Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4372_ymusic_arm64.apk
-
Size
9.1MB
-
Sample
240423-yqj2esbc8v
-
MD5
09acbc3764e707dddad6d26f5fb74636
-
SHA1
c42380cb2ad13e349deaa2cb31e596d863673b2e
-
SHA256
4c1b9ff58bb37781fe91c2e9cd36ea8b7f095af96f2905ce533cbdee1c4e02f9
-
SHA512
e387766d83b18d6a75aea99f4dc0e7827d42e2526d8a45d29bfbf90cfb863302f762af176ac67f1cc10b8662801ec0d52c61e8a6000eecbfb4b1e41851e884d5
-
SSDEEP
196608:NDUG1SWt29puv/LHb+kYP+LPyI1RiwrbuBlSE4dbPTkmu3w:NDU9+rqkY2byIH7mJmZ
Malware Config
Targets
-
-
Target
4372_ymusic_arm64.apk
-
Size
9.1MB
-
MD5
09acbc3764e707dddad6d26f5fb74636
-
SHA1
c42380cb2ad13e349deaa2cb31e596d863673b2e
-
SHA256
4c1b9ff58bb37781fe91c2e9cd36ea8b7f095af96f2905ce533cbdee1c4e02f9
-
SHA512
e387766d83b18d6a75aea99f4dc0e7827d42e2526d8a45d29bfbf90cfb863302f762af176ac67f1cc10b8662801ec0d52c61e8a6000eecbfb4b1e41851e884d5
-
SSDEEP
196608:NDUG1SWt29puv/LHb+kYP+LPyI1RiwrbuBlSE4dbPTkmu3w:NDU9+rqkY2byIH7mJmZ
Score7/10-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Checks the presence of a debugger
-