484aa060620c6143c42a88de982e1179ee
SHA256e6c22910f0caf9b3518b8552b6067ec6fac245656368944c70f2d1772982eca8
SHA51225eb41c5c3f6676e7a70497620bdd17d0d7cabbaa82598e4c776822d03a1763c96acecefb394bbf7c95d734e7058adb1fe79cf2461265e41bd81d4b9beca5bf9
-
Filesize
16KB
MD5088e1caa8439e97e6284fb6ccc1e0d5a
SHA1ab26dd5f26888260117929aa8fbe7e8870882171
SHA2568fa591349fbe3ad3b7ae248700614b5253759d5498eab3fc77c9163b44a8c925
SHA5121afd863b3c6d39062b314157412024fb0fa3553c8b7313a33382105a1f94f1a0809b030500a6fd37aa2a354c66bad74a53e5c169d4b6c0585a83c03c86f3678c
-
Filesize
108KB
MD5a883fb097dcc427817e701aa144021f8
SHA1ead58287e6974de40776d3bf0223bd21f9e5c09a
SHA2563ba3d2c6a9120588f22e3bcf921570fdc8b0e2b7378fe7108227dac5fae54621
SHA51269131fb7558c33a59bce57bf2bfeda803572aa1a87bc64bc358976327620476f410c07c02f8a1bb8a64b7e055a47c3b2d35a0612d350da3fdc7e9cb08ecb9fa0
-
Filesize
173KB
MD508a923f280fbb6c2d2e2b5d918618769
SHA18e489b6d295f738c5c95f6212dede16fbda9a00f
SHA2566ac7132dbd87b7dbbb26199f543e2ae558f390157450a80dd509ac638e167b9c
SHA5121d2325995261dc9d5aacc0d90c9b68d05cc24a554a1860a90d4068ba020c43148a456daca1dbca2118105f35175046c78486c45989ea98c02fea482216794b28