Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    burlaplayprotect.apk

  • Size

    4.4MB

  • Sample

    240808-z6e8vazdpj

  • MD5

    6be7a0365bedfb6a47d801f4b43df7b1

  • SHA1

    4a234cf09120ef29f0308921d749bc70a794c5df

  • SHA256

    9c403a126032455b730e69886bf4062255be43013d50fb631f16a95eb68114ff

  • SHA512

    acb39cab91357489939a4c05e6de191f0425470b51f17f17c3b44b7eb98eda7960d43d0a6b9cf5185479ecb8807ea995dbca18109a77cae3825d21718ae7520b

  • SSDEEP

    98304:3yezBXTomz7p0t8tIXfan71TY43qaqkwT/kqIAKU8ZvGqZ2wqL0u:rXz7G8ofanZ84sk4I7UQvGq/u

Malware Config

Targets

    • Target

      burlaplayprotect.apk

    • Size

      4.4MB

    • MD5

      6be7a0365bedfb6a47d801f4b43df7b1

    • SHA1

      4a234cf09120ef29f0308921d749bc70a794c5df

    • SHA256

      9c403a126032455b730e69886bf4062255be43013d50fb631f16a95eb68114ff

    • SHA512

      acb39cab91357489939a4c05e6de191f0425470b51f17f17c3b44b7eb98eda7960d43d0a6b9cf5185479ecb8807ea995dbca18109a77cae3825d21718ae7520b

    • SSDEEP

      98304:3yezBXTomz7p0t8tIXfan71TY43qaqkwT/kqIAKU8ZvGqZ2wqL0u:rXz7G8ofanZ84sk4I7UQvGq/u

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Acquires the wake lock

    • Legitimate hosting services abused for malware hosting/C2

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests enabling of the accessibility settings.

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks