Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2e1e50d16334211e1929bde46ed56185bf1c75bc0e1525d845db46c6175e4dfd.bin

  • Size

    1.3MB

  • Sample

    240805-1ygmdateja

  • MD5

    129a40699a540410993bda6696a602c7

  • SHA1

    0ef695d685c770ad5063540227090692cf19a50d

  • SHA256

    2e1e50d16334211e1929bde46ed56185bf1c75bc0e1525d845db46c6175e4dfd

  • SHA512

    0bc43aa523f9f843205507f7bf9d6c3fbe48e4e62d039919059f4909fe45acfa34793b4464c421eb68b3bf8a38eebb8644e5c3deff2dab2790cf1464fcb48910

  • SSDEEP

    24576:L5YkQxt0EfI/CCh78J78MrkU8I6W+EPilQZhL7ZWKugV2KZjgqmO/x4ku74nr:L5YkQxt0EfI6y8J2U8I63QhZWVg0KZj3

Malware Config

Targets

    • Target

      2e1e50d16334211e1929bde46ed56185bf1c75bc0e1525d845db46c6175e4dfd.bin

    • Size

      1.3MB

    • MD5

      129a40699a540410993bda6696a602c7

    • SHA1

      0ef695d685c770ad5063540227090692cf19a50d

    • SHA256

      2e1e50d16334211e1929bde46ed56185bf1c75bc0e1525d845db46c6175e4dfd

    • SHA512

      0bc43aa523f9f843205507f7bf9d6c3fbe48e4e62d039919059f4909fe45acfa34793b4464c421eb68b3bf8a38eebb8644e5c3deff2dab2790cf1464fcb48910

    • SSDEEP

      24576:L5YkQxt0EfI/CCh78J78MrkU8I6W+EPilQZhL7ZWKugV2KZjgqmO/x4ku74nr:L5YkQxt0EfI6y8J2U8I63QhZWVg0KZj3

    • Removes its main activity from the application launcher

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Requests enabling of the accessibility settings.

MITRE ATT&CK Mobile v15

Tasks