Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

post-install.sh

ubuntu-18.04-amd64

1

post-install.sh

debian-9-armhf

1

post-install.sh

debian-9-mips

post-install.sh

debian-9-mipsel

post-uninstall.sh

ubuntu-18.04-amd64

1

post-uninstall.sh

debian-9-armhf

1

post-uninstall.sh

debian-9-mips

post-uninstall.sh

debian-9-mipsel

pre-install.sh

ubuntu-18.04-amd64

1

pre-install.sh

debian-9-armhf

1

pre-install.sh

debian-9-mips

pre-install.sh

debian-9-mipsel

pre-uninstall.sh

ubuntu-18.04-amd64

1

pre-uninstall.sh

debian-9-armhf

1

pre-uninstall.sh

debian-9-mips

pre-uninstall.sh

debian-9-mipsel

start-stop.sh

ubuntu-18.04-amd64

1

start-stop.sh

debian-9-armhf

1

start-stop.sh

debian-9-mips

start-stop.sh

debian-9-mipsel

bin/xCloudClient

ubuntu-18.04-amd64

6

monitor.sh

ubuntu-18.04-amd64

1

monitor.sh

debian-9-armhf

1

monitor.sh

debian-9-mips

monitor.sh

debian-9-mipsel

restart_xcloud.sh

ubuntu-18.04-amd64

1

restart_xcloud.sh

debian-9-armhf

1

restart_xcloud.sh

debian-9-mips

restart_xcloud.sh

debian-9-mipsel

searchSharePath.sh

ubuntu-18.04-amd64

3

searchSharePath.sh

debian-9-armhf

1

searchSharePath.sh

debian-9-mips

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0010_999_1375268681_xCloud_2.1.1_x86-64.apk

  • Size

    7.7MB

  • Sample

    240521-gtj26ahh9z

  • MD5

    75cf747dc936112a95cc541d3080a900

  • SHA1

    2d8eaf142d302dd407e87775a6f115a5cacd9822

  • SHA256

    88e6f06aff59e4d7d860d32d781e1c182531acf0c89a2afe4cd6a420055a2bd1

  • SHA512

    cb78ce036af87d085b45d9a805d6756fbd111d0291e824dbe3a79fd0cabe584eedca96ce923176951d7fe63f144bf74549839c237dd403ab5d8f5726df0898f6

  • SSDEEP

    196608:wzI6daJQrltg2KRromDioB8KHgnQj0gCbCBSxh86Gg1hxUbm:wc6Uerlqlzt8K+Qj0IBS/VZ1hq6

Score
6/10
linux

Malware Config

Targets

    • Target

      post-install.sh

    • Size

      16B

    • MD5

      0300b05ac9335af635a31e9ae09f178f

    • SHA1

      318c2821d990618a90dd8d8681a0fee22519cf84

    • SHA256

      378c31f61988a6ee42b5ab2e8a48f1f8fab602a4c6afd85c732b06632b87b133

    • SHA512

      6659d73994561a95073f41f333b3c62c517e6f564af31f6054d1650ad30dd880e481541eeeddfb33dd275a81f71368dccb15c7b5f025449bfd7508ac2dab6f81

    Score
    1/10
    behavioral1behavioral2behavioral3behavioral4

    • Target

      post-uninstall.sh

    • Size

      16B

    • MD5

      0300b05ac9335af635a31e9ae09f178f

    • SHA1

      318c2821d990618a90dd8d8681a0fee22519cf84

    • SHA256

      378c31f61988a6ee42b5ab2e8a48f1f8fab602a4c6afd85c732b06632b87b133

    • SHA512

      6659d73994561a95073f41f333b3c62c517e6f564af31f6054d1650ad30dd880e481541eeeddfb33dd275a81f71368dccb15c7b5f025449bfd7508ac2dab6f81

    Score
    1/10
    behavioral5behavioral6behavioral7behavioral8

    • Target

      pre-install.sh

    • Size

      16B

    • MD5

      0300b05ac9335af635a31e9ae09f178f

    • SHA1

      318c2821d990618a90dd8d8681a0fee22519cf84

    • SHA256

      378c31f61988a6ee42b5ab2e8a48f1f8fab602a4c6afd85c732b06632b87b133

    • SHA512

      6659d73994561a95073f41f333b3c62c517e6f564af31f6054d1650ad30dd880e481541eeeddfb33dd275a81f71368dccb15c7b5f025449bfd7508ac2dab6f81

    Score
    1/10
    behavioral10behavioral11behavioral12behavioral9

    • Target

      pre-uninstall.sh

    • Size

      16B

    • MD5

      0300b05ac9335af635a31e9ae09f178f

    • SHA1

      318c2821d990618a90dd8d8681a0fee22519cf84

    • SHA256

      378c31f61988a6ee42b5ab2e8a48f1f8fab602a4c6afd85c732b06632b87b133

    • SHA512

      6659d73994561a95073f41f333b3c62c517e6f564af31f6054d1650ad30dd880e481541eeeddfb33dd275a81f71368dccb15c7b5f025449bfd7508ac2dab6f81

    Score
    1/10
    behavioral13behavioral14behavioral15behavioral16

    • Target

      start-stop.sh

    • Size

      279B

    • MD5

      a307d8fb1b4c3033be2ef954cd0b6e3c

    • SHA1

      37c89c83d379be2d2939494b4825000d412b2111

    • SHA256

      3cb2daa932cd6570756982e27b2892a0affbe68bbbd0f07b75de29b5cab400e7

    • SHA512

      4ebe9c429d46767082c2722d3ca503ffea56c9fed923562dffb9ad9ffe70828bf5ef2f51d1c5d090524a55eee65abd1dc3e2d36d171cf1779c8e3710e21191af

    Score
    1/10
    behavioral17behavioral18behavioral19behavioral20

    • Target

      bin/xCloudClient

    • Size

      3.8MB

    • MD5

      d777ee74a30bd904d88e81d9c0dd0de2

    • SHA1

      bb85b0279ac70965f1368c5fa4c5851f114f8a48

    • SHA256

      df905c53c705bcc1515eca4e1feff4655a0ce9df893b0722ac4c6fad68cf6f7b

    • SHA512

      026326f399d9ef7c8b6e0fd34f17fcb4d001c1a11f534679c7f8c3c1b1c7854daccb49c944f06521c0a364d624fce377bd4ff34cbd0d9b000c4768dd85238905

    • SSDEEP

      49152:bZ07A73j4VABBSa4N0pl3AAFBAUZLYJMZGaXYQKuH5AVECI2222zzpLJnwkX5CZV:bZ0mJBE+jBAUZL/9LZ9c1UI

    Score
    6/10

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral21

    • Target

      monitor.sh

    • Size

      410B

    • MD5

      a5953d716801e36646b74332c82180dc

    • SHA1

      49fb45c52f082bd3fbf5d7c8470cdcd57fb39a92

    • SHA256

      abb829c00c8d69ced17cf2a2aefb98cf2f252cccd899da7eec856606903e6fc9

    • SHA512

      cd81433231be39f5869eecce7c21c6f5ca08f13b1d68aa9732722a60f98b9298f603edb5ff0a318d0ac18bffcfafcd9bcd8901e2658b42b27c7a3d0da568617d

    Score
    1/10
    behavioral22behavioral23behavioral24behavioral25

    • Target

      restart_xcloud.sh

    • Size

      410B

    • MD5

      094305b43811cb2050ad7340ed479d3a

    • SHA1

      765bf9bba7c1195207301961b2772b350635004e

    • SHA256

      dc45f9e0a77ea89746d5cb677e5ef9a9a529d4fd18f326b874e9af0f5e275ce9

    • SHA512

      c87b97aa1010455e423fdc3d3896dcc90853b779e45b52f6eea6ea5e31c9cd1f5257f75b7880fdea46fbed8f56b0a34a65468fe2a53b249e5c721cbb58235a77

    Score
    1/10
    behavioral26behavioral27behavioral28behavioral29

    • Target

      searchSharePath.sh

    • Size

      2KB

    • MD5

      3c7655349d7a5106ea60c4fdd9a230a1

    • SHA1

      d2cc131af48c3547835914db640decc01486ca1a

    • SHA256

      9835fdde3aa4fca60ec63c2e169d777cfa506c14f37a82ab848235e11bdb8de2

    • SHA512

      4905ca4dea4ba7bd9c899b298571882fe283b89421848f5486798f1f5b138ace4ca9418d32fc1fe7efdfcc98bc04302331f49fec5ff37d64be5f151b87ba2097

    Score
    3/10
    behavioral30behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks