Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Telegram774143 - Copy.apk
-
Size
68.9MB
-
Sample
240417-njgydadb98
-
MD5
6f041a24c39f18f2afb45d028d0f2060
-
SHA1
492b9a7c96cc8921030201af13a3b9f930c0b40b
-
SHA256
3e189844684ed85c0d0feb7535482bcfb9c29ba038da26c7ef355f13c1f3ff84
-
SHA512
588805325c40ef9b43c40bb72e30a2761cda99f452e12d13b6b3ab77c442f3d6bda08e3ef458ef73ccb66b0db0118714f8c836ae038e6c45f4a6ffde9d404b1c
-
SSDEEP
1572864:0st8kNc/ytKmQsi+UJLX3iWQWDHdg4yL5mXK/zvgmEybEAjqk0wTqQdYTo+YO5X:0saTCbKXwKiHb/zITGE4qk0QYhN
Malware Config
Targets
-
-
Target
Telegram774143 - Copy.apk
-
Size
68.9MB
-
MD5
6f041a24c39f18f2afb45d028d0f2060
-
SHA1
492b9a7c96cc8921030201af13a3b9f930c0b40b
-
SHA256
3e189844684ed85c0d0feb7535482bcfb9c29ba038da26c7ef355f13c1f3ff84
-
SHA512
588805325c40ef9b43c40bb72e30a2761cda99f452e12d13b6b3ab77c442f3d6bda08e3ef458ef73ccb66b0db0118714f8c836ae038e6c45f4a6ffde9d404b1c
-
SSDEEP
1572864:0st8kNc/ytKmQsi+UJLX3iWQWDHdg4yL5mXK/zvgmEybEAjqk0wTqQdYTo+YO5X:0saTCbKXwKiHb/zITGE4qk0QYhN
Score10/10-
BadBazaar
BadBazaar is an Android spyware used by GREF APT group.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Queries account information for other applications stored on the device.
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the contacts stored on the device.
-
Reads the content of photos stored on the user's device.
-
Acquires the wake lock
-