Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
177s -
max time network
185s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
-
submitted
05/08/2024, 22:03
General
-
Target
2e1e50d16334211e1929bde46ed56185bf1c75bc0e1525d845db46c6175e4dfd.apk
-
Size
1.3MB
-
MD5
129a40699a540410993bda6696a602c7
-
SHA1
0ef695d685c770ad5063540227090692cf19a50d
-
SHA256
2e1e50d16334211e1929bde46ed56185bf1c75bc0e1525d845db46c6175e4dfd
-
SHA512
0bc43aa523f9f843205507f7bf9d6c3fbe48e4e62d039919059f4909fe45acfa34793b4464c421eb68b3bf8a38eebb8644e5c3deff2dab2790cf1464fcb48910
-
SSDEEP
24576:L5YkQxt0EfI/CCh78J78MrkU8I6W+EPilQZhL7ZWKugV2KZjgqmO/x4ku74nr:L5YkQxt0EfI6y8J2U8I63QhZWVg0KZj3
Score
8/10
Malware Config
Signatures
-
Removes its main activity from the application launcher 1 TTPs 1 IoCs
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
-
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Requests enabling of the accessibility settings. 1 IoCs
Processes
-
vital.dash.business1⤵
- Removes its main activity from the application launcher
- Makes use of the framework's Accessibility service
- Queries information about active data network
- Queries the mobile country code (MCC)
- Requests enabling of the accessibility settings.