Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

89f350332b...c3.apk

android-9-x86

8

89f350332b...c3.apk

android-10-x64

8

89f350332b...c3.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    89f350332be1172fc2d64ac8ecd7fd15a09a2bd6e0ab6a7898a48fb3e5c9eac3

  • Size

    56KB

  • Sample

    240410-pm8qyafe95

  • MD5

    a4f09ccb185d73df1dec4a0b16bf6e2c

  • SHA1

    c5c0953cb8dc15433b81f82ba7c8576301152d54

  • SHA256

    89f350332be1172fc2d64ac8ecd7fd15a09a2bd6e0ab6a7898a48fb3e5c9eac3

  • SHA512

    cfe7cc37b5250e7acdce836bb9947eccb3cbad1fb425e86ce29d647af72345bce2a54c4f46e297a7043ef09e0ef8872afe2d9f0295f0f6a7edf3dd82e1a11089

  • SSDEEP

    768:GOCFp/jmkdMCS43hoW6MpM55hkGzP87iPyYtm241AeUP2coEs5SE:GxFpqkKQKDhXk+PHt7qAeUPDst

Score
10/10
mobileorderandroidcollectiondiscoveryevasionstealthtrojan

Malware Config

Extracted

Family

mobileorder

C2

blackbeekey.com

http://blog.sina.com.cn/u/5241106671
Attributes
  • user_agent

    Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt)

Targets

    • Target

      89f350332be1172fc2d64ac8ecd7fd15a09a2bd6e0ab6a7898a48fb3e5c9eac3

    • Size

      56KB

    • MD5

      a4f09ccb185d73df1dec4a0b16bf6e2c

    • SHA1

      c5c0953cb8dc15433b81f82ba7c8576301152d54

    • SHA256

      89f350332be1172fc2d64ac8ecd7fd15a09a2bd6e0ab6a7898a48fb3e5c9eac3

    • SHA512

      cfe7cc37b5250e7acdce836bb9947eccb3cbad1fb425e86ce29d647af72345bce2a54c4f46e297a7043ef09e0ef8872afe2d9f0295f0f6a7edf3dd82e1a11089

    • SSDEEP

      768:GOCFp/jmkdMCS43hoW6MpM55hkGzP87iPyYtm241AeUP2coEs5SE:GxFpqkKQKDhXk+PHt7qAeUPDst

    Score
    8/10
    collectiondiscoveryevasionstealthtrojan

    • Removes its main activity from the application launcher

      stealthtrojanevasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Queries account information for other applications stored on the device.

      Application may abuse the framework's APIs to collect account information stored on the device.

      collection

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Reads the contacts stored on the device.

      collection

    • Reads the content of photos stored on the user's device.

      collection

    • Reads the content of the browser bookmarks.

      collection

    • Reads the content of the call log.

      collection

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks