Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

nm-mod-pou...67.apk

android-9-x86

7

nm-mod-pou...67.apk

android-10-x64

7

nm-mod-pou...67.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    nm-mod-pou-1-4-118-267.apk

  • Size

    29.4MB

  • Sample

    240430-z43w5ahf57

  • MD5

    d2d80fa9394c5cdcc9903c5a9a23d431

  • SHA1

    982b73cec093240dde201263899149117f17dc03

  • SHA256

    508dba2d3f23b68b1251d462fd3202d7dc7af33a4c82e49097cf6a3d99198df3

  • SHA512

    ab93e31b8d17a1aaaa016bdc35c929e071b81d10edcf00071885b499e1bbd8366c9c94c96c058a451012c46229c695e9607b713763e641649a2719ff92694ac1

  • SSDEEP

    786432:Dj9cpR56aKj+vDb26cbzGy7aKC+ySNVzV4Fh2em:f9g6Fi32xbBTe/2em

Score
7/10
androidcollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      nm-mod-pou-1-4-118-267.apk

    • Size

      29.4MB

    • MD5

      d2d80fa9394c5cdcc9903c5a9a23d431

    • SHA1

      982b73cec093240dde201263899149117f17dc03

    • SHA256

      508dba2d3f23b68b1251d462fd3202d7dc7af33a4c82e49097cf6a3d99198df3

    • SHA512

      ab93e31b8d17a1aaaa016bdc35c929e071b81d10edcf00071885b499e1bbd8366c9c94c96c058a451012c46229c695e9607b713763e641649a2719ff92694ac1

    • SSDEEP

      786432:Dj9cpR56aKj+vDb26cbzGy7aKC+ySNVzV4Fh2em:f9g6Fi32xbBTe/2em

    Score
    7/10
    discoveryevasionimpactpersistencecollectioncredential_access

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Acquires the wake lock

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks