Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
securesmsplus.apk
-
Size
77.4MB
-
Sample
240520-gr8yhaeg33
-
MD5
30bfd388592873d836f5907c236f18a2
-
SHA1
606e33614cfa4969f0bf8b0828710c9a23bda22b
-
SHA256
58ccc0f239241cbcd023a5eb0800786a20df9303854e6365ac66b99038c76d72
-
SHA512
95ffebc8a14ab7d1030aae6e1eba77423a08fb5f1f64a66af402841358514e462a7e23642e9efd1973a24d9fcd6a313a99f69eb8d1e24436cc3da403964400a0
-
SSDEEP
1572864:jof7Q89n08GFOS1CqTKliPbRZY3IxKlgLOe2NGv3Qvqm4t4nHq4i:jC5dpKO5qtRZY3Iu22m3QF4t0qL
Behavioral task
behavioral1
Sample
securesmsplus.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral2
Sample
securesmsplus.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral3
Sample
securesmsplus.apk
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral4
Sample
securesmsplus.apk
Resource
android-x86-arm-20240514-en
Malware Config
Extracted
badbazaar
https://signalplus.org:4332/api/
https://signalplus.org:4332/api/QRCode?imei=
Targets
-
-
Target
securesmsplus.apk
-
Size
77.4MB
-
MD5
30bfd388592873d836f5907c236f18a2
-
SHA1
606e33614cfa4969f0bf8b0828710c9a23bda22b
-
SHA256
58ccc0f239241cbcd023a5eb0800786a20df9303854e6365ac66b99038c76d72
-
SHA512
95ffebc8a14ab7d1030aae6e1eba77423a08fb5f1f64a66af402841358514e462a7e23642e9efd1973a24d9fcd6a313a99f69eb8d1e24436cc3da403964400a0
-
SSDEEP
1572864:jof7Q89n08GFOS1CqTKliPbRZY3IxKlgLOe2NGv3Qvqm4t4nHq4i:jC5dpKO5qtRZY3Iu22m3QF4t0qL
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-