Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

c3256b9123...a7.apk

android-9-x86

8

c3256b9123...a7.apk

android-10-x64

8

c3256b9123...a7.apk

android-11-x64

8

Analysis

  • max time kernel
    47s
  • max time network
    162s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    01/08/2024, 22:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c3256b91234624addc8b6ffe089ebe1b45b839e1d772abcf62cace376f473ba7.apk

  • Size

    2.5MB

  • MD5

    5a3ed72e1ad54c1f38ea48812472b649

  • SHA1

    1fc3e73f876887dbc235d1564a8122023d55b386

  • SHA256

    c3256b91234624addc8b6ffe089ebe1b45b839e1d772abcf62cace376f473ba7

  • SHA512

    a4a293dd39b72d2f2c25a52df158da0549f6a1c2175f9b2850b7a54f24ddf7fc093cdde4a7b117f5b4c83ba5e0afa6f2c3515eaaed4bb9708c3fa93b5bf7fbf8

  • SSDEEP

    49152:Pvyj76X6+Glm+nJVxAfWgLs/H7naTgjucPq8lwrRTpT/heBDDg1OOzkI+Wjy3rZF:YP+G0+JLsLs/uUjuMwl5UlDKkI+Wu3v

Score
8/10
bankercollectioncredential_accessdiscoveryevasionimpactpersistencestealthtrojan

Malware Config

Signatures

Processes

  • jnlqpxmc.vmvsdm.dakdnau
    1⤵
    • Removes its main activity from the application launcher
    • Makes use of the framework's Accessibility service
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:5067
  • .tt
    1⤵
      PID:5226

    Network

    MITRE ATT&CK Mobile v15

    Initial Access

    Execution

    Persistence

    Event Triggered Execution

    1
    T1624

    Broadcast Receivers

    1
    T1624.001

    Privilege Escalation

    Defense Evasion

    Hide Artifacts

    1
    T1628

    Suppress Application Icon

    1
    T1628.001

    Input Injection

    1
    T1516

    Virtualization/Sandbox Evasion

    1
    T1633

    System Checks

    1
    T1633.001

    Credential Access

    Clipboard Data

    1
    T1414

    Input Capture

    2
    T1417

    GUI Input Capture

    1
    T1417.002

    Keylogging

    1
    T1417.001

    Discovery

    Software Discovery

    1
    T1418

    Security Software Discovery

    1
    T1418.001

    System Information Discovery

    1
    T1426

    System Network Configuration Discovery

    1
    T1422

    System Network Connections Discovery

    1
    T1421

    Lateral Movement

    Collection

    Clipboard Data

    1
    T1414

    Input Capture

    2
    T1417

    GUI Input Capture

    1
    T1417.002

    Keylogging

    1
    T1417.001

    Screen Capture

    1
    T1513

    Command and Control

    Exfiltration

    Impact

    Data Encrypted for Impact

    1
    T1471

    Data Manipulation

    1
    T1641

    Transmitted Data Manipulation

    1
    T1641.001

    Input Injection

    1
    T1516

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/jnlqpxmc.vmvsdm.dakdnau/databases/google_app_measurement.db
      Filesize

      108KB

      MD5

      c12e326370ac5c3f2d9a7ec0f34c19ff

      SHA1

      61106fe7f6cd67f1724357b6ae8e7a623fc0610b

      SHA256

      6f1206db49537431621d995baf34503a2e500da63a5b9f565c6a50112665f38c

      SHA512

      46b215fdae474b413d32135f1f208e4623f48b3e66ba3e9c6a9930c30875b84ff6fa87f82fd6f5860bb66bd8b7c6167ea24f8ca18ca443c9bffb9abb68c08659

      Download Submit

    • /data/data/jnlqpxmc.vmvsdm.dakdnau/databases/google_app_measurement.db-journal
      Filesize

      12KB

      MD5

      fa55bbd1c852008fc340df95c67d225b

      SHA1

      2c83e6b550d9cf2973dd4840ac634c14f212c3b7

      SHA256

      18cb0ba039f139c19c6c06963177279872d358dfc59000dd0c55075f31bf744f

      SHA512

      3b6e29080dacd938fc932a1a39fd55e1a7027736f25d5911bfe3f1799933a2a784094c31dd2f1f934def4a4d13a6e2461fd7f8bb182ca1d0e6c35905113c1cb6

      Download Submit

    • /data/data/jnlqpxmc.vmvsdm.dakdnau/databases/google_app_measurement.db-journal
      Filesize

      512B

      MD5

      9cea12ef764ea48cca5068137652f32f

      SHA1

      92aa798716d79eeeadf404faff9cf43ac4dd39ae

      SHA256

      67736d19ecb6089be8d272378f19f17caef15c361146b3b9c857013b23d97764

      SHA512

      530fa34e3482280df2e2014cc9bd798c48725b04bc4f03e524538b5517946f7c57aa13250f2c91b2bfd60e5bd88fbf424c0f787c0217896ea37a3f36a9ef86d2

      Download Submit

    • /data/data/jnlqpxmc.vmvsdm.dakdnau/databases/google_app_measurement.db-journal
      Filesize

      8KB

      MD5

      1567069f9321b79d2b427984c4a1616e

      SHA1

      f2aacd53159098c72d06c2e6ad1ba9a6a21c9f32

      SHA256

      957d386de87782f8d33488c2a5e610fb324b2914423935252d1de1b2e7c4042f

      SHA512

      4d50f43c2615d070a59825edabdb7db68c1c0ae49a2230a2ba4389eeb351521c2c6630df748ec0cc7ebdbb4e0ab1ad19ccf376051b8e1a2c3bc6b0c2e63f0cd7

      Download Submit

    • /data/data/jnlqpxmc.vmvsdm.dakdnau/databases/google_app_measurement.db-journal
      Filesize

      4KB

      MD5

      917c9b50c44ba985880b0a2133a159a5

      SHA1

      79c9fc2a268c3b324d6fc0a1f9cf514559c27c7f

      SHA256

      dd5b3ee340cd9872101d1d6d496a9eb2f2037ee18c0bb5063f40ad417819cdfa

      SHA512

      6761fb32dd2d2a054cf5799810096faac6d1f5c2b72f3baaf26795ecabbfa2bff130ae1fc5670ee41ee081295355015259f2b8f7d0ea8646ed5ad7d9b1ff3b88

      Download Submit

    • /data/data/jnlqpxmc.vmvsdm.dakdnau/databases/google_app_measurement.db-journal
      Filesize

      8KB

      MD5

      9639dea0c496ffa08d6a82048c20267d

      SHA1

      6f8e088e33e0778b377035d2720952b85a29618b

      SHA256

      d8c2c8cdde5499d43ea559f29d8b6a1db21cb6ec28da873f98abc4ba35779606

      SHA512

      d592baf79a421449c43e07308dfc5956819498000d4767fad6f50bce20acc16d505946e6cd311a9e8dcfdfea03bfef99c312de4bbc705500e2aadcd0aabcfb9f

      Download Submit

    • /data/data/jnlqpxmc.vmvsdm.dakdnau/databases/google_app_measurement.db-journal
      Filesize

      4KB

      MD5

      41501119cb6de89f2fc8ae853c4ef2bf

      SHA1

      59346340843d14a3d33280269703aafe75fdcb84

      SHA256

      f17ac08bb6706fc2b5c8b52c93adb6ebd7ffd07e21992065434bc71b80349bdc

      SHA512

      02988b98a1f92a8cc8efabc5a1f746f4950c6e97f82b5c20a7b700d0c9af5e4c8d494c510eb11aeda1c3efd048cf8c28e0b614ea93897a92519093438d4e61f4

      Download Submit

    • /data/data/jnlqpxmc.vmvsdm.dakdnau/no_backup/com.google.InstanceId.properties
      Filesize

      2KB

      MD5

      de5409917d051fc7f04a78a5a91c5c0f

      SHA1

      51589ba6be2bddb062e27d86d22daf04c3b2dc6e

      SHA256

      fabd1ad985acf0d49b1411886979d8f3cd842bff15e3858a7fc57b8fce4e3bb0

      SHA512

      3e7b5ba3dfd620d8488c832083d7f4e3683d9f0d7821a5ff556452be6919ff75c8b632c3c14d784ccc7741c4520140e3190b89c04007f5de879e833101a112ad

      Download Submit